crstsettlementclaim.com Open in urlscan Pro
45.40.148.234 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.crstsettlementclaim.com/
Effective URL:
https://crstsettlementclaim.com/
Submission: On February 03 via automatic, source certstream-suspicious (February 3rd 2021, 6:09:38 pm UTC)

Summary HTTP 10 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 10 HTTP transactions. The main IP is 45.40.148.234, located in Scottsdale, United States and belongs to AS-26496-GO-DADDY-COM-LLC, US. The main domain is crstsettlementclaim.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on February 3rd 2021. Valid for: a year.

This is the only time crstsettlementclaim.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	45.40.148.234 45.40.148.234	26496 (AS-26496-...) (AS-26496-GO-DADDY-COM-LLC)
8 9	2a02:fe80:101... 2a02:fe80:1010::16	30148 (SUCURI-SEC) (SUCURI-SEC)
8	184.168.47.225 184.168.47.225	26496 (AS-26496-...) (AS-26496-GO-DADDY-COM-LLC)
10	3

2 45.40.148.234 (Scottsdale, United States) 1 redirects

ASN26496 (AS-26496-GO-DADDY-COM-LLC, US)
PTR: ip-45-40-148-234.ip.secureserver.net

www.crstsettlementclaim.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
crstsettlementclaim.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a02:fe80:1010::16 (United Kingdom) 8 redirects

ASN30148 (SUCURI-SEC, US)

secureservercdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 184.168.47.225 (Scottsdale, United States)

ASN26496 (AS-26496-GO-DADDY-COM-LLC, US)
PTR: redirect-v225.secureserver.net

v56.6b2.myftpupload.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	secureservercdn.net 8 redirects secureservercdn.net	134 KB
8	myftpupload.com v56.6b2.myftpupload.com	68 KB
2	crstsettlementclaim.com 1 redirects www.crstsettlementclaim.com crstsettlementclaim.com	4 KB
10	3

	Domain	Requested by
9	secureservercdn.net	8 redirects crstsettlementclaim.com
8	v56.6b2.myftpupload.com	crstsettlementclaim.com
1	crstsettlementclaim.com
1	www.crstsettlementclaim.com	1 redirects
10	4

This site contains links to these domains. Also see Links.

Domain
wordpress.org
devrix.com

Subject Issuer	Validity	Valid
crstsettlementclaim.com Go Daddy Secure Certificate Authority - G2	`2021-02-03` - `2022-03-07`	a year	crt.sh
*.6b2.myftpupload.com Go Daddy Secure Certificate Authority - G2	`2021-02-01` - `2022-03-05`	a year	crt.sh
secureservercdn.net Starfield Secure Certificate Authority - G2	`2020-06-26` - `2021-06-26`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://crstsettlementclaim.com/
Frame ID: CD651E1CDABF9EB8638C04133D2CD5CB
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://www.crstsettlementclaim.com/ HTTP 301
https://crstsettlementclaim.com/ Page URL

Detected technologies

Lua (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers server /openresty(?:\/([\d.]+))?/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /openresty(?:\/([\d.]+))?/i

OpenResty (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /openresty(?:\/([\d.]+))?/i

Page Statistics

10
Requests

100 %
HTTPS

33 %
IPv6

3
Domains

4
Subdomains

3
IPs

2
Countries

202 kB
Transfer

393 kB
Size

0
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://wordpress.org/
Title: Proudly powered by WordPress

Search URL Search Domain Scan URL

URL: http://devrix.com/
Title: DevriX

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.crstsettlementclaim.com/ HTTP 301
https://crstsettlementclaim.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://secureservercdn.net/45.40.148.234/v56.6b2.myftpupload.com/wp-includes/css/dist/block-library/style.min.css?ver=5.6&time=1612375272 HTTP 301
https://v56.6b2.myftpupload.com/wp-includes/css/dist/block-library/style.min.css?ver=5.6&time=1612375272

Request Chain 1

https://secureservercdn.net/45.40.148.234/v56.6b2.myftpupload.com/wp-content/themes/starlight/assets/dist/css/master.min.css?ver=2019-10-04-00&time=1612375272 HTTP 301
https://v56.6b2.myftpupload.com/wp-content/themes/starlight/assets/dist/css/master.min.css?ver=2019-10-04-00&time=1612375272

Request Chain 2

https://secureservercdn.net/45.40.148.234/v56.6b2.myftpupload.com/wp-includes/js/jquery/jquery.min.js?ver=3.5.1&time=1612375272 HTTP 301
https://v56.6b2.myftpupload.com/wp-includes/js/jquery/jquery.min.js?ver=3.5.1&time=1612375272

Request Chain 3

https://secureservercdn.net/45.40.148.234/v56.6b2.myftpupload.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2&time=1612375272 HTTP 301
https://v56.6b2.myftpupload.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2&time=1612375272

Request Chain 5

https://secureservercdn.net/45.40.148.234/v56.6b2.myftpupload.com/wp-content/plugins/coblocks/dist/js/coblocks-animation.js?ver=2.7.0&time=1612375272 HTTP 301
https://v56.6b2.myftpupload.com/wp-content/plugins/coblocks/dist/js/coblocks-animation.js?ver=2.7.0&time=1612375272

Request Chain 6

https://secureservercdn.net/45.40.148.234/v56.6b2.myftpupload.com/wp-content/themes/starlight/assets/dist/scripts/bundle.min.js?ver=2019-10-04-00&time=1612375272 HTTP 301
https://v56.6b2.myftpupload.com/wp-content/themes/starlight/assets/dist/scripts/bundle.min.js?ver=2019-10-04-00&time=1612375272

Request Chain 7

https://secureservercdn.net/45.40.148.234/v56.6b2.myftpupload.com/wp-includes/js/wp-embed.min.js?ver=5.6&time=1612375272 HTTP 301
https://v56.6b2.myftpupload.com/wp-includes/js/wp-embed.min.js?ver=5.6&time=1612375272

Request Chain 8

https://secureservercdn.net/45.40.148.234/v56.6b2.myftpupload.com/wp-includes/js/wp-emoji-release.min.js?ver=5.6&time=1612375272 HTTP 301
https://v56.6b2.myftpupload.com/wp-includes/js/wp-emoji-release.min.js?ver=5.6&time=1612375272

10 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
crstsettlementclaim.com/
Redirect Chain

https://www.crstsettlementclaim.com/
https://crstsettlementclaim.com/

12 KB
4 KB

171ms
170ms

Document
text/html

45.40.148.234
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL

https://crstsettlementclaim.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

45.40.148.234 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),

Reverse DNS

ip-45-40-148-234.ip.secureserver.net

Software

openresty /

Resource Hash

84789bc37998293dbba82febc4a05236b22f0001ba401256cc2822d72f1cd973

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300 max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: crstsettlementclaim.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

server: openresty
date: Wed, 03 Feb 2021 18:09:09 GMT
content-type: text/html; charset=UTF-8
content-length: 3687
content-security-policy: upgrade-insecure-requests
content-encoding: gzip
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=300 max-age=31536000; includeSubDomains
x-cacheable: YES:Forced
accept-ranges: bytes
age: 2
vary: Accept-Encoding, User-Agent
x-cache: cached
x-cache-hit: HIT
x-backend: all_requests

Redirect headers

server: openresty
date: Wed, 03 Feb 2021 18:09:09 GMT
content-type: text/html; charset=UTF-8
x-redirect-by: WordPress
content-security-policy: upgrade-insecure-requests
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=300 max-age=31536000; includeSubDomains
location: https://crstsettlementclaim.com/
x-cacheable: NO:HTTPS Redirect
content-encoding: gzip
age: 0
vary: User-Agent
x-cache: uncached
x-cache-hit: MISS
x-backend: all_requests

GET
H2

200

style.min.css
v56.6b2.myftpupload.com/wp-includes/css/dist/block-library/
Redirect Chain

https://secureservercdn.net/45.40.148.234/v56.6b2.myftpupload.com/wp-includes/css/dist/block-library/style.min.css?ver=5.6&time=1612375272
https://v56.6b2.myftpupload.com/wp-includes/css/dist/block-library/style.min.css?ver=5.6&time=1612375272

50 KB
8 KB

1373ms
1048ms

Stylesheet
text/css

184.168.47.225
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL

https://v56.6b2.myftpupload.com/wp-includes/css/dist/block-library/style.min.css?ver=5.6&time=1612375272

Requested by

Host: crstsettlementclaim.com
URL: https://crstsettlementclaim.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.168.47.225 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),

Reverse DNS

redirect-v225.secureserver.net

Software

openresty /

Resource Hash

5c2288ca7b324881faae5e368eb4d69457e2784e042e868de335d3827bb90981

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://crstsettlementclaim.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-backend: all_requests
age: 0
x-cache: uncached
content-length: 7855
x-xss-protection: 1; mode=block
last-modified: Tue, 01 Dec 2020 12:21:40 GMT
server: openresty
date: Wed, 03 Feb 2021 18:09:11 GMT
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
content-type: text/css
x-cache-hit: MISS
etag: "c8e9-5b5662b38fd00-gzip"
accept-ranges: bytes

Redirect headers

date: Wed, 03 Feb 2021 18:09:10 GMT
content-encoding: gzip
x-cacheable: NO:HTTPS Redirect
server: nginx
age: 0
x-cache-hit: MISS
x-cache: uncached
content-type: text/html; charset=iso-8859-1
location: https://v56.6b2.myftpupload.com/wp-includes/css/dist/block-library/style.min.css?ver=5.6&time=1612375272
x-sucuri-cache: MISS
cache-control: max-age=315360000
x-sucuri-id: 15016
content-security-policy: upgrade-insecure-requests
x-backend: all_requests
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2

200

master.min.css
v56.6b2.myftpupload.com/wp-content/themes/starlight/assets/dist/css/
Redirect Chain

https://secureservercdn.net/45.40.148.234/v56.6b2.myftpupload.com/wp-content/themes/starlight/assets/dist/css/master.min.css?ver=2019-10-04-00&time=1612375272
https://v56.6b2.myftpupload.com/wp-content/themes/starlight/assets/dist/css/master.min.css?ver=2019-10-04-00&time=1612375272

75 KB
13 KB

790ms
432ms

Stylesheet
text/css

184.168.47.225
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL

https://v56.6b2.myftpupload.com/wp-content/themes/starlight/assets/dist/css/master.min.css?ver=2019-10-04-00&time=1612375272

Requested by

Host: crstsettlementclaim.com
URL: https://crstsettlementclaim.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.168.47.225 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),

Reverse DNS

redirect-v225.secureserver.net

Software

openresty /

Resource Hash

12a71d2e1f86b2366d362fe496c15af666004567a88e4b6916cfe4d5997f40b5

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://crstsettlementclaim.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-backend: all_requests
age: 0
x-cache: uncached
content-length: 12770
x-xss-protection: 1; mode=block
last-modified: Wed, 03 Feb 2021 17:33:45 GMT
server: openresty
date: Wed, 03 Feb 2021 18:09:11 GMT
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
content-type: text/css
x-cache-hit: MISS
etag: "12a11-5ba71fd361877-gzip"
accept-ranges: bytes

Redirect headers

date: Wed, 03 Feb 2021 18:09:09 GMT
content-encoding: gzip
x-cacheable: NO:HTTPS Redirect
server: nginx
age: 0
x-cache-hit: MISS
x-cache: uncached
content-type: text/html; charset=iso-8859-1
location: https://v56.6b2.myftpupload.com/wp-content/themes/starlight/assets/dist/css/master.min.css?ver=2019-10-04-00&time=1612375272
x-sucuri-cache: MISS
cache-control: max-age=315360000
x-sucuri-id: 15016
content-security-policy: upgrade-insecure-requests
x-backend: all_requests
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2

200

jquery.min.js Show response
v56.6b2.myftpupload.com/wp-includes/js/jquery/
Redirect Chain

https://secureservercdn.net/45.40.148.234/v56.6b2.myftpupload.com/wp-includes/js/jquery/jquery.min.js?ver=3.5.1&time=1612375272
https://v56.6b2.myftpupload.com/wp-includes/js/jquery/jquery.min.js?ver=3.5.1&time=1612375272

87 KB
31 KB

914ms
582ms

Script
application/javascript

184.168.47.225
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL

https://v56.6b2.myftpupload.com/wp-includes/js/jquery/jquery.min.js?ver=3.5.1&time=1612375272

Requested by

Host: crstsettlementclaim.com
URL: https://crstsettlementclaim.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.168.47.225 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),

Reverse DNS

redirect-v225.secureserver.net

Software

openresty /

Resource Hash

60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://crstsettlementclaim.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-backend: all_requests
age: 0
x-cache: uncached
content-length: 30916
x-xss-protection: 1; mode=block
last-modified: Wed, 07 Oct 2020 16:33:25 GMT
server: openresty
date: Wed, 03 Feb 2021 18:09:11 GMT
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
content-type: application/javascript
x-cache-hit: MISS
etag: "15d98-5b11746475f40-gzip"
accept-ranges: bytes

Redirect headers

date: Wed, 03 Feb 2021 18:09:10 GMT
content-encoding: gzip
x-cacheable: NO:HTTPS Redirect
server: nginx
age: 0
x-cache-hit: MISS
x-cache: uncached
content-type: text/html; charset=iso-8859-1
location: https://v56.6b2.myftpupload.com/wp-includes/js/jquery/jquery.min.js?ver=3.5.1&time=1612375272
x-sucuri-cache: MISS
cache-control: max-age=315360000
x-sucuri-id: 15016
content-security-policy: upgrade-insecure-requests
x-backend: all_requests
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2

200

jquery-migrate.min.js Show response
v56.6b2.myftpupload.com/wp-includes/js/jquery/
Redirect Chain

https://secureservercdn.net/45.40.148.234/v56.6b2.myftpupload.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2&time=1612375272
https://v56.6b2.myftpupload.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2&time=1612375272

11 KB
4 KB

1046ms
734ms

Script
application/javascript

184.168.47.225
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL

https://v56.6b2.myftpupload.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2&time=1612375272

Requested by

Host: crstsettlementclaim.com
URL: https://crstsettlementclaim.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.168.47.225 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),

Reverse DNS

redirect-v225.secureserver.net

Software

openresty /

Resource Hash

029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://crstsettlementclaim.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-backend: all_requests
age: 0
x-cache: uncached
content-length: 4169
x-xss-protection: 1; mode=block
last-modified: Thu, 19 Nov 2020 09:31:13 GMT
server: openresty
date: Wed, 03 Feb 2021 18:09:11 GMT
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
content-type: application/javascript
x-cache-hit: MISS
etag: "2bd8-5b472638cda40-gzip"
accept-ranges: bytes

Redirect headers

date: Wed, 03 Feb 2021 18:09:10 GMT
content-encoding: gzip
x-cacheable: NO:HTTPS Redirect
server: nginx
age: 0
x-cache-hit: MISS
x-cache: uncached
content-type: text/html; charset=iso-8859-1
location: https://v56.6b2.myftpupload.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2&time=1612375272
x-sucuri-cache: MISS
cache-control: max-age=315360000
x-sucuri-id: 15016
content-security-policy: upgrade-insecure-requests
x-backend: all_requests
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 cropped-NADTA-parking-lot-scaled-e1612374931932.jpg
secureservercdn.net/45.40.148.234/v56.6b2.myftpupload.com/wp-content/uploads/2021/02/ 130 KB
131 KB 472ms
471ms Image
image/jpeg 2a02:fe80:1010::16
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secureservercdn.net/45.40.148.234/v56.6b2.myftpupload.com/wp-content/uploads/2021/02/cropped-NADTA-parking-lot-scaled-e1612374931932.jpg

Requested by

Host: crstsettlementclaim.com
URL: https://crstsettlementclaim.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::16 , United Kingdom, ASN30148 (SUCURI-SEC, US),

Reverse DNS

Software

nginx /

Resource Hash

d08477d883b2e894014e0222182a57c7656b2637044a6f05ab3f5a96fc8b9bbe

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://crstsettlementclaim.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-cacheable: YES
x-backend: all_requests
age: 645
x-cache: cached
x-sucuri-cache: MISS
content-length: 133372
x-xss-protection: 1; mode=block
last-modified: Wed, 03 Feb 2021 17:56:05 GMT
server: nginx
date: Wed, 03 Feb 2021 18:09:11 GMT
strict-transport-security: max-age=300
content-type: image/jpeg
x-cache-hit: HIT
cache-control: max-age=315360000
x-sucuri-id: 15016
etag: "208fc-5ba724d0bbc8a"
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2

200

coblocks-animation.js Show response
v56.6b2.myftpupload.com/wp-content/plugins/coblocks/dist/js/
Redirect Chain

https://secureservercdn.net/45.40.148.234/v56.6b2.myftpupload.com/wp-content/plugins/coblocks/dist/js/coblocks-animation.js?ver=2.7.0&time=1612375272
https://v56.6b2.myftpupload.com/wp-content/plugins/coblocks/dist/js/coblocks-animation.js?ver=2.7.0&time=1612375272

1 KB
1 KB

408ms
408ms

Script
application/javascript

184.168.47.225
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL

https://v56.6b2.myftpupload.com/wp-content/plugins/coblocks/dist/js/coblocks-animation.js?ver=2.7.0&time=1612375272

Requested by

Host: crstsettlementclaim.com
URL: https://crstsettlementclaim.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.168.47.225 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),

Reverse DNS

redirect-v225.secureserver.net

Software

openresty /

Resource Hash

df27f07e43ffb388d0cad2ad94632c9461740494481e5d630cbdb04aeec649d7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://crstsettlementclaim.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-backend: all_requests
age: 0
x-cache: uncached
content-length: 627
x-xss-protection: 1; mode=block
last-modified: Wed, 03 Feb 2021 15:27:57 GMT
server: openresty
date: Wed, 03 Feb 2021 18:09:12 GMT
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
content-type: application/javascript
x-cache-hit: MISS
etag: "550-5ba703b4a00ef-gzip"
accept-ranges: bytes

Redirect headers

date: Wed, 03 Feb 2021 18:09:12 GMT
content-encoding: gzip
x-cacheable: NO:HTTPS Redirect
server: nginx
age: 0
x-cache-hit: MISS
x-cache: uncached
content-type: text/html; charset=iso-8859-1
location: https://v56.6b2.myftpupload.com/wp-content/plugins/coblocks/dist/js/coblocks-animation.js?ver=2.7.0&time=1612375272
x-sucuri-cache: MISS
cache-control: max-age=315360000
x-sucuri-id: 15016
content-security-policy: upgrade-insecure-requests
x-backend: all_requests
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2

200

bundle.min.js Show response
v56.6b2.myftpupload.com/wp-content/themes/starlight/assets/dist/scripts/
Redirect Chain

https://secureservercdn.net/45.40.148.234/v56.6b2.myftpupload.com/wp-content/themes/starlight/assets/dist/scripts/bundle.min.js?ver=2019-10-04-00&time=1612375272
https://v56.6b2.myftpupload.com/wp-content/themes/starlight/assets/dist/scripts/bundle.min.js?ver=2019-10-04-00&time=1612375272

11 KB
5 KB

708ms
708ms

Script
application/javascript

184.168.47.225
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL

https://v56.6b2.myftpupload.com/wp-content/themes/starlight/assets/dist/scripts/bundle.min.js?ver=2019-10-04-00&time=1612375272

Requested by

Host: crstsettlementclaim.com
URL: https://crstsettlementclaim.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.168.47.225 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),

Reverse DNS

redirect-v225.secureserver.net

Software

openresty /

Resource Hash

69d887ade843b4008891a2121c10a943932feb7e8de1b09df228789817fffd91

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://crstsettlementclaim.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-backend: all_requests
age: 0
x-cache: uncached
content-length: 4223
x-xss-protection: 1; mode=block
last-modified: Wed, 03 Feb 2021 17:33:45 GMT
server: openresty
date: Wed, 03 Feb 2021 18:09:13 GMT
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
content-type: application/javascript
x-cache-hit: MISS
etag: "2c41-5ba71fd3590bf-gzip"
accept-ranges: bytes

Redirect headers

date: Wed, 03 Feb 2021 18:09:12 GMT
content-encoding: gzip
x-cacheable: NO:HTTPS Redirect
server: nginx
age: 0
x-cache-hit: MISS
x-cache: uncached
content-type: text/html; charset=iso-8859-1
location: https://v56.6b2.myftpupload.com/wp-content/themes/starlight/assets/dist/scripts/bundle.min.js?ver=2019-10-04-00&time=1612375272
x-sucuri-cache: MISS
cache-control: max-age=315360000
x-sucuri-id: 15016
content-security-policy: upgrade-insecure-requests
x-backend: all_requests
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2

200

wp-embed.min.js Show response
v56.6b2.myftpupload.com/wp-includes/js/
Redirect Chain

https://secureservercdn.net/45.40.148.234/v56.6b2.myftpupload.com/wp-includes/js/wp-embed.min.js?ver=5.6&time=1612375272
https://v56.6b2.myftpupload.com/wp-includes/js/wp-embed.min.js?ver=5.6&time=1612375272

1 KB
1 KB

453ms
453ms

Script
application/javascript

184.168.47.225
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL

https://v56.6b2.myftpupload.com/wp-includes/js/wp-embed.min.js?ver=5.6&time=1612375272

Requested by

Host: crstsettlementclaim.com
URL: https://crstsettlementclaim.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.168.47.225 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),

Reverse DNS

redirect-v225.secureserver.net

Software

openresty /

Resource Hash

6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://crstsettlementclaim.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-backend: all_requests
age: 0
x-cache: uncached
content-length: 769
x-xss-protection: 1; mode=block
last-modified: Sat, 26 Oct 2019 00:17:07 GMT
server: openresty
date: Wed, 03 Feb 2021 18:09:12 GMT
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
content-type: application/javascript
x-cache-hit: MISS
etag: "59a-595c52fd2e6c0-gzip"
accept-ranges: bytes

Redirect headers

date: Wed, 03 Feb 2021 18:09:11 GMT
content-encoding: gzip
x-cacheable: NO:HTTPS Redirect
server: nginx
age: 0
x-cache-hit: MISS
x-cache: uncached
content-type: text/html; charset=iso-8859-1
location: https://v56.6b2.myftpupload.com/wp-includes/js/wp-embed.min.js?ver=5.6&time=1612375272
x-sucuri-cache: MISS
cache-control: max-age=315360000
x-sucuri-id: 15016
content-security-policy: upgrade-insecure-requests
x-backend: all_requests
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2

200

wp-emoji-release.min.js Show response
v56.6b2.myftpupload.com/wp-includes/js/
Redirect Chain

https://secureservercdn.net/45.40.148.234/v56.6b2.myftpupload.com/wp-includes/js/wp-emoji-release.min.js?ver=5.6&time=1612375272
https://v56.6b2.myftpupload.com/wp-includes/js/wp-emoji-release.min.js?ver=5.6&time=1612375272

14 KB
5 KB

864ms
864ms

Script
application/javascript

184.168.47.225
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL

https://v56.6b2.myftpupload.com/wp-includes/js/wp-emoji-release.min.js?ver=5.6&time=1612375272

Requested by

Host: crstsettlementclaim.com
URL: https://crstsettlementclaim.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.168.47.225 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),

Reverse DNS

redirect-v225.secureserver.net

Software

openresty /

Resource Hash

3685c3818240f5f390073c7d04f944a5cb5d848093224f3a7888034e8c050eb4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://crstsettlementclaim.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-backend: all_requests
age: 0
x-cache: uncached
content-length: 4671
x-xss-protection: 1; mode=block
last-modified: Tue, 20 Oct 2020 16:55:23 GMT
server: openresty
date: Wed, 03 Feb 2021 18:09:13 GMT
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
content-type: application/javascript
x-cache-hit: MISS
etag: "37a6-5b21d18c654c0-gzip"
accept-ranges: bytes

Redirect headers

date: Wed, 03 Feb 2021 18:09:11 GMT
content-encoding: gzip
x-cacheable: NO:HTTPS Redirect
server: nginx
age: 0
x-cache-hit: MISS
x-cache: uncached
content-type: text/html; charset=iso-8859-1
location: https://v56.6b2.myftpupload.com/wp-includes/js/wp-emoji-release.min.js?ver=5.6&time=1612375272
x-sucuri-cache: MISS
cache-control: max-age=315360000
x-sucuri-id: 15016
content-security-policy: upgrade-insecure-requests
x-backend: all_requests
expires: Thu, 31 Dec 2037 23:55:55 GMT

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://secureservercdn.net/45.40.148.234/v56.6b2.myftpupload.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2&time=1612375272(Line 2) Message: JQMIGRATE: Migrate is installed, version 3.3.2

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300 max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

crstsettlementclaim.com
secureservercdn.net
v56.6b2.myftpupload.com
www.crstsettlementclaim.com
184.168.47.225
2a02:fe80:1010::16
45.40.148.234
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
12a71d2e1f86b2366d362fe496c15af666004567a88e4b6916cfe4d5997f40b5
3685c3818240f5f390073c7d04f944a5cb5d848093224f3a7888034e8c050eb4
5c2288ca7b324881faae5e368eb4d69457e2784e042e868de335d3827bb90981
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827
69d887ade843b4008891a2121c10a943932feb7e8de1b09df228789817fffd91
6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0
84789bc37998293dbba82febc4a05236b22f0001ba401256cc2822d72f1cd973
d08477d883b2e894014e0222182a57c7656b2637044a6f05ab3f5a96fc8b9bbe
df27f07e43ffb388d0cad2ad94632c9461740494481e5d630cbdb04aeec649d7

crstsettlementclaim.com Open in urlscan Pro 45.40.148.234 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

10 Requests

100 %HTTPS

33 %IPv6

3 Domains

4 Subdomains

3 IPs

2 Countries

202 kBTransfer

393 kBSize

0 Cookies

2 Outgoing links

Page URL History

Redirected requests

10 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

0 Cookies

1 Console Messages

Security Headers

Indicators

crstsettlementclaim.com Open in urlscan Pro
45.40.148.234 Public Scan

Screenshot
Live screenshot

Full Image

10
Requests

100 %
HTTPS

33 %
IPv6

3
Domains

4
Subdomains

3
IPs

2
Countries

202 kB
Transfer

393 kB
Size

0
Cookies

10 HTTP transactions
0 data transactions