thecryptosoft.co Open in urlscan Pro
2606:4700:30::681f:52d0 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.smotha.com/1a832325d8a4731e42d6a44d01_9c84b15b-01010101000b/C/
Effective URL:
https://thecryptosoft.co/de/index.php?xparam=thecryptosoft.co/index.php&campaign=16396&offer_id=10528&aff_id=10122&creati...
Submission: On October 22 via manual (October 22nd 2018, 6:28:05 am UTC) from IL

Summary HTTP 45 Redirects Behaviour Indicators

Summary

This website contacted 13 IPs in 6 countries across 12 domains to perform 45 HTTP transactions. The main IP is 2606:4700:30::681f:52d0, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is thecryptosoft.co.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on September 28th 2018. Valid for: a year.

This is the only time thecryptosoft.co was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Crypto (Crypto Exchange)

Domain & IP information

	IP Address	AS Autonomous System
2	107.173.103.114 107.173.103.114	36352 (AS-COLOCR...) (AS-COLOCROSSING - ColoCrossing)
1	212.32.250.31 212.32.250.31	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1 1	185.166.214.145 185.166.214.145	49635 (SILICON) (SILICON)
1 1	82.165.163.245 82.165.163.245	8560 (ONEANDONE...) (ONEANDONE-AS Brauerstrasse 48)
1 1	2606:4700:30:... 2606:4700:30::681f:53d0	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
25	2606:4700:30:... 2606:4700:30::681f:52d0	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	209.197.3.15 209.197.3.15	20446 (HIGHWINDS3) (HIGHWINDS3 - Highwinds Network Group)
3	2400:cb00:204... 2400:cb00:2048:1::6813:c597	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
2	151.101.0.217 151.101.0.217	54113 (FASTLY) (FASTLY - Fastly)
2	2a00:1450:400... 2a00:1450:4001:80b::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
1	52.222.161.35 52.222.161.35	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	147.75.33.155 147.75.33.155	54825 (PACKET) (PACKET - Packet Host)
5	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
1	147.75.205.155 147.75.205.155	54825 (PACKET) (PACKET - Packet Host)
1	147.75.101.25 147.75.101.25	54825 (PACKET) (PACKET - Packet Host)
45	13

2 107.173.103.114 (Buffalo, United States)

ASN36352 (AS-COLOCROSSING - ColoCrossing, US)
PTR: 107-173-103-114-host.colocrossing.com

www.smotha.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.32.250.31 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

afarks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.166.214.145 (Spain) 1 redirects

ASN49635 (SILICON, ES)
PTR: 634fef50-2526-45bb-a5d0-20db51404637.clouding.host

trakyou.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 82.165.163.245 (Germany) 1 redirects

ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE)

clickeroi.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:30::681f:53d0 (United States) 1 redirects

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

thecryptosoft.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2606:4700:30::681f:52d0 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

thecryptosoft.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 209.197.3.15 (Phoenix, United States)

ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)
PTR: vip0x00f.map2.ssl.hwcdn.net

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2400:cb00:2048:1::6813:c597 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.0.217 (San Francisco, United States)

ASN54113 (FASTLY - Fastly, US)

player.vimeo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::200a (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.161.35 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-52-222-161-35.fra54.r.cloudfront.net

api.pushnami.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.75.33.155 (Switzerland)

ASN54825 (PACKET - Packet Host, Inc., US)
PTR: pkt-ams-k1-19

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80b::2003 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.75.205.155 (Amsterdam, Netherlands)

ASN54825 (PACKET - Packet Host, Inc., US)
PTR: pkt-ams-k1-12

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.75.101.25 (Switzerland)

ASN54825 (PACKET - Packet Host, Inc., US)
PTR: pkt-ams-k1-15

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
26	thecryptosoft.co 1 redirects thecryptosoft.co	157 KB
5	gstatic.com fonts.gstatic.com	54 KB
3	hotjar.com static.hotjar.com script.hotjar.com vars.hotjar.com	83 KB
3	cloudflare.com cdnjs.cloudflare.com	80 KB
2	googleapis.com fonts.googleapis.com	2 KB
2	vimeo.com player.vimeo.com	6 KB
2	smotha.com www.smotha.com	806 B
1	pushnami.com api.pushnami.com	7 KB
1	bootstrapcdn.com maxcdn.bootstrapcdn.com	7 KB
1	clickeroi.co 1 redirects clickeroi.co	1 KB
1	trakyou.net 1 redirects trakyou.net	884 B
1	afarks.com afarks.com	578 B
45	12

	Domain	Requested by
26	thecryptosoft.co	1 redirects thecryptosoft.co cdnjs.cloudflare.com
5	fonts.gstatic.com	thecryptosoft.co
3	cdnjs.cloudflare.com	thecryptosoft.co
2	fonts.googleapis.com	thecryptosoft.co
2	player.vimeo.com	thecryptosoft.co
2	www.smotha.com	www.smotha.com
1	vars.hotjar.com	static.hotjar.com
1	script.hotjar.com	static.hotjar.com
1	static.hotjar.com	thecryptosoft.co
1	api.pushnami.com	thecryptosoft.co
1	maxcdn.bootstrapcdn.com	thecryptosoft.co
1	clickeroi.co	1 redirects
1	trakyou.net	1 redirects
1	afarks.com	www.smotha.com
45	14

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2018-09-28` - `2019-09-28`	a year	crt.sh
*.bootstrapcdn.com COMODO RSA Domain Validation Secure Server CA	`2018-10-03` - `2019-10-12`	a year	crt.sh
ssl412106.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2018-09-22` - `2019-03-31`	6 months	crt.sh
*.vimeo.com DigiCert SHA2 Secure Server CA	`2018-08-24` - `2020-04-02`	2 years	crt.sh
*.googleapis.com Google Internet Authority G3	`2018-10-02` - `2018-12-25`	3 months	crt.sh
*.pushnami.com Amazon	`2018-06-29` - `2019-07-29`	a year	crt.sh
static.hotjar.com Let's Encrypt Authority X3	`2018-10-11` - `2019-01-09`	3 months	crt.sh
*.google.com Google Internet Authority G3	`2018-10-02` - `2018-12-25`	3 months	crt.sh
script.hotjar.com Let's Encrypt Authority X3	`2018-10-11` - `2019-01-09`	3 months	crt.sh
vars.hotjar.com Let's Encrypt Authority X3	`2018-10-11` - `2019-01-09`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://thecryptosoft.co/de/index.php?xparam=thecryptosoft.co/index.php&campaign=16396&offer_id=10528&aff_id=10122&creative=761&aff_sub4=&aff_sub5=&aff_sub2=5bcd6dea2c822c0d1e45363a&aff_sub3=&goal_id=1008&country_code=DE&aff_sub=int&transaction_id=2f2025ba3fbc6df3e9e54f6764ac185f0ce2ab19&trk_sys_id=1&test=0
Frame ID: 39A67D3E7F8F60AAF2A9D4571AD7E487
Requests: 44 HTTP requests in this frame

Frame: https://player.vimeo.com/video/244322120?loop=0&background=1&title=0&byline=0&portrait=0
Frame ID: 69E7C7C7189B48435A2EF255AC7DF700
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/rcj-da10bd4908deb9e19dfde013ec3fe4ff.html
Frame ID: CE3071B3A92A22DDD1962075B0F15E61
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://www.smotha.com/1a832325d8a4731e42d6a44d01_9c84b15b-01010101000b/C/ Page URL
http://www.smotha.com/1a832325d8a4731e42d6a44d01_9c84b15b-01010101000b/C//RDiR3KT/ Page URL
http://afarks.com/5b5f95082c822c00018cb07d Page URL
https://trakyou.net/?a=122&c=761&s1=int&s2=5bcd6dea2c822c0d1e45363a HTTP 302
http://clickeroi.co/c_c?url=thecryptosoft.co/de/index.php&aff_id=122&offer_id=528&aff_sub=int&af... HTTP 302
http://thecryptosoft.co/de/index.php?xparam=thecryptosoft.co/index.php&campaign=16396&offer_id=10528... HTTP 301
https://thecryptosoft.co/de/index.php?xparam=thecryptosoft.co/index.php&campaign=16396&offer_id=10528... Page URL

Detected technologies

CentOS (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /CentOS/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+font-awesome(?:\.min)?\.css/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
script /jquery.*\.js/i
env /^jQuery$/i

Twitter Bootstrap () Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]+bootstrap(?:\.min)?\.css/i

Page Statistics

45
Requests

93 %
HTTPS

33 %
IPv6

12
Domains

14
Subdomains

13
IPs

6
Countries

396 kB
Transfer

1211 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.smotha.com/1a832325d8a4731e42d6a44d01_9c84b15b-01010101000b/C/ Page URL
http://www.smotha.com/1a832325d8a4731e42d6a44d01_9c84b15b-01010101000b/C//RDiR3KT/ Page URL
http://afarks.com/5b5f95082c822c00018cb07d Page URL
https://trakyou.net/?a=122&c=761&s1=int&s2=5bcd6dea2c822c0d1e45363a HTTP 302
http://clickeroi.co/c_c?url=thecryptosoft.co/de/index.php&aff_id=122&offer_id=528&aff_sub=int&aff_sub2=5bcd6dea2c822c0d1e45363a&aff_sub3=&aff_sub4=&aff_sub5=&reqid=7479350&goal_id=1008&campaign=16396&creative=761&xparam=thecryptosoft.co/index.php HTTP 302
http://thecryptosoft.co/de/index.php?xparam=thecryptosoft.co/index.php&campaign=16396&offer_id=10528&aff_id=10122&creative=761&aff_sub4=&aff_sub5=&aff_sub2=5bcd6dea2c822c0d1e45363a&aff_sub3=&goal_id=1008&country_code=DE&aff_sub=int&transaction_id=2f2025ba3fbc6df3e9e54f6764ac185f0ce2ab19&trk_sys_id=1&test=0 HTTP 301
https://thecryptosoft.co/de/index.php?xparam=thecryptosoft.co/index.php&campaign=16396&offer_id=10528&aff_id=10122&creative=761&aff_sub4=&aff_sub5=&aff_sub2=5bcd6dea2c822c0d1e45363a&aff_sub3=&goal_id=1008&country_code=DE&aff_sub=int&transaction_id=2f2025ba3fbc6df3e9e54f6764ac185f0ce2ab19&trk_sys_id=1&test=0 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

45 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Cookie set / Show response
www.smotha.com/1a832325d8a4731e42d6a44d01_9c84b15b-01010101000b/C/ 216 B
438 B 328ms
159ms Document
text/html 107.173.103.114
ColoCrossing

General

Check archive.org

Show headers Download Go to

Full URL: http://www.smotha.com/1a832325d8a4731e42d6a44d01_9c84b15b-01010101000b/C/
Protocol: HTTP/1.1
Server: 107.173.103.114 Buffalo, United States, ASN36352 (AS-COLOCROSSING - ColoCrossing, US),
Reverse DNS: 107-173-103-114-host.colocrossing.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: fa5e74a36d3099066bee6e02e0656b880627a6a1a491c88014ec4af584ff6417

Request headers

Host: www.smotha.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 22 Oct 2018 06:27:54 GMT
Server: Apache/2.2.15 (CentOS)
Set-Cookie: RDiR3KT=148.251.45.254
Connection: close
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK Cookie set / Show response
www.smotha.com/1a832325d8a4731e42d6a44d01_9c84b15b-01010101000b/C//RDiR3KT/ 160 B
368 B 328ms
159ms Document
text/html 107.173.103.114
ColoCrossing

General

Check archive.org

Show headers Download Go to

Full URL: http://www.smotha.com/1a832325d8a4731e42d6a44d01_9c84b15b-01010101000b/C//RDiR3KT/
Requested by: Host: www.smotha.com
URL: http://www.smotha.com/1a832325d8a4731e42d6a44d01_9c84b15b-01010101000b/C/
Protocol: HTTP/1.1
Server: 107.173.103.114 Buffalo, United States, ASN36352 (AS-COLOCROSSING - ColoCrossing, US),
Reverse DNS: 107-173-103-114-host.colocrossing.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 82c4a6094ab68441807b074e703011c25c88e1fca0c8351cd7db63cb5e95ecbc

Request headers

Host: www.smotha.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://www.smotha.com/1a832325d8a4731e42d6a44d01_9c84b15b-01010101000b/C/
Accept-Encoding: gzip, deflate
Cookie: RDiR3KT=148.251.45.254
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://www.smotha.com/1a832325d8a4731e42d6a44d01_9c84b15b-01010101000b/C/

Response headers

Date: Mon, 22 Oct 2018 06:27:54 GMT
Server: Apache/2.2.15 (CentOS)
Set-Cookie: RDiR3KT=
Connection: close
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK Cookie set 5b5f95082c822c00018cb07d Show response
afarks.com/ 184 B
578 B 83ms
15ms Document
text/html 212.32.250.31
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: http://afarks.com/5b5f95082c822c00018cb07d
Requested by: Host: www.smotha.com
URL: http://www.smotha.com/1a832325d8a4731e42d6a44d01_9c84b15b-01010101000b/C//RDiR3KT/
Protocol: HTTP/1.1
Server: 212.32.250.31 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx /
Resource Hash: a86c59d598a0a6a0358c6dc9bd3c96f6c7c38e6ad07eac0de5be0a1d1f8ab427

Request headers

Host: afarks.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://www.smotha.com/1a832325d8a4731e42d6a44d01_9c84b15b-01010101000b/C//RDiR3KT/
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://www.smotha.com/1a832325d8a4731e42d6a44d01_9c84b15b-01010101000b/C//RDiR3KT/

Response headers

Server: nginx
Date: Mon, 22 Oct 2018 06:27:54 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: redhash=NWJjZDZkZWEyYzgyMmMwZDFlNDUzNjNhfDB8NWI1Zjk1MDgyYzgyMmMwMDAxOGNiMDdkfHxhZmY4ZWZhNS1iMmU2LTRkNmMtOWU3Zi1jZmU1MGNhOGM4NmZ8MTU0MDE4OTY3NA==; Path=/; Domain=afarks.com; Expires=Tue, 22 Oct 2019 06:27:54 GMT
Content-Encoding: gzip

GET
H2

200

Primary Request index.php Show response
thecryptosoft.co/de/
Redirect Chain

https://trakyou.net/?a=122&c=761&s1=int&s2=5bcd6dea2c822c0d1e45363a
http://clickeroi.co/c_c?url=thecryptosoft.co/de/index.php&aff_id=122&offer_id=528&aff_sub=int&aff_sub2=5bcd6dea2c822c0d1e45363a&aff_sub3=&aff_sub4=&aff_sub5=&reqid=7479350&goal_id=1008&campaign=163...
http://thecryptosoft.co/de/index.php?xparam=thecryptosoft.co/index.php&campaign=16396&offer_id=10528&aff_id=10122&creative=761&aff_sub4=&aff_sub5=&aff_sub2=5bcd6dea2c822c0d1e45363a&aff_sub3=&goal_i...
https://thecryptosoft.co/de/index.php?xparam=thecryptosoft.co/index.php&campaign=16396&offer_id=10528&aff_id=10122&creative=761&aff_sub4=&aff_sub5=&aff_sub2=5bcd6dea2c822c0d1e45363a&aff_sub3=&goal_...

35 KB
11 KB

63ms
63ms

Document
text/html

2606:4700:30::681f:52d0
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://thecryptosoft.co/de/index.php?xparam=thecryptosoft.co/index.php&campaign=16396&offer_id=10528&aff_id=10122&creative=761&aff_sub4=&aff_sub5=&aff_sub2=5bcd6dea2c822c0d1e45363a&aff_sub3=&goal_id=1008&country_code=DE&aff_sub=int&transaction_id=2f2025ba3fbc6df3e9e54f6764ac185f0ce2ab19&trk_sys_id=1&test=0
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:30::681f:52d0 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / PHP/7.2.10
Resource Hash: 8affc0a9c6a2bbd75e381c55535e47dc30a7d342be7d420d28eef757d570fcc7

Request headers

:method: GET
:authority: thecryptosoft.co
:scheme: https
:path: /de/index.php?xparam=thecryptosoft.co/index.php&campaign=16396&offer_id=10528&aff_id=10122&creative=761&aff_sub4=&aff_sub5=&aff_sub2=5bcd6dea2c822c0d1e45363a&aff_sub3=&goal_id=1008&country_code=DE&aff_sub=int&transaction_id=2f2025ba3fbc6df3e9e54f6764ac185f0ce2ab19&trk_sys_id=1&test=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status: 200
date: Mon, 22 Oct 2018 06:27:55 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=dcc77a3c0b22883fc407f371888f5052a1540189675; expires=Tue, 22-Oct-19 06:27:55 GMT; path=/; domain=.thecryptosoft.co; HttpOnly; Secure
x-powered-by: PHP/7.2.10
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 46d9e69e58156505-FRA
content-encoding: gzip

Redirect headers

Date: Mon, 22 Oct 2018 06:27:55 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Mon, 22 Oct 2018 07:27:55 GMT
Location: https://thecryptosoft.co/de/index.php?xparam=thecryptosoft.co/index.php&campaign=16396&offer_id=10528&aff_id=10122&creative=761&aff_sub4=&aff_sub5=&aff_sub2=5bcd6dea2c822c0d1e45363a&aff_sub3=&goal_id=1008&country_code=DE&aff_sub=int&transaction_id=2f2025ba3fbc6df3e9e54f6764ac185f0ce2ab19&trk_sys_id=1&test=0
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 46d9e69e40f7c26f-FRA

GET
H/1.1 200
OK font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/ 27 KB
7 KB 25ms
7ms Stylesheet
text/css 209.197.3.15
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css
Requested by: Host: thecryptosoft.co
URL: https://thecryptosoft.co/de/index.php?xparam=thecryptosoft.co/index.php&campaign=16396&offer_id=10528&aff_id=10122&creative=761&aff_sub4=&aff_sub5=&aff_sub2=5bcd6dea2c822c0d1e45363a&aff_sub3=&goal_id=1008&country_code=DE&aff_sub=int&transaction_id=2f2025ba3fbc6df3e9e54f6764ac185f0ce2ab19&trk_sys_id=1&test=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 209.197.3.15 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS: vip0x00f.map2.ssl.hwcdn.net
Software: /
Resource Hash: ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5

Request headers

Referer: https://thecryptosoft.co/de/index.php?xparam=thecryptosoft.co/index.php&campaign=16396&offer_id=10528&aff_id=10122&creative=761&aff_sub4=&aff_sub5=&aff_sub2=5bcd6dea2c822c0d1e45363a&aff_sub3=&goal_id=1008&country_code=DE&aff_sub=int&transaction_id=2f2025ba3fbc6df3e9e54f6764ac185f0ce2ab19&trk_sys_id=1&test=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 22 Oct 2018 06:27:55 GMT
Content-Encoding: gzip
Last-Modified: Sat, 17 Feb 2018 21:46:17 GMT
Connection: Keep-Alive
ETag: "1518903977"
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
X-Hello-Human: Say hello back! @getBootstrapCDN on Twitter
Accept-Ranges: bytes
Content-Length: 6241

GET
H2 200 bootstrap.css
thecryptosoft.co/css/ 144 KB
21 KB 18ms
16ms Stylesheet
text/css 2606:4700:30::681f:52d0
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://thecryptosoft.co/css/bootstrap.css
Requested by: Host: thecryptosoft.co
URL: https://thecryptosoft.co/de/index.php?xparam=thecryptosoft.co/index.php&campaign=16396&offer_id=10528&aff_id=10122&creative=761&aff_sub4=&aff_sub5=&aff_sub2=5bcd6dea2c822c0d1e45363a&aff_sub3=&goal_id=1008&country_code=DE&aff_sub=int&transaction_id=2f2025ba3fbc6df3e9e54f6764ac185f0ce2ab19&trk_sys_id=1&test=0
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:30::681f:52d0 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: fcb1645b5b3fee035cbcde0d7b847022b60ca4fa6b1f3b7665a35337707fca94

Request headers

:path: /css/bootstrap.css
pragma: no-cache
cookie: __cfduid=dcc77a3c0b22883fc407f371888f5052a1540189675
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/css,*/*;q=0.1
cache-control: no-cache
:authority: thecryptosoft.co
referer: https://thecryptosoft.co/de/index.php?xparam=thecryptosoft.co/index.php&campaign=16396&offer_id=10528&aff_id=10122&creative=761&aff_sub4=&aff_sub5=&aff_sub2=5bcd6dea2c822c0d1e45363a&aff_sub3=&goal_id=1008&country_code=DE&aff_sub=int&transaction_id=2f2025ba3fbc6df3e9e54f6764ac185f0ce2ab19&trk_sys_id=1&test=0
:scheme: https
:method: GET
Referer: https://thecryptosoft.co/de/index.php?xparam=thecryptosoft.co/index.php&campaign=16396&offer_id=10528&aff_id=10122&creative=761&aff_sub4=&aff_sub5=&aff_sub2=5bcd6dea2c822c0d1e45363a&aff_sub3=&goal_id=1008&country_code=DE&aff_sub=int&transaction_id=2f2025ba3fbc6df3e9e54f6764ac185f0ce2ab19&trk_sys_id=1&test=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 22 Oct 2018 06:27:55 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 28 Sep 2018 16:45:05 GMT
server: cloudflare
etag: W/"23ea2-576f12d723e4e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: public, max-age=14400
cf-ray: 46d9e69ec8466505-FRA
expires: Mon, 22 Oct 2018 10:27:55 GMT

GET
H2 200 layout.css
thecryptosoft.co/css/ 10 KB
2 KB 11ms
9ms Stylesheet
text/css 2606:4700:30::681f:52d0
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://thecryptosoft.co/css/layout.css
Requested by: Host: thecryptosoft.co
URL: https://thecryptosoft.co/de/index.php?xparam=thecryptosoft.co/index.php&campaign=16396&offer_id=10528&aff_id=10122&creative=761&aff_sub4=&aff_sub5=&aff_sub2=5bcd6dea2c822c0d1e45363a&aff_sub3=&goal_id=1008&country_code=DE&aff_sub=int&transaction_id=2f2025ba3fbc6df3e9e54f6764ac185f0ce2ab19&trk_sys_id=1&test=0
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:30::681f:52d0 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 460ff1ed9072b5faabb115085f410936542cfff0794ab40d87d5a2859f8c6fc8

Request headers

:path: /css/layout.css
pragma: no-cache
cookie: __cfduid=dcc77a3c0b22883fc407f371888f5052a1540189675
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/css,*/*;q=0.1
cache-control: no-cache
:authority: thecryptosoft.co
referer: https://thecryptosoft.co/de/index.php?xparam=thecryptosoft.co/index.php&campaign=16396&offer_id=10528&aff_id=10122&creative=761&aff_sub4=&aff_sub5=&aff_sub2=5bcd6dea2c822c0d1e45363a&aff_sub3=&goal_id=1008&country_code=DE&aff_sub=int&transaction_id=2f2025ba3fbc6df3e9e54f6764ac185f0ce2ab19&trk_sys_id=1&test=0
:scheme: https
:method: GET
Referer: https://thecryptosoft.co/de/index.php?xparam=thecryptosoft.co/index.php&campaign=16396&offer_id=10528&aff_id=10122&creative=761&aff_sub4=&aff_sub5=&aff_sub2=5bcd6dea2c822c0d1e45363a&aff_sub3=&goal_id=1008&country_code=DE&aff_sub=int&transaction_id=2f2025ba3fbc6df3e9e54f6764ac185f0ce2ab19&trk_sys_id=1&test=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 22 Oct 2018 06:27:55 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 28 Sep 2018 16:45:05 GMT
server: cloudflare
etag: W/"2638-576f12d723e4e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: public, max-age=14400
cf-ray: 46d9e69ec8476505-FRA
expires: Mon, 22 Oct 2018 10:27:55 GMT

GET
H2 200 main.css
thecryptosoft.co/css/ 18 KB
5 KB 10ms
8ms Stylesheet
text/css 2606:4700:30::681f:52d0
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://thecryptosoft.co/css/main.css?v=25
Requested by: Host: thecryptosoft.co
URL: https://thecryptosoft.co/de/index.php?xparam=thecryptosoft.co/index.php&campaign=16396&offer_id=10528&aff_id=10122&creative=761&aff_sub4=&aff_sub5=&aff_sub2=5bcd6dea2c822c0d1e45363a&aff_sub3=&goal_id=1008&country_code=DE&aff_sub=int&transaction_id=2f2025ba3fbc6df3e9e54f6764ac185f0ce2ab19&trk_sys_id=1&test=0
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:30::681f:52d0 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 95775ba8072e248248f65eda894dd125929bb285647befd191e7a11a84246ec9

Request headers

:path: /css/main.css?v=25
pragma: no-cache
cookie: __cfduid=dcc77a3c0b22883fc407f371888f5052a1540189675
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/css,*/*;q=0.1
cache-control: no-cache
:authority: thecryptosoft.co
referer: https://thecryptosoft.co/de/index.php?xparam=thecryptosoft.co/index.php&campaign=16396&offer_id=10528&aff_id=10122&creative=761&aff_sub4=&aff_sub5=&aff_sub2=5bcd6dea2c822c0d1e45363a&aff_sub3=&goal_id=1008&country_code=DE&aff_sub=int&transaction_id=2f2025ba3fbc6df3e9e54f6764ac185f0ce2ab19&trk_sys_id=1&test=0
:scheme: https
:method: GET
Referer: https://thecryptosoft.co/de/index.php?xparam=thecryptosoft.co/index.php&campaign=16396&offer_id=10528&aff_id=10122&creative=761&aff_sub4=&aff_sub5=&aff_sub2=5bcd6dea2c822c0d1e45363a&aff_sub3=&goal_id=1008&country_code=DE&aff_sub=int&transaction_id=2f2025ba3fbc6df3e9e54f6764ac185f0ce2ab19&trk_sys_id=1&test=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 22 Oct 2018 06:27:55 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 28 Sep 2018 16:45:05 GMT
server: cloudflare
etag: W/"480d-576f12d723e4e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: public, max-age=14400
cf-ray: 46d9e69ec8486505-FRA
expires: Mon, 22 Oct 2018 10:27:55 GMT

GET
S 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/ 95 KB
33 KB 13ms
12ms Script
application/javascript 2400:cb00:2048:1::6813:c597
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/jquery.min.js

Requested by

Host: thecryptosoft.co
URL: https://thecryptosoft.co/de/index.php?xparam=thecryptosoft.co/index.php&campaign=16396&offer_id=10528&aff_id=10122&creative=761&aff_sub4=&aff_sub5=&aff_sub2=5bcd6dea2c822c0d1e45363a&aff_sub3=&goal_id=1008&country_code=DE&aff_sub=int&transaction_id=2f2025ba3fbc6df3e9e54f6764ac185f0ce2ab19&trk_sys_id=1&test=0

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2400:cb00:2048:1::6813:c597 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: https://thecryptosoft.co/de/index.php?xparam=thecryptosoft.co/index.php&campaign=16396&offer_id=10528&aff_id=10122&creative=761&aff_sub4=&aff_sub5=&aff_sub2=5bcd6dea2c822c0d1e45363a&aff_sub3=&goal_id=1008&country_code=DE&aff_sub=int&transaction_id=2f2025ba3fbc6df3e9e54f6764ac185f0ce2ab19&trk_sys_id=1&test=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 22 Oct 2018 06:27:55 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: HIT
status: 200
served-in-seconds: 0.004
last-modified: Thu, 17 May 2018 09:21:00 GMT
server: cloudflare
etag: W/"5afd497c-17b8b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=30672000
cf-ray: 46d9e69eccdb639d-FRA
expires: Sat, 12 Oct 2019 06:27:55 GMT

GET
H2 200 crazypopup.css
thecryptosoft.co/css/ 1 KB
615 B 11ms
9ms Stylesheet
text/css 2606:4700:30::681f:52d0
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://thecryptosoft.co/css/crazypopup.css?v=1
Requested by: Host: thecryptosoft.co
URL: https://thecryptosoft.co/de/index.php?xparam=thecryptosoft.co/index.php&campaign=16396&offer_id=10528&aff_id=10122&creative=761&aff_sub4=&aff_sub5=&aff_sub2=5bcd6dea2c822c0d1e45363a&aff_sub3=&goal_id=1008&country_code=DE&aff_sub=int&transaction_id=2f2025ba3fbc6df3e9e54f6764ac185f0ce2ab19&trk_sys_id=1&test=0
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:30::681f:52d0 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 03117bc8dd3d88792be8957ba55e25159a239af8e4aa05ca3da551403e65bf64

Request headers

:path: /css/crazypopup.css?v=1
pragma: no-cache
cookie: __cfduid=dcc77a3c0b22883fc407f371888f5052a1540189675
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/css,*/*;q=0.1
cache-control: no-cache
:authority: thecryptosoft.co
referer: https://thecryptosoft.co/de/index.php?xparam=thecryptosoft.co/index.php&campaign=16396&offer_id=10528&aff_id=10122&creative=761&aff_sub4=&aff_sub5=&aff_sub2=5bcd6dea2c822c0d1e45363a&aff_sub3=&goal_id=1008&country_code=DE&aff_sub=int&transaction_id=2f2025ba3fbc6df3e9e54f6764ac185f0ce2ab19&trk_sys_id=1&test=0
:scheme: https
:method: GET
Referer: https://thecryptosoft.co/de/index.php?xparam=thecryptosoft.co/index.php&campaign=16396&offer_id=10528&aff_id=10122&creative=761&aff_sub4=&aff_sub5=&aff_sub2=5bcd6dea2c822c0d1e45363a&aff_sub3=&goal_id=1008&country_code=DE&aff_sub=int&transaction_id=2f2025ba3fbc6df3e9e54f6764ac185f0ce2ab19&trk_sys_id=1&test=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 22 Oct 2018 06:27:55 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 28 Sep 2018 16:45:05 GMT
server: cloudflare
etag: W/"5bd-576f12d723e4e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: public, max-age=14400
cf-ray: 46d9e69ec8496505-FRA
expires: Mon, 22 Oct 2018 10:27:55 GMT

GET
H2 200 loading-bar.css
thecryptosoft.co/css/ 4 KB
1 KB 22ms
21ms Stylesheet
text/css 2606:4700:30::681f:52d0
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://thecryptosoft.co/css/loading-bar.css?v=3
Requested by: Host: thecryptosoft.co
URL: https://thecryptosoft.co/de/index.php?xparam=thecryptosoft.co/index.php&campaign=16396&offer_id=10528&aff_id=10122&creative=761&aff_sub4=&aff_sub5=&aff_sub2=5bcd6dea2c822c0d1e45363a&aff_sub3=&goal_id=1008&country_code=DE&aff_sub=int&transaction_id=2f2025ba3fbc6df3e9e54f6764ac185f0ce2ab19&trk_sys_id=1&test=0
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:30::681f:52d0 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1a7d2e036c21353dfa465f4f42d9a770b28f7b9360469f8dc870dccd2d22704e

Request headers

:path: /css/loading-bar.css?v=3
pragma: no-cache
cookie: __cfduid=dcc77a3c0b22883fc407f371888f5052a1540189675
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/css,*/*;q=0.1
cache-control: no-cache
:authority: thecryptosoft.co
referer: https://thecryptosoft.co/de/index.php?xparam=thecryptosoft.co/index.php&campaign=16396&offer_id=10528&aff_id=10122&creative=761&aff_sub4=&aff_sub5=&aff_sub2=5bcd6dea2c822c0d1e45363a&aff_sub3=&goal_id=1008&country_code=DE&aff_sub=int&transaction_id=2f2025ba3fbc6df3e9e54f6764ac185f0ce2ab19&trk_sys_id=1&test=0
:scheme: https
:method: GET
Referer: https://thecryptosoft.co/de/index.php?xparam=thecryptosoft.co/index.php&campaign=16396&offer_id=10528&aff_id=10122&creative=761&aff_sub4=&aff_sub5=&aff_sub2=5bcd6dea2c822c0d1e45363a&aff_sub3=&goal_id=1008&country_code=DE&aff_sub=int&transaction_id=2f2025ba3fbc6df3e9e54f6764ac185f0ce2ab19&trk_sys_id=1&test=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 22 Oct 2018 06:27:55 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 28 Sep 2018 16:45:05 GMT
server: cloudflare
etag: W/"e93-576f12d723e4e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: public, max-age=14400
cf-ray: 46d9e69ec84a6505-FRA
expires: Mon, 22 Oct 2018 10:27:55 GMT

GET
H2 200 1ststep.css
thecryptosoft.co/css/ 4 KB
2 KB 10ms
9ms Stylesheet
text/css 2606:4700:30::681f:52d0
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://thecryptosoft.co/css/1ststep.css
Requested by: Host: thecryptosoft.co
URL: https://thecryptosoft.co/de/index.php?xparam=thecryptosoft.co/index.php&campaign=16396&offer_id=10528&aff_id=10122&creative=761&aff_sub4=&aff_sub5=&aff_sub2=5bcd6dea2c822c0d1e45363a&aff_sub3=&goal_id=1008&country_code=DE&aff_sub=int&transaction_id=2f2025ba3fbc6df3e9e54f6764ac185f0ce2ab19&trk_sys_id=1&test=0
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:30::681f:52d0 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 564e269c73b49b3d3d89bb2b9698a06554ddb8961aa12e61eb56efe42c44070c

Request headers

:path: /css/1ststep.css
pragma: no-cache
cookie: __cfduid=dcc77a3c0b22883fc407f371888f5052a1540189675
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/css,*/*;q=0.1
cache-control: no-cache
:authority: thecryptosoft.co
referer: https://thecryptosoft.co/de/index.php?xparam=thecryptosoft.co/index.php&campaign=16396&offer_id=10528&aff_id=10122&creative=761&aff_sub4=&aff_sub5=&aff_sub2=5bcd6dea2c822c0d1e45363a&aff_sub3=&goal_id=1008&country_code=DE&aff_sub=int&transaction_id=2f2025ba3fbc6df3e9e54f6764ac185f0ce2ab19&trk_sys_id=1&test=0
:scheme: https
:method: GET
Referer: https://thecryptosoft.co/de/index.php?xparam=thecryptosoft.co/index.php&campaign=16396&offer_id=10528&aff_id=10122&creative=761&aff_sub4=&aff_sub5=&aff_sub2=5bcd6dea2c822c0d1e45363a&aff_sub3=&goal_id=1008&country_code=DE&aff_sub=int&transaction_id=2f2025ba3fbc6df3e9e54f6764ac185f0ce2ab19&trk_sys_id=1&test=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 22 Oct 2018 06:27:55 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 28 Sep 2018 16:45:05 GMT
server: cloudflare
etag: W/"f77-576f12d723e4e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: public, max-age=14400
cf-ray: 46d9e69ec84b6505-FRA
expires: Mon, 22 Oct 2018 10:27:55 GMT

GET
H2 200 cryptosoft_logo_hrt_greyscale.svg
thecryptosoft.co/images/ 3 KB
1 KB 10ms
10ms Image
image/svg+xml 2606:4700:30::681f:52d0
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thecryptosoft.co/images/cryptosoft_logo_hrt_greyscale.svg
Requested by: Host: thecryptosoft.co
URL: https://thecryptosoft.co/de/index.php?xparam=thecryptosoft.co/index.php&campaign=16396&offer_id=10528&aff_id=10122&creative=761&aff_sub4=&aff_sub5=&aff_sub2=5bcd6dea2c822c0d1e45363a&aff_sub3=&goal_id=1008&country_code=DE&aff_sub=int&transaction_id=2f2025ba3fbc6df3e9e54f6764ac185f0ce2ab19&trk_sys_id=1&test=0
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:30::681f:52d0 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: b6beba1aca963ee004973a6dd4c0d00229d83b97547d5855c97a49bc3d46c3b2

Request headers

:path: /images/cryptosoft_logo_hrt_greyscale.svg
pragma: no-cache
cookie: __cfduid=dcc77a3c0b22883fc407f371888f5052a1540189675
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: thecryptosoft.co
referer: https://thecryptosoft.co/de/index.php?xparam=thecryptosoft.co/index.php&campaign=16396&offer_id=10528&aff_id=10122&creative=761&aff_sub4=&aff_sub5=&aff_sub2=5bcd6dea2c822c0d1e45363a&aff_sub3=&goal_id=1008&country_code=DE&aff_sub=int&transaction_id=2f2025ba3fbc6df3e9e54f6764ac185f0ce2ab19&trk_sys_id=1&test=0
:scheme: https
:method: GET
Referer: https://thecryptosoft.co/de/index.php?xparam=thecryptosoft.co/index.php&campaign=16396&offer_id=10528&aff_id=10122&creative=761&aff_sub4=&aff_sub5=&aff_sub2=5bcd6dea2c822c0d1e45363a&aff_sub3=&goal_id=1008&country_code=DE&aff_sub=int&transaction_id=2f2025ba3fbc6df3e9e54f6764ac185f0ce2ab19&trk_sys_id=1&test=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 22 Oct 2018 06:27:55 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 28 Sep 2018 16:45:05 GMT
server: cloudflare
etag: W/"ae8-576f12d725d8e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
status: 200
cache-control: public, max-age=14400
cf-ray: 46d9e69ed84e6505-FRA
expires: Mon, 22 Oct 2018 10:27:55 GMT

GET
H/1.1 200
OK player.js Show response
player.vimeo.com/api/ 16 KB
6 KB 6ms
5ms Script
application/javascript 151.101.0.217
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://player.vimeo.com/api/player.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.0.217 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

nginx /

Resource Hash

985b0ddac926d9601a27817b8400fe3ad8ae96d1b70df181087b582b4c241a37

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; style-src 'unsafe-inline'
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://thecryptosoft.co/de/index.php?xparam=thecryptosoft.co/index.php&campaign=16396&offer_id=10528&aff_id=10122&creative=761&aff_sub4=&aff_sub5=&aff_sub2=5bcd6dea2c822c0d1e45363a&aff_sub3=&goal_id=1008&country_code=DE&aff_sub=int&transaction_id=2f2025ba3fbc6df3e9e54f6764ac185f0ce2ab19&trk_sys_id=1&test=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

X-Varnish-Cache: 0
Content-Security-Policy: default-src 'none'; style-src 'unsafe-inline'
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 1616
X-Cache: HIT, HIT
P3p: CP="This is not a P3P policy! See https://vimeo.com/privacy"
Connection: keep-alive
X-VServer: infra-playproxy-a-3
Content-Length: 5064
X-Xss-Protection: 1; mode=block
X-Served-By: cache-iad2148-IAD, cache-fra19146-FRA
Access-Control-Allow-Origin: *
Expires: Mon, 22 Oct 2018 06:30:59 GMT
Server: nginx
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
X-Timer: S1540189675.334352,VS0,VE0
Date: Mon, 22 Oct 2018 06:27:55 GMT
Strict-Transport-Security: max-age=15552000; includeSubDomains; preload
Content-Type: application/javascript;charset=utf-8
Via: 1.1 varnish, 1.1 varnish, 1.1 varnish
Vary: Accept-Encoding
X-Vimeo-DC: ge
Accept-Ranges: bytes
X-Cache-Hits: 1, 1298

GET
H2 200 icon_exceptionalsoftware_white.svg
thecryptosoft.co/images/icons/ 832 B
439 B 10ms
9ms Image
image/svg+xml 2606:4700:30::681f:52d0
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thecryptosoft.co/images/icons/icon_exceptionalsoftware_white.svg
Requested by: Host: thecryptosoft.co
URL: https://thecryptosoft.co/de/index.php?xparam=thecryptosoft.co/index.php&campaign=16396&offer_id=10528&aff_id=10122&creative=761&aff_sub4=&aff_sub5=&aff_sub2=5bcd6dea2c822c0d1e45363a&aff_sub3=&goal_id=1008&country_code=DE&aff_sub=int&transaction_id=2f2025ba3fbc6df3e9e54f6764ac185f0ce2ab19&trk_sys_id=1&test=0
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:30::681f:52d0 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: c1c1494e06df0b23bf7153f95b127046661d3abe014af2f9013c256470c19013

Request headers

:path: /images/icons/icon_exceptionalsoftware_white.svg
pragma: no-cache
cookie: __cfduid=dcc77a3c0b22883fc407f371888f5052a1540189675
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: thecryptosoft.co
referer: https://thecryptosoft.co/de/index.php?xparam=thecryptosoft.co/index.php&campaign=16396&offer_id=10528&aff_id=10122&creative=761&aff_sub4=&aff_sub5=&aff_sub2=5bcd6dea2c822c0d1e45363a&aff_sub3=&goal_id=1008&country_code=DE&aff_sub=int&transaction_id=2f2025ba3fbc6df3e9e54f6764ac185f0ce2ab19&trk_sys_id=1&test=0
:scheme: https
:method: GET
Referer: https://thecryptosoft.co/de/index.php?xparam=thecryptosoft.co/index.php&campaign=16396&offer_id=10528&aff_id=10122&creative=761&aff_sub4=&aff_sub5=&aff_sub2=5bcd6dea2c822c0d1e45363a&aff_sub3=&goal_id=1008&country_code=DE&aff_sub=int&transaction_id=2f2025ba3fbc6df3e9e54f6764ac185f0ce2ab19&trk_sys_id=1&test=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 22 Oct 2018 06:27:55 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 28 Sep 2018 16:45:05 GMT
server: cloudflare
etag: W/"340-576f12d726176"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
status: 200
cache-control: public, max-age=14400
cf-ray: 46d9e69f187d6505-FRA
expires: Mon, 22 Oct 2018 10:27:55 GMT

GET
H2 200 icon_immediateresults_white.svg
thecryptosoft.co/images/icons/ 707 B
479 B 10ms
9ms Image
image/svg+xml 2606:4700:30::681f:52d0
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thecryptosoft.co/images/icons/icon_immediateresults_white.svg
Requested by: Host: thecryptosoft.co
URL: https://thecryptosoft.co/de/index.php?xparam=thecryptosoft.co/index.php&campaign=16396&offer_id=10528&aff_id=10122&creative=761&aff_sub4=&aff_sub5=&aff_sub2=5bcd6dea2c822c0d1e45363a&aff_sub3=&goal_id=1008&country_code=DE&aff_sub=int&transaction_id=2f2025ba3fbc6df3e9e54f6764ac185f0ce2ab19&trk_sys_id=1&test=0
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:30::681f:52d0 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: b26aeae0358626b11f7315dd8bf3b6ffa1c5513e6e0bdf88087908edf1a601c4

Request headers

:path: /images/icons/icon_immediateresults_white.svg
pragma: no-cache
cookie: __cfduid=dcc77a3c0b22883fc407f371888f5052a1540189675
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: thecryptosoft.co
referer: https://thecryptosoft.co/de/index.php?xparam=thecryptosoft.co/index.php&campaign=16396&offer_id=10528&aff_id=10122&creative=761&aff_sub4=&aff_sub5=&aff_sub2=5bcd6dea2c822c0d1e45363a&aff_sub3=&goal_id=1008&country_code=DE&aff_sub=int&transaction_id=2f2025ba3fbc6df3e9e54f6764ac185f0ce2ab19&trk_sys_id=1&test=0
:scheme: https
:method: GET
Referer: https://thecryptosoft.co/de/index.php?xparam=thecryptosoft.co/index.php&campaign=16396&offer_id=10528&aff_id=10122&creative=761&aff_sub4=&aff_sub5=&aff_sub2=5bcd6dea2c822c0d1e45363a&aff_sub3=&goal_id=1008&country_code=DE&aff_sub=int&transaction_id=2f2025ba3fbc6df3e9e54f6764ac185f0ce2ab19&trk_sys_id=1&test=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 22 Oct 2018 06:27:55 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 28 Sep 2018 16:45:05 GMT
server: cloudflare
etag: W/"2c3-576f12d726176"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
status: 200
cache-control: public, max-age=14400
cf-ray: 46d9e69f187f6505-FRA
expires: Mon, 22 Oct 2018 10:27:55 GMT

GET
H2 200 icon_moneymachine_white.svg
thecryptosoft.co/images/icons/ 959 B
479 B 9ms
8ms Image
image/svg+xml 2606:4700:30::681f:52d0
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thecryptosoft.co/images/icons/icon_moneymachine_white.svg
Requested by: Host: thecryptosoft.co
URL: https://thecryptosoft.co/de/index.php?xparam=thecryptosoft.co/index.php&campaign=16396&offer_id=10528&aff_id=10122&creative=761&aff_sub4=&aff_sub5=&aff_sub2=5bcd6dea2c822c0d1e45363a&aff_sub3=&goal_id=1008&country_code=DE&aff_sub=int&transaction_id=2f2025ba3fbc6df3e9e54f6764ac185f0ce2ab19&trk_sys_id=1&test=0
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:30::681f:52d0 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 360ebe904d3d78de5737af2d81cdda55b91495a105f78e4099338cecea2d3737

Request headers

:path: /images/icons/icon_moneymachine_white.svg
pragma: no-cache
cookie: __cfduid=dcc77a3c0b22883fc407f371888f5052a1540189675
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: thecryptosoft.co
referer: https://thecryptosoft.co/de/index.php?xparam=thecryptosoft.co/index.php&campaign=16396&offer_id=10528&aff_id=10122&creative=761&aff_sub4=&aff_sub5=&aff_sub2=5bcd6dea2c822c0d1e45363a&aff_sub3=&goal_id=1008&country_code=DE&aff_sub=int&transaction_id=2f2025ba3fbc6df3e9e54f6764ac185f0ce2ab19&trk_sys_id=1&test=0
:scheme: https
:method: GET
Referer: https://thecryptosoft.co/de/index.php?xparam=thecryptosoft.co/index.php&campaign=16396&offer_id=10528&aff_id=10122&creative=761&aff_sub4=&aff_sub5=&aff_sub2=5bcd6dea2c822c0d1e45363a&aff_sub3=&goal_id=1008&country_code=DE&aff_sub=int&transaction_id=2f2025ba3fbc6df3e9e54f6764ac185f0ce2ab19&trk_sys_id=1&test=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 22 Oct 2018 06:27:55 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 28 Sep 2018 16:45:05 GMT
server: cloudflare
etag: W/"3bf-576f12d726176"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
status: 200
cache-control: public, max-age=14400
cf-ray: 46d9e69f18806505-FRA
expires: Mon, 22 Oct 2018 10:27:55 GMT

GET
H2 200 usr_4fsd2gf.jpg
thecryptosoft.co/images/users/ 3 KB
3 KB 10ms
9ms Image
image/jpeg 2606:4700:30::681f:52d0
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thecryptosoft.co/images/users/usr_4fsd2gf.jpg
Requested by: Host: thecryptosoft.co
URL: https://thecryptosoft.co/de/index.php?xparam=thecryptosoft.co/index.php&campaign=16396&offer_id=10528&aff_id=10122&creative=761&aff_sub4=&aff_sub5=&aff_sub2=5bcd6dea2c822c0d1e45363a&aff_sub3=&goal_id=1008&country_code=DE&aff_sub=int&transaction_id=2f2025ba3fbc6df3e9e54f6764ac185f0ce2ab19&trk_sys_id=1&test=0
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:30::681f:52d0 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 006252ba27677f8cb620524557048dd0595df8554a8bf1ea19826c62b97117cb

Request headers

:path: /images/users/usr_4fsd2gf.jpg
pragma: no-cache
cookie: __cfduid=dcc77a3c0b22883fc407f371888f5052a1540189675
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: thecryptosoft.co
referer: https://thecryptosoft.co/de/index.php?xparam=thecryptosoft.co/index.php&campaign=16396&offer_id=10528&aff_id=10122&creative=761&aff_sub4=&aff_sub5=&aff_sub2=5bcd6dea2c822c0d1e45363a&aff_sub3=&goal_id=1008&country_code=DE&aff_sub=int&transaction_id=2f2025ba3fbc6df3e9e54f6764ac185f0ce2ab19&trk_sys_id=1&test=0
:scheme: https
:method: GET
Referer: https://thecryptosoft.co/de/index.php?xparam=thecryptosoft.co/index.php&campaign=16396&offer_id=10528&aff_id=10122&creative=761&aff_sub4=&aff_sub5=&aff_sub2=5bcd6dea2c822c0d1e45363a&aff_sub3=&goal_id=1008&country_code=DE&aff_sub=int&transaction_id=2f2025ba3fbc6df3e9e54f6764ac185f0ce2ab19&trk_sys_id=1&test=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 22 Oct 2018 06:27:55 GMT
cf-cache-status: HIT
last-modified: Fri, 28 Sep 2018 16:45:05 GMT
server: cloudflare
etag: "d31-576f12d726946"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
status: 200
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 46d9e69f18816505-FRA
content-length: 3377
expires: Mon, 22 Oct 2018 10:27:55 GMT

GET
H2 200 usr_df14sd5.jpg
thecryptosoft.co/images/users/ 4 KB
4 KB 10ms
8ms Image
image/jpeg 2606:4700:30::681f:52d0
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thecryptosoft.co/images/users/usr_df14sd5.jpg
Requested by: Host: thecryptosoft.co
URL: https://thecryptosoft.co/de/index.php?xparam=thecryptosoft.co/index.php&campaign=16396&offer_id=10528&aff_id=10122&creative=761&aff_sub4=&aff_sub5=&aff_sub2=5bcd6dea2c822c0d1e45363a&aff_sub3=&goal_id=1008&country_code=DE&aff_sub=int&transaction_id=2f2025ba3fbc6df3e9e54f6764ac185f0ce2ab19&trk_sys_id=1&test=0
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:30::681f:52d0 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0ac1852801b1722575ef593304c0e73c46211dfd0300c0a3a98d735f77869848

Request headers

:path: /images/users/usr_df14sd5.jpg
pragma: no-cache
cookie: __cfduid=dcc77a3c0b22883fc407f371888f5052a1540189675
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: thecryptosoft.co
referer: https://thecryptosoft.co/de/index.php?xparam=thecryptosoft.co/index.php&campaign=16396&offer_id=10528&aff_id=10122&creative=761&aff_sub4=&aff_sub5=&aff_sub2=5bcd6dea2c822c0d1e45363a&aff_sub3=&goal_id=1008&country_code=DE&aff_sub=int&transaction_id=2f2025ba3fbc6df3e9e54f6764ac185f0ce2ab19&trk_sys_id=1&test=0
:scheme: https
:method: GET
Referer: https://thecryptosoft.co/de/index.php?xparam=thecryptosoft.co/index.php&campaign=16396&offer_id=10528&aff_id=10122&creative=761&aff_sub4=&aff_sub5=&aff_sub2=5bcd6dea2c822c0d1e45363a&aff_sub3=&goal_id=1008&country_code=DE&aff_sub=int&transaction_id=2f2025ba3fbc6df3e9e54f6764ac185f0ce2ab19&trk_sys_id=1&test=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 22 Oct 2018 06:27:55 GMT
cf-cache-status: HIT
last-modified: Fri, 28 Sep 2018 16:45:05 GMT
server: cloudflare
etag: "104c-576f12d726946"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
status: 200
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 46d9e69f28866505-FRA
content-length: 4172
expires: Mon, 22 Oct 2018 10:27:55 GMT

GET
H2 200 usr_d451xu.jpg
thecryptosoft.co/images/users/ 3 KB
3 KB 12ms
11ms Image
image/jpeg 2606:4700:30::681f:52d0
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thecryptosoft.co/images/users/usr_d451xu.jpg
Requested by: Host: thecryptosoft.co
URL: https://thecryptosoft.co/de/index.php?xparam=thecryptosoft.co/index.php&campaign=16396&offer_id=10528&aff_id=10122&creative=761&aff_sub4=&aff_sub5=&aff_sub2=5bcd6dea2c822c0d1e45363a&aff_sub3=&goal_id=1008&country_code=DE&aff_sub=int&transaction_id=2f2025ba3fbc6df3e9e54f6764ac185f0ce2ab19&trk_sys_id=1&test=0
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:30::681f:52d0 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 794e36b946325d7b25d38b79bce1eb2c6fcc8f6bfffb4dded0afa409e624c988

Request headers

:path: /images/users/usr_d451xu.jpg
pragma: no-cache
cookie: __cfduid=dcc77a3c0b22883fc407f371888f5052a1540189675
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: thecryptosoft.co
referer: https://thecryptosoft.co/de/index.php?xparam=thecryptosoft.co/index.php&campaign=16396&offer_id=10528&aff_id=10122&creative=761&aff_sub4=&aff_sub5=&aff_sub2=5bcd6dea2c822c0d1e45363a&aff_sub3=&goal_id=1008&country_code=DE&aff_sub=int&transaction_id=2f2025ba3fbc6df3e9e54f6764ac185f0ce2ab19&trk_sys_id=1&test=0
:scheme: https
:method: GET
Referer: https://thecryptosoft.co/de/index.php?xparam=thecryptosoft.co/index.php&campaign=16396&offer_id=10528&aff_id=10122&creative=761&aff_sub4=&aff_sub5=&aff_sub2=5bcd6dea2c822c0d1e45363a&aff_sub3=&goal_id=1008&country_code=DE&aff_sub=int&transaction_id=2f2025ba3fbc6df3e9e54f6764ac185f0ce2ab19&trk_sys_id=1&test=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 22 Oct 2018 06:27:55 GMT
cf-cache-status: HIT
last-modified: Fri, 28 Sep 2018 16:45:05 GMT
server: cloudflare
etag: "d7a-576f12d726946"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
status: 200
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 46d9e69f28876505-FRA
content-length: 3450
expires: Mon, 22 Oct 2018 10:27:55 GMT

GET
H2 200 usr_oju84d.jpg
thecryptosoft.co/images/users/ 4 KB
4 KB 9ms
9ms Image
image/jpeg 2606:4700:30::681f:52d0
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thecryptosoft.co/images/users/usr_oju84d.jpg
Requested by: Host: thecryptosoft.co
URL: https://thecryptosoft.co/de/index.php?xparam=thecryptosoft.co/index.php&campaign=16396&offer_id=10528&aff_id=10122&creative=761&aff_sub4=&aff_sub5=&aff_sub2=5bcd6dea2c822c0d1e45363a&aff_sub3=&goal_id=1008&country_code=DE&aff_sub=int&transaction_id=2f2025ba3fbc6df3e9e54f6764ac185f0ce2ab19&trk_sys_id=1&test=0
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:30::681f:52d0 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4df3a38ff0d0e0c0cbea528e4c1c64d669a893aa6d4fae1e89e0f9bb3a607de5

Request headers

:path: /images/users/usr_oju84d.jpg
pragma: no-cache
cookie: __cfduid=dcc77a3c0b22883fc407f371888f5052a1540189675
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: thecryptosoft.co
referer: https://thecryptosoft.co/de/index.php?xparam=thecryptosoft.co/index.php&campaign=16396&offer_id=10528&aff_id=10122&creative=761&aff_sub4=&aff_sub5=&aff_sub2=5bcd6dea2c822c0d1e45363a&aff_sub3=&goal_id=1008&country_code=DE&aff_sub=int&transaction_id=2f2025ba3fbc6df3e9e54f6764ac185f0ce2ab19&trk_sys_id=1&test=0
:scheme: https
:method: GET
Referer: https://thecryptosoft.co/de/index.php?xparam=thecryptosoft.co/index.php&campaign=16396&offer_id=10528&aff_id=10122&creative=761&aff_sub4=&aff_sub5=&aff_sub2=5bcd6dea2c822c0d1e45363a&aff_sub3=&goal_id=1008&country_code=DE&aff_sub=int&transaction_id=2f2025ba3fbc6df3e9e54f6764ac185f0ce2ab19&trk_sys_id=1&test=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 22 Oct 2018 06:27:55 GMT
cf-cache-status: HIT
last-modified: Fri, 28 Sep 2018 16:45:05 GMT
server: cloudflare
etag: "ef1-576f12d726946"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
status: 200
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 46d9e69f28886505-FRA
content-length: 3825
expires: Mon, 22 Oct 2018 10:27:55 GMT

GET
H2 200 usr_t14csd.jpg
thecryptosoft.co/images/users/ 3 KB
3 KB 10ms
10ms Image
image/jpeg 2606:4700:30::681f:52d0
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thecryptosoft.co/images/users/usr_t14csd.jpg
Requested by: Host: thecryptosoft.co
URL: https://thecryptosoft.co/de/index.php?xparam=thecryptosoft.co/index.php&campaign=16396&offer_id=10528&aff_id=10122&creative=761&aff_sub4=&aff_sub5=&aff_sub2=5bcd6dea2c822c0d1e45363a&aff_sub3=&goal_id=1008&country_code=DE&aff_sub=int&transaction_id=2f2025ba3fbc6df3e9e54f6764ac185f0ce2ab19&trk_sys_id=1&test=0
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:30::681f:52d0 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 86e1bd591516b78418106aedf9b3eb43d87f23a28490ecb3fda8b54176b4a095

Request headers

:path: /images/users/usr_t14csd.jpg
pragma: no-cache
cookie: __cfduid=dcc77a3c0b22883fc407f371888f5052a1540189675
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: thecryptosoft.co
referer: https://thecryptosoft.co/de/index.php?xparam=thecryptosoft.co/index.php&campaign=16396&offer_id=10528&aff_id=10122&creative=761&aff_sub4=&aff_sub5=&aff_sub2=5bcd6dea2c822c0d1e45363a&aff_sub3=&goal_id=1008&country_code=DE&aff_sub=int&transaction_id=2f2025ba3fbc6df3e9e54f6764ac185f0ce2ab19&trk_sys_id=1&test=0
:scheme: https
:method: GET
Referer: https://thecryptosoft.co/de/index.php?xparam=thecryptosoft.co/index.php&campaign=16396&offer_id=10528&aff_id=10122&creative=761&aff_sub4=&aff_sub5=&aff_sub2=5bcd6dea2c822c0d1e45363a&aff_sub3=&goal_id=1008&country_code=DE&aff_sub=int&transaction_id=2f2025ba3fbc6df3e9e54f6764ac185f0ce2ab19&trk_sys_id=1&test=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 22 Oct 2018 06:27:55 GMT
cf-cache-status: HIT
last-modified: Fri, 28 Sep 2018 17:06:55 GMT
server: cloudflare
etag: "d57-576f17b91bad1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
status: 200
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 46d9e69f28896505-FRA
content-length: 3415
expires: Mon, 22 Oct 2018 10:27:55 GMT

GET
H2 200 usr_fds513.jpg
thecryptosoft.co/images/users/ 4 KB
4 KB 10ms
9ms Image
image/jpeg 2606:4700:30::681f:52d0
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thecryptosoft.co/images/users/usr_fds513.jpg
Requested by: Host: thecryptosoft.co
URL: https://thecryptosoft.co/de/index.php?xparam=thecryptosoft.co/index.php&campaign=16396&offer_id=10528&aff_id=10122&creative=761&aff_sub4=&aff_sub5=&aff_sub2=5bcd6dea2c822c0d1e45363a&aff_sub3=&goal_id=1008&country_code=DE&aff_sub=int&transaction_id=2f2025ba3fbc6df3e9e54f6764ac185f0ce2ab19&trk_sys_id=1&test=0
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:30::681f:52d0 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4a7e7387d92ba9eb6f45d83ab0448ca8006a487c4bee4e03cb32c62acb0d59e0

Request headers

:path: /images/users/usr_fds513.jpg
pragma: no-cache
cookie: __cfduid=dcc77a3c0b22883fc407f371888f5052a1540189675
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: thecryptosoft.co
referer: https://thecryptosoft.co/de/index.php?xparam=thecryptosoft.co/index.php&campaign=16396&offer_id=10528&aff_id=10122&creative=761&aff_sub4=&aff_sub5=&aff_sub2=5bcd6dea2c822c0d1e45363a&aff_sub3=&goal_id=1008&country_code=DE&aff_sub=int&transaction_id=2f2025ba3fbc6df3e9e54f6764ac185f0ce2ab19&trk_sys_id=1&test=0
:scheme: https
:method: GET
Referer: https://thecryptosoft.co/de/index.php?xparam=thecryptosoft.co/index.php&campaign=16396&offer_id=10528&aff_id=10122&creative=761&aff_sub4=&aff_sub5=&aff_sub2=5bcd6dea2c822c0d1e45363a&aff_sub3=&goal_id=1008&country_code=DE&aff_sub=int&transaction_id=2f2025ba3fbc6df3e9e54f6764ac185f0ce2ab19&trk_sys_id=1&test=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 22 Oct 2018 06:27:55 GMT
cf-cache-status: HIT
last-modified: Fri, 28 Sep 2018 16:45:05 GMT
server: cloudflare
etag: "1143-576f12d726946"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
status: 200
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 46d9e69f288a6505-FRA
content-length: 4419
expires: Mon, 22 Oct 2018 10:27:55 GMT

GET
H2 200 security_icons.min.png
thecryptosoft.co/images/ 25 KB
26 KB 11ms
10ms Image
image/png 2606:4700:30::681f:52d0
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thecryptosoft.co/images/security_icons.min.png
Requested by: Host: thecryptosoft.co
URL: https://thecryptosoft.co/de/index.php?xparam=thecryptosoft.co/index.php&campaign=16396&offer_id=10528&aff_id=10122&creative=761&aff_sub4=&aff_sub5=&aff_sub2=5bcd6dea2c822c0d1e45363a&aff_sub3=&goal_id=1008&country_code=DE&aff_sub=int&transaction_id=2f2025ba3fbc6df3e9e54f6764ac185f0ce2ab19&trk_sys_id=1&test=0
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:30::681f:52d0 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: a48fca23f43035e4c0c9c93b3b27ef605b013789427ac71fc9b585256155f0a5

Request headers

:path: /images/security_icons.min.png
pragma: no-cache
cookie: __cfduid=dcc77a3c0b22883fc407f371888f5052a1540189675
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: thecryptosoft.co
referer: https://thecryptosoft.co/de/index.php?xparam=thecryptosoft.co/index.php&campaign=16396&offer_id=10528&aff_id=10122&creative=761&aff_sub4=&aff_sub5=&aff_sub2=5bcd6dea2c822c0d1e45363a&aff_sub3=&goal_id=1008&country_code=DE&aff_sub=int&transaction_id=2f2025ba3fbc6df3e9e54f6764ac185f0ce2ab19&trk_sys_id=1&test=0
:scheme: https
:method: GET
Referer: https://thecryptosoft.co/de/index.php?xparam=thecryptosoft.co/index.php&campaign=16396&offer_id=10528&aff_id=10122&creative=761&aff_sub4=&aff_sub5=&aff_sub2=5bcd6dea2c822c0d1e45363a&aff_sub3=&goal_id=1008&country_code=DE&aff_sub=int&transaction_id=2f2025ba3fbc6df3e9e54f6764ac185f0ce2ab19&trk_sys_id=1&test=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 22 Oct 2018 06:27:55 GMT
cf-cache-status: HIT
last-modified: Fri, 28 Sep 2018 16:45:05 GMT
server: cloudflare
etag: "65bc-576f12d726946"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 46d9e69f288b6505-FRA
content-length: 26044
expires: Mon, 22 Oct 2018 10:27:55 GMT

GET
H2 200 cryptosoft_logo_hrt_white.svg
thecryptosoft.co/images/ 2 KB
868 B 9ms
8ms Image
image/svg+xml 2606:4700:30::681f:52d0
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thecryptosoft.co/images/cryptosoft_logo_hrt_white.svg
Requested by: Host: thecryptosoft.co
URL: https://thecryptosoft.co/de/index.php?xparam=thecryptosoft.co/index.php&campaign=16396&offer_id=10528&aff_id=10122&creative=761&aff_sub4=&aff_sub5=&aff_sub2=5bcd6dea2c822c0d1e45363a&aff_sub3=&goal_id=1008&country_code=DE&aff_sub=int&transaction_id=2f2025ba3fbc6df3e9e54f6764ac185f0ce2ab19&trk_sys_id=1&test=0
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:30::681f:52d0 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: b684e033e8312d8a860d29662826a9e00ee8ee2ffc77b10789c89b00ff527a85

Request headers

:path: /images/cryptosoft_logo_hrt_white.svg
pragma: no-cache
cookie: __cfduid=dcc77a3c0b22883fc407f371888f5052a1540189675
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: thecryptosoft.co
referer: https://thecryptosoft.co/de/index.php?xparam=thecryptosoft.co/index.php&campaign=16396&offer_id=10528&aff_id=10122&creative=761&aff_sub4=&aff_sub5=&aff_sub2=5bcd6dea2c822c0d1e45363a&aff_sub3=&goal_id=1008&country_code=DE&aff_sub=int&transaction_id=2f2025ba3fbc6df3e9e54f6764ac185f0ce2ab19&trk_sys_id=1&test=0
:scheme: https
:method: GET
Referer: https://thecryptosoft.co/de/index.php?xparam=thecryptosoft.co/index.php&campaign=16396&offer_id=10528&aff_id=10122&creative=761&aff_sub4=&aff_sub5=&aff_sub2=5bcd6dea2c822c0d1e45363a&aff_sub3=&goal_id=1008&country_code=DE&aff_sub=int&transaction_id=2f2025ba3fbc6df3e9e54f6764ac185f0ce2ab19&trk_sys_id=1&test=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 22 Oct 2018 06:27:55 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 28 Sep 2018 16:45:05 GMT
server: cloudflare
etag: W/"82f-576f12d725d8e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
status: 200
cache-control: public, max-age=14400
cf-ray: 46d9e69f38916505-FRA
expires: Mon, 22 Oct 2018 10:27:55 GMT

GET
S 200 bootstrap.min.js Show response
cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.3.7/js/ 36 KB
10 KB 8ms
8ms Script
application/javascript 2400:cb00:2048:1::6813:c597
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.3.7/js/bootstrap.min.js

Requested by

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2400:cb00:2048:1::6813:c597 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: https://thecryptosoft.co/de/index.php?xparam=thecryptosoft.co/index.php&campaign=16396&offer_id=10528&aff_id=10122&creative=761&aff_sub4=&aff_sub5=&aff_sub2=5bcd6dea2c822c0d1e45363a&aff_sub3=&goal_id=1008&country_code=DE&aff_sub=int&transaction_id=2f2025ba3fbc6df3e9e54f6764ac185f0ce2ab19&trk_sys_id=1&test=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 22 Oct 2018 06:27:55 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: HIT
status: 200
served-in-seconds: 0.001
last-modified: Thu, 17 May 2018 09:27:13 GMT
server: cloudflare
etag: W/"5afd4af1-90b5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=30672000
cf-ray: 46d9e69edcdf639d-FRA
expires: Sat, 12 Oct 2019 06:27:55 GMT

GET
S 200 bodymovin_light.min.js Show response
cdnjs.cloudflare.com/ajax/libs/bodymovin/4.10.2/ 140 KB
37 KB 9ms
9ms Script
application/javascript 2400:cb00:2048:1::6813:c597
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/bodymovin/4.10.2/bodymovin_light.min.js

Requested by

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2400:cb00:2048:1::6813:c597 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

f8759b4002b5d3273049eca7e9ba054fa587f34a624a4f401f712a5596803f6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: https://thecryptosoft.co/de/index.php?xparam=thecryptosoft.co/index.php&campaign=16396&offer_id=10528&aff_id=10122&creative=761&aff_sub4=&aff_sub5=&aff_sub2=5bcd6dea2c822c0d1e45363a&aff_sub3=&goal_id=1008&country_code=DE&aff_sub=int&transaction_id=2f2025ba3fbc6df3e9e54f6764ac185f0ce2ab19&trk_sys_id=1&test=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 22 Oct 2018 06:27:55 GMT
content-encoding: gzip
cf-cache-status: HIT
content-security-policy-report-only: default-src https: data: wss: 'unsafe-eval' 'unsafe-inline'; report-uri https://cdnjs.cloudflare.com/cdn-cgi/beacon/csp?req_id=46d9e69eece5639d
status: 200
strict-transport-security: max-age=15780000; includeSubDomains
served-in-seconds: 0.003
last-modified: Thu, 17 May 2018 09:16:17 GMT
server: cloudflare
etag: W/"5afd4861-22e01"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=30672000
cf-ray: 46d9e69eece5639d-FRA
expires: Sat, 12 Oct 2019 06:27:55 GMT

GET
H2 200 chart.js Show response
thecryptosoft.co/js/ 172 B
266 B 10ms
9ms Script
application/javascript 2606:4700:30::681f:52d0
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://thecryptosoft.co/js/chart.js
Requested by: Host: thecryptosoft.co
URL: https://thecryptosoft.co/de/index.php?xparam=thecryptosoft.co/index.php&campaign=16396&offer_id=10528&aff_id=10122&creative=761&aff_sub4=&aff_sub5=&aff_sub2=5bcd6dea2c822c0d1e45363a&aff_sub3=&goal_id=1008&country_code=DE&aff_sub=int&transaction_id=2f2025ba3fbc6df3e9e54f6764ac185f0ce2ab19&trk_sys_id=1&test=0
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:30::681f:52d0 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 367778085f446b669d32cac74ec75cd027cd81d2d87aa7dad466060ca206726c

Request headers

:path: /js/chart.js
pragma: no-cache
cookie: __cfduid=dcc77a3c0b22883fc407f371888f5052a1540189675
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: thecryptosoft.co
referer: https://thecryptosoft.co/de/index.php?xparam=thecryptosoft.co/index.php&campaign=16396&offer_id=10528&aff_id=10122&creative=761&aff_sub4=&aff_sub5=&aff_sub2=5bcd6dea2c822c0d1e45363a&aff_sub3=&goal_id=1008&country_code=DE&aff_sub=int&transaction_id=2f2025ba3fbc6df3e9e54f6764ac185f0ce2ab19&trk_sys_id=1&test=0
:scheme: https
:method: GET
Referer: https://thecryptosoft.co/de/index.php?xparam=thecryptosoft.co/index.php&campaign=16396&offer_id=10528&aff_id=10122&creative=761&aff_sub4=&aff_sub5=&aff_sub2=5bcd6dea2c822c0d1e45363a&aff_sub3=&goal_id=1008&country_code=DE&aff_sub=int&transaction_id=2f2025ba3fbc6df3e9e54f6764ac185f0ce2ab19&trk_sys_id=1&test=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 22 Oct 2018 06:27:55 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 28 Sep 2018 17:06:55 GMT
server: cloudflare
etag: W/"ac-576f17b91bad1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=14400
cf-ray: 46d9e69ef8616505-FRA
expires: Mon, 22 Oct 2018 10:27:55 GMT

GET
H2 200 crazypopup-src.js Show response
thecryptosoft.co/js/ 17 KB
4 KB 11ms
10ms Script
application/javascript 2606:4700:30::681f:52d0
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://thecryptosoft.co/js/crazypopup-src.js
Requested by: Host: thecryptosoft.co
URL: https://thecryptosoft.co/de/index.php?xparam=thecryptosoft.co/index.php&campaign=16396&offer_id=10528&aff_id=10122&creative=761&aff_sub4=&aff_sub5=&aff_sub2=5bcd6dea2c822c0d1e45363a&aff_sub3=&goal_id=1008&country_code=DE&aff_sub=int&transaction_id=2f2025ba3fbc6df3e9e54f6764ac185f0ce2ab19&trk_sys_id=1&test=0
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:30::681f:52d0 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 545fca1523bbb378bd9cb8ddd522b88623a512fb31e074402fd4d942de0c5354

Request headers

:path: /js/crazypopup-src.js
pragma: no-cache
cookie: __cfduid=dcc77a3c0b22883fc407f371888f5052a1540189675
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: thecryptosoft.co
referer: https://thecryptosoft.co/de/index.php?xparam=thecryptosoft.co/index.php&campaign=16396&offer_id=10528&aff_id=10122&creative=761&aff_sub4=&aff_sub5=&aff_sub2=5bcd6dea2c822c0d1e45363a&aff_sub3=&goal_id=1008&country_code=DE&aff_sub=int&transaction_id=2f2025ba3fbc6df3e9e54f6764ac185f0ce2ab19&trk_sys_id=1&test=0
:scheme: https
:method: GET
Referer: https://thecryptosoft.co/de/index.php?xparam=thecryptosoft.co/index.php&campaign=16396&offer_id=10528&aff_id=10122&creative=761&aff_sub4=&aff_sub5=&aff_sub2=5bcd6dea2c822c0d1e45363a&aff_sub3=&goal_id=1008&country_code=DE&aff_sub=int&transaction_id=2f2025ba3fbc6df3e9e54f6764ac185f0ce2ab19&trk_sys_id=1&test=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 22 Oct 2018 06:27:55 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 28 Sep 2018 17:06:55 GMT
server: cloudflare
etag: W/"441a-576f17b91beb9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=14400
cf-ray: 46d9e69ef8676505-FRA
expires: Mon, 22 Oct 2018 10:27:55 GMT

GET
H2 200 modal-crazy.js Show response
thecryptosoft.co/js/ 2 KB
742 B 9ms
8ms Script
application/javascript 2606:4700:30::681f:52d0
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://thecryptosoft.co/js/modal-crazy.js?v=1
Requested by: Host: thecryptosoft.co
URL: https://thecryptosoft.co/de/index.php?xparam=thecryptosoft.co/index.php&campaign=16396&offer_id=10528&aff_id=10122&creative=761&aff_sub4=&aff_sub5=&aff_sub2=5bcd6dea2c822c0d1e45363a&aff_sub3=&goal_id=1008&country_code=DE&aff_sub=int&transaction_id=2f2025ba3fbc6df3e9e54f6764ac185f0ce2ab19&trk_sys_id=1&test=0
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:30::681f:52d0 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 503f6b2b25fff73304458fb3f66c3dd36ecf79def1dff067e99343ba5d949f60

Request headers

:path: /js/modal-crazy.js?v=1
pragma: no-cache
cookie: __cfduid=dcc77a3c0b22883fc407f371888f5052a1540189675
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: thecryptosoft.co
referer: https://thecryptosoft.co/de/index.php?xparam=thecryptosoft.co/index.php&campaign=16396&offer_id=10528&aff_id=10122&creative=761&aff_sub4=&aff_sub5=&aff_sub2=5bcd6dea2c822c0d1e45363a&aff_sub3=&goal_id=1008&country_code=DE&aff_sub=int&transaction_id=2f2025ba3fbc6df3e9e54f6764ac185f0ce2ab19&trk_sys_id=1&test=0
:scheme: https
:method: GET
Referer: https://thecryptosoft.co/de/index.php?xparam=thecryptosoft.co/index.php&campaign=16396&offer_id=10528&aff_id=10122&creative=761&aff_sub4=&aff_sub5=&aff_sub2=5bcd6dea2c822c0d1e45363a&aff_sub3=&goal_id=1008&country_code=DE&aff_sub=int&transaction_id=2f2025ba3fbc6df3e9e54f6764ac185f0ce2ab19&trk_sys_id=1&test=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 22 Oct 2018 06:27:55 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 28 Sep 2018 17:06:55 GMT
server: cloudflare
etag: W/"6dd-576f17b91beb9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=14400
cf-ray: 46d9e69f187a6505-FRA
expires: Mon, 22 Oct 2018 10:27:55 GMT

GET
H2 200 unload.js Show response
thecryptosoft.co/js/ 228 B
233 B 11ms
10ms Script
application/javascript 2606:4700:30::681f:52d0
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://thecryptosoft.co/js/unload.js
Requested by: Host: thecryptosoft.co
URL: https://thecryptosoft.co/de/index.php?xparam=thecryptosoft.co/index.php&campaign=16396&offer_id=10528&aff_id=10122&creative=761&aff_sub4=&aff_sub5=&aff_sub2=5bcd6dea2c822c0d1e45363a&aff_sub3=&goal_id=1008&country_code=DE&aff_sub=int&transaction_id=2f2025ba3fbc6df3e9e54f6764ac185f0ce2ab19&trk_sys_id=1&test=0
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:30::681f:52d0 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ec510234b7ed3071de63194849e835b477d8b606078aaa9f53f7053f74f4745

Request headers

:path: /js/unload.js
pragma: no-cache
cookie: __cfduid=dcc77a3c0b22883fc407f371888f5052a1540189675
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: thecryptosoft.co
referer: https://thecryptosoft.co/de/index.php?xparam=thecryptosoft.co/index.php&campaign=16396&offer_id=10528&aff_id=10122&creative=761&aff_sub4=&aff_sub5=&aff_sub2=5bcd6dea2c822c0d1e45363a&aff_sub3=&goal_id=1008&country_code=DE&aff_sub=int&transaction_id=2f2025ba3fbc6df3e9e54f6764ac185f0ce2ab19&trk_sys_id=1&test=0
:scheme: https
:method: GET
Referer: https://thecryptosoft.co/de/index.php?xparam=thecryptosoft.co/index.php&campaign=16396&offer_id=10528&aff_id=10122&creative=761&aff_sub4=&aff_sub5=&aff_sub2=5bcd6dea2c822c0d1e45363a&aff_sub3=&goal_id=1008&country_code=DE&aff_sub=int&transaction_id=2f2025ba3fbc6df3e9e54f6764ac185f0ce2ab19&trk_sys_id=1&test=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 22 Oct 2018 06:27:55 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 28 Sep 2018 16:45:05 GMT
server: cloudflare
etag: W/"e4-576f12d727116"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=14400
cf-ray: 46d9e69f187c6505-FRA
expires: Mon, 22 Oct 2018 10:27:55 GMT

GET
S 200 css
fonts.googleapis.com/ 12 KB
1 KB 16ms
16ms Stylesheet
text/css 2a00:1450:4001:80b::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto+Condensed:400,700|Roboto:400,400i,700&subset=latin-ext

Requested by

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:80b::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

f0c43442964268f98c0fbf77145dbab4a9bb34092c81ba66b67f7357b3b16784

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://thecryptosoft.co/de/index.php?xparam=thecryptosoft.co/index.php&campaign=16396&offer_id=10528&aff_id=10122&creative=761&aff_sub4=&aff_sub5=&aff_sub2=5bcd6dea2c822c0d1e45363a&aff_sub3=&goal_id=1008&country_code=DE&aff_sub=int&transaction_id=2f2025ba3fbc6df3e9e54f6764ac185f0ce2ab19&trk_sys_id=1&test=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=604800
content-encoding: gzip
last-modified: Mon, 22 Oct 2018 06:27:55 GMT
server: ESF
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
status: 200
date: Mon, 22 Oct 2018 06:27:55 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
x-xss-protection: 1; mode=block
expires: Mon, 22 Oct 2018 06:27:55 GMT

GET
S 200 5b64bbad960ed75d9e399898 Show response
api.pushnami.com/scripts/v1/pushnami-adv/ 22 KB
7 KB 10ms
10ms Script
application/javascript 52.222.161.35
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://api.pushnami.com/scripts/v1/pushnami-adv/5b64bbad960ed75d9e399898
Requested by: Host: thecryptosoft.co
URL: https://thecryptosoft.co/de/index.php?xparam=thecryptosoft.co/index.php&campaign=16396&offer_id=10528&aff_id=10122&creative=761&aff_sub4=&aff_sub5=&aff_sub2=5bcd6dea2c822c0d1e45363a&aff_sub3=&goal_id=1008&country_code=DE&aff_sub=int&transaction_id=2f2025ba3fbc6df3e9e54f6764ac185f0ce2ab19&trk_sys_id=1&test=0
Protocol: SPDY
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.222.161.35 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-52-222-161-35.fra54.r.cloudfront.net
Software: /
Resource Hash: 8a2af45502d9ea2e2275998053cf6330ea9cd536db44fa9f068171c9df075a0c

Request headers

Referer: https://thecryptosoft.co/de/index.php?xparam=thecryptosoft.co/index.php&campaign=16396&offer_id=10528&aff_id=10122&creative=761&aff_sub4=&aff_sub5=&aff_sub2=5bcd6dea2c822c0d1e45363a&aff_sub3=&goal_id=1008&country_code=DE&aff_sub=int&transaction_id=2f2025ba3fbc6df3e9e54f6764ac185f0ce2ab19&trk_sys_id=1&test=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 22 Oct 2018 06:22:06 GMT
content-encoding: gzip
age: 349
vary: accept-encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
status: 200
cache-control: no-cache
x-amz-cf-id: i77ctLNC88PqIB8h2pfhloBJ-BZxHGRWaFtPvbz1Hrm0cDAZVZS5bg==
via: 1.1 7419ebe6dc61a036c7f081375facfd52.cloudfront.net (CloudFront)

GET
S 200 hotjar-992185.js Show response
static.hotjar.com/c/ 12 KB
2 KB 41ms
41ms Script
application/javascript 147.75.33.155
Packet Host

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-992185.js?sv=6

Requested by

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

147.75.33.155 , Switzerland, ASN54825 (PACKET - Packet Host, Inc., US),

Reverse DNS

pkt-ams-k1-19

Software

Resource Hash

c85d802e7d8f08e692bb4102cb932684279ca2753a79e9818575ca43b3ee7208

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://thecryptosoft.co/de/index.php?xparam=thecryptosoft.co/index.php&campaign=16396&offer_id=10528&aff_id=10122&creative=761&aff_sub4=&aff_sub5=&aff_sub2=5bcd6dea2c822c0d1e45363a&aff_sub3=&goal_id=1008&country_code=DE&aff_sub=int&transaction_id=2f2025ba3fbc6df3e9e54f6764ac185f0ce2ab19&trk_sys_id=1&test=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 22 Oct 2018 06:27:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
etag: W/7859037726f4ce6ee5238ec814f7fa2e
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=60
section-io-origin-time-seconds: 0.051
section-io-origin-status: 304
accept-ranges: bytes
section-io-id: f9bd6d19773ac132714a966f364434a8
content-length: 1931

GET
S 200 css
fonts.googleapis.com/ 14 KB
1 KB 17ms
17ms Stylesheet
text/css 2a00:1450:4001:80b::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto+Condensed|Roboto:300,400,700,700i,900i&subset=cyrillic

Requested by

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:80b::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

275416be25bf90253653994831aa0b49380e3fd7aad1eedcd10b0f038e93090f

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://thecryptosoft.co/de/index.php?xparam=thecryptosoft.co/index.php&campaign=16396&offer_id=10528&aff_id=10122&creative=761&aff_sub4=&aff_sub5=&aff_sub2=5bcd6dea2c822c0d1e45363a&aff_sub3=&goal_id=1008&country_code=DE&aff_sub=int&transaction_id=2f2025ba3fbc6df3e9e54f6764ac185f0ce2ab19&trk_sys_id=1&test=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=604800
content-encoding: gzip
last-modified: Mon, 22 Oct 2018 06:27:55 GMT
server: ESF
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
status: 200
date: Mon, 22 Oct 2018 06:27:55 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
x-xss-protection: 1; mode=block
expires: Mon, 22 Oct 2018 06:27:55 GMT

GET
H/1.1 200
OK 244322120
player.vimeo.com/video/ Frame 69E7 0
0 133ms
132ms Document
text/html 151.101.0.217
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://player.vimeo.com/video/244322120?loop=0&background=1&title=0&byline=0&portrait=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.0.217 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' https://f.vimeocdn.com https://js-agent.newrelic.com https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://f.vimeocdn.com; style-src 'self' 'unsafe-inline' https://f.vimeocdn.com https://f.vimeocdn.com; connect-src 'self' https://vimeo.com https://vimeo.dev https://api.vimeo.com https://api.vimeo.dev https://fresnel.vimeocdn.com https://.akamaized.net https://.akamaized-staging.net https://.vimeocdn.com https://netflux.cloud.vimeo.com https://lic.staging.drmtoday.com https://lic.drmtoday.com https://sentry.io https://sentry.cloud.vimeo.com https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://.litix.io/; media-src 'self' blob: https://.vimeocdn.com https://.akamaized.net https://.akamaized-staging.net https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com; object-src 'self' https://.vimeocdn.com https://.akamaized.net https://.akamaized-staging.net; default-src 'none'; img-src 'self' data: https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://player.vimeo.com https://*.ci.vimeows.com https://f.vimeocdn.com; frame-src 'self' https://f.vimeocdn.com
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: player.vimeo.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: https://thecryptosoft.co/de/index.php?xparam=thecryptosoft.co/index.php&campaign=16396&offer_id=10528&aff_id=10122&creative=761&aff_sub4=&aff_sub5=&aff_sub2=5bcd6dea2c822c0d1e45363a&aff_sub3=&goal_id=1008&country_code=DE&aff_sub=int&transaction_id=2f2025ba3fbc6df3e9e54f6764ac185f0ce2ab19&trk_sys_id=1&test=0
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://thecryptosoft.co/de/index.php?xparam=thecryptosoft.co/index.php&campaign=16396&offer_id=10528&aff_id=10122&creative=761&aff_sub4=&aff_sub5=&aff_sub2=5bcd6dea2c822c0d1e45363a&aff_sub3=&goal_id=1008&country_code=DE&aff_sub=int&transaction_id=2f2025ba3fbc6df3e9e54f6764ac185f0ce2ab19&trk_sys_id=1&test=0

Response headers

Server: nginx
Content-Type: text/html; charset=UTF-8
X-Xss-Protection: 1; mode=block
Content-Security-Policy: script-src 'self' 'unsafe-inline' https://f.vimeocdn.com https://js-agent.newrelic.com https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://f.vimeocdn.com; style-src 'self' 'unsafe-inline' https://f.vimeocdn.com https://f.vimeocdn.com; connect-src 'self' https://vimeo.com https://vimeo.dev https://api.vimeo.com https://api.vimeo.dev https://fresnel.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://netflux.cloud.vimeo.com https://lic.staging.drmtoday.com https://lic.drmtoday.com https://sentry.io https://sentry.cloud.vimeo.com https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://*.litix.io/; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; default-src 'none'; img-src 'self' data: https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://player.vimeo.com https://*.ci.vimeows.com https://f.vimeocdn.com; frame-src 'self' https://f.vimeocdn.com
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=15552000; includeSubDomains; preload
Link: <https://i.vimeocdn.com>; rel=preconnect; crossorigin <https://f.vimeocdn.com>; rel=preconnect; crossorigin
P3p: CP="This is not a P3P policy! See https://vimeo.com/privacy"
Expires: Fri, 15 Dec 1985 19:30:00 GMT
Via: 1.1 varnish 1.1 varnish 1.1 varnish
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
X-Varnish-Cache: 0
X-VServer: infra-playproxy-a-6
X-Vimeo-DC: ge
Content-Encoding: gzip
Content-Length: 5342
Accept-Ranges: bytes
Date: Mon, 22 Oct 2018 06:27:55 GMT
Age: 0
Connection: keep-alive
X-Served-By: cache-iad2136-IAD, cache-fra19146-FRA
X-Cache: MISS, MISS
X-Cache-Hits: 0, 0
X-Timer: S1540189675.382868,VS0,VE127
Vary: Accept-Encoding

GET
H2 200 bgpattern.png
thecryptosoft.co/images/ 46 KB
47 KB 9ms
8ms Image
image/png 2606:4700:30::681f:52d0
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thecryptosoft.co/images/bgpattern.png
Requested by: Host: thecryptosoft.co
URL: https://thecryptosoft.co/de/index.php?xparam=thecryptosoft.co/index.php&campaign=16396&offer_id=10528&aff_id=10122&creative=761&aff_sub4=&aff_sub5=&aff_sub2=5bcd6dea2c822c0d1e45363a&aff_sub3=&goal_id=1008&country_code=DE&aff_sub=int&transaction_id=2f2025ba3fbc6df3e9e54f6764ac185f0ce2ab19&trk_sys_id=1&test=0
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:30::681f:52d0 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2bf9ed9ba13bb6261155bb9243b13e0ae7af6dab2af6e9681fd4338380938eab

Request headers

:path: /images/bgpattern.png
pragma: no-cache
cookie: __cfduid=dcc77a3c0b22883fc407f371888f5052a1540189675
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: thecryptosoft.co
referer: https://thecryptosoft.co/css/layout.css
:scheme: https
:method: GET
Referer: https://thecryptosoft.co/css/layout.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 22 Oct 2018 06:27:55 GMT
cf-cache-status: HIT
last-modified: Fri, 28 Sep 2018 16:45:05 GMT
server: cloudflare
etag: "b9e8-576f12d724dee"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 46d9e69f38946505-FRA
content-length: 47592
expires: Mon, 22 Oct 2018 10:27:55 GMT

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 53a38379592286cea290cd5315d36768edf6640aff3169573517fe82541e5a0a

Request headers

Response headers

Access-Control-Allow-Origin: *
Content-Type: image/png

GET
S 200 ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYb9lecyU.woff2
fonts.gstatic.com/s/robotocondensed/v16/ 10 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:80b::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v16/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYb9lecyU.woff2

Requested by

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:80b::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

a319525d284a6601f494a8c32f74f8fdc2ec75cb1d5fda04b774dac68d15dc5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Roboto+Condensed:400,700|Roboto:400,400i,700&subset=latin-ext
Origin: https://thecryptosoft.co

Response headers

date: Tue, 02 Oct 2018 16:32:43 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Oct 2017 18:25:19 GMT
server: sffe
age: 1691712
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 10688
x-xss-protection: 1; mode=block
expires: Wed, 02 Oct 2019 16:32:43 GMT

GET
S 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v18/ 10 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:80b::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:80b::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

4352380f92ce7f9a4a4a23306b992bed10055dbfffe90987cc72083e583fc280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Roboto+Condensed:400,700|Roboto:400,400i,700&subset=latin-ext
Origin: https://thecryptosoft.co

Response headers

date: Tue, 16 Oct 2018 00:44:41 GMT
x-content-type-options: nosniff
last-modified: Mon, 16 Oct 2017 17:32:51 GMT
server: sffe
age: 538994
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 10748
x-xss-protection: 1; mode=block
expires: Wed, 16 Oct 2019 00:44:41 GMT

GET
S 200 KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v18/ 11 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:80b::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2

Requested by

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:80b::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

1be216dbc059d96e288b0c1f399a1a80ee8c65e4c1272dbc4574bd6d23cf45d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Roboto+Condensed:400,700|Roboto:400,400i,700&subset=latin-ext
Origin: https://thecryptosoft.co

Response headers

date: Tue, 16 Oct 2018 00:44:59 GMT
x-content-type-options: nosniff
last-modified: Mon, 16 Oct 2017 17:33:03 GMT
server: sffe
age: 538976
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 10764
x-xss-protection: 1; mode=block
expires: Wed, 16 Oct 2019 00:44:59 GMT

GET
S 200 KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v18/ 11 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:80b::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2

Requested by

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:80b::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

f7c386915e39d8a925fe10d15744a9da95ac8f90423e12728e7fc3c5e34f4559

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Roboto+Condensed|Roboto:300,400,700,700i,900i&subset=cyrillic
Origin: https://thecryptosoft.co

Response headers

date: Tue, 02 Oct 2018 10:29:21 GMT
x-content-type-options: nosniff
last-modified: Mon, 16 Oct 2017 17:32:47 GMT
server: sffe
age: 1713514
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 10876
x-xss-protection: 1; mode=block
expires: Wed, 02 Oct 2019 10:29:21 GMT

GET
S 200 KFOkCnqEu92Fr1Mu51xIIzIXKMny.woff2
fonts.gstatic.com/s/roboto/v18/ 12 KB
12 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:80b::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOkCnqEu92Fr1Mu51xIIzIXKMny.woff2

Requested by

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:80b::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

64565561ddb338a11ffce5b84aa53fa6e8fd203c34208e61eb5602cd08bf527f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Roboto+Condensed:400,700|Roboto:400,400i,700&subset=latin-ext
Origin: https://thecryptosoft.co

Response headers

date: Tue, 02 Oct 2018 10:29:49 GMT
x-content-type-options: nosniff
last-modified: Mon, 16 Oct 2017 17:32:48 GMT
server: sffe
age: 1713486
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 12352
x-xss-protection: 1; mode=block
expires: Wed, 02 Oct 2019 10:29:49 GMT

GET
H2 200 chart.json Show response
thecryptosoft.co/js/ 45 KB
11 KB 15ms
15ms XHR
application/json 2606:4700:30::681f:52d0
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://thecryptosoft.co/js/chart.json
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/bodymovin/4.10.2/bodymovin_light.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:30::681f:52d0 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 30030c6550721a8212e6f505e42add33ef5bf17a4a2376952b605718993622d3

Request headers

:path: /js/chart.json
pragma: no-cache
cookie: __cfduid=dcc77a3c0b22883fc407f371888f5052a1540189675
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: thecryptosoft.co
referer: https://thecryptosoft.co/de/index.php?xparam=thecryptosoft.co/index.php&campaign=16396&offer_id=10528&aff_id=10122&creative=761&aff_sub4=&aff_sub5=&aff_sub2=5bcd6dea2c822c0d1e45363a&aff_sub3=&goal_id=1008&country_code=DE&aff_sub=int&transaction_id=2f2025ba3fbc6df3e9e54f6764ac185f0ce2ab19&trk_sys_id=1&test=0
:scheme: https
:method: GET
Referer: https://thecryptosoft.co/de/index.php?xparam=thecryptosoft.co/index.php&campaign=16396&offer_id=10528&aff_id=10122&creative=761&aff_sub4=&aff_sub5=&aff_sub2=5bcd6dea2c822c0d1e45363a&aff_sub3=&goal_id=1008&country_code=DE&aff_sub=int&transaction_id=2f2025ba3fbc6df3e9e54f6764ac185f0ce2ab19&trk_sys_id=1&test=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 22 Oct 2018 06:27:55 GMT
content-encoding: gzip
last-modified: Fri, 28 Sep 2018 17:06:55 GMT
server: cloudflare
etag: W/"b583-576f17b91bad1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/json
status: 200
cf-ray: 46d9e69f98d16505-FRA

GET
S 200 modules-c7146390f4566fcf55a3e671d581705a.js Show response
script.hotjar.com/ 400 KB
81 KB 26ms
26ms Script
application/javascript 147.75.205.155
Packet Host

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules-c7146390f4566fcf55a3e671d581705a.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-992185.js?sv=6

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

147.75.205.155 Amsterdam, Netherlands, ASN54825 (PACKET - Packet Host, Inc., US),

Reverse DNS

pkt-ams-k1-12

Software

Resource Hash

175fb7b64fb86a89461f473c87eecd7a5e1b2a62a624c37a4dd9fc7f7e5dd6d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://thecryptosoft.co/de/index.php?xparam=thecryptosoft.co/index.php&campaign=16396&offer_id=10528&aff_id=10122&creative=761&aff_sub4=&aff_sub5=&aff_sub2=5bcd6dea2c822c0d1e45363a&aff_sub3=&goal_id=1008&country_code=DE&aff_sub=int&transaction_id=2f2025ba3fbc6df3e9e54f6764ac185f0ce2ab19&trk_sys_id=1&test=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 22 Oct 2018 06:27:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript
last-modified: Tue, 16 Oct 2018 15:14:18 GMT
etag: W/"c7146390f4566fcf55a3e671d581705a"
status: 200
section-io-origin-status: 200
access-control-allow-origin: *
cache-control: max-age=31536000
section-io-origin-time-seconds: 0.056
accept-ranges: bytes
section-io-id: 8baec4ec46befa6be5b5ffe3409ff531
content-length: 82386

GET
H2 200 rcj-da10bd4908deb9e19dfde013ec3fe4ff.html
vars.hotjar.com/ Frame CE30 0
0 41ms
37ms Document
text/html 147.75.101.25
Packet Host

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/rcj-da10bd4908deb9e19dfde013ec3fe4ff.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-992185.js?sv=6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 147.75.101.25 , Switzerland, ASN54825 (PACKET - Packet Host, Inc., US),
Reverse DNS: pkt-ams-k1-15
Software: /
Resource Hash

Request headers

:method: GET
:authority: vars.hotjar.com
:scheme: https
:path: /rcj-da10bd4908deb9e19dfde013ec3fe4ff.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://thecryptosoft.co/de/index.php?xparam=thecryptosoft.co/index.php&campaign=16396&offer_id=10528&aff_id=10122&creative=761&aff_sub4=&aff_sub5=&aff_sub2=5bcd6dea2c822c0d1e45363a&aff_sub3=&goal_id=1008&country_code=DE&aff_sub=int&transaction_id=2f2025ba3fbc6df3e9e54f6764ac185f0ce2ab19&trk_sys_id=1&test=0
accept-encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://thecryptosoft.co/de/index.php?xparam=thecryptosoft.co/index.php&campaign=16396&offer_id=10528&aff_id=10122&creative=761&aff_sub4=&aff_sub5=&aff_sub2=5bcd6dea2c822c0d1e45363a&aff_sub3=&goal_id=1008&country_code=DE&aff_sub=int&transaction_id=2f2025ba3fbc6df3e9e54f6764ac185f0ce2ab19&trk_sys_id=1&test=0

Response headers

status: 200
date: Mon, 22 Oct 2018 06:27:55 GMT
content-type: text/html
content-length: 857
cache-control: max-age=31536000
last-modified: Fri, 12 Oct 2018 12:42:00 GMT
section-io-origin-status: 200
section-io-origin-time-seconds: 0.051
etag: W/"da10bd4908deb9e19dfde013ec3fe4ff"
content-encoding: gzip
accept-ranges: bytes
section-io-id: 781ba74b64c93a23a9e6d5ce92386590

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Crypto (Crypto Exchange)

52 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.vimeo.com/	1970-01-19 13:21:01	Name: vuid Value: pl763770542.1415234741
			.thecryptosoft.co/	1970-01-19 04:35:25	Name: __cfduid Value: dcc77a3c0b22883fc407f371888f5052a1540189675

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

afarks.com
api.pushnami.com
cdnjs.cloudflare.com
clickeroi.co
fonts.googleapis.com
fonts.gstatic.com
maxcdn.bootstrapcdn.com
player.vimeo.com
script.hotjar.com
static.hotjar.com
thecryptosoft.co
trakyou.net
vars.hotjar.com
www.smotha.com
107.173.103.114
147.75.101.25
147.75.205.155
147.75.33.155
151.101.0.217
185.166.214.145
209.197.3.15
212.32.250.31
2400:cb00:2048:1::6813:c597
2606:4700:30::681f:52d0
2606:4700:30::681f:53d0
2a00:1450:4001:80b::2003
2a00:1450:4001:80b::200a
52.222.161.35
82.165.163.245
006252ba27677f8cb620524557048dd0595df8554a8bf1ea19826c62b97117cb
03117bc8dd3d88792be8957ba55e25159a239af8e4aa05ca3da551403e65bf64
0ac1852801b1722575ef593304c0e73c46211dfd0300c0a3a98d735f77869848
175fb7b64fb86a89461f473c87eecd7a5e1b2a62a624c37a4dd9fc7f7e5dd6d0
1a7d2e036c21353dfa465f4f42d9a770b28f7b9360469f8dc870dccd2d22704e
1be216dbc059d96e288b0c1f399a1a80ee8c65e4c1272dbc4574bd6d23cf45d9
275416be25bf90253653994831aa0b49380e3fd7aad1eedcd10b0f038e93090f
2bf9ed9ba13bb6261155bb9243b13e0ae7af6dab2af6e9681fd4338380938eab
30030c6550721a8212e6f505e42add33ef5bf17a4a2376952b605718993622d3
360ebe904d3d78de5737af2d81cdda55b91495a105f78e4099338cecea2d3737
367778085f446b669d32cac74ec75cd027cd81d2d87aa7dad466060ca206726c
4352380f92ce7f9a4a4a23306b992bed10055dbfffe90987cc72083e583fc280
460ff1ed9072b5faabb115085f410936542cfff0794ab40d87d5a2859f8c6fc8
4a7e7387d92ba9eb6f45d83ab0448ca8006a487c4bee4e03cb32c62acb0d59e0
4df3a38ff0d0e0c0cbea528e4c1c64d669a893aa6d4fae1e89e0f9bb3a607de5
4ec510234b7ed3071de63194849e835b477d8b606078aaa9f53f7053f74f4745
503f6b2b25fff73304458fb3f66c3dd36ecf79def1dff067e99343ba5d949f60
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
53a38379592286cea290cd5315d36768edf6640aff3169573517fe82541e5a0a
545fca1523bbb378bd9cb8ddd522b88623a512fb31e074402fd4d942de0c5354
564e269c73b49b3d3d89bb2b9698a06554ddb8961aa12e61eb56efe42c44070c
64565561ddb338a11ffce5b84aa53fa6e8fd203c34208e61eb5602cd08bf527f
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
794e36b946325d7b25d38b79bce1eb2c6fcc8f6bfffb4dded0afa409e624c988
82c4a6094ab68441807b074e703011c25c88e1fca0c8351cd7db63cb5e95ecbc
86e1bd591516b78418106aedf9b3eb43d87f23a28490ecb3fda8b54176b4a095
8a2af45502d9ea2e2275998053cf6330ea9cd536db44fa9f068171c9df075a0c
8affc0a9c6a2bbd75e381c55535e47dc30a7d342be7d420d28eef757d570fcc7
95775ba8072e248248f65eda894dd125929bb285647befd191e7a11a84246ec9
985b0ddac926d9601a27817b8400fe3ad8ae96d1b70df181087b582b4c241a37
a319525d284a6601f494a8c32f74f8fdc2ec75cb1d5fda04b774dac68d15dc5a
a48fca23f43035e4c0c9c93b3b27ef605b013789427ac71fc9b585256155f0a5
a86c59d598a0a6a0358c6dc9bd3c96f6c7c38e6ad07eac0de5be0a1d1f8ab427
b26aeae0358626b11f7315dd8bf3b6ffa1c5513e6e0bdf88087908edf1a601c4
b684e033e8312d8a860d29662826a9e00ee8ee2ffc77b10789c89b00ff527a85
b6beba1aca963ee004973a6dd4c0d00229d83b97547d5855c97a49bc3d46c3b2
c1c1494e06df0b23bf7153f95b127046661d3abe014af2f9013c256470c19013
c85d802e7d8f08e692bb4102cb932684279ca2753a79e9818575ca43b3ee7208
ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5
f0c43442964268f98c0fbf77145dbab4a9bb34092c81ba66b67f7357b3b16784
f7c386915e39d8a925fe10d15744a9da95ac8f90423e12728e7fc3c5e34f4559
f8759b4002b5d3273049eca7e9ba054fa587f34a624a4f401f712a5596803f6a
fa5e74a36d3099066bee6e02e0656b880627a6a1a491c88014ec4af584ff6417
fcb1645b5b3fee035cbcde0d7b847022b60ca4fa6b1f3b7665a35337707fca94

thecryptosoft.co Open in urlscan Pro 2606:4700:30::681f:52d0 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

45 Requests

93 %HTTPS

33 %IPv6

12 Domains

14 Subdomains

13 IPs

6 Countries

396 kBTransfer

1211 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

45 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

thecryptosoft.co Open in urlscan Pro
2606:4700:30::681f:52d0 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

45
Requests

93 %
HTTPS

33 %
IPv6

12
Domains

14
Subdomains

13
IPs

6
Countries

396 kB
Transfer

1211 kB
Size

2
Cookies

45 HTTP transactions
1 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!