claim-pyusd.org Open in urlscan Pro
2606:4700:3034::6815:3895 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://claim-pyusd.org/
Submission: On August 09 via api (August 9th 2023, 3:26:43 am UTC) from CN — Scanned from DE

Summary HTTP 30 Redirects Links 82 Behaviour Indicators

Summary

This website contacted 9 IPs in 3 countries across 7 domains to perform 30 HTTP transactions. The main IP is 2606:4700:3034::6815:3895, located in United States and belongs to CLOUDFLARENET, US. The main domain is claim-pyusd.org.
TLS certificate: Issued by GTS CA 1P5 on August 8th 2023. Valid for: 3 months.

This is the only time claim-pyusd.org was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: PayPal (Financial)

Domain & IP information

	IP Address	AS Autonomous System
4	2606:4700:303... 2606:4700:3034::6815:3895	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6810:5614	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:2b	20446 (STACKPATH...) (STACKPATH-CDN)
1	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
8	52.32.230.7 52.32.230.7	16509 (AMAZON-02) (AMAZON-02)
12	2606:4700::68... 2606:4700::6812:1b2e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	3.77.83.234 3.77.83.234	16509 (AMAZON-02) (AMAZON-02)
30	9

4 2606:4700:3034::6815:3895 (United States)

ASN13335 (CLOUDFLARENET, US)

claim-pyusd.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:5614 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:2b (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 52.32.230.7 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-32-230-7.us-west-2.compute.amazonaws.com

galxe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2606:4700::6812:1b2e (United States)

ASN13335 (CLOUDFLARENET, US)

explorer-api.walletconnect.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.77.83.234 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-77-83-234.eu-central-1.compute.amazonaws.com

verify.walletconnect.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	walletconnect.com explorer-api.walletconnect.com — Cisco Umbrella Rank: 78111 verify.walletconnect.com — Cisco Umbrella Rank: 67254	76 KB
8	galxe.com galxe.com — Cisco Umbrella Rank: 281632	42 KB
4	claim-pyusd.org claim-pyusd.org	3 MB
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 369	61 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 77	1 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 729	30 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 257	124 KB
30	7

	Domain	Requested by
12	explorer-api.walletconnect.com	claim-pyusd.org
8	galxe.com
4	claim-pyusd.org	claim-pyusd.org
2	cdn.jsdelivr.net	claim-pyusd.org
1	verify.walletconnect.com	claim-pyusd.org
1	fonts.googleapis.com	client
1	code.jquery.com	claim-pyusd.org
1	cdnjs.cloudflare.com	claim-pyusd.org
30	8

This site contains links to these domains. Also see Links.

Domain
www.paypal.com
developer.paypal.com
about.pypl.com
newsroom.paypal-corp.com
careers.pypl.com
investor.pypl.com
publicpolicy.paypal-corp.com
paxos.com
libra.galxe.com

Subject Issuer	Validity	Valid
claim-pyusd.org GTS CA 1P5	`2023-08-08` - `2023-11-06`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
*.prd.galxe.com Amazon RSA 2048 M02	`2023-07-30` - `2024-08-28`	a year	crt.sh
walletconnect.com GTS CA 1P5	`2023-07-05` - `2023-10-03`	3 months	crt.sh
verify.walletconnect.com Amazon RSA 2048 M01	`2023-01-25` - `2024-02-23`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://claim-pyusd.org/
Frame ID: 4FED9143B8383B09049C74F75F85BDFD
Requests: 66 HTTP requests in this frame

Frame: https://verify.walletconnect.com/1e0888012c8fe64cda021d0d98d71f13
Frame ID: 366179508550485BBB46B8A75BD30656
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

PayPal Stablecoin | US Dollar Cryptocurrency | PayPal US

Detected technologies

Nuxt.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

/_nuxt/

SweetAlert2 (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/npm/sweetalert2@([\d.]+)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

30
Requests

100 %
HTTPS

75 %
IPv6

7
Domains

8
Subdomains

9
IPs

3
Countries

3060 kB
Transfer

9874 kB
Size

1
Cookies

82 Outgoing links

These are links going to different origins than the main page.

URL: https://www.paypal.com/us/home
Title: PayPal Logo US

Search URL Search Domain Scan URL

URL: https://www.paypal.com/us/digital-wallet/how-paypal-works
Title: PayPal for You

Search URL Search Domain Scan URL

URL: https://www.paypal.com/us/digital-wallet/ways-to-pay
Title: Shop and Buy

Search URL Search Domain Scan URL

URL: https://www.paypal.com/us/digital-wallet/ways-to-pay/buy-now-pay-later
Title: Buy Now, Pay Later

Search URL Search Domain Scan URL

URL: https://www.paypal.com/us/digital-wallet/deals-rewards
Title: Deals and Cash Back

Search URL Search Domain Scan URL

URL: https://www.paypal.com/us/digital-wallet/ways-to-pay/pay-with-rewards
Title: Pay with Rewards

Search URL Search Domain Scan URL

URL: https://www.paypal.com/us/digital-wallet/ways-to-pay/pay-with-qr-code
Title: Pay with QR Codes

Search URL Search Domain Scan URL

URL: https://www.paypal.com/us/digital-wallet/manage-money/crypto
Title: Checkout with Crypto

Search URL Search Domain Scan URL

URL: https://www.paypal.com/us/digital-wallet/ways-to-pay/credit-services
Title: PayPal Credit and Cards

Search URL Search Domain Scan URL

URL: https://www.paypal.com/us/digital-wallet/send-receive-money
Title: Send and Receive

Search URL Search Domain Scan URL

URL: https://www.paypal.com/us/digital-wallet/send-receive-money/send-money
Title: Send Money

Search URL Search Domain Scan URL

URL: https://www.paypal.com/us/digital-wallet/send-receive-money/request-money
Title: Request Money

Search URL Search Domain Scan URL

URL: https://www.paypal.com/us/digital-wallet/send-receive-money/start-selling
Title: Start Selling

Search URL Search Domain Scan URL

URL: https://www.paypal.com/us/digital-wallet/send-receive-money/giving
Title: Donate and Raise Funds

Search URL Search Domain Scan URL

URL: https://www.paypal.com/us/digital-wallet/manage-money
Title: Manage Your Money

Search URL Search Domain Scan URL

URL: https://www.paypal.com/us/digital-wallet/manage-money/direct-deposit
Title: Set up Direct Deposit

Search URL Search Domain Scan URL

URL: https://www.paypal.com/us/digital-wallet/manage-money/cash-check
Title: Deposit Checks

Search URL Search Domain Scan URL

URL: https://www.paypal.com/us/digital-wallet/manage-money/add-cash
Title: Add Cash

Search URL Search Domain Scan URL

URL: https://www.paypal.com/us/digital-wallet/manage-money/start-saving
Title: Savings and Goals

Search URL Search Domain Scan URL

URL: https://www.paypal.com/us/digital-wallet/manage-money/pay-bills
Title: Pay Bills

Search URL Search Domain Scan URL

URL: https://www.paypal.com/us/digital-wallet
Title: Get the App

Search URL Search Domain Scan URL

URL: https://www.paypal.com/us/money-hub
Title: Money Hub

Search URL Search Domain Scan URL

URL: https://www.paypal.com/us/business
Title: PayPal for Business

Search URL Search Domain Scan URL

URL: https://www.paypal.com/us/business/accept-payments
Title: Accept Payments

Search URL Search Domain Scan URL

URL: https://www.paypal.com/us/business/accept-payments/checkout
Title: Online Checkout

Search URL Search Domain Scan URL

URL: https://www.paypal.com/us/business/accept-payments/checkout/installments
Title: Installment Payments

Search URL Search Domain Scan URL

URL: https://www.paypal.com/us/business/accept-payments/invoice
Title: Invoicing

Search URL Search Domain Scan URL

URL: https://www.paypal.com/us/business/pos-system
Title: POS System

Search URL Search Domain Scan URL

URL: https://www.paypal.com/us/business/financial-services
Title: Financial Services

Search URL Search Domain Scan URL

URL: https://www.paypal.com/us/business/financial-services/debit-card
Title: Business Debit Card

Search URL Search Domain Scan URL

URL: https://www.paypal.com/us/business/financial-services/credit-card
Title: Business Credit Card

Search URL Search Domain Scan URL

URL: https://www.paypal.com/us/business/financial-services/business-loan
Title: Business Loan

Search URL Search Domain Scan URL

URL: https://www.paypal.com/us/business/financial-services/working-capital
Title: Working Capital Loan

Search URL Search Domain Scan URL

URL: https://www.paypal.com/us/business/operations
Title: Business Operations

Search URL Search Domain Scan URL

URL: https://www.paypal.com/us/business/operations/risk-management
Title: Risk Management

Search URL Search Domain Scan URL

URL: https://www.paypal.com/us/business/operations/reporting-tools
Title: Reporting Tools

Search URL Search Domain Scan URL

URL: https://www.paypal.com/us/business/operations/returns
Title: Returns

Search URL Search Domain Scan URL

URL: https://www.paypal.com/us/business/operations/shipping
Title: Shipping

Search URL Search Domain Scan URL

URL: https://www.paypal.com/us/business/platforms-and-marketplaces/solutions
Title: 3rd Party Integrations

Search URL Search Domain Scan URL

URL: https://www.paypal.com/us/brc/
Title: Business Resource Center

Search URL Search Domain Scan URL

URL: https://www.paypal.com/us/webapps/mpp/nfp
Title: Accept Donations

Search URL Search Domain Scan URL

URL: https://www.paypal.com/us/business/open-business-account
Title: Get Started

Search URL Search Domain Scan URL

URL: https://www.paypal.com/us/business/pricing
Title: Fees

Search URL Search Domain Scan URL

URL: https://www.paypal.com/us/enterprise
Title: PayPal for Enterprise

Search URL Search Domain Scan URL

URL: https://www.paypal.com/us/enterprise/payment-processing
Title: Global Payment Processing

Search URL Search Domain Scan URL

URL: https://www.paypal.com/us/enterprise/payment-processing/accept-paypal
Title: Accept PayPal

Search URL Search Domain Scan URL

URL: https://www.paypal.com/us/enterprise/payment-processing/accept-venmo
Title: Accept Venmo

Search URL Search Domain Scan URL

URL: https://www.paypal.com/us/enterprise/payment-processing/accept-pay-later
Title: Offer Pay Later

Search URL Search Domain Scan URL

URL: https://www.paypal.com/us/enterprise/payment-methods
Title: Payment Methods

Search URL Search Domain Scan URL

URL: https://www.paypal.com/us/enterprise/fraud-protection-advanced
Title: Fraud Protection

Search URL Search Domain Scan URL

URL: https://www.paypal.com/us/enterprise/make-payments
Title: Payouts

Search URL Search Domain Scan URL

URL: https://www.paypal.com/us/enterprise/streamline-operations
Title: Operations

Search URL Search Domain Scan URL

URL: https://developer.paypal.com/home/
Title: Developer Documentation

Search URL Search Domain Scan URL

URL: https://www.paypal.com/us/enterprise/paypal-solutions-by-industry
Title: Solutions by Industry

Search URL Search Domain Scan URL

URL: https://www.paypal.com/us/enterprise/contact-sales
Title: Contact Sales

Search URL Search Domain Scan URL

URL: https://www.paypal.com/us/webapps/mpp/account-selection
Title: Sign Up

Search URL Search Domain Scan URL

URL: https://www.paypal.com/myaccount/crypto/
Title: Get Started

Search URL Search Domain Scan URL

URL: https://www.paypal.com/us/webapps/mpp/paypal-fees
Title: More about cryptocurrency fees and pricing

Search URL Search Domain Scan URL

URL: https://www.paypal.com/us/digital-wallet/manage-money/paypal-debit-card
Title: PayPal Debit Card

Search URL Search Domain Scan URL

URL: https://www.paypal.com/cgp/app-redirect?intent=download&src=dw_ppcom_gtacta_mweb&action=redirect
Title: Get the App

Search URL Search Domain Scan URL

URL: https://www.paypal.com/us/cshelp/personal
Title: Help

Search URL Search Domain Scan URL

URL: https://www.paypal.com/us/smarthelp/contact-us
Title: Contact

Search URL Search Domain Scan URL

URL: https://www.paypal.com/us/security
Title: Security

Search URL Search Domain Scan URL

URL: https://www.paypal.com/us/digital-wallet/mobile-apps
Title: Apps

Search URL Search Domain Scan URL

URL: https://www.paypal.com/us/webapps/mpp/shopping-selection
Title: Shop

Search URL Search Domain Scan URL

URL: https://www.paypal.com/us/business/platforms-and-marketplaces
Title: Partners

Search URL Search Domain Scan URL

URL: https://www.paypal.com/us/webapps/mpp/country-worldwide
Title: See all countries/regions

Search URL Search Domain Scan URL

URL: https://about.pypl.com/about-us/default.aspx
Title: About

Search URL Search Domain Scan URL

URL: https://newsroom.paypal-corp.com/
Title: Newsroom

Search URL Search Domain Scan URL

URL: https://careers.pypl.com/home/
Title: Jobs

Search URL Search Domain Scan URL

URL: https://investor.pypl.com/home/default.aspx
Title: Investor Relations

Search URL Search Domain Scan URL

URL: https://about.pypl.com/values-in-action/default.aspx
Title: Values in Action

Search URL Search Domain Scan URL

URL: https://publicpolicy.paypal-corp.com/
Title: Public Policy

Search URL Search Domain Scan URL

URL: https://www.paypal.com/us/webapps/mpp/accessibility
Title: Accessibility

Search URL Search Domain Scan URL

URL: https://www.paypal.com/privacy-center
Title: Privacy

Search URL Search Domain Scan URL

URL: https://www.paypal.com/myaccount/privacy/cookiePrefs
Title: Cookies

Search URL Search Domain Scan URL

URL: https://www.paypal.com/us/legalhub/home
Title: Legal

Search URL Search Domain Scan URL

URL: https://www.paypal.com/us/webapps/mpp/ua/cryptocurrencies-tnc?locale.x=en_US#fees-pricing
Title: PayPal's Cryptocurrency Terms

Search URL Search Domain Scan URL

URL: https://paxos.com/2019/03/29/general-terms-and-conditions/
Title: Paxos Terms

Search URL Search Domain Scan URL

URL: https://www.paypal.com/us/webapps/mpp/ua/cryptocurrencies-tnc
Title: See our disclosure

Search URL Search Domain Scan URL

URL: https://libra.galxe.com/upload/Terms%20of%20Use%20v2%20-%2008_01_2022.pdf
Title: Terms of Service

Search URL Search Domain Scan URL

URL: https://libra.galxe.com/upload/Privacy%20Policy%20v4%20-%2008_01_2022.pdf
Title: Privacy Policy

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

30 HTTP transactions
37 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
claim-pyusd.org/ 4 MB
2 MB 239ms
138ms Document
text/html 2606:4700:3034::6815:3895
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://claim-pyusd.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:3895 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b49c766b39b97add50e4e317d1af16d095366671e0997bb6904240b8539de9db

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7f3ce5fc2d6f2bd3-FRA
content-encoding: br
content-type: text/html
date: Wed, 09 Aug 2023 03:26:35 GMT
last-modified: Tue, 08 Aug 2023 12:51:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qE%2FKMPqv6edWySWN7a8bmvW3SNycEMur6N%2FWZqwU0R8byB5pjxQevNeKrUeADOtMYPvGAk1I2s81wv%2Bmgeur0%2BFoVbwgeJETSADPpT1QiMycrOLACDCbzBGRdJ3%2BMTbGTcO8uT5oXWbq6pJBr%2BY%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 ethers.umd.min.js Show response
cdnjs.cloudflare.com/ajax/libs/ethers/5.6.9/ 719 KB
124 KB 118ms
41ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/ethers/5.6.9/ethers.umd.min.js

Requested by

Host: claim-pyusd.org
URL: https://claim-pyusd.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

95c66625ee20f53d542e23dded002b021b24e9d28c3d193a076d45cba4dc8618

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://claim-pyusd.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 03:26:35 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 5485783
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 125841
last-modified: Sat, 18 Jun 2022 08:07:49 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "62ad87d5-1eb91"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PW7qw06sR2px29ft4Zh7nUXT7251PBEXmUCsuyxv4um9CQWyx9qHSI0zxO1jTqFVx5txXvMzKXuyxWqoo7pWXS9Uy2134tGabedSELgsfIbGsBWRnusH0IciH%2F6roZ3vXC54eDXNIa%2BUpWLHt3Jzf0hg"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7f3ce5fd8eea3829-FRA
expires: Mon, 29 Jul 2024 03:26:35 GMT

GET
H2 200 merkletree.js Show response
cdn.jsdelivr.net/npm/merkletreejs@latest/ 190 KB
43 KB 117ms
42ms Script
application/javascript 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/merkletreejs@latest/merkletree.js

Requested by

Host: claim-pyusd.org
URL: https://claim-pyusd.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

427275229e73ba3bc849869a51577d4f5051146b41cf656ac7b162af578acf2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://claim-pyusd.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 03:26:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 14572
x-jsd-version: 0.3.10
content-encoding: br
x-cache: HIT, MISS
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230109-FRA, cache-yyz4550-YYZ
x-jsd-version-type: version
server: cloudflare
etag: W/"2f7c4-Pumbe/x5F9RSI3AvDUN0SA6nxmI"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rKV7Lo8xFcpA1atr7r7Oh%2BgC0z4VwUQYc3BRYaEjoFVXKLmEBxE8VgS5y3X%2BfsQc71Sl6QpPXpjslPnux6vgf6AcsrAY0lPV%2BvjCODqJ1MtWspfAq9r6rJB3t6PGXXTYt%2B%2B%2B%2FJAieU0VHkK7vEA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 7f3ce5fd8d283668-FRA

GET
H2 200 seaport.js Show response
claim-pyusd.org/scripts/ 665 KB
189 KB 310ms
309ms Script
application/javascript 2606:4700:3034::6815:3895
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://claim-pyusd.org/scripts/seaport.js
Requested by: Host: claim-pyusd.org
URL: https://claim-pyusd.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:3895 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7e9952bf40a202b4d047ea5157e5c67930667d29749dcecfd20df0fc1a40f276

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://claim-pyusd.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 03:26:35 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 08 May 2023 13:39:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"a64b2-5fb2ec616be80-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RSHM7McjnXzE2QVavbjyiX8GBK3S2K310UibwtvWCUk%2BWgcgCSe8A0rGNO630omY1iL6naK5mhBlLfEf73pSg20zowYeHosQlMu2Jkq5PiDVwNlSFEpIr7m50Us31tEsDRrZUd00NDru86oKA4k%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7f3ce5fd1e192bd3-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 wallet-connect.js Show response
claim-pyusd.org/scripts/ 876 KB
232 KB 295ms
294ms Script
application/javascript 2606:4700:3034::6815:3895
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://claim-pyusd.org/scripts/wallet-connect.js
Requested by: Host: claim-pyusd.org
URL: https://claim-pyusd.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:3895 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 88930dc583b10fe369e8f3ec632c819d54c6cc6a812087eba17b9b7db6a86cba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://claim-pyusd.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 03:26:35 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 27 Jul 2023 19:42:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"db1fa-6017d2b952b80-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DWA9Kq2tPqWKJDJdnVOj8YSS49IvOBPqBb61VImBxQ0hdW%2FCYdqiCWInH8TftzI7U8m3ESaQgnhVGHYGbz7BBPgeo7S79PGfV1wKd2VDI9GPkFxqD9nvLLAMtsptv5etBlc5%2FYkVoMFBjpPpRtI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7f3ce5fd1e1a2bd3-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 sweetalert2@11 Show response
cdn.jsdelivr.net/npm/ 66 KB
19 KB 147ms
72ms Script
application/javascript 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/sweetalert2@11

Requested by

Host: claim-pyusd.org
URL: https://claim-pyusd.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

996d70ae1b8aa760a5d03095affefe193765d7af19ae607a15aca8300952987d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://claim-pyusd.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 03:26:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 37385
x-jsd-version: 11.7.20
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230029-FRA, cache-bma1667-BMA
x-jsd-version-type: version
server: cloudflare
etag: W/"10997-ScCHGJRybOSWX1AjIGYzth1RqkI"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rT4JY1ow%2Blj4tY2aHdKvcCsjFw61T24Sw8INrnH%2BZ4O%2F3V3H47EtmIHxLcaBlQ4fE%2FOG4FHzhl0VSVZ3HNcvvnl%2FwDKesYbgYYnWtZTDqh7askp8gPF0XGpze3xMv9tM6p8mNJJEHzOYUp%2BP%2FlI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 7f3ce5fd8d2b3668-FRA

GET
H2 200 44c816c2-3431-4898-a903-f25d323aab41.js Show response
claim-pyusd.org/ 2 MB
361 KB 409ms
408ms Script
application/javascript 2606:4700:3034::6815:3895
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://claim-pyusd.org/44c816c2-3431-4898-a903-f25d323aab41.js
Requested by: Host: claim-pyusd.org
URL: https://claim-pyusd.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:3895 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ac1d95d521ffad0915e84555b6f3dc77e1dfe8e05a2ae4ac80c1eee7170e1ccc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://claim-pyusd.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 03:26:35 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 06 Aug 2023 04:17:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"1ae21c-602396807d880-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SvwBYWgJ6gnts8G7lB99kkct%2BRIRV0dTi7KnQTV1k5EovEO553DgL5R6g1qjrb2snK7TCdk7hE0o0h28OQuZgV1XpApXkJ6nkeiT0HtiCkPC49TFvvGvEIPl3cu%2FQ1H%2FnlPlrq4jE5nCVqQsraU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7f3ce5fd1e1b2bd3-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 jquery-3.7.0.min.js Show response
code.jquery.com/ 85 KB
30 KB 115ms
32ms Script
application/javascript 2001:4de0:ac18::1:a:2b
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.7.0.min.js
Requested by: Host: claim-pyusd.org
URL: https://claim-pyusd.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:2b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: d8f9afbf492e4c139e9d2bcb9ba6ef7c14921eb509fb703bc7a3f911b774eff8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://claim-pyusd.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 03:26:35 GMT
content-encoding: gzip
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
etag: W/"28feccc0-155a6"
vary: Accept-Encoding
x-hw: 1691551595.dop211.am5.t,1691551595.cds285.am5.hn,1691551595.cds261.am5.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30308

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ada97d439bdaa3ddfe907731a0df30abed75550be3942240b24368a3edce7ccc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9a1d703731db4b6668dd4d9dd6f956ca68ef5729ed88c0f78f6b8334a9320a32

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0987f9320973de795abd5fa443b8c95a7410d9f89eb155e84c450e273f693b67

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: edcf241fc9519760503d87b3d875b063e351803ddf6a87776a1f5f5784fed30b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f8b77c2ededff0de774a0ce3dda474cd9017718ca8f21b973df204d195d35691

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 47b4127901d4f7a1fff70b0672ebf0b19a7d36e7e1a7f0744cbda9d2af4fc501

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f9035e34f5734e89ddb03b601b1c0fd58323a93f176c5c7e220d7aa7a2062ed5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 485 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0ae43ce889e681571d03d344efe658dd4ae957c10a186541aa5c59af478b92de

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 27 KB
27 KB Font
application/font-woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9ae7b95f034d76b21aaf8fcc0cdd39f4ba7ba59dd9751348a32c7e5cfdfdb6df

Request headers

Referer
Origin: https://claim-pyusd.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: application/font-woff2

GET
DATA 200
OK truncated
/ 26 KB
26 KB Font
application/font-woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9ed6dcb699f10e85624a4579731f929b5d8b91f0c73b9fc01b8893021c83f4a0

Request headers

Referer
Origin: https://claim-pyusd.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: application/font-woff2

GET
DATA 200
OK truncated
/ 101 KB
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ae2a70afab16005a4c766ceaaf4e5aaf93ebb3c0462f8bfb5d3a159cfe04ea4a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/webp

GET
DATA 200
OK truncated
/ 175 KB
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d9e17a1a24d9d1231d056500ac02fdd41adf3e8578b67d1f1b2942e94fe4a172

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/webp

GET
DATA 200
OK truncated
/ 982 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e991f0689df534ba80b65619343670a26e8dd8d9ae4082a95ea9bae453f4dd62

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 538 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d8ca38eb4c7415a8888cf8af3b5e7f772abccd9d8412337f21dda6881615b17c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 953 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4d49cb81c069eb618d044bd42877f974bc4b235522bba2c04a226e710cc728c3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 393 KB
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4226337bc9cc754fbb29324e47f10a564623f0f45dc0f255408d8c34893c050e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/webp

GET
DATA 200
OK truncated
/ 88 KB
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b36cb90d517afc60ebc49892a3cbf0b0404672a9c043e82ea0ad494210350dc9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/webp

GET
DATA 200
OK truncated
/ 83 KB
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2424ce97d5a65a93b137fdcddf072f875844c4d52c0a9c0d995d36e6306d0e87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/webp

GET
DATA 200
OK truncated
/ 115 KB
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5e2f0973d17f3555ebd8a9e6d7173df76b78c04eba1669811f75c9d8ff631581

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/webp

GET
DATA 200
OK truncated
/ 79 KB
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fa1582f0d8887f75f5ad9115fda9a1bf7b6355eecc45c5d41bfb557dbdddc62e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/webp

GET
DATA 200
OK truncated
/ 792 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 48f0e382628785c78faebeacc46659354d4b7124c258f3672eb5341b6c4a290d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 491 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 748630a64eb5d1cc98231498c11b056ab40503afc4f2acf9ceabfe36c558c92c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b858d4921885018047cd9002e7257433e19f90b1eefeaaae8230372854d7981e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 733 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dc75649903fb296b258c8122fdd6018f98ca4bbab1ffcf96f4dfe2b2669e269b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 676 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 31802237ba53076b10e85a499a8aca04e9130b46710738916c04d92c2772962c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 106 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d366c91bd1a0bb8f2fc0aa9c3f74ee7043829533bb3b8b23351c13dedd000aa7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cda7704463471358975d47c1934b73ae57baea4741abb04c0abfe9e9ebb20659

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 108 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 21f89c7c27f0eab13388645aea1eedb4a342c06333a14d74c1a10dfca04d6455

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5e89733d8a8e055100cda68bf7a712ab0e1b24fefee7e39792b47cb5ff7c3cb1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 css2
fonts.googleapis.com/ 5 KB
1 KB 193ms
66ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Inter:wght@400;700&display=swap

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cb0bc5513f94853da0dbb69e3f382d7025bc9772b05c9af665654eab4b985021

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://claim-pyusd.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 09 Aug 2023 03:26:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 09 Aug 2023 02:32:11 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 09 Aug 2023 03:26:37 GMT

GET
H2 200 coinbase-logo.bd9aa10.png
galxe.com/_nuxt/img/ 1 KB
3 KB 805ms
390ms Image
image/png 52.32.230.7
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://galxe.com/_nuxt/img/coinbase-logo.bd9aa10.png

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.32.230.7 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-32-230-7.us-west-2.compute.amazonaws.com

Software

istio-envoy /

Resource Hash

90ea5d8296d8bf0044a5408eea113c6e1df6656c46f9d8f0457f2e04317e4765

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none';
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://claim-pyusd.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 03:26:37 GMT
content-security-policy: frame-ancestors 'none';
x-content-type-options: nosniff
strict-transport-security: max-age=31536000;
x-envoy-upstream-service-time: 3
content-length: 1392
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Wed, 09 Aug 2023 01:51:39 GMT
server: istio-envoy
etag: W/"570-189d7fe0ff8"
x-download-options: noopen
x-frame-options: deny
content-type: image/png
cache-control: public, max-age=31536000
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(self), clipboard-write=(self), gamepad=(), speaker-selection=()
accept-ranges: bytes

GET
DATA 200
OK truncated
/ 551 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b0da7649f8e1d502b80c73b34efa36238673a411bddacd48d480a66a89c033b6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 567 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 16833959ed46ef5a671d0be341cc68514c43d3783bd6a08c50652f719850bc29

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 472 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0080635dbcf9297fa560f70458a652dfd0b3d8c0e5bc85f830ab2dfc8be2ca99

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 499 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c5ef0e665b43d569ff716b11ed604492ec37c9d4dc9f88c4040efc66e7cb6f11

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 521 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2ed5ce03f0ff32e5fdf9a983a5946ce1f0a16b2f176be80961c81c53bc934ab5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 601 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 75877ca61b99b4083a881172e41425f8446d195c947ad7b0873dd1313b8ca63c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 377 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a0d9c088e36ce9baa888182b0a4abacac53b625a84b270578f14daf266305148

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 433 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b330f35193b9d122b1b7b304a2d3cf0587cae9a46a1445c7725f41cbb312d784

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 coinbase-shadow.4e71a76.png
galxe.com/_nuxt/img/ 2 KB
3 KB 619ms
205ms Image
image/png 52.32.230.7
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://galxe.com/_nuxt/img/coinbase-shadow.4e71a76.png

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.32.230.7 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-32-230-7.us-west-2.compute.amazonaws.com

Software

istio-envoy /

Resource Hash

9b912940443a66f22d4bb23b56bd323accd1db371030ce4011472cb6e4767455

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none';
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://claim-pyusd.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 03:26:37 GMT
content-security-policy: frame-ancestors 'none';
x-content-type-options: nosniff
strict-transport-security: max-age=31536000;
x-envoy-upstream-service-time: 3
content-length: 2038
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Wed, 09 Aug 2023 01:48:21 GMT
server: istio-envoy
etag: W/"7f6-189d7fb0a88"
x-download-options: noopen
x-frame-options: deny
content-type: image/png
cache-control: public, max-age=31536000
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(self), clipboard-write=(self), gamepad=(), speaker-selection=()
accept-ranges: bytes

GET
H2 200 metamask-logo.8bf6a94.png
galxe.com/_nuxt/img/ 4 KB
5 KB 620ms
206ms Image
image/png 52.32.230.7
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://galxe.com/_nuxt/img/metamask-logo.8bf6a94.png

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.32.230.7 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-32-230-7.us-west-2.compute.amazonaws.com

Software

istio-envoy /

Resource Hash

cb31761089f3e75ef77a152ecaaf5d44e78bfc83fb7f1913f7b353ed1595c458

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none';
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://claim-pyusd.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 03:26:37 GMT
content-security-policy: frame-ancestors 'none';
x-content-type-options: nosniff
strict-transport-security: max-age=31536000;
x-envoy-upstream-service-time: 3
content-length: 3777
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Wed, 09 Aug 2023 01:51:39 GMT
server: istio-envoy
etag: W/"ec1-189d7fe0ff8"
x-download-options: noopen
x-frame-options: deny
content-type: image/png
cache-control: public, max-age=31536000
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(self), clipboard-write=(self), gamepad=(), speaker-selection=()
accept-ranges: bytes

GET
H2 200 metamask-shadow.019298f.png
galxe.com/_nuxt/img/ 3 KB
5 KB 800ms
387ms Image
image/png 52.32.230.7
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://galxe.com/_nuxt/img/metamask-shadow.019298f.png

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.32.230.7 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-32-230-7.us-west-2.compute.amazonaws.com

Software

istio-envoy /

Resource Hash

e84d5722540389ce0fc5c169bc388c1485c66731f9b6c5f536e3399ba03b4926

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none';
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://claim-pyusd.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 03:26:37 GMT
content-security-policy: frame-ancestors 'none';
x-content-type-options: nosniff
strict-transport-security: max-age=31536000;
x-envoy-upstream-service-time: 2
content-length: 3529
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Wed, 09 Aug 2023 01:48:21 GMT
server: istio-envoy
etag: W/"dc9-189d7fb0a88"
x-download-options: noopen
x-frame-options: deny
content-type: image/png
cache-control: public, max-age=31536000
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(self), clipboard-write=(self), gamepad=(), speaker-selection=()
accept-ranges: bytes

GET
H2 200 trust-logo.d7763a0.png
galxe.com/_nuxt/img/ 11 KB
12 KB 995ms
582ms Image
image/png 52.32.230.7
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://galxe.com/_nuxt/img/trust-logo.d7763a0.png

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.32.230.7 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-32-230-7.us-west-2.compute.amazonaws.com

Software

istio-envoy /

Resource Hash

23229614b01b7fa2b11eaf2c6dd58de49f23835f93797ae72f3a89a0302330f6

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none';
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://claim-pyusd.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 03:26:37 GMT
content-security-policy: frame-ancestors 'none';
x-content-type-options: nosniff
strict-transport-security: max-age=31536000;
x-envoy-upstream-service-time: 6
content-length: 11059
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Wed, 09 Aug 2023 01:51:39 GMT
server: istio-envoy
etag: W/"2b33-189d7fe0ff8"
x-download-options: noopen
x-frame-options: deny
content-type: image/png
cache-control: public, max-age=31536000
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(self), clipboard-write=(self), gamepad=(), speaker-selection=()
accept-ranges: bytes

GET
H2 200 trust-shadow.d051bf8.png
galxe.com/_nuxt/img/ 7 KB
8 KB 813ms
400ms Image
image/png 52.32.230.7
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://galxe.com/_nuxt/img/trust-shadow.d051bf8.png

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.32.230.7 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-32-230-7.us-west-2.compute.amazonaws.com

Software

istio-envoy /

Resource Hash

ce4b2676e88542c453497842115f2e755d5ffc61506db6c864ee8119fbc67b4a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none';
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://claim-pyusd.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 03:26:37 GMT
content-security-policy: frame-ancestors 'none';
x-content-type-options: nosniff
strict-transport-security: max-age=31536000;
x-envoy-upstream-service-time: 4
content-length: 7324
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Wed, 09 Aug 2023 01:51:39 GMT
server: istio-envoy
etag: W/"1c9c-189d7fe0ff8"
x-download-options: noopen
x-frame-options: deny
content-type: image/png
cache-control: public, max-age=31536000
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(self), clipboard-write=(self), gamepad=(), speaker-selection=()
accept-ranges: bytes

GET
H2 200 walletconnect-logo.25f5202.png
galxe.com/_nuxt/img/ 3 KB
4 KB 502ms
501ms Image
image/png 52.32.230.7
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://galxe.com/_nuxt/img/walletconnect-logo.25f5202.png

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.32.230.7 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-32-230-7.us-west-2.compute.amazonaws.com

Software

istio-envoy /

Resource Hash

cd4a18f4fe8c5a0116c638475aa8b09935a9f254d7c1abd31345f3f0d93d7bb6

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none';
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://claim-pyusd.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 03:26:37 GMT
content-security-policy: frame-ancestors 'none';
x-content-type-options: nosniff
strict-transport-security: max-age=31536000;
x-envoy-upstream-service-time: 3
content-length: 2623
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Wed, 09 Aug 2023 01:51:39 GMT
server: istio-envoy
etag: W/"a3f-189d7fe0ff8"
x-download-options: noopen
x-frame-options: deny
content-type: image/png
cache-control: public, max-age=31536000
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(self), clipboard-write=(self), gamepad=(), speaker-selection=()
accept-ranges: bytes

GET
H2 200 walletconnect-shadow.25dc322.png
galxe.com/_nuxt/img/ 1 KB
3 KB 502ms
502ms Image
image/png 52.32.230.7
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://galxe.com/_nuxt/img/walletconnect-shadow.25dc322.png

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.32.230.7 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-32-230-7.us-west-2.compute.amazonaws.com

Software

istio-envoy /

Resource Hash

993aee2edfce79943d964b44e3d37cd0212138aacec3d7234ff9f9f74c485aed

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none';
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://claim-pyusd.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 03:26:37 GMT
content-security-policy: frame-ancestors 'none';
x-content-type-options: nosniff
strict-transport-security: max-age=31536000;
x-envoy-upstream-service-time: 3
content-length: 1465
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Wed, 09 Aug 2023 01:51:39 GMT
server: istio-envoy
etag: W/"5b9-189d7fe0ff8"
x-download-options: noopen
x-frame-options: deny
content-type: image/png
cache-control: public, max-age=31536000
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(self), clipboard-write=(self), gamepad=(), speaker-selection=()
accept-ranges: bytes

GET
H2 200 getDesktopListings Show response
explorer-api.walletconnect.com/w3m/v1/ 6 KB
2 KB 340ms
255ms Fetch
application/json 2606:4700::6812:1b2e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://explorer-api.walletconnect.com/w3m/v1/getDesktopListings?projectId=1e0888012c8fe64cda021d0d98d71f13&page=1&entries=9&version=2
Requested by: Host: claim-pyusd.org
URL: https://claim-pyusd.org/scripts/wallet-connect.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1b2e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 56e845564e2ea7d3da134dea8287587f8a7879dd7ed75d816a82d8112b2abebf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://claim-pyusd.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 03:26:37 GMT
content-encoding: gzip
server: cloudflare
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=21600, s-maxage=7200
x-robots-tag: noindex
cf-ray: 7f3ce60b0f0e5b6e-FRA

GET
H2 200 getInjectedListings Show response
explorer-api.walletconnect.com/w3m/v1/ 27 KB
6 KB 428ms
343ms Fetch
application/json 2606:4700::6812:1b2e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://explorer-api.walletconnect.com/w3m/v1/getInjectedListings?projectId=1e0888012c8fe64cda021d0d98d71f13
Requested by: Host: claim-pyusd.org
URL: https://claim-pyusd.org/scripts/wallet-connect.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1b2e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dce5aba275f733ec28b52dde5db241035782f594e24fe36666bc532b3bcda96c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://claim-pyusd.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 03:26:37 GMT
content-encoding: gzip
server: cloudflare
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=21600, s-maxage=7200
x-robots-tag: noindex
cf-ray: 7f3ce60b0f0f5b6e-FRA

GET
H2 200 1e0888012c8fe64cda021d0d98d71f13 Show response
verify.walletconnect.com/ Frame 3661 0
58 B 117ms
34ms Document
text/plain 3.77.83.234
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://verify.walletconnect.com/1e0888012c8fe64cda021d0d98d71f13
Requested by: Host: claim-pyusd.org
URL: https://claim-pyusd.org/scripts/wallet-connect.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.77.83.234 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-77-83-234.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://claim-pyusd.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 0
content-type: text/plain; charset=utf-8
date: Wed, 09 Aug 2023 03:26:37 GMT

GET
H2 200 692ed6ba-e569-459a-556a-776476829e00
explorer-api.walletconnect.com/w3m/v1/getAssetImage/ 2 KB
2 KB 311ms
237ms Image
image/webp 2606:4700::6812:1b2e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://explorer-api.walletconnect.com/w3m/v1/getAssetImage/692ed6ba-e569-459a-556a-776476829e00?projectId=1e0888012c8fe64cda021d0d98d71f13

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1b2e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a96683af833d7e9409bea1d240842f89a6117c323ff048b484a23fea13ccb61e

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://claim-pyusd.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

cf-images: internal=ok/- q=0 n=535 c=0+18 v=2022.12.7 l=1962
date: Wed, 09 Aug 2023 03:26:37 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 1962
cf-bgj: imgq:86,h2pri
server: cloudflare
etag: "cfaRKjj98wG78-Q94g8ciN3whHUG7FeV1c8ZwDJoU7DQ"
vary: Accept, Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=21600, s-maxage=7200
accept-ranges: bytes
cf-ray: 7f3ce60dae3b4dc5-FRA
x-robots-tag: noindex

GET
H2 200 f216b371-96cf-409a-9d88-296392b85800
explorer-api.walletconnect.com/w3m/v1/getWalletImage/ 7 KB
7 KB 281ms
208ms Image
image/webp 2606:4700::6812:1b2e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://explorer-api.walletconnect.com/w3m/v1/getWalletImage/f216b371-96cf-409a-9d88-296392b85800?projectId=1e0888012c8fe64cda021d0d98d71f13

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1b2e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8375a01e1263fdbbe98b57c8ee45e9469803435f3da78dddf76d103af4f48113

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://claim-pyusd.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

cf-images: internal=ok/- q=0 n=17+0 c=8+32 v=2023.4.2 l=7156
date: Wed, 09 Aug 2023 03:26:37 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2143
content-length: 7156
cf-bgj: imgq:86,h2pri
server: cloudflare
etag: "cfyj1vIYJl6_nRyZMcHzzS8SMZUG7FeV1c8ZwDJoU7DQ"
vary: Accept, Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=21600
accept-ranges: bytes
cf-ray: 7f3ce60dae404dc5-FRA
x-robots-tag: noindex
expires: Wed, 09 Aug 2023 09:26:37 GMT

GET
H2 200 a7f416de-aa03-4c5e-3280-ab49269aef00
explorer-api.walletconnect.com/w3m/v1/getWalletImage/ 2 KB
2 KB 287ms
214ms Image
image/webp 2606:4700::6812:1b2e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://explorer-api.walletconnect.com/w3m/v1/getWalletImage/a7f416de-aa03-4c5e-3280-ab49269aef00?projectId=1e0888012c8fe64cda021d0d98d71f13

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1b2e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

11a824e4c63932ec7c2684c8c9554c84461efb5d731d15387d77bb5c3e78f9d5

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://claim-pyusd.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

cf-images: internal=ok/- q=0 n=13+0 c=1+18 v=2023.4.2 l=2090
date: Wed, 09 Aug 2023 03:26:37 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3076
content-length: 2090
cf-bgj: imgq:86,h2pri
server: cloudflare
etag: "cfeV6YXTHd_vyfarpvxqg62GCGUG7FeV1c8ZwDJoU7DQ"
vary: Accept, Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=21600
accept-ranges: bytes
cf-ray: 7f3ce60dae3d4dc5-FRA
x-robots-tag: noindex
expires: Wed, 09 Aug 2023 09:26:37 GMT

GET
H2 200 7e1514ba-932d-415d-1bdb-bccb6c2cbc00
explorer-api.walletconnect.com/w3m/v1/getWalletImage/ 3 KB
3 KB 309ms
236ms Image
image/webp 2606:4700::6812:1b2e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://explorer-api.walletconnect.com/w3m/v1/getWalletImage/7e1514ba-932d-415d-1bdb-bccb6c2cbc00?projectId=1e0888012c8fe64cda021d0d98d71f13

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1b2e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9407c0251bd7b695a38698d04bbb15514ed472e11797aef7793b9acb2b04fcff

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://claim-pyusd.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

cf-images: internal=ok/- q=0 n=21+0 c=0+14 v=2023.6.0 l=2632
date: Wed, 09 Aug 2023 03:26:37 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
age: 509
content-length: 2632
cf-bgj: imgq:86,h2pri
server: cloudflare
etag: "cfmeYviP6kCNFgjEWLRBgPUJnDUG7FeV1c8ZwDJoU7DQ"
vary: Accept, Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=21600
accept-ranges: bytes
cf-ray: 7f3ce60dae3e4dc5-FRA
x-robots-tag: noindex
expires: Wed, 09 Aug 2023 09:26:37 GMT

GET
H2 200 c39b3a16-1a38-4588-f089-cb7aeb584700
explorer-api.walletconnect.com/w3m/v1/getWalletImage/ 5 KB
5 KB 285ms
212ms Image
image/webp 2606:4700::6812:1b2e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://explorer-api.walletconnect.com/w3m/v1/getWalletImage/c39b3a16-1a38-4588-f089-cb7aeb584700?projectId=1e0888012c8fe64cda021d0d98d71f13

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1b2e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1562ed280e5486999bfa41e9eddf46996b078b54e14fff9748b427c793bc6969

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://claim-pyusd.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

cf-images: internal=ok/- q=0 n=21+0 c=0+9 v=2023.5.0 l=5054
date: Wed, 09 Aug 2023 03:26:37 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2794
content-length: 5054
cf-bgj: imgq:86,h2pri
server: cloudflare
etag: "cfzxenqWecI6yJVG_C8-69sArsUG7FeV1c8ZwDJoU7DQ"
vary: Accept, Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=21600
accept-ranges: bytes
cf-ray: 7f3ce60dae454dc5-FRA
x-robots-tag: noindex
expires: Wed, 09 Aug 2023 09:26:37 GMT

GET
H2 200 9f259366-0bcd-4817-0af9-f78773e41900
explorer-api.walletconnect.com/w3m/v1/getWalletImage/ 7 KB
7 KB 282ms
209ms Image
image/webp 2606:4700::6812:1b2e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://explorer-api.walletconnect.com/w3m/v1/getWalletImage/9f259366-0bcd-4817-0af9-f78773e41900?projectId=1e0888012c8fe64cda021d0d98d71f13

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1b2e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a1962f56716c3fc8e93e593dd611f7b45a8632bacf8df45b56f9dcc5b3c10958

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://claim-pyusd.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

cf-images: internal=ok/- q=0 n=60+0 c=1+25 v=2023.6.2 l=7170
date: Wed, 09 Aug 2023 03:26:37 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1731
content-length: 7170
cf-bgj: imgq:86,h2pri
server: cloudflare
etag: "cftQTt3un0HlQqBazMK6bKNWLiUG7FeV1c8ZwDJoU7DQ"
vary: Accept, Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=21600
accept-ranges: bytes
cf-ray: 7f3ce60dae414dc5-FRA
x-robots-tag: noindex
expires: Wed, 09 Aug 2023 09:26:37 GMT

GET
H2 200 204b2240-5ce4-4996-6ec4-f06a22726900
explorer-api.walletconnect.com/w3m/v1/getWalletImage/ 9 KB
9 KB 311ms
238ms Image
image/webp 2606:4700::6812:1b2e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://explorer-api.walletconnect.com/w3m/v1/getWalletImage/204b2240-5ce4-4996-6ec4-f06a22726900?projectId=1e0888012c8fe64cda021d0d98d71f13

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1b2e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

32efe5b98531569d4ee92ffd791b6c3ad191a5178b224377fc427918ae4e2caf

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://claim-pyusd.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

cf-images: internal=ok/- q=0 n=14+0 c=4+19 v=2023.6.2 l=9300
date: Wed, 09 Aug 2023 03:26:37 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5865
content-length: 9300
cf-bgj: imgq:86,h2pri
server: cloudflare
etag: "cfHSK7haDWQDA9lEEikk-9BEcPUG7FeV1c8ZwDJoU7DQ"
vary: Accept, Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=21600
accept-ranges: bytes
cf-ray: 7f3ce60dde5c4dc5-FRA
x-robots-tag: noindex
expires: Wed, 09 Aug 2023 09:26:37 GMT

GET
H2 200 b6ee4efc-f53e-475b-927b-a7ded6211700
explorer-api.walletconnect.com/w3m/v1/getWalletImage/ 9 KB
9 KB 287ms
215ms Image
image/webp 2606:4700::6812:1b2e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://explorer-api.walletconnect.com/w3m/v1/getWalletImage/b6ee4efc-f53e-475b-927b-a7ded6211700?projectId=1e0888012c8fe64cda021d0d98d71f13

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1b2e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8c8d2bda4f39810c8650a74cece803ff55b40bd234f9ca35068b6155e0bc7555

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://claim-pyusd.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

cf-images: internal=ok/- q=0 n=17+0 c=6+24 v=2023.4.2 l=9194
date: Wed, 09 Aug 2023 03:26:37 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
age: 177
content-length: 9194
cf-bgj: imgq:86,h2pri
server: cloudflare
etag: "cf9TnuhjIqeWjX901zZxsJee5JUG7FeV1c8ZwDJoU7DQ"
vary: Accept, Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=21600
accept-ranges: bytes
cf-ray: 7f3ce60dae434dc5-FRA
x-robots-tag: noindex
expires: Wed, 09 Aug 2023 09:26:37 GMT

GET
H2 200 fbd441cc-e861-46dc-48ae-a04228ddb500
explorer-api.walletconnect.com/w3m/v1/getWalletImage/ 9 KB
10 KB 315ms
242ms Image
image/webp 2606:4700::6812:1b2e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://explorer-api.walletconnect.com/w3m/v1/getWalletImage/fbd441cc-e861-46dc-48ae-a04228ddb500?projectId=1e0888012c8fe64cda021d0d98d71f13

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1b2e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9584c8da5e38495a93fa58ed0efe855fd33a41aa972bcd33ad1d867828964517

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://claim-pyusd.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

cf-images: internal=ok/- q=0 n=559+0 c=5+22 v=2023.6.2 l=9660
date: Wed, 09 Aug 2023 03:26:37 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3076
content-length: 9660
cf-bgj: imgq:86,h2pri
server: cloudflare
etag: "cfFJ943IWAd-AliTnsJ2QbJY_MUG7FeV1c8ZwDJoU7DQ"
vary: Accept, Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=21600
accept-ranges: bytes
cf-ray: 7f3ce60dde5e4dc5-FRA
x-robots-tag: noindex
expires: Wed, 09 Aug 2023 09:26:37 GMT

GET
H2 200 7fd5a23a-3a01-4cfb-3c8b-9f43ae414400
explorer-api.walletconnect.com/w3m/v1/getWalletImage/ 13 KB
13 KB 276ms
204ms Image
image/webp 2606:4700::6812:1b2e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://explorer-api.walletconnect.com/w3m/v1/getWalletImage/7fd5a23a-3a01-4cfb-3c8b-9f43ae414400?projectId=1e0888012c8fe64cda021d0d98d71f13

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1b2e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

08c2edc5a337a9567c3f3aaa1633d55cbcfb18a2e244f69426c4a408c24b56c0

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://claim-pyusd.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

cf-images: internal=ok/- q=0 n=14+0 c=1+28 v=2023.6.2 l=13372
date: Wed, 09 Aug 2023 03:26:37 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2331
content-length: 13372
cf-bgj: imgq:86,h2pri
server: cloudflare
etag: "cfRafM7wSd8-Qni9A0q6y28FCOUG7FeV1c8ZwDJoU7DQ"
vary: Accept, Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=21600
accept-ranges: bytes
cf-ray: 7f3ce60dae424dc5-FRA
x-robots-tag: noindex
expires: Wed, 09 Aug 2023 09:26:37 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: PayPal (Financial)

65 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			galxe.com/	1970-01-20 14:02:36	Name: AWSALBCORS Value: M1VGpLgac3U0hJFbfqjPhzjoSNrg1Ro/XUWO9sEg7btLS/LkcSKFHCGrcpL+bGEgp4+wRtoeTrtv58/9dKZBzw2tM6QNa3QYwvsF/kUQnOsIGfzHLgbGlgtH+iEe

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://claim-pyusd.org/(Line 3) Message: <link rel=preload> has an invalid `href` value
other	warning	URL: https://claim-pyusd.org/(Line 3) Message: <link rel=preload> has an invalid `href` value
other	warning	URL: https://claim-pyusd.org/(Line 147) Message: <link rel=preload> has an invalid `href` value

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
cdnjs.cloudflare.com
claim-pyusd.org
code.jquery.com
explorer-api.walletconnect.com
fonts.googleapis.com
galxe.com
verify.walletconnect.com
2001:4de0:ac18::1:a:2b
2606:4700:3034::6815:3895
2606:4700::6810:5614
2606:4700::6811:190e
2606:4700::6812:1b2e
2a00:1450:4001:829::200a
3.77.83.234
52.32.230.7
0080635dbcf9297fa560f70458a652dfd0b3d8c0e5bc85f830ab2dfc8be2ca99
08c2edc5a337a9567c3f3aaa1633d55cbcfb18a2e244f69426c4a408c24b56c0
0987f9320973de795abd5fa443b8c95a7410d9f89eb155e84c450e273f693b67
0ae43ce889e681571d03d344efe658dd4ae957c10a186541aa5c59af478b92de
11a824e4c63932ec7c2684c8c9554c84461efb5d731d15387d77bb5c3e78f9d5
1562ed280e5486999bfa41e9eddf46996b078b54e14fff9748b427c793bc6969
16833959ed46ef5a671d0be341cc68514c43d3783bd6a08c50652f719850bc29
21f89c7c27f0eab13388645aea1eedb4a342c06333a14d74c1a10dfca04d6455
23229614b01b7fa2b11eaf2c6dd58de49f23835f93797ae72f3a89a0302330f6
2424ce97d5a65a93b137fdcddf072f875844c4d52c0a9c0d995d36e6306d0e87
2ed5ce03f0ff32e5fdf9a983a5946ce1f0a16b2f176be80961c81c53bc934ab5
31802237ba53076b10e85a499a8aca04e9130b46710738916c04d92c2772962c
32efe5b98531569d4ee92ffd791b6c3ad191a5178b224377fc427918ae4e2caf
4226337bc9cc754fbb29324e47f10a564623f0f45dc0f255408d8c34893c050e
427275229e73ba3bc849869a51577d4f5051146b41cf656ac7b162af578acf2a
47b4127901d4f7a1fff70b0672ebf0b19a7d36e7e1a7f0744cbda9d2af4fc501
48f0e382628785c78faebeacc46659354d4b7124c258f3672eb5341b6c4a290d
4d49cb81c069eb618d044bd42877f974bc4b235522bba2c04a226e710cc728c3
56e845564e2ea7d3da134dea8287587f8a7879dd7ed75d816a82d8112b2abebf
5e2f0973d17f3555ebd8a9e6d7173df76b78c04eba1669811f75c9d8ff631581
5e89733d8a8e055100cda68bf7a712ab0e1b24fefee7e39792b47cb5ff7c3cb1
748630a64eb5d1cc98231498c11b056ab40503afc4f2acf9ceabfe36c558c92c
75877ca61b99b4083a881172e41425f8446d195c947ad7b0873dd1313b8ca63c
7e9952bf40a202b4d047ea5157e5c67930667d29749dcecfd20df0fc1a40f276
8375a01e1263fdbbe98b57c8ee45e9469803435f3da78dddf76d103af4f48113
88930dc583b10fe369e8f3ec632c819d54c6cc6a812087eba17b9b7db6a86cba
8c8d2bda4f39810c8650a74cece803ff55b40bd234f9ca35068b6155e0bc7555
90ea5d8296d8bf0044a5408eea113c6e1df6656c46f9d8f0457f2e04317e4765
9407c0251bd7b695a38698d04bbb15514ed472e11797aef7793b9acb2b04fcff
9584c8da5e38495a93fa58ed0efe855fd33a41aa972bcd33ad1d867828964517
95c66625ee20f53d542e23dded002b021b24e9d28c3d193a076d45cba4dc8618
993aee2edfce79943d964b44e3d37cd0212138aacec3d7234ff9f9f74c485aed
996d70ae1b8aa760a5d03095affefe193765d7af19ae607a15aca8300952987d
9a1d703731db4b6668dd4d9dd6f956ca68ef5729ed88c0f78f6b8334a9320a32
9ae7b95f034d76b21aaf8fcc0cdd39f4ba7ba59dd9751348a32c7e5cfdfdb6df
9b912940443a66f22d4bb23b56bd323accd1db371030ce4011472cb6e4767455
9ed6dcb699f10e85624a4579731f929b5d8b91f0c73b9fc01b8893021c83f4a0
a0d9c088e36ce9baa888182b0a4abacac53b625a84b270578f14daf266305148
a1962f56716c3fc8e93e593dd611f7b45a8632bacf8df45b56f9dcc5b3c10958
a96683af833d7e9409bea1d240842f89a6117c323ff048b484a23fea13ccb61e
ac1d95d521ffad0915e84555b6f3dc77e1dfe8e05a2ae4ac80c1eee7170e1ccc
ada97d439bdaa3ddfe907731a0df30abed75550be3942240b24368a3edce7ccc
ae2a70afab16005a4c766ceaaf4e5aaf93ebb3c0462f8bfb5d3a159cfe04ea4a
b0da7649f8e1d502b80c73b34efa36238673a411bddacd48d480a66a89c033b6
b330f35193b9d122b1b7b304a2d3cf0587cae9a46a1445c7725f41cbb312d784
b36cb90d517afc60ebc49892a3cbf0b0404672a9c043e82ea0ad494210350dc9
b49c766b39b97add50e4e317d1af16d095366671e0997bb6904240b8539de9db
b858d4921885018047cd9002e7257433e19f90b1eefeaaae8230372854d7981e
c5ef0e665b43d569ff716b11ed604492ec37c9d4dc9f88c4040efc66e7cb6f11
cb0bc5513f94853da0dbb69e3f382d7025bc9772b05c9af665654eab4b985021
cb31761089f3e75ef77a152ecaaf5d44e78bfc83fb7f1913f7b353ed1595c458
cd4a18f4fe8c5a0116c638475aa8b09935a9f254d7c1abd31345f3f0d93d7bb6
cda7704463471358975d47c1934b73ae57baea4741abb04c0abfe9e9ebb20659
ce4b2676e88542c453497842115f2e755d5ffc61506db6c864ee8119fbc67b4a
d366c91bd1a0bb8f2fc0aa9c3f74ee7043829533bb3b8b23351c13dedd000aa7
d8ca38eb4c7415a8888cf8af3b5e7f772abccd9d8412337f21dda6881615b17c
d8f9afbf492e4c139e9d2bcb9ba6ef7c14921eb509fb703bc7a3f911b774eff8
d9e17a1a24d9d1231d056500ac02fdd41adf3e8578b67d1f1b2942e94fe4a172
dc75649903fb296b258c8122fdd6018f98ca4bbab1ffcf96f4dfe2b2669e269b
dce5aba275f733ec28b52dde5db241035782f594e24fe36666bc532b3bcda96c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e84d5722540389ce0fc5c169bc388c1485c66731f9b6c5f536e3399ba03b4926
e991f0689df534ba80b65619343670a26e8dd8d9ae4082a95ea9bae453f4dd62
edcf241fc9519760503d87b3d875b063e351803ddf6a87776a1f5f5784fed30b
f8b77c2ededff0de774a0ce3dda474cd9017718ca8f21b973df204d195d35691
f9035e34f5734e89ddb03b601b1c0fd58323a93f176c5c7e220d7aa7a2062ed5
fa1582f0d8887f75f5ad9115fda9a1bf7b6355eecc45c5d41bfb557dbdddc62e

claim-pyusd.org Open in urlscan Pro 2606:4700:3034::6815:3895 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

30 Requests

100 %HTTPS

75 %IPv6

7 Domains

8 Subdomains

9 IPs

3 Countries

3060 kBTransfer

9874 kBSize

1 Cookies

82 Outgoing links

Redirected requests

30 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 37 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

claim-pyusd.org Open in urlscan Pro
2606:4700:3034::6815:3895 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

30
Requests

100 %
HTTPS

75 %
IPv6

7
Domains

8
Subdomains

9
IPs

3
Countries

3060 kB
Transfer

9874 kB
Size

1
Cookies

30 HTTP transactions
37 data transactions