thecryptosoft.co Open in urlscan Pro
104.28.27.151 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://unite.justimedia.com/ga/click/2-38901010-1155-10566-20149-10517-1d1c250855-333df8108b/
Effective URL:
http://thecryptosoft.co/fi/index.php?xparam=thecryptosoft.co/fi/index.php&campaign=2250&offer_id=10334&aff_id=10080&crea...
Submission: On June 11 via manual (June 11th 2018, 1:13:06 pm UTC) from CA

Summary HTTP 39 Redirects Behaviour Indicators

Summary

This website contacted 10 IPs in 4 countries across 11 domains to perform 39 HTTP transactions. The main IP is 104.28.27.151, located in San Francisco, United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is thecryptosoft.co.

This is the only time thecryptosoft.co was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Crypto (Crypto Exchange)

Domain & IP information

	IP Address	AS Autonomous System
1 1	212.129.63.91 212.129.63.91	12876 (AS12876) (AS12876)
1 1	78.128.99.25 78.128.99.25	203380 (DAINTERNA...) (DAINTERNATIONALGROUP)
1 1	185.92.223.111 185.92.223.111	20473 (AS-CHOOPA) (AS-CHOOPA - Choopa)
1 1	104.27.160.106 104.27.160.106	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	104.28.27.151 104.28.27.151	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	209.197.3.15 209.197.3.15	20446 (HIGHWINDS3) (HIGHWINDS3 - Highwinds Network Group)
24	104.28.26.151 104.28.26.151	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
3	104.19.196.151 104.19.196.151	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
2	151.101.128.217 151.101.128.217	54113 (FASTLY) (FASTLY - Fastly)
1	172.217.22.10 172.217.22.10	15169 (GOOGLE) (GOOGLE - Google LLC)
1	172.217.23.138 172.217.23.138	15169 (GOOGLE) (GOOGLE - Google LLC)
5	172.217.22.3 172.217.22.3	15169 (GOOGLE) (GOOGLE - Google LLC)
1	104.20.54.119 104.20.54.119	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
39	10

1 212.129.63.91 (France) 1 redirects

ASN12876 (AS12876, FR)
PTR: r13.newlogodesign.justimedia.com

unite.justimedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 78.128.99.25 (Sofia, Bulgaria) 1 redirects

ASN203380 (DAINTERNATIONALGROUP, GB)

life.dbestcollegesect.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.92.223.111 (Amsterdam, Netherlands) 1 redirects

ASN20473 (AS-CHOOPA - Choopa, LLC, US)
PTR: 185.92.223.111.vultr.com

trakclk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.27.160.106 (San Francisco, United States) 1 redirects

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

www.rolnk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.28.27.151 (San Francisco, United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

thecryptosoft.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 209.197.3.15 (Phoenix, United States)

ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)
PTR: vip0x00f.map2.ssl.hwcdn.net

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 104.28.26.151 (San Francisco, United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

thecryptosoft.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.19.196.151 (San Francisco, United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.128.217 (San Francisco, United States)

ASN54113 (FASTLY - Fastly, US)

player.vimeo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.22.10 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s14-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.23.138 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s18-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 172.217.22.3 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s14-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.20.54.119 (San Francisco, United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

cdn.pushcrew.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
25	thecryptosoft.co thecryptosoft.co	164 KB
5	gstatic.com fonts.gstatic.com	147 KB
3	cloudflare.com cdnjs.cloudflare.com	80 KB
2	googleapis.com fonts.googleapis.com	1 KB
2	vimeo.com player.vimeo.com	6 KB
1	pushcrew.com cdn.pushcrew.com	59 KB
1	bootstrapcdn.com maxcdn.bootstrapcdn.com	7 KB
1	rolnk.com 1 redirects www.rolnk.com	1 KB
1	trakclk.com 1 redirects trakclk.com	886 B
1	dbestcollegesect.com 1 redirects life.dbestcollegesect.com	282 B
1	justimedia.com 1 redirects unite.justimedia.com	703 B
39	11

	Domain	Requested by
25	thecryptosoft.co	thecryptosoft.co cdnjs.cloudflare.com
5	fonts.gstatic.com	thecryptosoft.co
3	cdnjs.cloudflare.com	thecryptosoft.co
2	fonts.googleapis.com	thecryptosoft.co
2	player.vimeo.com	thecryptosoft.co
1	cdn.pushcrew.com	thecryptosoft.co
1	maxcdn.bootstrapcdn.com	thecryptosoft.co
1	www.rolnk.com	1 redirects
1	trakclk.com	1 redirects
1	life.dbestcollegesect.com	1 redirects
1	unite.justimedia.com	1 redirects
39	11

This site contains no links.

Subject Issuer	Validity	Valid
*.vimeo.com DigiCert SHA2 Secure Server CA	`2017-01-03` - `2020-03-20`	3 years	crt.sh

This page contains 2 frames:

Primary Page: http://thecryptosoft.co/fi/index.php?xparam=thecryptosoft.co/fi/index.php&campaign=2250&offer_id=10334&aff_id=10080&creative=498&aff_sub4=&aff_sub5=&aff_sub2=5b1a691a034e912369&aff_sub3=&goal_id=1008&country_code=DE&entity=pac&aff_sub=&transaction_id=80fe1b1b6f6864e96ea97872aab7f24bbfde8869&trk_sys_id=1&test=0
Frame ID: 2C8F686A6227EDDCBD262A1255687FEC
Requests: 39 HTTP requests in this frame

Frame: https://player.vimeo.com/video/244324495?loop=0&background=1&title=0&byline=0&portrait=0
Frame ID: 52885893FC27210668B72436DACC9D93
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://unite.justimedia.com/ga/click/2-38901010-1155-10566-20149-10517-1d1c250855-333df8108b/ HTTP 302
http://life.dbestcollegesect.com/hitsurveys/survey?uid=12&offerid=369&source=lb88139&subid=FICCC&off_id=user@... HTTP 302
https://trakclk.com/?a=80&c=498&entity=pac&s1=&s2=5b1a691a034e912369 HTTP 302
http://www.rolnk.com/c_c?url=thecryptosoft.co/fi/index.php&aff_id=80&offer_id=334&aff_sub=&aff_su... HTTP 302
http://thecryptosoft.co/fi/index.php?xparam=thecryptosoft.co/fi/index.php&campaign=2250&offer_id=103... Page URL

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /cloudflare/i

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+font-awesome(?:\.min)?\.css/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
script /jquery.*\.js/i
env /^jQuery$/i

Twitter Bootstrap () Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]+bootstrap(?:\.min)?\.css/i

Page Statistics

39
Requests

3 %
HTTPS

0 %
IPv6

11
Domains

11
Subdomains

10
IPs

4
Countries

464 kB
Transfer

1167 kB
Size

4
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://unite.justimedia.com/ga/click/2-38901010-1155-10566-20149-10517-1d1c250855-333df8108b/ HTTP 302
http://life.dbestcollegesect.com/hitsurveys/survey?uid=12&offerid=369&source=lb88139&subid=FICCC&off_id=user@example.com HTTP 302
https://trakclk.com/?a=80&c=498&entity=pac&s1=&s2=5b1a691a034e912369 HTTP 302
http://www.rolnk.com/c_c?url=thecryptosoft.co/fi/index.php&aff_id=80&offer_id=334&aff_sub=&aff_sub2=5b1a691a034e912369&aff_sub3=&aff_sub4=&aff_sub5=&reqid=1623543&goal_id=1008&campaign=2250&creative=498&xparam=thecryptosoft.co/fi/index.php&entity=pac HTTP 302
http://thecryptosoft.co/fi/index.php?xparam=thecryptosoft.co/fi/index.php&campaign=2250&offer_id=10334&aff_id=10080&creative=498&aff_sub4=&aff_sub5=&aff_sub2=5b1a691a034e912369&aff_sub3=&goal_id=1008&country_code=DE&entity=pac&aff_sub=&transaction_id=80fe1b1b6f6864e96ea97872aab7f24bbfde8869&trk_sys_id=1&test=0 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

39 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request

Cookie set index.php Show response
thecryptosoft.co/fi/
Redirect Chain

http://unite.justimedia.com/ga/click/2-38901010-1155-10566-20149-10517-1d1c250855-333df8108b/
http://life.dbestcollegesect.com/hitsurveys/survey?uid=12&offerid=369&source=lb88139&subid=FICCC&off_id=user@example.com
https://trakclk.com/?a=80&c=498&entity=pac&s1=&s2=5b1a691a034e912369
http://www.rolnk.com/c_c?url=thecryptosoft.co/fi/index.php&aff_id=80&offer_id=334&aff_sub=&aff_sub2=5b1a691a034e912369&aff_sub3=&aff_sub4=&aff_sub5=&reqid=1623543&goal_id=1008&campaign=2250&creativ...
http://thecryptosoft.co/fi/index.php?xparam=thecryptosoft.co/fi/index.php&campaign=2250&offer_id=10334&aff_id=10080&creative=498&aff_sub4=&aff_sub5=&aff_sub2=5b1a691a034e912369&aff_sub3=&goal_id=10...

33 KB
11 KB

337ms
319ms

Document
text/html

104.28.27.151
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://thecryptosoft.co/fi/index.php?xparam=thecryptosoft.co/fi/index.php&campaign=2250&offer_id=10334&aff_id=10080&creative=498&aff_sub4=&aff_sub5=&aff_sub2=5b1a691a034e912369&aff_sub3=&goal_id=1008&country_code=DE&entity=pac&aff_sub=&transaction_id=80fe1b1b6f6864e96ea97872aab7f24bbfde8869&trk_sys_id=1&test=0
Protocol: HTTP/1.1
Server: 104.28.27.151 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / PHP/7.2.6
Resource Hash: 9f0e60e88f7cfb82f25139e200d166ed4dfebe3a448cf0fa5a832ffa1820902a

Request headers

Host: thecryptosoft.co
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: 2C8F686A6227EDDCBD262A1255687FEC

Response headers

Date: Mon, 11 Jun 2018 13:12:52 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __cfduid=d047ca9acc5700cc111e818cc267c462e1528722772; expires=Tue, 11-Jun-19 13:12:52 GMT; path=/; domain=.thecryptosoft.co; HttpOnly snaptid=web0; path=/
X-Powered-By: PHP/7.2.6
Server: cloudflare
CF-RAY: 429454efa6a464b1-FRA
Content-Encoding: gzip

Redirect headers

Date: Mon, 11 Jun 2018 13:12:52 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __cfduid=d730084cc550548fb5e1dd51c5ed579361528722770; expires=Tue, 11-Jun-19 13:12:50 GMT; path=/; domain=.rolnk.com; HttpOnly redirect_url="2|1:0|10:1528722757|12:redirect_url|416:aHR0cDovL3RoZWNyeXB0b3NvZnQuY28vZmkvaW5kZXgucGhwP3hwYXJhbT10aGVjcnlwdG9zb2Z0LmNvL2ZpL2luZGV4LnBocCZjYW1wYWlnbj0yMjUwJm9mZmVyX2lkPTEwMzM0JmFmZl9pZD0xMDA4MCZjcmVhdGl2ZT00OTgmYWZmX3N1YjQ9JmFmZl9zdWI1PSZhZmZfc3ViMj01YjFhNjkxYTAzNGU5MTIzNjkmYWZmX3N1YjM9JmdvYWxfaWQ9MTAwOCZjb3VudHJ5X2NvZGU9REUmZW50aXR5PXBhYyZhZmZfc3ViPSZ0cmFuc2FjdGlvbl9pZD04MGZlMWIxYjZmNjg2NGU5NmVhOTc4NzJhYWI3ZjI0YmJmZGU4ODY5JnRya19zeXNfaWQ9MSZ0ZXN0PTA=|426bf7fd1228e8440703bb7da5279e72e027cc27365579bc4c537aba270b89bc"; expires=Wed, 11 Jul 2018 13:12:37 GMT; Path=/ click_time="2|1:0|10:1528722757|10:click_time|16:MTUyODcyMjc1Nw==|7e134b448afae05397ca073845bc520558758715f4f0b7fbb59ec4ac8e2e8279"; expires=Wed, 11 Jul 2018 13:12:37 GMT; Path=/
Location: http://thecryptosoft.co/fi/index.php?xparam=thecryptosoft.co/fi/index.php&campaign=2250&offer_id=10334&aff_id=10080&creative=498&aff_sub4=&aff_sub5=&aff_sub2=5b1a691a034e912369&aff_sub3=&goal_id=1008&country_code=DE&entity=pac&aff_sub=&transaction_id=80fe1b1b6f6864e96ea97872aab7f24bbfde8869&trk_sys_id=1&test=0
Server: cloudflare
CF-RAY: 429454e1850f641b-FRA

GET
H/1.1 200
OK font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/ 27 KB
7 KB 20ms
7ms Stylesheet
text/css 209.197.3.15
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css
Requested by: Host: thecryptosoft.co
URL: http://thecryptosoft.co/fi/index.php?xparam=thecryptosoft.co/fi/index.php&campaign=2250&offer_id=10334&aff_id=10080&creative=498&aff_sub4=&aff_sub5=&aff_sub2=5b1a691a034e912369&aff_sub3=&goal_id=1008&country_code=DE&entity=pac&aff_sub=&transaction_id=80fe1b1b6f6864e96ea97872aab7f24bbfde8869&trk_sys_id=1&test=0
Protocol: HTTP/1.1
Server: 209.197.3.15 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS: vip0x00f.map2.ssl.hwcdn.net
Software: /
Resource Hash: ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5

Request headers

Referer: http://thecryptosoft.co/fi/index.php?xparam=thecryptosoft.co/fi/index.php&campaign=2250&offer_id=10334&aff_id=10080&creative=498&aff_sub4=&aff_sub5=&aff_sub2=5b1a691a034e912369&aff_sub3=&goal_id=1008&country_code=DE&entity=pac&aff_sub=&transaction_id=80fe1b1b6f6864e96ea97872aab7f24bbfde8869&trk_sys_id=1&test=0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Mon, 11 Jun 2018 13:12:52 GMT
Content-Encoding: gzip
Last-Modified: Sat, 17 Feb 2018 21:46:17 GMT
Connection: Keep-Alive
ETag: "1518903977"
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
X-Hello-Human: Say hello back! @getBootstrapCDN on Twitter
Accept-Ranges: bytes
Content-Length: 6241

GET
H/1.1 200
OK bootstrap.css
thecryptosoft.co/css/ 144 KB
21 KB 27ms
20ms Stylesheet
text/css 104.28.26.151
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://thecryptosoft.co/css/bootstrap.css
Requested by: Host: thecryptosoft.co
URL: http://thecryptosoft.co/fi/index.php?xparam=thecryptosoft.co/fi/index.php&campaign=2250&offer_id=10334&aff_id=10080&creative=498&aff_sub4=&aff_sub5=&aff_sub2=5b1a691a034e912369&aff_sub3=&goal_id=1008&country_code=DE&entity=pac&aff_sub=&transaction_id=80fe1b1b6f6864e96ea97872aab7f24bbfde8869&trk_sys_id=1&test=0
Protocol: HTTP/1.1
Server: 104.28.26.151 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: fcb1645b5b3fee035cbcde0d7b847022b60ca4fa6b1f3b7665a35337707fca94

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: thecryptosoft.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://thecryptosoft.co/fi/index.php?xparam=thecryptosoft.co/fi/index.php&campaign=2250&offer_id=10334&aff_id=10080&creative=498&aff_sub4=&aff_sub5=&aff_sub2=5b1a691a034e912369&aff_sub3=&goal_id=1008&country_code=DE&entity=pac&aff_sub=&transaction_id=80fe1b1b6f6864e96ea97872aab7f24bbfde8869&trk_sys_id=1&test=0
Cookie: __cfduid=d047ca9acc5700cc111e818cc267c462e1528722772; snaptid=web0
Connection: keep-alive
Cache-Control: no-cache
Referer: http://thecryptosoft.co/fi/index.php?xparam=thecryptosoft.co/fi/index.php&campaign=2250&offer_id=10334&aff_id=10080&creative=498&aff_sub4=&aff_sub5=&aff_sub2=5b1a691a034e912369&aff_sub3=&goal_id=1008&country_code=DE&entity=pac&aff_sub=&transaction_id=80fe1b1b6f6864e96ea97872aab7f24bbfde8869&trk_sys_id=1&test=0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Mon, 11 Jun 2018 13:12:52 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Last-Modified: Tue, 22 May 2018 13:34:09 GMT
Server: cloudflare
ETag: W/"23ea2-56ccb791c073e"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: public, max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 429454f1b0026499-FRA
Expires: Mon, 11 Jun 2018 17:12:52 GMT

GET
H/1.1 200
OK layout.css
thecryptosoft.co/css/ 10 KB
3 KB 2575ms
2568ms Stylesheet
text/css 104.28.26.151
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://thecryptosoft.co/css/layout.css
Requested by: Host: thecryptosoft.co
URL: http://thecryptosoft.co/fi/index.php?xparam=thecryptosoft.co/fi/index.php&campaign=2250&offer_id=10334&aff_id=10080&creative=498&aff_sub4=&aff_sub5=&aff_sub2=5b1a691a034e912369&aff_sub3=&goal_id=1008&country_code=DE&entity=pac&aff_sub=&transaction_id=80fe1b1b6f6864e96ea97872aab7f24bbfde8869&trk_sys_id=1&test=0
Protocol: HTTP/1.1
Server: 104.28.26.151 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 460ff1ed9072b5faabb115085f410936542cfff0794ab40d87d5a2859f8c6fc8

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: thecryptosoft.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://thecryptosoft.co/fi/index.php?xparam=thecryptosoft.co/fi/index.php&campaign=2250&offer_id=10334&aff_id=10080&creative=498&aff_sub4=&aff_sub5=&aff_sub2=5b1a691a034e912369&aff_sub3=&goal_id=1008&country_code=DE&entity=pac&aff_sub=&transaction_id=80fe1b1b6f6864e96ea97872aab7f24bbfde8869&trk_sys_id=1&test=0
Cookie: __cfduid=d047ca9acc5700cc111e818cc267c462e1528722772; snaptid=web0
Connection: keep-alive
Cache-Control: no-cache
Referer: http://thecryptosoft.co/fi/index.php?xparam=thecryptosoft.co/fi/index.php&campaign=2250&offer_id=10334&aff_id=10080&creative=498&aff_sub4=&aff_sub5=&aff_sub2=5b1a691a034e912369&aff_sub3=&goal_id=1008&country_code=DE&entity=pac&aff_sub=&transaction_id=80fe1b1b6f6864e96ea97872aab7f24bbfde8869&trk_sys_id=1&test=0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Mon, 11 Jun 2018 13:12:55 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Last-Modified: Tue, 22 May 2018 13:34:09 GMT
Server: cloudflare
ETag: W/"2638-56ccb791c073e"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: public, max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 429454f1b18c64e1-FRA
Expires: Mon, 11 Jun 2018 17:12:55 GMT

GET
H/1.1 200
OK main.css
thecryptosoft.co/css/ 17 KB
5 KB 24ms
18ms Stylesheet
text/css 104.28.26.151
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://thecryptosoft.co/css/main.css?v=5
Requested by: Host: thecryptosoft.co
URL: http://thecryptosoft.co/fi/index.php?xparam=thecryptosoft.co/fi/index.php&campaign=2250&offer_id=10334&aff_id=10080&creative=498&aff_sub4=&aff_sub5=&aff_sub2=5b1a691a034e912369&aff_sub3=&goal_id=1008&country_code=DE&entity=pac&aff_sub=&transaction_id=80fe1b1b6f6864e96ea97872aab7f24bbfde8869&trk_sys_id=1&test=0
Protocol: HTTP/1.1
Server: 104.28.26.151 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 02e503d973a179ab808a8b3b81df31e9f8560eeffa0a783b1607b2d9958f5259

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: thecryptosoft.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://thecryptosoft.co/fi/index.php?xparam=thecryptosoft.co/fi/index.php&campaign=2250&offer_id=10334&aff_id=10080&creative=498&aff_sub4=&aff_sub5=&aff_sub2=5b1a691a034e912369&aff_sub3=&goal_id=1008&country_code=DE&entity=pac&aff_sub=&transaction_id=80fe1b1b6f6864e96ea97872aab7f24bbfde8869&trk_sys_id=1&test=0
Cookie: __cfduid=d047ca9acc5700cc111e818cc267c462e1528722772; snaptid=web0
Connection: keep-alive
Cache-Control: no-cache
Referer: http://thecryptosoft.co/fi/index.php?xparam=thecryptosoft.co/fi/index.php&campaign=2250&offer_id=10334&aff_id=10080&creative=498&aff_sub4=&aff_sub5=&aff_sub2=5b1a691a034e912369&aff_sub3=&goal_id=1008&country_code=DE&entity=pac&aff_sub=&transaction_id=80fe1b1b6f6864e96ea97872aab7f24bbfde8869&trk_sys_id=1&test=0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Mon, 11 Jun 2018 13:12:52 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Last-Modified: Tue, 22 May 2018 13:34:09 GMT
Server: cloudflare
ETag: W/"4326-56ccb791c073e"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: public, max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 429454f1b35497da-FRA
Expires: Mon, 11 Jun 2018 17:12:52 GMT

GET
S 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/ 95 KB
33 KB 10ms
9ms Script
application/javascript 104.19.196.151
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/jquery.min.js

Requested by

Host: thecryptosoft.co
URL: http://thecryptosoft.co/fi/index.php?xparam=thecryptosoft.co/fi/index.php&campaign=2250&offer_id=10334&aff_id=10080&creative=498&aff_sub4=&aff_sub5=&aff_sub2=5b1a691a034e912369&aff_sub3=&goal_id=1008&country_code=DE&entity=pac&aff_sub=&transaction_id=80fe1b1b6f6864e96ea97872aab7f24bbfde8869&trk_sys_id=1&test=0

Protocol

SPDY

Server

104.19.196.151 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: http://thecryptosoft.co/fi/index.php?xparam=thecryptosoft.co/fi/index.php&campaign=2250&offer_id=10334&aff_id=10080&creative=498&aff_sub4=&aff_sub5=&aff_sub2=5b1a691a034e912369&aff_sub3=&goal_id=1008&country_code=DE&entity=pac&aff_sub=&transaction_id=80fe1b1b6f6864e96ea97872aab7f24bbfde8869&trk_sys_id=1&test=0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date: Mon, 11 Jun 2018 13:12:52 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 22 Jun 2016 14:42:33 GMT
server: cloudflare
status: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
strict-transport-security: max-age=15780000; includeSubDomains
cf-ray: 429454f1abc6977a-FRA
expires: Sat, 01 Jun 2019 13:12:52 GMT

GET
H/1.1 200
OK crazypopup.css
thecryptosoft.co/css/ 1 KB
991 B 21ms
15ms Stylesheet
text/css 104.28.26.151
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://thecryptosoft.co/css/crazypopup.css
Requested by: Host: thecryptosoft.co
URL: http://thecryptosoft.co/fi/index.php?xparam=thecryptosoft.co/fi/index.php&campaign=2250&offer_id=10334&aff_id=10080&creative=498&aff_sub4=&aff_sub5=&aff_sub2=5b1a691a034e912369&aff_sub3=&goal_id=1008&country_code=DE&entity=pac&aff_sub=&transaction_id=80fe1b1b6f6864e96ea97872aab7f24bbfde8869&trk_sys_id=1&test=0
Protocol: HTTP/1.1
Server: 104.28.26.151 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2ce27753b05a3987df859e9a7a04f02ed0e42cc395df23fefbd208565d056278

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: thecryptosoft.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://thecryptosoft.co/fi/index.php?xparam=thecryptosoft.co/fi/index.php&campaign=2250&offer_id=10334&aff_id=10080&creative=498&aff_sub4=&aff_sub5=&aff_sub2=5b1a691a034e912369&aff_sub3=&goal_id=1008&country_code=DE&entity=pac&aff_sub=&transaction_id=80fe1b1b6f6864e96ea97872aab7f24bbfde8869&trk_sys_id=1&test=0
Cookie: __cfduid=d047ca9acc5700cc111e818cc267c462e1528722772; snaptid=web0
Connection: keep-alive
Cache-Control: no-cache
Referer: http://thecryptosoft.co/fi/index.php?xparam=thecryptosoft.co/fi/index.php&campaign=2250&offer_id=10334&aff_id=10080&creative=498&aff_sub4=&aff_sub5=&aff_sub2=5b1a691a034e912369&aff_sub3=&goal_id=1008&country_code=DE&entity=pac&aff_sub=&transaction_id=80fe1b1b6f6864e96ea97872aab7f24bbfde8869&trk_sys_id=1&test=0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Mon, 11 Jun 2018 13:12:52 GMT
Via: 1.1 varnish-v4
CF-Cache-Status: HIT
Last-Modified: Tue, 22 May 2018 13:34:09 GMT
Server: cloudflare
ETag: W/"5b8-56ccb791c073e"
Vary: Accept-Encoding
X-Varnish: 295148
Content-Type: text/css
Content-Encoding: gzip
Cache-Control: public, max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 429454f1b18497ce-FRA
Expires: Mon, 11 Jun 2018 17:12:52 GMT

GET
H/1.1 200
OK loading-bar.css
thecryptosoft.co/css/ 4 KB
1 KB 20ms
14ms Stylesheet
text/css 104.28.26.151
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://thecryptosoft.co/css/loading-bar.css?v=3
Requested by: Host: thecryptosoft.co
URL: http://thecryptosoft.co/fi/index.php?xparam=thecryptosoft.co/fi/index.php&campaign=2250&offer_id=10334&aff_id=10080&creative=498&aff_sub4=&aff_sub5=&aff_sub2=5b1a691a034e912369&aff_sub3=&goal_id=1008&country_code=DE&entity=pac&aff_sub=&transaction_id=80fe1b1b6f6864e96ea97872aab7f24bbfde8869&trk_sys_id=1&test=0
Protocol: HTTP/1.1
Server: 104.28.26.151 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1a7d2e036c21353dfa465f4f42d9a770b28f7b9360469f8dc870dccd2d22704e

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: thecryptosoft.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://thecryptosoft.co/fi/index.php?xparam=thecryptosoft.co/fi/index.php&campaign=2250&offer_id=10334&aff_id=10080&creative=498&aff_sub4=&aff_sub5=&aff_sub2=5b1a691a034e912369&aff_sub3=&goal_id=1008&country_code=DE&entity=pac&aff_sub=&transaction_id=80fe1b1b6f6864e96ea97872aab7f24bbfde8869&trk_sys_id=1&test=0
Cookie: __cfduid=d047ca9acc5700cc111e818cc267c462e1528722772; snaptid=web0
Connection: keep-alive
Cache-Control: no-cache
Referer: http://thecryptosoft.co/fi/index.php?xparam=thecryptosoft.co/fi/index.php&campaign=2250&offer_id=10334&aff_id=10080&creative=498&aff_sub4=&aff_sub5=&aff_sub2=5b1a691a034e912369&aff_sub3=&goal_id=1008&country_code=DE&entity=pac&aff_sub=&transaction_id=80fe1b1b6f6864e96ea97872aab7f24bbfde8869&trk_sys_id=1&test=0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Mon, 11 Jun 2018 13:12:52 GMT
Via: 1.1 varnish-v4
CF-Cache-Status: HIT
Last-Modified: Tue, 22 May 2018 13:34:09 GMT
Server: cloudflare
ETag: W/"e93-56ccb791c073e"
Vary: Accept-Encoding
X-Varnish: 361108
Content-Type: text/css
Content-Encoding: gzip
Cache-Control: public, max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 429454f1b63b97e0-FRA
Expires: Mon, 11 Jun 2018 17:12:52 GMT

GET
H/1.1 200
OK 1ststep.css
thecryptosoft.co/css/ 4 KB
2 KB 38ms
18ms Stylesheet
text/css 104.28.26.151
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://thecryptosoft.co/css/1ststep.css
Requested by: Host: thecryptosoft.co
URL: http://thecryptosoft.co/fi/index.php?xparam=thecryptosoft.co/fi/index.php&campaign=2250&offer_id=10334&aff_id=10080&creative=498&aff_sub4=&aff_sub5=&aff_sub2=5b1a691a034e912369&aff_sub3=&goal_id=1008&country_code=DE&entity=pac&aff_sub=&transaction_id=80fe1b1b6f6864e96ea97872aab7f24bbfde8869&trk_sys_id=1&test=0
Protocol: HTTP/1.1
Server: 104.28.26.151 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 564e269c73b49b3d3d89bb2b9698a06554ddb8961aa12e61eb56efe42c44070c

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: thecryptosoft.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://thecryptosoft.co/fi/index.php?xparam=thecryptosoft.co/fi/index.php&campaign=2250&offer_id=10334&aff_id=10080&creative=498&aff_sub4=&aff_sub5=&aff_sub2=5b1a691a034e912369&aff_sub3=&goal_id=1008&country_code=DE&entity=pac&aff_sub=&transaction_id=80fe1b1b6f6864e96ea97872aab7f24bbfde8869&trk_sys_id=1&test=0
Cookie: __cfduid=d047ca9acc5700cc111e818cc267c462e1528722772; snaptid=web0
Connection: keep-alive
Cache-Control: no-cache
Referer: http://thecryptosoft.co/fi/index.php?xparam=thecryptosoft.co/fi/index.php&campaign=2250&offer_id=10334&aff_id=10080&creative=498&aff_sub4=&aff_sub5=&aff_sub2=5b1a691a034e912369&aff_sub3=&goal_id=1008&country_code=DE&entity=pac&aff_sub=&transaction_id=80fe1b1b6f6864e96ea97872aab7f24bbfde8869&trk_sys_id=1&test=0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Mon, 11 Jun 2018 13:12:52 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Last-Modified: Tue, 22 May 2018 13:34:09 GMT
Server: cloudflare
ETag: W/"f77-56ccb791c073e"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: public, max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 429454f1c64797e0-FRA
Expires: Mon, 11 Jun 2018 17:12:52 GMT

GET
H/1.1 200
OK cryptosoft_logo_hrt_greyscale.svg
thecryptosoft.co/images/ 3 KB
1 KB 8ms
8ms Image
image/svg+xml 104.28.26.151
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://thecryptosoft.co/images/cryptosoft_logo_hrt_greyscale.svg
Requested by: Host: thecryptosoft.co
URL: http://thecryptosoft.co/fi/index.php?xparam=thecryptosoft.co/fi/index.php&campaign=2250&offer_id=10334&aff_id=10080&creative=498&aff_sub4=&aff_sub5=&aff_sub2=5b1a691a034e912369&aff_sub3=&goal_id=1008&country_code=DE&entity=pac&aff_sub=&transaction_id=80fe1b1b6f6864e96ea97872aab7f24bbfde8869&trk_sys_id=1&test=0
Protocol: HTTP/1.1
Server: 104.28.26.151 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: b6beba1aca963ee004973a6dd4c0d00229d83b97547d5855c97a49bc3d46c3b2

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: thecryptosoft.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://thecryptosoft.co/fi/index.php?xparam=thecryptosoft.co/fi/index.php&campaign=2250&offer_id=10334&aff_id=10080&creative=498&aff_sub4=&aff_sub5=&aff_sub2=5b1a691a034e912369&aff_sub3=&goal_id=1008&country_code=DE&entity=pac&aff_sub=&transaction_id=80fe1b1b6f6864e96ea97872aab7f24bbfde8869&trk_sys_id=1&test=0
Cookie: __cfduid=d047ca9acc5700cc111e818cc267c462e1528722772; snaptid=web0
Connection: keep-alive
Cache-Control: no-cache
Referer: http://thecryptosoft.co/fi/index.php?xparam=thecryptosoft.co/fi/index.php&campaign=2250&offer_id=10334&aff_id=10080&creative=498&aff_sub4=&aff_sub5=&aff_sub2=5b1a691a034e912369&aff_sub3=&goal_id=1008&country_code=DE&entity=pac&aff_sub=&transaction_id=80fe1b1b6f6864e96ea97872aab7f24bbfde8869&trk_sys_id=1&test=0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Mon, 11 Jun 2018 13:12:52 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Last-Modified: Tue, 22 May 2018 13:34:09 GMT
Server: cloudflare
ETag: W/"ae8-56ccb791c2296"
Vary: Accept-Encoding
Content-Type: image/svg+xml
Cache-Control: public, max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 429454f1f65a97e0-FRA
Expires: Mon, 11 Jun 2018 17:12:52 GMT

GET
H/1.1 200
OK player.js Show response
player.vimeo.com/api/ 16 KB
6 KB 7ms
7ms Script
application/javascript 151.101.128.217
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://player.vimeo.com/api/player.js

Requested by

Protocol

HTTP/1.1

Server

151.101.128.217 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

nginx /

Resource Hash

cb02cf16f2c60cf033f48f0096e5086a1e9b6ac881cf5086bdd84b7aaac8605b

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; style-src 'unsafe-inline'
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://thecryptosoft.co/fi/index.php?xparam=thecryptosoft.co/fi/index.php&campaign=2250&offer_id=10334&aff_id=10080&creative=498&aff_sub4=&aff_sub5=&aff_sub2=5b1a691a034e912369&aff_sub3=&goal_id=1008&country_code=DE&entity=pac&aff_sub=&transaction_id=80fe1b1b6f6864e96ea97872aab7f24bbfde8869&trk_sys_id=1&test=0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

X-Varnish-Cache: 0
Content-Security-Policy: default-src 'none'; style-src 'unsafe-inline'
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 256
X-Cache: HIT, HIT
P3p: CP="This is not a P3P policy! See https://vimeo.com/privacy"
Connection: keep-alive
X-VServer: infra-playproxy-a-3
Content-Length: 5389
X-Xss-Protection: 1; mode=block
X-Served-By: cache-iad2124-IAD, cache-hhn1549-HHN
Access-Control-Allow-Origin: *
Expires: Mon, 11 Jun 2018 13:38:36 GMT
Server: nginx
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
X-Timer: S1528722773.790381,VS0,VE0
Date: Mon, 11 Jun 2018 13:12:52 GMT
Strict-Transport-Security: max-age=15552000; includeSubDomains; preload
Content-Type: application/javascript;charset=utf-8
Via: 1.1 varnish, 1.1 varnish, 1.1 varnish
Vary: Accept-Encoding
X-Vimeo-DC: ge
Accept-Ranges: bytes
X-Cache-Hits: 1, 378

GET
H/1.1 200
OK icon_exceptionalsoftware_white.svg
thecryptosoft.co/images/icons/ 832 B
825 B 14ms
13ms Image
image/svg+xml 104.28.26.151
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://thecryptosoft.co/images/icons/icon_exceptionalsoftware_white.svg
Requested by: Host: thecryptosoft.co
URL: http://thecryptosoft.co/fi/index.php?xparam=thecryptosoft.co/fi/index.php&campaign=2250&offer_id=10334&aff_id=10080&creative=498&aff_sub4=&aff_sub5=&aff_sub2=5b1a691a034e912369&aff_sub3=&goal_id=1008&country_code=DE&entity=pac&aff_sub=&transaction_id=80fe1b1b6f6864e96ea97872aab7f24bbfde8869&trk_sys_id=1&test=0
Protocol: HTTP/1.1
Server: 104.28.26.151 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: c1c1494e06df0b23bf7153f95b127046661d3abe014af2f9013c256470c19013

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: thecryptosoft.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://thecryptosoft.co/fi/index.php?xparam=thecryptosoft.co/fi/index.php&campaign=2250&offer_id=10334&aff_id=10080&creative=498&aff_sub4=&aff_sub5=&aff_sub2=5b1a691a034e912369&aff_sub3=&goal_id=1008&country_code=DE&entity=pac&aff_sub=&transaction_id=80fe1b1b6f6864e96ea97872aab7f24bbfde8869&trk_sys_id=1&test=0
Cookie: __cfduid=d047ca9acc5700cc111e818cc267c462e1528722772; snaptid=web0
Connection: keep-alive
Cache-Control: no-cache
Referer: http://thecryptosoft.co/fi/index.php?xparam=thecryptosoft.co/fi/index.php&campaign=2250&offer_id=10334&aff_id=10080&creative=498&aff_sub4=&aff_sub5=&aff_sub2=5b1a691a034e912369&aff_sub3=&goal_id=1008&country_code=DE&entity=pac&aff_sub=&transaction_id=80fe1b1b6f6864e96ea97872aab7f24bbfde8869&trk_sys_id=1&test=0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Mon, 11 Jun 2018 13:12:52 GMT
Via: 1.1 varnish-v4
CF-Cache-Status: HIT
Last-Modified: Tue, 22 May 2018 13:34:09 GMT
Server: cloudflare
ETag: W/"340-56ccb791c267e"
Vary: Accept-Encoding
X-Varnish: 295160
Content-Type: image/svg+xml
Content-Encoding: gzip
Cache-Control: public, max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 429454f2066297e0-FRA
Expires: Mon, 11 Jun 2018 17:12:52 GMT

GET
H/1.1 200
OK icon_immediateresults_white.svg
thecryptosoft.co/images/icons/ 707 B
825 B 8ms
8ms Image
image/svg+xml 104.28.26.151
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://thecryptosoft.co/images/icons/icon_immediateresults_white.svg
Requested by: Host: thecryptosoft.co
URL: http://thecryptosoft.co/fi/index.php?xparam=thecryptosoft.co/fi/index.php&campaign=2250&offer_id=10334&aff_id=10080&creative=498&aff_sub4=&aff_sub5=&aff_sub2=5b1a691a034e912369&aff_sub3=&goal_id=1008&country_code=DE&entity=pac&aff_sub=&transaction_id=80fe1b1b6f6864e96ea97872aab7f24bbfde8869&trk_sys_id=1&test=0
Protocol: HTTP/1.1
Server: 104.28.26.151 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: b26aeae0358626b11f7315dd8bf3b6ffa1c5513e6e0bdf88087908edf1a601c4

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: thecryptosoft.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://thecryptosoft.co/fi/index.php?xparam=thecryptosoft.co/fi/index.php&campaign=2250&offer_id=10334&aff_id=10080&creative=498&aff_sub4=&aff_sub5=&aff_sub2=5b1a691a034e912369&aff_sub3=&goal_id=1008&country_code=DE&entity=pac&aff_sub=&transaction_id=80fe1b1b6f6864e96ea97872aab7f24bbfde8869&trk_sys_id=1&test=0
Cookie: __cfduid=d047ca9acc5700cc111e818cc267c462e1528722772; snaptid=web0
Connection: keep-alive
Cache-Control: no-cache
Referer: http://thecryptosoft.co/fi/index.php?xparam=thecryptosoft.co/fi/index.php&campaign=2250&offer_id=10334&aff_id=10080&creative=498&aff_sub4=&aff_sub5=&aff_sub2=5b1a691a034e912369&aff_sub3=&goal_id=1008&country_code=DE&entity=pac&aff_sub=&transaction_id=80fe1b1b6f6864e96ea97872aab7f24bbfde8869&trk_sys_id=1&test=0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Mon, 11 Jun 2018 13:12:52 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Last-Modified: Tue, 22 May 2018 13:34:09 GMT
Server: cloudflare
ETag: W/"2c3-56ccb791c2a66"
Vary: Accept-Encoding
Content-Type: image/svg+xml
Cache-Control: public, max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 429454f2166c97e0-FRA
Expires: Mon, 11 Jun 2018 17:12:52 GMT

GET
H/1.1 200
OK icon_moneymachine_white.svg
thecryptosoft.co/images/icons/ 959 B
825 B 8ms
8ms Image
image/svg+xml 104.28.26.151
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://thecryptosoft.co/images/icons/icon_moneymachine_white.svg
Requested by: Host: thecryptosoft.co
URL: http://thecryptosoft.co/fi/index.php?xparam=thecryptosoft.co/fi/index.php&campaign=2250&offer_id=10334&aff_id=10080&creative=498&aff_sub4=&aff_sub5=&aff_sub2=5b1a691a034e912369&aff_sub3=&goal_id=1008&country_code=DE&entity=pac&aff_sub=&transaction_id=80fe1b1b6f6864e96ea97872aab7f24bbfde8869&trk_sys_id=1&test=0
Protocol: HTTP/1.1
Server: 104.28.26.151 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 360ebe904d3d78de5737af2d81cdda55b91495a105f78e4099338cecea2d3737

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: thecryptosoft.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://thecryptosoft.co/fi/index.php?xparam=thecryptosoft.co/fi/index.php&campaign=2250&offer_id=10334&aff_id=10080&creative=498&aff_sub4=&aff_sub5=&aff_sub2=5b1a691a034e912369&aff_sub3=&goal_id=1008&country_code=DE&entity=pac&aff_sub=&transaction_id=80fe1b1b6f6864e96ea97872aab7f24bbfde8869&trk_sys_id=1&test=0
Cookie: __cfduid=d047ca9acc5700cc111e818cc267c462e1528722772; snaptid=web0
Connection: keep-alive
Cache-Control: no-cache
Referer: http://thecryptosoft.co/fi/index.php?xparam=thecryptosoft.co/fi/index.php&campaign=2250&offer_id=10334&aff_id=10080&creative=498&aff_sub4=&aff_sub5=&aff_sub2=5b1a691a034e912369&aff_sub3=&goal_id=1008&country_code=DE&entity=pac&aff_sub=&transaction_id=80fe1b1b6f6864e96ea97872aab7f24bbfde8869&trk_sys_id=1&test=0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Mon, 11 Jun 2018 13:12:52 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Last-Modified: Tue, 22 May 2018 13:34:09 GMT
Server: cloudflare
ETag: W/"3bf-56ccb791c2a66"
Vary: Accept-Encoding
Content-Type: image/svg+xml
Cache-Control: public, max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 429454f2267797e0-FRA
Expires: Mon, 11 Jun 2018 17:12:52 GMT

GET
H/1.1 200
OK usr_4fsd2gf.jpg
thecryptosoft.co/images/users/ 3 KB
4 KB 7ms
7ms Image
image/jpeg 104.28.26.151
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://thecryptosoft.co/images/users/usr_4fsd2gf.jpg
Requested by: Host: thecryptosoft.co
URL: http://thecryptosoft.co/fi/index.php?xparam=thecryptosoft.co/fi/index.php&campaign=2250&offer_id=10334&aff_id=10080&creative=498&aff_sub4=&aff_sub5=&aff_sub2=5b1a691a034e912369&aff_sub3=&goal_id=1008&country_code=DE&entity=pac&aff_sub=&transaction_id=80fe1b1b6f6864e96ea97872aab7f24bbfde8869&trk_sys_id=1&test=0
Protocol: HTTP/1.1
Server: 104.28.26.151 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 006252ba27677f8cb620524557048dd0595df8554a8bf1ea19826c62b97117cb

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: thecryptosoft.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://thecryptosoft.co/fi/index.php?xparam=thecryptosoft.co/fi/index.php&campaign=2250&offer_id=10334&aff_id=10080&creative=498&aff_sub4=&aff_sub5=&aff_sub2=5b1a691a034e912369&aff_sub3=&goal_id=1008&country_code=DE&entity=pac&aff_sub=&transaction_id=80fe1b1b6f6864e96ea97872aab7f24bbfde8869&trk_sys_id=1&test=0
Cookie: __cfduid=d047ca9acc5700cc111e818cc267c462e1528722772; snaptid=web0
Connection: keep-alive
Cache-Control: no-cache
Referer: http://thecryptosoft.co/fi/index.php?xparam=thecryptosoft.co/fi/index.php&campaign=2250&offer_id=10334&aff_id=10080&creative=498&aff_sub4=&aff_sub5=&aff_sub2=5b1a691a034e912369&aff_sub3=&goal_id=1008&country_code=DE&entity=pac&aff_sub=&transaction_id=80fe1b1b6f6864e96ea97872aab7f24bbfde8869&trk_sys_id=1&test=0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Mon, 11 Jun 2018 13:12:52 GMT
Via: 1.1 varnish-v4
CF-Cache-Status: HIT
Last-Modified: Tue, 22 May 2018 13:34:09 GMT
Server: cloudflare
ETag: "d31-56ccb791c2e4e"
Vary: Accept-Encoding
X-Varnish: 1058497
Content-Type: image/jpeg
Cache-Control: public, max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 429454f2368297e0-FRA
Content-Length: 3377
Expires: Mon, 11 Jun 2018 17:12:52 GMT

GET
H/1.1 200
OK usr_df14sd5.jpg
thecryptosoft.co/images/users/ 4 KB
5 KB 7ms
7ms Image
image/jpeg 104.28.26.151
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://thecryptosoft.co/images/users/usr_df14sd5.jpg
Requested by: Host: thecryptosoft.co
URL: http://thecryptosoft.co/fi/index.php?xparam=thecryptosoft.co/fi/index.php&campaign=2250&offer_id=10334&aff_id=10080&creative=498&aff_sub4=&aff_sub5=&aff_sub2=5b1a691a034e912369&aff_sub3=&goal_id=1008&country_code=DE&entity=pac&aff_sub=&transaction_id=80fe1b1b6f6864e96ea97872aab7f24bbfde8869&trk_sys_id=1&test=0
Protocol: HTTP/1.1
Server: 104.28.26.151 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0ac1852801b1722575ef593304c0e73c46211dfd0300c0a3a98d735f77869848

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: thecryptosoft.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://thecryptosoft.co/fi/index.php?xparam=thecryptosoft.co/fi/index.php&campaign=2250&offer_id=10334&aff_id=10080&creative=498&aff_sub4=&aff_sub5=&aff_sub2=5b1a691a034e912369&aff_sub3=&goal_id=1008&country_code=DE&entity=pac&aff_sub=&transaction_id=80fe1b1b6f6864e96ea97872aab7f24bbfde8869&trk_sys_id=1&test=0
Cookie: __cfduid=d047ca9acc5700cc111e818cc267c462e1528722772; snaptid=web0
Connection: keep-alive
Cache-Control: no-cache
Referer: http://thecryptosoft.co/fi/index.php?xparam=thecryptosoft.co/fi/index.php&campaign=2250&offer_id=10334&aff_id=10080&creative=498&aff_sub4=&aff_sub5=&aff_sub2=5b1a691a034e912369&aff_sub3=&goal_id=1008&country_code=DE&entity=pac&aff_sub=&transaction_id=80fe1b1b6f6864e96ea97872aab7f24bbfde8869&trk_sys_id=1&test=0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Mon, 11 Jun 2018 13:12:52 GMT
Via: 1.1 varnish-v4
CF-Cache-Status: HIT
Last-Modified: Tue, 22 May 2018 13:34:09 GMT
Server: cloudflare
ETag: "104c-56ccb791c2e4e"
Vary: Accept-Encoding
X-Varnish: 1281907
Content-Type: image/jpeg
Cache-Control: public, max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 429454f2368897e0-FRA
Content-Length: 4172
Expires: Mon, 11 Jun 2018 17:12:52 GMT

GET
H/1.1 200
OK usr_d451xu.jpg
thecryptosoft.co/images/users/ 3 KB
4 KB 9ms
8ms Image
image/jpeg 104.28.26.151
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://thecryptosoft.co/images/users/usr_d451xu.jpg
Requested by: Host: thecryptosoft.co
URL: http://thecryptosoft.co/fi/index.php?xparam=thecryptosoft.co/fi/index.php&campaign=2250&offer_id=10334&aff_id=10080&creative=498&aff_sub4=&aff_sub5=&aff_sub2=5b1a691a034e912369&aff_sub3=&goal_id=1008&country_code=DE&entity=pac&aff_sub=&transaction_id=80fe1b1b6f6864e96ea97872aab7f24bbfde8869&trk_sys_id=1&test=0
Protocol: HTTP/1.1
Server: 104.28.26.151 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 794e36b946325d7b25d38b79bce1eb2c6fcc8f6bfffb4dded0afa409e624c988

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: thecryptosoft.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://thecryptosoft.co/fi/index.php?xparam=thecryptosoft.co/fi/index.php&campaign=2250&offer_id=10334&aff_id=10080&creative=498&aff_sub4=&aff_sub5=&aff_sub2=5b1a691a034e912369&aff_sub3=&goal_id=1008&country_code=DE&entity=pac&aff_sub=&transaction_id=80fe1b1b6f6864e96ea97872aab7f24bbfde8869&trk_sys_id=1&test=0
Cookie: __cfduid=d047ca9acc5700cc111e818cc267c462e1528722772; snaptid=web0
Connection: keep-alive
Cache-Control: no-cache
Referer: http://thecryptosoft.co/fi/index.php?xparam=thecryptosoft.co/fi/index.php&campaign=2250&offer_id=10334&aff_id=10080&creative=498&aff_sub4=&aff_sub5=&aff_sub2=5b1a691a034e912369&aff_sub3=&goal_id=1008&country_code=DE&entity=pac&aff_sub=&transaction_id=80fe1b1b6f6864e96ea97872aab7f24bbfde8869&trk_sys_id=1&test=0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Mon, 11 Jun 2018 13:12:52 GMT
Via: 1.1 varnish-v4
CF-Cache-Status: HIT
Last-Modified: Tue, 22 May 2018 13:34:09 GMT
Server: cloudflare
ETag: "d7a-56ccb791c2e4e"
Vary: Accept-Encoding
X-Varnish: 1281925
Content-Type: image/jpeg
Cache-Control: public, max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 429454f2468c97e0-FRA
Content-Length: 3450
Expires: Mon, 11 Jun 2018 17:12:52 GMT

GET
H/1.1 200
OK usr_oju84d.jpg
thecryptosoft.co/images/users/ 4 KB
4 KB 8ms
8ms Image
image/jpeg 104.28.26.151
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://thecryptosoft.co/images/users/usr_oju84d.jpg
Requested by: Host: thecryptosoft.co
URL: http://thecryptosoft.co/fi/index.php?xparam=thecryptosoft.co/fi/index.php&campaign=2250&offer_id=10334&aff_id=10080&creative=498&aff_sub4=&aff_sub5=&aff_sub2=5b1a691a034e912369&aff_sub3=&goal_id=1008&country_code=DE&entity=pac&aff_sub=&transaction_id=80fe1b1b6f6864e96ea97872aab7f24bbfde8869&trk_sys_id=1&test=0
Protocol: HTTP/1.1
Server: 104.28.26.151 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4df3a38ff0d0e0c0cbea528e4c1c64d669a893aa6d4fae1e89e0f9bb3a607de5

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: thecryptosoft.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://thecryptosoft.co/fi/index.php?xparam=thecryptosoft.co/fi/index.php&campaign=2250&offer_id=10334&aff_id=10080&creative=498&aff_sub4=&aff_sub5=&aff_sub2=5b1a691a034e912369&aff_sub3=&goal_id=1008&country_code=DE&entity=pac&aff_sub=&transaction_id=80fe1b1b6f6864e96ea97872aab7f24bbfde8869&trk_sys_id=1&test=0
Cookie: __cfduid=d047ca9acc5700cc111e818cc267c462e1528722772; snaptid=web0
Connection: keep-alive
Cache-Control: no-cache
Referer: http://thecryptosoft.co/fi/index.php?xparam=thecryptosoft.co/fi/index.php&campaign=2250&offer_id=10334&aff_id=10080&creative=498&aff_sub4=&aff_sub5=&aff_sub2=5b1a691a034e912369&aff_sub3=&goal_id=1008&country_code=DE&entity=pac&aff_sub=&transaction_id=80fe1b1b6f6864e96ea97872aab7f24bbfde8869&trk_sys_id=1&test=0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Mon, 11 Jun 2018 13:12:52 GMT
Via: 1.1 varnish-v4
CF-Cache-Status: HIT
Last-Modified: Tue, 22 May 2018 13:34:09 GMT
Server: cloudflare
ETag: "ef1-56ccb791c2e4e"
Vary: Accept-Encoding
X-Varnish: 361120
Content-Type: image/jpeg
Cache-Control: public, max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 429454f2569297e0-FRA
Content-Length: 3825
Expires: Mon, 11 Jun 2018 17:12:52 GMT

GET
H/1.1 200
OK usr_t14csd.jpg
thecryptosoft.co/images/users/ 3 KB
4 KB 9ms
9ms Image
image/jpeg 104.28.26.151
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://thecryptosoft.co/images/users/usr_t14csd.jpg
Requested by: Host: thecryptosoft.co
URL: http://thecryptosoft.co/fi/index.php?xparam=thecryptosoft.co/fi/index.php&campaign=2250&offer_id=10334&aff_id=10080&creative=498&aff_sub4=&aff_sub5=&aff_sub2=5b1a691a034e912369&aff_sub3=&goal_id=1008&country_code=DE&entity=pac&aff_sub=&transaction_id=80fe1b1b6f6864e96ea97872aab7f24bbfde8869&trk_sys_id=1&test=0
Protocol: HTTP/1.1
Server: 104.28.26.151 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 86e1bd591516b78418106aedf9b3eb43d87f23a28490ecb3fda8b54176b4a095

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: thecryptosoft.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://thecryptosoft.co/fi/index.php?xparam=thecryptosoft.co/fi/index.php&campaign=2250&offer_id=10334&aff_id=10080&creative=498&aff_sub4=&aff_sub5=&aff_sub2=5b1a691a034e912369&aff_sub3=&goal_id=1008&country_code=DE&entity=pac&aff_sub=&transaction_id=80fe1b1b6f6864e96ea97872aab7f24bbfde8869&trk_sys_id=1&test=0
Cookie: __cfduid=d047ca9acc5700cc111e818cc267c462e1528722772; snaptid=web0
Connection: keep-alive
Cache-Control: no-cache
Referer: http://thecryptosoft.co/fi/index.php?xparam=thecryptosoft.co/fi/index.php&campaign=2250&offer_id=10334&aff_id=10080&creative=498&aff_sub4=&aff_sub5=&aff_sub2=5b1a691a034e912369&aff_sub3=&goal_id=1008&country_code=DE&entity=pac&aff_sub=&transaction_id=80fe1b1b6f6864e96ea97872aab7f24bbfde8869&trk_sys_id=1&test=0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Mon, 11 Jun 2018 13:12:52 GMT
Via: 1.1 varnish-v4
CF-Cache-Status: HIT
Last-Modified: Tue, 22 May 2018 13:34:09 GMT
Server: cloudflare
ETag: "d57-56ccb791c3236"
Vary: Accept-Encoding
X-Varnish: 1155526
Content-Type: image/jpeg
Cache-Control: public, max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 429454f2669897e0-FRA
Content-Length: 3415
Expires: Mon, 11 Jun 2018 17:12:52 GMT

GET
H/1.1 200
OK usr_fds513.jpg
thecryptosoft.co/images/users/ 4 KB
5 KB 8ms
8ms Image
image/jpeg 104.28.26.151
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://thecryptosoft.co/images/users/usr_fds513.jpg
Requested by: Host: thecryptosoft.co
URL: http://thecryptosoft.co/fi/index.php?xparam=thecryptosoft.co/fi/index.php&campaign=2250&offer_id=10334&aff_id=10080&creative=498&aff_sub4=&aff_sub5=&aff_sub2=5b1a691a034e912369&aff_sub3=&goal_id=1008&country_code=DE&entity=pac&aff_sub=&transaction_id=80fe1b1b6f6864e96ea97872aab7f24bbfde8869&trk_sys_id=1&test=0
Protocol: HTTP/1.1
Server: 104.28.26.151 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4a7e7387d92ba9eb6f45d83ab0448ca8006a487c4bee4e03cb32c62acb0d59e0

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: thecryptosoft.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://thecryptosoft.co/fi/index.php?xparam=thecryptosoft.co/fi/index.php&campaign=2250&offer_id=10334&aff_id=10080&creative=498&aff_sub4=&aff_sub5=&aff_sub2=5b1a691a034e912369&aff_sub3=&goal_id=1008&country_code=DE&entity=pac&aff_sub=&transaction_id=80fe1b1b6f6864e96ea97872aab7f24bbfde8869&trk_sys_id=1&test=0
Cookie: __cfduid=d047ca9acc5700cc111e818cc267c462e1528722772; snaptid=web0
Connection: keep-alive
Cache-Control: no-cache
Referer: http://thecryptosoft.co/fi/index.php?xparam=thecryptosoft.co/fi/index.php&campaign=2250&offer_id=10334&aff_id=10080&creative=498&aff_sub4=&aff_sub5=&aff_sub2=5b1a691a034e912369&aff_sub3=&goal_id=1008&country_code=DE&entity=pac&aff_sub=&transaction_id=80fe1b1b6f6864e96ea97872aab7f24bbfde8869&trk_sys_id=1&test=0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Mon, 11 Jun 2018 13:12:53 GMT
Via: 1.1 varnish-v4
CF-Cache-Status: HIT
Last-Modified: Tue, 22 May 2018 13:34:09 GMT
Server: cloudflare
ETag: "1143-56ccb791c2e4e"
Vary: Accept-Encoding
X-Varnish: 1281964
Content-Type: image/jpeg
Cache-Control: public, max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 429454f3771f97e0-FRA
Content-Length: 4419
Expires: Mon, 11 Jun 2018 17:12:53 GMT

GET
H/1.1 200
OK security_icons.min.png
thecryptosoft.co/images/ 25 KB
26 KB 8ms
8ms Image
image/png 104.28.26.151
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://thecryptosoft.co/images/security_icons.min.png
Requested by: Host: thecryptosoft.co
URL: http://thecryptosoft.co/fi/index.php?xparam=thecryptosoft.co/fi/index.php&campaign=2250&offer_id=10334&aff_id=10080&creative=498&aff_sub4=&aff_sub5=&aff_sub2=5b1a691a034e912369&aff_sub3=&goal_id=1008&country_code=DE&entity=pac&aff_sub=&transaction_id=80fe1b1b6f6864e96ea97872aab7f24bbfde8869&trk_sys_id=1&test=0
Protocol: HTTP/1.1
Server: 104.28.26.151 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: a48fca23f43035e4c0c9c93b3b27ef605b013789427ac71fc9b585256155f0a5

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: thecryptosoft.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://thecryptosoft.co/fi/index.php?xparam=thecryptosoft.co/fi/index.php&campaign=2250&offer_id=10334&aff_id=10080&creative=498&aff_sub4=&aff_sub5=&aff_sub2=5b1a691a034e912369&aff_sub3=&goal_id=1008&country_code=DE&entity=pac&aff_sub=&transaction_id=80fe1b1b6f6864e96ea97872aab7f24bbfde8869&trk_sys_id=1&test=0
Cookie: __cfduid=d047ca9acc5700cc111e818cc267c462e1528722772; snaptid=web0
Connection: keep-alive
Cache-Control: no-cache
Referer: http://thecryptosoft.co/fi/index.php?xparam=thecryptosoft.co/fi/index.php&campaign=2250&offer_id=10334&aff_id=10080&creative=498&aff_sub4=&aff_sub5=&aff_sub2=5b1a691a034e912369&aff_sub3=&goal_id=1008&country_code=DE&entity=pac&aff_sub=&transaction_id=80fe1b1b6f6864e96ea97872aab7f24bbfde8869&trk_sys_id=1&test=0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Mon, 11 Jun 2018 13:12:53 GMT
CF-Cache-Status: HIT
Last-Modified: Tue, 22 May 2018 13:34:09 GMT
Server: cloudflare
ETag: "65bc-56ccb791c2e4e"
Vary: Accept-Encoding
Content-Type: image/png
Cache-Control: public, max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 429454f3872897e0-FRA
Content-Length: 26044
Expires: Mon, 11 Jun 2018 17:12:53 GMT

GET
H/1.1 200
OK cryptosoft_logo_hrt_white.svg
thecryptosoft.co/images/ 2 KB
1 KB 8ms
8ms Image
image/svg+xml 104.28.26.151
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://thecryptosoft.co/images/cryptosoft_logo_hrt_white.svg
Requested by: Host: thecryptosoft.co
URL: http://thecryptosoft.co/fi/index.php?xparam=thecryptosoft.co/fi/index.php&campaign=2250&offer_id=10334&aff_id=10080&creative=498&aff_sub4=&aff_sub5=&aff_sub2=5b1a691a034e912369&aff_sub3=&goal_id=1008&country_code=DE&entity=pac&aff_sub=&transaction_id=80fe1b1b6f6864e96ea97872aab7f24bbfde8869&trk_sys_id=1&test=0
Protocol: HTTP/1.1
Server: 104.28.26.151 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: b684e033e8312d8a860d29662826a9e00ee8ee2ffc77b10789c89b00ff527a85

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: thecryptosoft.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://thecryptosoft.co/fi/index.php?xparam=thecryptosoft.co/fi/index.php&campaign=2250&offer_id=10334&aff_id=10080&creative=498&aff_sub4=&aff_sub5=&aff_sub2=5b1a691a034e912369&aff_sub3=&goal_id=1008&country_code=DE&entity=pac&aff_sub=&transaction_id=80fe1b1b6f6864e96ea97872aab7f24bbfde8869&trk_sys_id=1&test=0
Cookie: __cfduid=d047ca9acc5700cc111e818cc267c462e1528722772; snaptid=web0
Connection: keep-alive
Cache-Control: no-cache
Referer: http://thecryptosoft.co/fi/index.php?xparam=thecryptosoft.co/fi/index.php&campaign=2250&offer_id=10334&aff_id=10080&creative=498&aff_sub4=&aff_sub5=&aff_sub2=5b1a691a034e912369&aff_sub3=&goal_id=1008&country_code=DE&entity=pac&aff_sub=&transaction_id=80fe1b1b6f6864e96ea97872aab7f24bbfde8869&trk_sys_id=1&test=0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Mon, 11 Jun 2018 13:12:53 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Last-Modified: Tue, 22 May 2018 13:34:09 GMT
Server: cloudflare
ETag: W/"82f-56ccb791c2296"
Vary: Accept-Encoding
Content-Type: image/svg+xml
Cache-Control: public, max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 429454f3a74097e0-FRA
Expires: Mon, 11 Jun 2018 17:12:53 GMT

GET
S 200 bootstrap.min.js Show response
cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.3.7/js/ 36 KB
10 KB 8ms
7ms Script
application/javascript 104.19.196.151
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.3.7/js/bootstrap.min.js

Requested by

Protocol

SPDY

Server

104.19.196.151 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: http://thecryptosoft.co/fi/index.php?xparam=thecryptosoft.co/fi/index.php&campaign=2250&offer_id=10334&aff_id=10080&creative=498&aff_sub4=&aff_sub5=&aff_sub2=5b1a691a034e912369&aff_sub3=&goal_id=1008&country_code=DE&entity=pac&aff_sub=&transaction_id=80fe1b1b6f6864e96ea97872aab7f24bbfde8869&trk_sys_id=1&test=0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date: Mon, 11 Jun 2018 13:12:52 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 26 Jul 2016 07:16:08 GMT
server: cloudflare
status: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
strict-transport-security: max-age=15780000; includeSubDomains
cf-ray: 429454f27cb5977a-FRA
expires: Sat, 01 Jun 2019 13:12:52 GMT

GET
S 200 bodymovin_light.min.js Show response
cdnjs.cloudflare.com/ajax/libs/bodymovin/4.10.2/ 140 KB
37 KB 10ms
10ms Script
application/javascript 104.19.196.151
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/bodymovin/4.10.2/bodymovin_light.min.js

Requested by

Protocol

SPDY

Server

104.19.196.151 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

f8759b4002b5d3273049eca7e9ba054fa587f34a624a4f401f712a5596803f6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: http://thecryptosoft.co/fi/index.php?xparam=thecryptosoft.co/fi/index.php&campaign=2250&offer_id=10334&aff_id=10080&creative=498&aff_sub4=&aff_sub5=&aff_sub2=5b1a691a034e912369&aff_sub3=&goal_id=1008&country_code=DE&entity=pac&aff_sub=&transaction_id=80fe1b1b6f6864e96ea97872aab7f24bbfde8869&trk_sys_id=1&test=0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date: Mon, 11 Jun 2018 13:12:52 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 07 Aug 2017 04:03:18 GMT
server: cloudflare
status: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
strict-transport-security: max-age=15780000; includeSubDomains
cf-ray: 429454f28cc0977a-FRA
expires: Sat, 01 Jun 2019 13:12:52 GMT

GET
H/1.1 200
OK chart.js Show response
thecryptosoft.co/js/ 172 B
580 B 8ms
8ms Script
application/javascript 104.28.26.151
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://thecryptosoft.co/js/chart.js
Requested by: Host: thecryptosoft.co
URL: http://thecryptosoft.co/fi/index.php?xparam=thecryptosoft.co/fi/index.php&campaign=2250&offer_id=10334&aff_id=10080&creative=498&aff_sub4=&aff_sub5=&aff_sub2=5b1a691a034e912369&aff_sub3=&goal_id=1008&country_code=DE&entity=pac&aff_sub=&transaction_id=80fe1b1b6f6864e96ea97872aab7f24bbfde8869&trk_sys_id=1&test=0
Protocol: HTTP/1.1
Server: 104.28.26.151 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 367778085f446b669d32cac74ec75cd027cd81d2d87aa7dad466060ca206726c

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: thecryptosoft.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: */*
Referer: http://thecryptosoft.co/fi/index.php?xparam=thecryptosoft.co/fi/index.php&campaign=2250&offer_id=10334&aff_id=10080&creative=498&aff_sub4=&aff_sub5=&aff_sub2=5b1a691a034e912369&aff_sub3=&goal_id=1008&country_code=DE&entity=pac&aff_sub=&transaction_id=80fe1b1b6f6864e96ea97872aab7f24bbfde8869&trk_sys_id=1&test=0
Cookie: __cfduid=d047ca9acc5700cc111e818cc267c462e1528722772; snaptid=web0
Connection: keep-alive
Cache-Control: no-cache
Referer: http://thecryptosoft.co/fi/index.php?xparam=thecryptosoft.co/fi/index.php&campaign=2250&offer_id=10334&aff_id=10080&creative=498&aff_sub4=&aff_sub5=&aff_sub2=5b1a691a034e912369&aff_sub3=&goal_id=1008&country_code=DE&entity=pac&aff_sub=&transaction_id=80fe1b1b6f6864e96ea97872aab7f24bbfde8869&trk_sys_id=1&test=0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Mon, 11 Jun 2018 13:12:52 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Last-Modified: Tue, 22 May 2018 13:34:09 GMT
Server: cloudflare
ETag: W/"ac-56ccb791c361e"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 429454f296b097e0-FRA
Expires: Mon, 11 Jun 2018 17:12:52 GMT

GET
H/1.1 200
OK crazypopup-src.js Show response
thecryptosoft.co/js/ 17 KB
4 KB 9ms
9ms Script
application/javascript 104.28.26.151
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://thecryptosoft.co/js/crazypopup-src.js
Requested by: Host: thecryptosoft.co
URL: http://thecryptosoft.co/fi/index.php?xparam=thecryptosoft.co/fi/index.php&campaign=2250&offer_id=10334&aff_id=10080&creative=498&aff_sub4=&aff_sub5=&aff_sub2=5b1a691a034e912369&aff_sub3=&goal_id=1008&country_code=DE&entity=pac&aff_sub=&transaction_id=80fe1b1b6f6864e96ea97872aab7f24bbfde8869&trk_sys_id=1&test=0
Protocol: HTTP/1.1
Server: 104.28.26.151 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 545fca1523bbb378bd9cb8ddd522b88623a512fb31e074402fd4d942de0c5354

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: thecryptosoft.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: */*
Referer: http://thecryptosoft.co/fi/index.php?xparam=thecryptosoft.co/fi/index.php&campaign=2250&offer_id=10334&aff_id=10080&creative=498&aff_sub4=&aff_sub5=&aff_sub2=5b1a691a034e912369&aff_sub3=&goal_id=1008&country_code=DE&entity=pac&aff_sub=&transaction_id=80fe1b1b6f6864e96ea97872aab7f24bbfde8869&trk_sys_id=1&test=0
Cookie: __cfduid=d047ca9acc5700cc111e818cc267c462e1528722772; snaptid=web0
Connection: keep-alive
Cache-Control: no-cache
Referer: http://thecryptosoft.co/fi/index.php?xparam=thecryptosoft.co/fi/index.php&campaign=2250&offer_id=10334&aff_id=10080&creative=498&aff_sub4=&aff_sub5=&aff_sub2=5b1a691a034e912369&aff_sub3=&goal_id=1008&country_code=DE&entity=pac&aff_sub=&transaction_id=80fe1b1b6f6864e96ea97872aab7f24bbfde8869&trk_sys_id=1&test=0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Mon, 11 Jun 2018 13:12:52 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Last-Modified: Tue, 22 May 2018 13:34:09 GMT
Server: cloudflare
ETag: W/"441a-56ccb791c361e"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 429454f2a6b697e0-FRA
Expires: Mon, 11 Jun 2018 17:12:52 GMT

GET
H/1.1 200
OK modal-crazy.js Show response
thecryptosoft.co/js/ 2 KB
1 KB 8ms
8ms Script
application/javascript 104.28.26.151
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://thecryptosoft.co/js/modal-crazy.js?v=1
Requested by: Host: thecryptosoft.co
URL: http://thecryptosoft.co/fi/index.php?xparam=thecryptosoft.co/fi/index.php&campaign=2250&offer_id=10334&aff_id=10080&creative=498&aff_sub4=&aff_sub5=&aff_sub2=5b1a691a034e912369&aff_sub3=&goal_id=1008&country_code=DE&entity=pac&aff_sub=&transaction_id=80fe1b1b6f6864e96ea97872aab7f24bbfde8869&trk_sys_id=1&test=0
Protocol: HTTP/1.1
Server: 104.28.26.151 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 503f6b2b25fff73304458fb3f66c3dd36ecf79def1dff067e99343ba5d949f60

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: thecryptosoft.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: */*
Referer: http://thecryptosoft.co/fi/index.php?xparam=thecryptosoft.co/fi/index.php&campaign=2250&offer_id=10334&aff_id=10080&creative=498&aff_sub4=&aff_sub5=&aff_sub2=5b1a691a034e912369&aff_sub3=&goal_id=1008&country_code=DE&entity=pac&aff_sub=&transaction_id=80fe1b1b6f6864e96ea97872aab7f24bbfde8869&trk_sys_id=1&test=0
Cookie: __cfduid=d047ca9acc5700cc111e818cc267c462e1528722772; snaptid=web0
Connection: keep-alive
Cache-Control: no-cache
Referer: http://thecryptosoft.co/fi/index.php?xparam=thecryptosoft.co/fi/index.php&campaign=2250&offer_id=10334&aff_id=10080&creative=498&aff_sub4=&aff_sub5=&aff_sub2=5b1a691a034e912369&aff_sub3=&goal_id=1008&country_code=DE&entity=pac&aff_sub=&transaction_id=80fe1b1b6f6864e96ea97872aab7f24bbfde8869&trk_sys_id=1&test=0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Mon, 11 Jun 2018 13:12:52 GMT
Via: 1.1 varnish-v4
CF-Cache-Status: HIT
Last-Modified: Tue, 22 May 2018 13:34:09 GMT
Server: cloudflare
ETag: W/"6dd-56ccb791c361e"
Vary: Accept-Encoding
X-Varnish: 1155523
Content-Type: application/javascript
Content-Encoding: gzip
Cache-Control: public, max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 429454f2b6bb97e0-FRA
Expires: Mon, 11 Jun 2018 17:12:52 GMT

GET
H/1.1 200
OK unload.js Show response
thecryptosoft.co/js/ 228 B
587 B 116ms
116ms Script
application/javascript 104.28.26.151
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://thecryptosoft.co/js/unload.js
Requested by: Host: thecryptosoft.co
URL: http://thecryptosoft.co/fi/index.php?xparam=thecryptosoft.co/fi/index.php&campaign=2250&offer_id=10334&aff_id=10080&creative=498&aff_sub4=&aff_sub5=&aff_sub2=5b1a691a034e912369&aff_sub3=&goal_id=1008&country_code=DE&entity=pac&aff_sub=&transaction_id=80fe1b1b6f6864e96ea97872aab7f24bbfde8869&trk_sys_id=1&test=0
Protocol: HTTP/1.1
Server: 104.28.26.151 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ec510234b7ed3071de63194849e835b477d8b606078aaa9f53f7053f74f4745

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: thecryptosoft.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: */*
Referer: http://thecryptosoft.co/fi/index.php?xparam=thecryptosoft.co/fi/index.php&campaign=2250&offer_id=10334&aff_id=10080&creative=498&aff_sub4=&aff_sub5=&aff_sub2=5b1a691a034e912369&aff_sub3=&goal_id=1008&country_code=DE&entity=pac&aff_sub=&transaction_id=80fe1b1b6f6864e96ea97872aab7f24bbfde8869&trk_sys_id=1&test=0
Cookie: __cfduid=d047ca9acc5700cc111e818cc267c462e1528722772; snaptid=web0
Connection: keep-alive
Cache-Control: no-cache
Referer: http://thecryptosoft.co/fi/index.php?xparam=thecryptosoft.co/fi/index.php&campaign=2250&offer_id=10334&aff_id=10080&creative=498&aff_sub4=&aff_sub5=&aff_sub2=5b1a691a034e912369&aff_sub3=&goal_id=1008&country_code=DE&entity=pac&aff_sub=&transaction_id=80fe1b1b6f6864e96ea97872aab7f24bbfde8869&trk_sys_id=1&test=0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Mon, 11 Jun 2018 13:12:53 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Last-Modified: Tue, 22 May 2018 13:34:09 GMT
Server: cloudflare
ETag: W/"e4-56ccb791c361e"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 429454f2c6c197e0-FRA
Expires: Mon, 11 Jun 2018 17:12:53 GMT

GET
S 200 css
fonts.googleapis.com/ 1 KB
441 B 16ms
15ms Stylesheet
text/css 172.217.22.10
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto+Condensed:400,700|Roboto:400,400i,700&subset=latin-ext

Requested by

Protocol

SPDY

Server

172.217.22.10 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s14-in-f10.1e100.net

Software

ESF /

Resource Hash

f1233c9e097042243f93eb37dc47d84e6c5ef1d16d84ba52cc2e926e00a55e13

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://thecryptosoft.co/fi/index.php?xparam=thecryptosoft.co/fi/index.php&campaign=2250&offer_id=10334&aff_id=10080&creative=498&aff_sub4=&aff_sub5=&aff_sub2=5b1a691a034e912369&aff_sub3=&goal_id=1008&country_code=DE&entity=pac&aff_sub=&transaction_id=80fe1b1b6f6864e96ea97872aab7f24bbfde8869&trk_sys_id=1&test=0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date: Mon, 11 Jun 2018 13:12:55 GMT
content-encoding: gzip
server: ESF
status: 200
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="43,42,41,39,35"
x-xss-protection: 1; mode=block
expires: Mon, 11 Jun 2018 13:12:55 GMT

GET
H/1.1 200
OK css
fonts.googleapis.com/ 1 KB
729 B 15ms
14ms Stylesheet
text/css 172.217.23.138
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.googleapis.com/css?family=Roboto+Condensed|Roboto:300,400,700,700i,900i&subset=cyrillic

Requested by

Protocol

HTTP/1.1

Server

172.217.23.138 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s18-in-f10.1e100.net

Software

ESF /

Resource Hash

33ce9dc642b1211a11b477fd0a4972148a6673b71ecbef6a183964527b6a755b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://thecryptosoft.co/fi/index.php?xparam=thecryptosoft.co/fi/index.php&campaign=2250&offer_id=10334&aff_id=10080&creative=498&aff_sub4=&aff_sub5=&aff_sub2=5b1a691a034e912369&aff_sub3=&goal_id=1008&country_code=DE&entity=pac&aff_sub=&transaction_id=80fe1b1b6f6864e96ea97872aab7f24bbfde8869&trk_sys_id=1&test=0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Mon, 11 Jun 2018 13:12:55 GMT
Content-Encoding: gzip
Server: ESF
X-Frame-Options: SAMEORIGIN
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=86400
Transfer-Encoding: chunked
Timing-Allow-Origin: *
X-XSS-Protection: 1; mode=block
Expires: Mon, 11 Jun 2018 13:12:55 GMT

GET
H/1.1 200
OK 244324495
player.vimeo.com/video/ Frame 5288 0
0 130ms
130ms Document
text/html 151.101.128.217
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://player.vimeo.com/video/244324495?loop=0&background=1&title=0&byline=0&portrait=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.128.217 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' https://f.vimeocdn.com https://js-agent.newrelic.com https://bam.nr-data.net https://src.litix.io https://f.vimeocdn.com; style-src 'self' 'unsafe-inline' https://f.vimeocdn.com https://f.vimeocdn.com; connect-src 'self' https://vimeo.com https://vimeo.dev https://api.vimeo.com https://api.vimeo.dev https://fresnel.vimeocdn.com https://.akamaized.net https://.akamaized-staging.net https://.vimeocdn.com https://netflux.cloud.vimeo.com https://lic.staging.drmtoday.com https://lic.drmtoday.com https://sentry.cloud.vimeo.com https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://.litix.io/; media-src 'self' blob: https://.vimeocdn.com https://.akamaized.net https://.akamaized-staging.net https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com; object-src 'self' https://.vimeocdn.com https://.akamaized.net https://.akamaized-staging.net; default-src 'none'; img-src 'self' data: https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://player.vimeo.com https://*.ci.vimeows.com https://f.vimeocdn.com; frame-src 'self' https://f.vimeocdn.com
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: player.vimeo.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://thecryptosoft.co/fi/index.php?xparam=thecryptosoft.co/fi/index.php&campaign=2250&offer_id=10334&aff_id=10080&creative=498&aff_sub4=&aff_sub5=&aff_sub2=5b1a691a034e912369&aff_sub3=&goal_id=1008&country_code=DE&entity=pac&aff_sub=&transaction_id=80fe1b1b6f6864e96ea97872aab7f24bbfde8869&trk_sys_id=1&test=0
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: 2C8F686A6227EDDCBD262A1255687FEC
Referer: http://thecryptosoft.co/fi/index.php?xparam=thecryptosoft.co/fi/index.php&campaign=2250&offer_id=10334&aff_id=10080&creative=498&aff_sub4=&aff_sub5=&aff_sub2=5b1a691a034e912369&aff_sub3=&goal_id=1008&country_code=DE&entity=pac&aff_sub=&transaction_id=80fe1b1b6f6864e96ea97872aab7f24bbfde8869&trk_sys_id=1&test=0

Response headers

Server: nginx
Content-Type: text/html; charset=UTF-8
X-Xss-Protection: 1; mode=block
Content-Security-Policy: script-src 'self' 'unsafe-inline' https://f.vimeocdn.com https://js-agent.newrelic.com https://bam.nr-data.net https://src.litix.io https://f.vimeocdn.com; style-src 'self' 'unsafe-inline' https://f.vimeocdn.com https://f.vimeocdn.com; connect-src 'self' https://vimeo.com https://vimeo.dev https://api.vimeo.com https://api.vimeo.dev https://fresnel.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://netflux.cloud.vimeo.com https://lic.staging.drmtoday.com https://lic.drmtoday.com https://sentry.cloud.vimeo.com https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://*.litix.io/; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; default-src 'none'; img-src 'self' data: https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://player.vimeo.com https://*.ci.vimeows.com https://f.vimeocdn.com; frame-src 'self' https://f.vimeocdn.com
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=15552000; includeSubDomains; preload
Link: <https://i.vimeocdn.com>; rel=preconnect; crossorigin <https://f.vimeocdn.com>; rel=preconnect; crossorigin
P3p: CP="This is not a P3P policy! See https://vimeo.com/privacy"
Expires: Fri, 15 Dec 1985 19:30:00 GMT
Via: 1.1 varnish 1.1 varnish 1.1 varnish
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
X-Varnish-Cache: 0
X-VServer: infra-playproxy-a-3
X-Vimeo-DC: ge
Content-Encoding: gzip
Content-Length: 4564
Accept-Ranges: bytes
Date: Mon, 11 Jun 2018 13:12:55 GMT
Age: 0
Connection: keep-alive
X-Served-By: cache-iad2128-IAD, cache-hhn1549-HHN
X-Cache: MISS, MISS
X-Cache-Hits: 0, 0
X-Timer: S1528722775.360139,VS0,VE124
Vary: Accept-Encoding

GET
H/1.1 200
OK bgpattern.png
thecryptosoft.co/images/ 46 KB
47 KB 28ms
28ms Image
image/png 104.28.26.151
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://thecryptosoft.co/images/bgpattern.png
Requested by: Host: thecryptosoft.co
URL: http://thecryptosoft.co/fi/index.php?xparam=thecryptosoft.co/fi/index.php&campaign=2250&offer_id=10334&aff_id=10080&creative=498&aff_sub4=&aff_sub5=&aff_sub2=5b1a691a034e912369&aff_sub3=&goal_id=1008&country_code=DE&entity=pac&aff_sub=&transaction_id=80fe1b1b6f6864e96ea97872aab7f24bbfde8869&trk_sys_id=1&test=0
Protocol: HTTP/1.1
Server: 104.28.26.151 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2bf9ed9ba13bb6261155bb9243b13e0ae7af6dab2af6e9681fd4338380938eab

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: thecryptosoft.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://thecryptosoft.co/css/layout.css
Cookie: __cfduid=d047ca9acc5700cc111e818cc267c462e1528722772; snaptid=web0
Connection: keep-alive
Cache-Control: no-cache
Referer: http://thecryptosoft.co/css/layout.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Mon, 11 Jun 2018 13:12:55 GMT
CF-Cache-Status: HIT
Last-Modified: Tue, 22 May 2018 13:34:09 GMT
Server: cloudflare
ETag: "b9e8-56ccb791c16de"
Vary: Accept-Encoding
Content-Type: image/png
Cache-Control: public, max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 42945502279b64e1-FRA
Content-Length: 47592
Expires: Mon, 11 Jun 2018 17:12:55 GMT

GET
S 200 ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCoYag.ttf
fonts.gstatic.com/s/robotocondensed/v16/ 52 KB
29 KB 9ms
9ms Font
font/ttf 172.217.22.3
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v16/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCoYag.ttf

Requested by

Protocol

SPDY

Server

172.217.22.3 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s14-in-f3.1e100.net

Software

sffe /

Resource Hash

5c9266a1f75183a12d50206e494a419f0cd0f9fd7f17f06e7d0f20ec14b79d31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Roboto+Condensed:400,700|Roboto:400,400i,700&subset=latin-ext
Origin: http://thecryptosoft.co

Response headers

date: Mon, 12 Feb 2018 15:30:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10273362
status: 200
alt-svc: quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length: 29183
x-xss-protection: 1; mode=block
last-modified: Wed, 11 Oct 2017 18:22:57 GMT
server: sffe
vary: Accept-Encoding
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Feb 2019 15:30:13 GMT

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 53a38379592286cea290cd5315d36768edf6640aff3169573517fe82541e5a0a

Request headers

Response headers

Access-Control-Allow-Origin: *
Content-Type: image/png

GET
H/1.1 200
OK KFOmCnqEu92Fr1Mu5mxP.ttf
fonts.gstatic.com/s/roboto/v18/ 52 KB
29 KB 7ms
6ms Font
font/ttf 172.217.22.3
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu5mxP.ttf

Requested by

Protocol

HTTP/1.1

Server

172.217.22.3 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s14-in-f3.1e100.net

Software

sffe /

Resource Hash

bfb6b0785774ed8b0d32718611e7f81b1747b2de8184e68c324ef04c2cfc3f3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Referer: http://fonts.googleapis.com/css?family=Roboto+Condensed|Roboto:300,400,700,700i,900i&subset=cyrillic
Origin: http://thecryptosoft.co

Response headers

Date: Wed, 09 May 2018 03:54:01 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Mon, 16 Oct 2017 17:32:51 GMT
Server: sffe
Age: 2884734
Vary: Accept-Encoding
Content-Type: font/ttf
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 29383
X-XSS-Protection: 1; mode=block
Expires: Thu, 09 May 2019 03:54:01 GMT

GET
H/1.1 200
OK KFOlCnqEu92Fr1MmWUlfABc9.ttf
fonts.gstatic.com/s/roboto/v18/ 52 KB
29 KB 17ms
11ms Font
font/ttf 172.217.22.3
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmWUlfABc9.ttf

Requested by

Protocol

HTTP/1.1

Server

172.217.22.3 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s14-in-f3.1e100.net

Software

sffe /

Resource Hash

d4d2c5387a1ea159e0d3801eeece12ec043862726c09ee27d6bbd915dc06cb82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Referer: http://fonts.googleapis.com/css?family=Roboto+Condensed|Roboto:300,400,700,700i,900i&subset=cyrillic
Origin: http://thecryptosoft.co

Response headers

Date: Mon, 12 Feb 2018 18:03:47 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Mon, 16 Oct 2017 17:33:05 GMT
Server: sffe
Age: 10264148
Vary: Accept-Encoding
Content-Type: font/ttf
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 29711
X-XSS-Protection: 1; mode=block
Expires: Tue, 12 Feb 2019 18:03:47 GMT

GET
H/1.1 200
OK KFOlCnqEu92Fr1MmSU5fABc9.ttf
fonts.gstatic.com/s/roboto/v18/ 52 KB
29 KB 17ms
11ms Font
font/ttf 172.217.22.3
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmSU5fABc9.ttf

Requested by

Protocol

HTTP/1.1

Server

172.217.22.3 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s14-in-f3.1e100.net

Software

sffe /

Resource Hash

ddcd197bd1110181cbe42e6b390d54603a4ec0d36a988f05d790c39d8230095e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Referer: http://fonts.googleapis.com/css?family=Roboto+Condensed|Roboto:300,400,700,700i,900i&subset=cyrillic
Origin: http://thecryptosoft.co

Response headers

Date: Mon, 12 Feb 2018 17:32:28 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Mon, 16 Oct 2017 17:32:44 GMT
Server: sffe
Age: 10266027
Vary: Accept-Encoding
Content-Type: font/ttf
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 29362
X-XSS-Protection: 1; mode=block
Expires: Tue, 12 Feb 2019 17:32:28 GMT

GET
S 200 KFOkCnqEu92Fr1Mu51xGIzc.ttf
fonts.gstatic.com/s/roboto/v18/ 54 KB
31 KB 16ms
16ms Font
font/ttf 172.217.22.3
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOkCnqEu92Fr1Mu51xGIzc.ttf

Requested by

Protocol

SPDY

Server

172.217.22.3 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s14-in-f3.1e100.net

Software

sffe /

Resource Hash

5f2fd1940c739e83cf5d558be1f7f627aba240c9a1565b47e8bfee7ea3f41a63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Roboto+Condensed:400,700|Roboto:400,400i,700&subset=latin-ext
Origin: http://thecryptosoft.co

Response headers

date: Thu, 24 May 2018 14:39:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1550018
status: 200
alt-svc: quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length: 31293
x-xss-protection: 1; mode=block
last-modified: Mon, 16 Oct 2017 17:32:53 GMT
server: sffe
vary: Accept-Encoding
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 24 May 2019 14:39:17 GMT

GET
H/1.1 200
OK chart.json Show response
thecryptosoft.co/js/ 45 KB
11 KB 1266ms
1265ms XHR
application/json 104.28.26.151
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://thecryptosoft.co/js/chart.json
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/bodymovin/4.10.2/bodymovin_light.min.js
Protocol: HTTP/1.1
Server: 104.28.26.151 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 30030c6550721a8212e6f505e42add33ef5bf17a4a2376952b605718993622d3

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: thecryptosoft.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: */*
Referer: http://thecryptosoft.co/fi/index.php?xparam=thecryptosoft.co/fi/index.php&campaign=2250&offer_id=10334&aff_id=10080&creative=498&aff_sub4=&aff_sub5=&aff_sub2=5b1a691a034e912369&aff_sub3=&goal_id=1008&country_code=DE&entity=pac&aff_sub=&transaction_id=80fe1b1b6f6864e96ea97872aab7f24bbfde8869&trk_sys_id=1&test=0
Cookie: __cfduid=d047ca9acc5700cc111e818cc267c462e1528722772; snaptid=web0
Connection: keep-alive
Cache-Control: no-cache
Referer: http://thecryptosoft.co/fi/index.php?xparam=thecryptosoft.co/fi/index.php&campaign=2250&offer_id=10334&aff_id=10080&creative=498&aff_sub4=&aff_sub5=&aff_sub2=5b1a691a034e912369&aff_sub3=&goal_id=1008&country_code=DE&entity=pac&aff_sub=&transaction_id=80fe1b1b6f6864e96ea97872aab7f24bbfde8869&trk_sys_id=1&test=0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Mon, 11 Jun 2018 13:12:56 GMT
Content-Encoding: gzip
Last-Modified: Tue, 22 May 2018 13:34:09 GMT
Server: cloudflare
ETag: W/"b583-56ccb791c361e"
Transfer-Encoding: chunked
Content-Type: application/json
Connection: keep-alive
CF-RAY: 42945502a7c464e1-FRA

GET
S 200 64f8c24263e12337eee48ac9505e3eeb.js Show response
cdn.pushcrew.com/js/ 208 KB
59 KB 417ms
391ms Script
application/javascript 104.20.54.119
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pushcrew.com/js/64f8c24263e12337eee48ac9505e3eeb.js
Requested by: Host: thecryptosoft.co
URL: http://thecryptosoft.co/fi/index.php?xparam=thecryptosoft.co/fi/index.php&campaign=2250&offer_id=10334&aff_id=10080&creative=498&aff_sub4=&aff_sub5=&aff_sub2=5b1a691a034e912369&aff_sub3=&goal_id=1008&country_code=DE&entity=pac&aff_sub=&transaction_id=80fe1b1b6f6864e96ea97872aab7f24bbfde8869&trk_sys_id=1&test=0
Protocol: SPDY
Server: 104.20.54.119 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 513e6b7293bd2052de525d46be8b181d596a10a29d0a578aad06041d4a966151

Request headers

Referer: http://thecryptosoft.co/fi/index.php?xparam=thecryptosoft.co/fi/index.php&campaign=2250&offer_id=10334&aff_id=10080&creative=498&aff_sub4=&aff_sub5=&aff_sub2=5b1a691a034e912369&aff_sub3=&goal_id=1008&country_code=DE&entity=pac&aff_sub=&transaction_id=80fe1b1b6f6864e96ea97872aab7f24bbfde8869&trk_sys_id=1&test=0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date: Mon, 11 Jun 2018 13:12:55 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Thu, 24 May 2018 10:29:40 GMT
server: cloudflare
etag: W/"5b069414-33e93"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
status: 200
cache-control: public, max-age=43200
cf-ray: 429455034c682708-FRA
expires: Tue, 12 Jun 2018 01:12:55 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Crypto (Crypto Exchange)

53 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.vimeo.com/	1970-01-19 10:09:54	Name: vuid Value: pl705926748.142708612
thecryptosoft.co/	1970-01-28 16:38:42	Name: wingify_donot_track_actions Value: 0
thecryptosoft.co/	1969-12-31 23:59:59	Name: snaptid Value: web0
.thecryptosoft.co/	1970-01-19 01:24:18	Name: __cfduid Value: d047ca9acc5700cc111e818cc267c462e1528722772

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.pushcrew.com
cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
life.dbestcollegesect.com
maxcdn.bootstrapcdn.com
player.vimeo.com
thecryptosoft.co
trakclk.com
unite.justimedia.com
www.rolnk.com
104.19.196.151
104.20.54.119
104.27.160.106
104.28.26.151
104.28.27.151
151.101.128.217
172.217.22.10
172.217.22.3
172.217.23.138
185.92.223.111
209.197.3.15
212.129.63.91
78.128.99.25
006252ba27677f8cb620524557048dd0595df8554a8bf1ea19826c62b97117cb
02e503d973a179ab808a8b3b81df31e9f8560eeffa0a783b1607b2d9958f5259
0ac1852801b1722575ef593304c0e73c46211dfd0300c0a3a98d735f77869848
1a7d2e036c21353dfa465f4f42d9a770b28f7b9360469f8dc870dccd2d22704e
2bf9ed9ba13bb6261155bb9243b13e0ae7af6dab2af6e9681fd4338380938eab
2ce27753b05a3987df859e9a7a04f02ed0e42cc395df23fefbd208565d056278
30030c6550721a8212e6f505e42add33ef5bf17a4a2376952b605718993622d3
33ce9dc642b1211a11b477fd0a4972148a6673b71ecbef6a183964527b6a755b
360ebe904d3d78de5737af2d81cdda55b91495a105f78e4099338cecea2d3737
367778085f446b669d32cac74ec75cd027cd81d2d87aa7dad466060ca206726c
460ff1ed9072b5faabb115085f410936542cfff0794ab40d87d5a2859f8c6fc8
4a7e7387d92ba9eb6f45d83ab0448ca8006a487c4bee4e03cb32c62acb0d59e0
4df3a38ff0d0e0c0cbea528e4c1c64d669a893aa6d4fae1e89e0f9bb3a607de5
4ec510234b7ed3071de63194849e835b477d8b606078aaa9f53f7053f74f4745
503f6b2b25fff73304458fb3f66c3dd36ecf79def1dff067e99343ba5d949f60
513e6b7293bd2052de525d46be8b181d596a10a29d0a578aad06041d4a966151
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
53a38379592286cea290cd5315d36768edf6640aff3169573517fe82541e5a0a
545fca1523bbb378bd9cb8ddd522b88623a512fb31e074402fd4d942de0c5354
564e269c73b49b3d3d89bb2b9698a06554ddb8961aa12e61eb56efe42c44070c
5c9266a1f75183a12d50206e494a419f0cd0f9fd7f17f06e7d0f20ec14b79d31
5f2fd1940c739e83cf5d558be1f7f627aba240c9a1565b47e8bfee7ea3f41a63
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
794e36b946325d7b25d38b79bce1eb2c6fcc8f6bfffb4dded0afa409e624c988
86e1bd591516b78418106aedf9b3eb43d87f23a28490ecb3fda8b54176b4a095
9f0e60e88f7cfb82f25139e200d166ed4dfebe3a448cf0fa5a832ffa1820902a
a48fca23f43035e4c0c9c93b3b27ef605b013789427ac71fc9b585256155f0a5
b26aeae0358626b11f7315dd8bf3b6ffa1c5513e6e0bdf88087908edf1a601c4
b684e033e8312d8a860d29662826a9e00ee8ee2ffc77b10789c89b00ff527a85
b6beba1aca963ee004973a6dd4c0d00229d83b97547d5855c97a49bc3d46c3b2
bfb6b0785774ed8b0d32718611e7f81b1747b2de8184e68c324ef04c2cfc3f3b
c1c1494e06df0b23bf7153f95b127046661d3abe014af2f9013c256470c19013
cb02cf16f2c60cf033f48f0096e5086a1e9b6ac881cf5086bdd84b7aaac8605b
d4d2c5387a1ea159e0d3801eeece12ec043862726c09ee27d6bbd915dc06cb82
ddcd197bd1110181cbe42e6b390d54603a4ec0d36a988f05d790c39d8230095e
ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5
f1233c9e097042243f93eb37dc47d84e6c5ef1d16d84ba52cc2e926e00a55e13
f8759b4002b5d3273049eca7e9ba054fa587f34a624a4f401f712a5596803f6a
fcb1645b5b3fee035cbcde0d7b847022b60ca4fa6b1f3b7665a35337707fca94

thecryptosoft.co Open in urlscan Pro 104.28.27.151 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

39 Requests

3 %HTTPS

0 %IPv6

11 Domains

11 Subdomains

10 IPs

4 Countries

464 kBTransfer

1167 kBSize

4 Cookies

0 Outgoing links

Page URL History

Redirected requests

39 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

thecryptosoft.co Open in urlscan Pro
104.28.27.151 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

39
Requests

3 %
HTTPS

0 %
IPv6

11
Domains

11
Subdomains

10
IPs

4
Countries

464 kB
Transfer

1167 kB
Size

4
Cookies

39 HTTP transactions
1 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!