Report - claim-buidl-token.com/

Report Overview

Submitted URL
claim-buidl-token.com/
IP
91.215.85.79
ASN
#200593 Prospero Ooo
Submitted
2024-05-10 21:44:46
Access
public
Website Title
Hardware Wallet & Crypto Wallet - Security for Crypto | Ledger
Final URL
claim-buidl-token.com/
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
2
Threat Detection Systems
36

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
fonts.googleapis.com	8877	2005-01-25	2013-06-10	2024-05-10	488 B	22 kB	142.250.74.106
claim-buidl-token.com	unknown	unknown	No data	No data	9.7 kB	484 kB	91.215.85.79
cdnjs.cloudflare.com	235	2009-02-17	2015-04-17	2024-05-09	477 B	5.3 kB	104.17.24.14
use.typekit.net	494	2010-08-02	2012-07-05	2024-05-09	421 B	1.2 kB	23.36.76.186
p.typekit.net	620	2010-08-02	2012-05-23	2024-05-09	477 B	338 B	23.33.119.26
fonts.gstatic.com	unknown	2008-02-11	2014-09-09	2024-05-10	1.6 kB	143 kB	216.58.207.227
analytics.cbfw.dev	unknown	unknown	No data	No data	410 B	3.5 kB	172.67.173.102

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2024-05-10 21:44:20	medium	91.215.85.79	Client IP	ET DROP Spamhaus DROP Listed Traffic Inbound group 14
2024-05-10 21:44:20	medium	91.215.85.79	Client IP	ET DROP Spamhaus DROP Listed Traffic Inbound group 14

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

Scan Date	Severity	Indicator	Alert
2024-05-10	medium	claim-buidl-token.com/	Crypto/Wallet
2024-05-10	medium	claim-buidl-token.com/	Crypto/Wallet
2024-05-10	medium	claim-buidl-token.com/	Crypto/Wallet
2024-05-10	medium	claim-buidl-token.com/	Crypto/Wallet
2024-05-10	medium	claim-buidl-token.com/	Crypto/Wallet
2024-05-10	medium	claim-buidl-token.com/	Crypto/Wallet
2024-05-10	medium	claim-buidl-token.com/	Crypto/Wallet
2024-05-10	medium	claim-buidl-token.com/	Crypto/Wallet
2024-05-10	medium	claim-buidl-token.com/	Crypto/Wallet
2024-05-10	medium	claim-buidl-token.com/	Crypto/Wallet
2024-05-10	medium	claim-buidl-token.com/	Crypto/Wallet
2024-05-10	medium	claim-buidl-token.com/	Crypto/Wallet
2024-05-10	medium	claim-buidl-token.com/	Crypto/Wallet
2024-05-10	medium	claim-buidl-token.com/	Crypto/Wallet
2024-05-10	medium	claim-buidl-token.com/	Crypto/Wallet
2024-05-10	medium	claim-buidl-token.com/	Crypto/Wallet
2024-05-10	medium	claim-buidl-token.com/	Crypto/Wallet
2024-05-10	medium	claim-buidl-token.com/	Crypto/Wallet

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (4)

	URL	Size	First Seen	Last Seen
	claim-buidl-token.com/34da37f1-8634-4d2e-8942-5d943ad874b1.js	1.6 MB	2024-05-10	2024-05-10
Pretty URL claim-buidl-token.com/34da37f1-8634-4d2e-8942-5d943ad874b1.js IP 91.215.85.79 ASN #200593 Prospero Ooo Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-10 23:44:54 Last Seen2024-05-10 23:44:54 Times Seen2 Hash 157aaa1bf4f5fa8c8db18220500d196f 67d414ad131473e20865615b016ee4ba7edf5735 d23f5913689c7f90e9323e96fffd85215f9eef5baded24cd40f4bc84bc4e54be Loading...

	unknown	79 B	2023-04-11	2024-06-04
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-11 21:38:58 Last Seen2024-06-04 10:53:09 Times Seen127857 Hash aa049e2749b8531cb8f233c2f64fc2b2 b611a5a62c1813ae5b4763378b3a4a565556530a e52e51d5897d7a179089ddcf8f5de7aeb3ef4f27b054b63e937cf308b685c9e2 Loading...

	unknown	37 B	2023-04-11	2024-06-04
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-11 21:31:25 Last Seen2024-06-04 11:06:04 Times Seen243519 Hash 29d0c84b9d1d8da446a6062c6a840ad9 6d6b3a6065667c7c50d92f3889c85ed65a9ad784 3c3cbdb71d0d2c22f504f4d63d8a6ffe8d250cde7e58300619be35b6bbab26a1 Loading...

	unknown	34 B	2023-04-11	2024-06-04
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-11 21:16:40 Last Seen2024-06-04 10:39:58 Times Seen79289 Hash 572cb94037fffc2a0a53b465972e15f1 0d679b041a7c1ca45cc99e2d229fc2b86762838d 6487e4bdd0f51bbfd9105810a41755847fdae2c274e2fc325cd22356d7707e35 Loading...

HTTP Transactions (29)

URL IP Response Size

claim-buidl-token.com/

91.215.85.79

200 OK

7.6 kB

URL User Request GET HTTP/2
claim-buidl-token.com/
IP
91.215.85.79:443
ASN
#200593 Prospero Ooo

Certificate
IssuerLet's Encrypt
Subject*.claim-buidl-token.com
FingerprintA0:22:BB:20:CD:DC:2D:D9:28:A8:59:E4:8D:E7:07:E0:D6:FD:D7:01
ValidityThu, 09 May 2024 23:18:52 GMT - Wed, 07 Aug 2024 23:18:51 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
7.6 kB (7552 bytes)
Hash
c1565ad172777960331be30e81e077c0
710e3b5a8ff882160fc02cc2f9b051764fa0b6f0
a53f0ac6f4348f16197cebf198ba8d1a82f17d8bed6fdef7fa5eaf2bc5f1d359

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet

HTTP Headers

GET / HTTP/1.1
Host: claim-buidl-token.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/html
last-modified: Thu, 09 May 2024 16:08:02 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 7552
date: Fri, 10 May 2024 21:44:20 GMT
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/crypto-js/3.1.2/rollups/aes.js

104.17.24.14

200 OK

4.3 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/crypto-js/3.1.2/rollups/aes.js
IP
104.17.24.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://claim-buidl-token.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (548)
Size
4.3 kB (4256 bytes)
Hash
4ff108e4584780dce15d610c142c3e62
77e4519962e2f6a9fc93342137dbb31c33b76b04
fc7e184beeda61bf6427938a84560f52348976bb55e807b224eb53930e97ef6a

HTTP Headers

GET /ajax/libs/crypto-js/3.1.2/rollups/aes.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://claim-buidl-token.com
DNT: 1
Connection: keep-alive
Referer: https://claim-buidl-token.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 10 May 2024 21:44:20 GMT
content-type: application/javascript; charset=utf-8
content-length: 4256
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e2d-3430"
last-modified: Mon, 04 May 2020 16:09:17 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 185062
expires: Wed, 30 Apr 2025 21:44:20 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6KAHa6nS%2BZolwC7BxUl4U8PdbYBWAxC3pGVNgjb4wvdS%2F9hemYGjh1DyVgtxikwk4SQ521h3K4GM65dD%2BDgo02oQ5uCKXQw6R9xBoNNXk4AAvbB%2BG7X1vB23teNUCW4kLP%2Bd%2FGhG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 881d1c29ef6a5684-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

claim-buidl-token.com/assets/img/logo-maestro-s.png?v=2

91.215.85.79

200 OK

562 B

URL GET HTTP/3
claim-buidl-token.com/assets/img/logo-maestro-s.png?v=2
IP
91.215.85.79:443
ASN
#200593 Prospero Ooo

Requested by
https://claim-buidl-token.com/
Certificate
IssuerLet's Encrypt
Subject*.claim-buidl-token.com
FingerprintA0:22:BB:20:CD:DC:2D:D9:28:A8:59:E4:8D:E7:07:E0:D6:FD:D7:01
ValidityThu, 09 May 2024 23:18:52 GMT - Wed, 07 Aug 2024 23:18:51 GMT

File type
PNG image data, 22 x 12, 8-bit gray+alpha, non-interlaced
Size
562 B (562 bytes)
Hash
7ecd10326e74cdc60cf23b3c9ad24d0b
fa03004d4f5126d1924f31df7b3f5a007ef5bf2e
12563b3f84cfa1c5208de163253f13cf1d0c7204ce08e28e32e752a14156333d

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet

HTTP Headers

GET /assets/img/logo-maestro-s.png?v=2 HTTP/1.1
Host: claim-buidl-token.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://claim-buidl-token.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Fri, 17 May 2024 21:44:20 GMT
content-type: image/png
last-modified: Wed, 14 Feb 2024 03:48:34 GMT
accept-ranges: bytes
content-length: 562
date: Fri, 10 May 2024 21:44:20 GMT

claim-buidl-token.com/assets/img/logo-mastercard-s.png?v=2

91.215.85.79

200 OK

533 B

URL GET HTTP/3
claim-buidl-token.com/assets/img/logo-mastercard-s.png?v=2
IP
91.215.85.79:443
ASN
#200593 Prospero Ooo

Requested by
https://claim-buidl-token.com/
Certificate
IssuerLet's Encrypt
Subject*.claim-buidl-token.com
FingerprintA0:22:BB:20:CD:DC:2D:D9:28:A8:59:E4:8D:E7:07:E0:D6:FD:D7:01
ValidityThu, 09 May 2024 23:18:52 GMT - Wed, 07 Aug 2024 23:18:51 GMT

File type
PNG image data, 23 x 12, 8-bit gray+alpha, non-interlaced
Size
533 B (533 bytes)
Hash
5057e8386ba7fac3a9a9f0b8acba1806
9e22565e66884bef78811c1d13949e3a77e8a313
f17c74201db914394708080eef48d108276aa9458aee5e19cd6d15cc7d4fd81a

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet

HTTP Headers

GET /assets/img/logo-mastercard-s.png?v=2 HTTP/1.1
Host: claim-buidl-token.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://claim-buidl-token.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Fri, 17 May 2024 21:44:20 GMT
content-type: image/png
last-modified: Wed, 14 Feb 2024 03:48:26 GMT
accept-ranges: bytes
content-length: 533
date: Fri, 10 May 2024 21:44:20 GMT

claim-buidl-token.com/assets/img/logo-cb-s.png?v=2

91.215.85.79

200 OK

387 B

URL GET HTTP/3
claim-buidl-token.com/assets/img/logo-cb-s.png?v=2
IP
91.215.85.79:443
ASN
#200593 Prospero Ooo

Requested by
https://claim-buidl-token.com/
Certificate
IssuerLet's Encrypt
Subject*.claim-buidl-token.com
FingerprintA0:22:BB:20:CD:DC:2D:D9:28:A8:59:E4:8D:E7:07:E0:D6:FD:D7:01
ValidityThu, 09 May 2024 23:18:52 GMT - Wed, 07 Aug 2024 23:18:51 GMT

File type
PNG image data, 18 x 12, 8-bit/color RGBA, non-interlaced
Size
387 B (387 bytes)
Hash
308881a86383bfd3c2293aad520f3681
7d0d1e21e562bc92dd3cb68365b773d3abbc65a3
3083c41a7200b36c422b4121a8cc89a5069c5ed5389a01f228aca203998bd66e

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet

HTTP Headers

GET /assets/img/logo-cb-s.png?v=2 HTTP/1.1
Host: claim-buidl-token.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://claim-buidl-token.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Fri, 17 May 2024 21:44:20 GMT
content-type: image/png
last-modified: Wed, 14 Feb 2024 03:47:06 GMT
accept-ranges: bytes
content-length: 387
date: Fri, 10 May 2024 21:44:20 GMT

claim-buidl-token.com/assets/css/sassy-social-share-public.css

91.215.85.79

200 OK

2.2 kB

URL GET HTTP/3
claim-buidl-token.com/assets/css/sassy-social-share-public.css
IP
91.215.85.79:443
ASN
#200593 Prospero Ooo

Requested by
https://claim-buidl-token.com/
Certificate
IssuerLet's Encrypt
Subject*.claim-buidl-token.com
FingerprintA0:22:BB:20:CD:DC:2D:D9:28:A8:59:E4:8D:E7:07:E0:D6:FD:D7:01
ValidityThu, 09 May 2024 23:18:52 GMT - Wed, 07 Aug 2024 23:18:51 GMT

File type
ASCII text, with very long lines (10066), with no line terminators
Size
2.2 kB (2244 bytes)
Hash
a587f139f769419d022d22d4cfa93d91
8a33ca20fec87e30c8281ee57abf30708a2c9277
6c4ca119cf1bceba15e6b59d19c9a913dcfa12dd54b9ca0900890819adfae5e5

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet

HTTP Headers

GET /assets/css/sassy-social-share-public.css HTTP/1.1
Host: claim-buidl-token.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://claim-buidl-token.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Fri, 17 May 2024 21:44:20 GMT
content-type: text/css
last-modified: Wed, 14 Feb 2024 03:01:14 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2244
date: Fri, 10 May 2024 21:44:20 GMT

claim-buidl-token.com/style.css

91.215.85.79

200 OK

53 kB

URL GET HTTP/3
claim-buidl-token.com/style.css
IP
91.215.85.79:443
ASN
#200593 Prospero Ooo

Requested by
https://claim-buidl-token.com/
Certificate
IssuerLet's Encrypt
Subject*.claim-buidl-token.com
FingerprintA0:22:BB:20:CD:DC:2D:D9:28:A8:59:E4:8D:E7:07:E0:D6:FD:D7:01
ValidityThu, 09 May 2024 23:18:52 GMT - Wed, 07 Aug 2024 23:18:51 GMT

File type
ASCII text, with CRLF line terminators
Size
53 kB (53173 bytes)
Hash
1f85ab20bcbd816907747d4917d0af76
ec32712ee43fe612e12e240f902cd748bf715f58
0eb567b857bb001a5e8c7d0a1c9b57c9825b6d0b3093782a101603ea4bcd2fd0

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet

HTTP Headers

GET /style.css HTTP/1.1
Host: claim-buidl-token.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://claim-buidl-token.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Fri, 17 May 2024 21:44:20 GMT
content-type: text/css
last-modified: Wed, 14 Feb 2024 03:40:00 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 53173
date: Fri, 10 May 2024 21:44:20 GMT
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"

claim-buidl-token.com/assets/css/styles.css

91.215.85.79

200 OK

6.5 kB

URL GET HTTP/3
claim-buidl-token.com/assets/css/styles.css
IP
91.215.85.79:443
ASN
#200593 Prospero Ooo

Requested by
https://claim-buidl-token.com/
Certificate
IssuerLet's Encrypt
Subject*.claim-buidl-token.com
FingerprintA0:22:BB:20:CD:DC:2D:D9:28:A8:59:E4:8D:E7:07:E0:D6:FD:D7:01
ValidityThu, 09 May 2024 23:18:52 GMT - Wed, 07 Aug 2024 23:18:51 GMT

File type
ASCII text, with very long lines (18820)
Size
6.5 kB (6473 bytes)
Hash
4940e4ae72b6124a6eab7e97fc8df1f4
20986cbb9965f176b6c6ccf1adefcf783f9e9e9a
58c855e7eb9b917e71e6b733e73c542c25bacb986f3ba7df2be1570200312135

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet

HTTP Headers

GET /assets/css/styles.css HTTP/1.1
Host: claim-buidl-token.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://claim-buidl-token.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Fri, 17 May 2024 21:44:20 GMT
content-type: text/css
last-modified: Wed, 14 Feb 2024 02:59:54 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 6473
date: Fri, 10 May 2024 21:44:20 GMT

claim-buidl-token.com/assets/css/swiper-bundle.min.css

91.215.85.79

200 OK

4.4 kB

URL GET HTTP/3
claim-buidl-token.com/assets/css/swiper-bundle.min.css
IP
91.215.85.79:443
ASN
#200593 Prospero Ooo

Requested by
https://claim-buidl-token.com/
Certificate
IssuerLet's Encrypt
Subject*.claim-buidl-token.com
FingerprintA0:22:BB:20:CD:DC:2D:D9:28:A8:59:E4:8D:E7:07:E0:D6:FD:D7:01
ValidityThu, 09 May 2024 23:18:52 GMT - Wed, 07 Aug 2024 23:18:51 GMT

File type
ASCII text, with very long lines (17653)
Size
4.4 kB (4444 bytes)
Hash
8f1466ab740d33fd9870d24bc5565378
f2ed0ba668e294c3d4be0f6378a572612d06c685
53e05ab85d78b92fa96ffe4b348e57c6c292350ffe2c8895ce32c0ea4a4d4599

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet

HTTP Headers

GET /assets/css/swiper-bundle.min.css HTTP/1.1
Host: claim-buidl-token.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://claim-buidl-token.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Fri, 17 May 2024 21:44:20 GMT
content-type: text/css
last-modified: Wed, 14 Feb 2024 03:00:38 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4444
date: Fri, 10 May 2024 21:44:20 GMT

claim-buidl-token.com/assets/css/main.css

91.215.85.79

200 OK

34 kB

URL GET HTTP/3
claim-buidl-token.com/assets/css/main.css
IP
91.215.85.79:443
ASN
#200593 Prospero Ooo

Requested by
https://claim-buidl-token.com/
Certificate
IssuerLet's Encrypt
Subject*.claim-buidl-token.com
FingerprintA0:22:BB:20:CD:DC:2D:D9:28:A8:59:E4:8D:E7:07:E0:D6:FD:D7:01
ValidityThu, 09 May 2024 23:18:52 GMT - Wed, 07 Aug 2024 23:18:51 GMT

File type
ASCII text, with CRLF line terminators
Size
34 kB (34162 bytes)
Hash
f7fd6d5f79690490cdd3dc510da819a4
e81d8a948347fe50628863df6f689d0b13b2c7a8
0d6a98d9eb0e558c044d62f9a44e1a9b4b8b0f1221feb3e19eeb66009184429c

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet

HTTP Headers

GET /assets/css/main.css HTTP/1.1
Host: claim-buidl-token.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://claim-buidl-token.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Fri, 17 May 2024 21:44:20 GMT
content-type: text/css
last-modified: Thu, 09 May 2024 13:16:10 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 34162
date: Fri, 10 May 2024 21:44:20 GMT

claim-buidl-token.com/assets/css/homepage.css

91.215.85.79

200 OK

7.7 kB

URL GET HTTP/3
claim-buidl-token.com/assets/css/homepage.css
IP
91.215.85.79:443
ASN
#200593 Prospero Ooo

Requested by
https://claim-buidl-token.com/
Certificate
IssuerLet's Encrypt
Subject*.claim-buidl-token.com
FingerprintA0:22:BB:20:CD:DC:2D:D9:28:A8:59:E4:8D:E7:07:E0:D6:FD:D7:01
ValidityThu, 09 May 2024 23:18:52 GMT - Wed, 07 Aug 2024 23:18:51 GMT

File type
ASCII text, with very long lines (39060), with no line terminators
Size
7.7 kB (7662 bytes)
Hash
9828685e995a4c283ff13db3b382ee38
30afe94a8409ba93205a6fc29abc6aa1fa5ba7d2
894fcd5a88860cabc3c7108f1fd8526cc26fc2edf8cc9cd433a6258a3f119268

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet

HTTP Headers

GET /assets/css/homepage.css HTTP/1.1
Host: claim-buidl-token.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://claim-buidl-token.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Fri, 17 May 2024 21:44:20 GMT
content-type: text/css
last-modified: Thu, 09 May 2024 13:09:00 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 7662
date: Fri, 10 May 2024 21:44:20 GMT

claim-buidl-token.com/assets/f8a71d88c0.js

91.215.85.79

200 OK

4.2 kB

URL GET HTTP/3
claim-buidl-token.com/assets/f8a71d88c0.js
IP
91.215.85.79:443
ASN
#200593 Prospero Ooo

Requested by
https://claim-buidl-token.com/
Certificate
IssuerLet's Encrypt
Subject*.claim-buidl-token.com
FingerprintA0:22:BB:20:CD:DC:2D:D9:28:A8:59:E4:8D:E7:07:E0:D6:FD:D7:01
ValidityThu, 09 May 2024 23:18:52 GMT - Wed, 07 Aug 2024 23:18:51 GMT

File type
JavaScript source, ASCII text, with very long lines (11461)
Size
4.2 kB (4181 bytes)
Hash
9e2f5901397fa4614d4b9745ad2f2a93
679ea8c892b7f6f860f382620ddbd385d8168539
faab1f304c6551caad2318bf639c06c316c2866536a95f383ef3c111737c0d1a

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet

HTTP Headers

GET /assets/f8a71d88c0.js HTTP/1.1
Host: claim-buidl-token.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://claim-buidl-token.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: text/javascript
last-modified: Wed, 14 Feb 2024 03:39:38 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4181
date: Fri, 10 May 2024 21:44:20 GMT

claim-buidl-token.com/34da37f1-8634-4d2e-8942-5d943ad874b1.js

91.215.85.79

200 OK

310 kB

URL GET HTTP/3
claim-buidl-token.com/34da37f1-8634-4d2e-8942-5d943ad874b1.js
IP
91.215.85.79:443
ASN
#200593 Prospero Ooo

Requested by
https://claim-buidl-token.com/
Certificate
IssuerLet's Encrypt
Subject*.claim-buidl-token.com
FingerprintA0:22:BB:20:CD:DC:2D:D9:28:A8:59:E4:8D:E7:07:E0:D6:FD:D7:01
ValidityThu, 09 May 2024 23:18:52 GMT - Wed, 07 Aug 2024 23:18:51 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
310 kB (309495 bytes)
Hash
157aaa1bf4f5fa8c8db18220500d196f
67d414ad131473e20865615b016ee4ba7edf5735
d23f5913689c7f90e9323e96fffd85215f9eef5baded24cd40f4bc84bc4e54be

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet

HTTP Headers

GET /34da37f1-8634-4d2e-8942-5d943ad874b1.js HTTP/1.1
Host: claim-buidl-token.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://claim-buidl-token.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: text/javascript
last-modified: Thu, 09 May 2024 13:37:32 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 309495
date: Fri, 10 May 2024 21:44:20 GMT

claim-buidl-token.com/assets/img/ledger-logo-long.png

91.215.85.79

200 OK

9.7 kB

URL GET HTTP/3
claim-buidl-token.com/assets/img/ledger-logo-long.png
IP
91.215.85.79:443
ASN
#200593 Prospero Ooo

Requested by
https://claim-buidl-token.com/
Certificate
IssuerLet's Encrypt
Subject*.claim-buidl-token.com
FingerprintA0:22:BB:20:CD:DC:2D:D9:28:A8:59:E4:8D:E7:07:E0:D6:FD:D7:01
ValidityThu, 09 May 2024 23:18:52 GMT - Wed, 07 Aug 2024 23:18:51 GMT

File type
PNG image data, 921 x 165, 8-bit colormap, non-interlaced
Size
9.7 kB (9721 bytes)
Hash
f5d3fa81194d44dac47b913d1367599b
37dfa331d0b0a7cc3f23572c9f144f05707a61c1
4c2439cf9f2aea070b47f9f18248a4c2b43ee1f76f5a6058b40781bf70f67c38

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet

HTTP Headers

GET /assets/img/ledger-logo-long.png HTTP/1.1
Host: claim-buidl-token.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://claim-buidl-token.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Fri, 17 May 2024 21:44:20 GMT
content-type: image/png
last-modified: Mon, 01 Apr 2024 14:22:18 GMT
accept-ranges: bytes
content-length: 9721
date: Fri, 10 May 2024 21:44:20 GMT

claim-buidl-token.com/assets/js/jquery-3.5.1.min.dc5e7f18c8.js

91.215.85.79

200 OK

30 kB

URL GET HTTP/3
claim-buidl-token.com/assets/js/jquery-3.5.1.min.dc5e7f18c8.js
IP
91.215.85.79:443
ASN
#200593 Prospero Ooo

Requested by
https://claim-buidl-token.com/
Certificate
IssuerLet's Encrypt
Subject*.claim-buidl-token.com
FingerprintA0:22:BB:20:CD:DC:2D:D9:28:A8:59:E4:8D:E7:07:E0:D6:FD:D7:01
ValidityThu, 09 May 2024 23:18:52 GMT - Wed, 07 Aug 2024 23:18:51 GMT

File type
JavaScript source, ASCII text, with very long lines (65451)
Size
30 kB (30280 bytes)
Hash
dc5e7f18c8d36ac1d3d4753a87c98d0a
c8e1c8b386dc5b7a9184c763c88d19a346eb3342
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet

HTTP Headers

GET /assets/js/jquery-3.5.1.min.dc5e7f18c8.js HTTP/1.1
Host: claim-buidl-token.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://claim-buidl-token.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: text/javascript
last-modified: Tue, 21 Dec 2021 19:30:32 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 30280
date: Fri, 10 May 2024 21:44:20 GMT

claim-buidl-token.com/assets/img/logo-paypal-s.png?v=2

91.215.85.79

200 OK

944 B

URL GET HTTP/3
claim-buidl-token.com/assets/img/logo-paypal-s.png?v=2
IP
91.215.85.79:443
ASN
#200593 Prospero Ooo

Requested by
https://claim-buidl-token.com/
Certificate
IssuerLet's Encrypt
Subject*.claim-buidl-token.com
FingerprintA0:22:BB:20:CD:DC:2D:D9:28:A8:59:E4:8D:E7:07:E0:D6:FD:D7:01
ValidityThu, 09 May 2024 23:18:52 GMT - Wed, 07 Aug 2024 23:18:51 GMT

File type
PNG image data, 48 x 12, 8-bit gray+alpha, non-interlaced
Size
944 B (944 bytes)
Hash
44d02c68101328c9ee54c08c5b77b36d
90d5556e78375d8fa226140ad3942f0315454a70
c0cac66d8ce449b0c4ddd970fc5e455d6b9cfb63ffc50c3467bd13f79e93e458

HTTP Headers

GET /assets/img/logo-paypal-s.png?v=2 HTTP/1.1
Host: claim-buidl-token.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://claim-buidl-token.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Fri, 17 May 2024 21:44:20 GMT
content-type: image/png
last-modified: Wed, 14 Feb 2024 03:48:22 GMT
accept-ranges: bytes
content-length: 944
date: Fri, 10 May 2024 21:44:20 GMT

claim-buidl-token.com/assets/img/logo-crypto-s.png?v=6

91.215.85.79

200 OK

1.0 kB

URL GET HTTP/3
claim-buidl-token.com/assets/img/logo-crypto-s.png?v=6
IP
91.215.85.79:443
ASN
#200593 Prospero Ooo

Requested by
https://claim-buidl-token.com/
Certificate
IssuerLet's Encrypt
Subject*.claim-buidl-token.com
FingerprintA0:22:BB:20:CD:DC:2D:D9:28:A8:59:E4:8D:E7:07:E0:D6:FD:D7:01
ValidityThu, 09 May 2024 23:18:52 GMT - Wed, 07 Aug 2024 23:18:51 GMT

File type
PNG image data, 81 x 12, 8-bit gray+alpha, non-interlaced
Size
1.0 kB (1041 bytes)
Hash
f71bff5fab663c9067e5935d1c9cbac2
7161706dc73c79fe9a550c8ef22fa479d82b04f4
d33dd07b75c42c57038782bbb4c8765cc0926f255f44f5588e10d358856ebc6e

HTTP Headers

GET /assets/img/logo-crypto-s.png?v=6 HTTP/1.1
Host: claim-buidl-token.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://claim-buidl-token.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Fri, 17 May 2024 21:44:20 GMT
content-type: image/png
last-modified: Wed, 14 Feb 2024 03:48:36 GMT
accept-ranges: bytes
content-length: 1041
date: Fri, 10 May 2024 21:44:20 GMT

claim-buidl-token.com/assets/img/logo-bitpay-s.png?v=6

91.215.85.79

200 OK

749 B

URL GET HTTP/3
claim-buidl-token.com/assets/img/logo-bitpay-s.png?v=6
IP
91.215.85.79:443
ASN
#200593 Prospero Ooo

Requested by
https://claim-buidl-token.com/
Certificate
IssuerLet's Encrypt
Subject*.claim-buidl-token.com
FingerprintA0:22:BB:20:CD:DC:2D:D9:28:A8:59:E4:8D:E7:07:E0:D6:FD:D7:01
ValidityThu, 09 May 2024 23:18:52 GMT - Wed, 07 Aug 2024 23:18:51 GMT

File type
PNG image data, 36 x 12, 8-bit gray+alpha, non-interlaced
Size
749 B (749 bytes)
Hash
0af1d1236b2b862a886277f6e616316e
b3a3879f1c6f30c44c7f831e0ae7ce2fc4ac3a00
891d4bf7e49f7e7f8de89cbdb16e8f41deeb4f1c4adef33e9ca5166b05318cb2

HTTP Headers

GET /assets/img/logo-bitpay-s.png?v=6 HTTP/1.1
Host: claim-buidl-token.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://claim-buidl-token.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Fri, 17 May 2024 21:44:20 GMT
content-type: image/png
last-modified: Wed, 14 Feb 2024 03:48:38 GMT
accept-ranges: bytes
content-length: 749
date: Fri, 10 May 2024 21:44:20 GMT

claim-buidl-token.com/assets/img/layer1.png?v=2

91.215.85.79

404 Not Found

708 B

URL GET HTTP/3
claim-buidl-token.com/assets/img/layer1.png?v=2
IP
91.215.85.79:443
ASN
#200593 Prospero Ooo

Requested by
https://claim-buidl-token.com/
Certificate
IssuerLet's Encrypt
Subject*.claim-buidl-token.com
FingerprintA0:22:BB:20:CD:DC:2D:D9:28:A8:59:E4:8D:E7:07:E0:D6:FD:D7:01
ValidityThu, 09 May 2024 23:18:52 GMT - Wed, 07 Aug 2024 23:18:51 GMT

File type
HTML document, ASCII text, with CRLF, LF line terminators
Size
708 B (708 bytes)
Hash
2382378378c002d88b9a507c712c3349
2e894db3808b554abadc8b144338ad9e2ea937ba
37a4e56c497e170de6e152bc479624eb8d7ccb35bad5a190f2fdb17ac699cffa

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet

HTTP Headers

GET /assets/img/layer1.png?v=2 HTTP/1.1
Host: claim-buidl-token.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://claim-buidl-token.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 404 Not Found
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
content-type: text/html
content-length: 708
date: Fri, 10 May 2024 21:44:20 GMT

claim-buidl-token.com/assets/img/logo-visa-s.png?v=2

91.215.85.79

200 OK

543 B

URL GET HTTP/3
claim-buidl-token.com/assets/img/logo-visa-s.png?v=2
IP
91.215.85.79:443
ASN
#200593 Prospero Ooo

Requested by
https://claim-buidl-token.com/
Certificate
IssuerLet's Encrypt
Subject*.claim-buidl-token.com
FingerprintA0:22:BB:20:CD:DC:2D:D9:28:A8:59:E4:8D:E7:07:E0:D6:FD:D7:01
ValidityThu, 09 May 2024 23:18:52 GMT - Wed, 07 Aug 2024 23:18:51 GMT

File type
PNG image data, 31 x 10, 8-bit gray+alpha, non-interlaced
Size
543 B (543 bytes)
Hash
bdf8779f347de5a5c92976cd6d8e7ef3
793c4a9edb041d39feaf0c55a4b587b3fb0278b2
6647c3943a01d354c9cd2c840356007d720dde7c676fb222276e2a7f29f29155

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet

HTTP Headers

GET /assets/img/logo-visa-s.png?v=2 HTTP/1.1
Host: claim-buidl-token.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://claim-buidl-token.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Fri, 17 May 2024 21:44:20 GMT
content-type: image/png
last-modified: Wed, 14 Feb 2024 03:49:04 GMT
accept-ranges: bytes
content-length: 543
date: Fri, 10 May 2024 21:44:20 GMT

use.typekit.net/vli5gyn.css

23.36.76.186

200 OK

792 B

URL GET HTTP/2
use.typekit.net/vli5gyn.css
IP
23.36.76.186:443
ASN
#20940 Akamai International B.V.

Requested by
https://claim-buidl-token.com/
Certificate
IssuerDigiCert Inc
Subjectuse.typekit.net
Fingerprint15:AD:3F:8A:55:B7:BC:20:D8:70:5B:06:E0:D2:92:7C:BE:C6:E0:56
ValidityThu, 01 Feb 2024 00:00:00 GMT - Mon, 03 Mar 2025 23:59:59 GMT

File type
Unicode text, UTF-8 text, with very long lines (516)
Size
792 B (792 bytes)
Hash
e13461d78eae0beff1fb175dd9153128
bfd3c4630745d3e6635fa8584fdbc266590e5071
3ae7020c17aa50c46631f7d307eb026ea86b04f0ecfc2267a8dfee73810e12d1

HTTP Headers

GET /vli5gyn.css HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://claim-buidl-token.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
content-type: text/css;charset=utf-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains;
cache-control: private, max-age=600, stale-while-revalidate=604800
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-encoding: gzip
content-length: 792
date: Fri, 10 May 2024 21:44:21 GMT
X-Firefox-Spdy: h2

p.typekit.net/p.css?s=1&k=vli5gyn&ht=tk&f=1982.2005.2007.2009&a=82434219&app=typekit&e=css

23.33.119.26

200 OK

5 B

URL GET HTTP/2
p.typekit.net/p.css?s=1&k=vli5gyn&ht=tk&f=1982.2005.2007.2009&a=82434219&app=typekit&e=css
IP
23.33.119.26:443
ASN
#20940 Akamai International B.V.

Requested by
https://claim-buidl-token.com/
Certificate
IssuerDigiCert Inc
Subjectuse.typekit.net
Fingerprint15:AD:3F:8A:55:B7:BC:20:D8:70:5B:06:E0:D2:92:7C:BE:C6:E0:56
ValidityThu, 01 Feb 2024 00:00:00 GMT - Mon, 03 Mar 2025 23:59:59 GMT

File type
ASCII text
Size
5 B (5 bytes)
Hash
83d24d4b43cc7eef2b61e66c95f3d158
f0cafc285ee23bb6c28c5166f305493c4331c84d
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

HTTP Headers

GET /p.css?s=1&k=vli5gyn&ht=tk&f=1982.2005.2007.2009&a=82434219&app=typekit&e=css HTTP/1.1
Host: p.typekit.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://use.typekit.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
content-type: text/css
content-length: 5
last-modified: Tue, 07 Mar 2023 19:56:00 GMT
etag: "640796d0-5"
cache-control: public, max-age=604800
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
date: Fri, 10 May 2024 21:44:21 GMT
X-Firefox-Spdy: h2

fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

216.58.207.227

200 OK

47 kB

URL GET HTTP/2
fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://claim-buidl-token.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 46704, version 1.0
Size
47 kB (46704 bytes)
Hash
30a274cd01b6eeb0b082c918b0697f1e
393311bde26b99a4ad935fa55bad1dce7994388b
88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42

HTTP Headers

GET /s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://claim-buidl-token.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 46704
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 06 May 2024 10:54:17 GMT
expires: Tue, 06 May 2025 10:54:17 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 13 Sep 2023 23:49:07 GMT
content-type: font/woff2
age: 384605
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

216.58.207.227

200 OK

47 kB

URL GET HTTP/2
fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://claim-buidl-token.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 46704, version 1.0
Size
47 kB (46704 bytes)
Hash
30a274cd01b6eeb0b082c918b0697f1e
393311bde26b99a4ad935fa55bad1dce7994388b
88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42

HTTP Headers

GET /s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://claim-buidl-token.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 46704
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 06 May 2024 10:54:17 GMT
expires: Tue, 06 May 2025 10:54:17 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 13 Sep 2023 23:49:07 GMT
content-type: font/woff2
age: 384605
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

216.58.207.227

200 OK

47 kB

URL GET HTTP/2
fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://claim-buidl-token.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 46704, version 1.0
Size
47 kB (46704 bytes)
Hash
30a274cd01b6eeb0b082c918b0697f1e
393311bde26b99a4ad935fa55bad1dce7994388b
88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42

HTTP Headers

GET /s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://claim-buidl-token.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 46704
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 06 May 2024 10:54:17 GMT
expires: Tue, 06 May 2025 10:54:17 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 13 Sep 2023 23:49:07 GMT
content-type: font/woff2
age: 384605
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

claim-buidl-token.com/assets/img/Ledger_favicon.png

91.215.85.79

200 OK

1.7 kB

URL GET HTTP/3
claim-buidl-token.com/assets/img/Ledger_favicon.png
IP
91.215.85.79:443
ASN
#200593 Prospero Ooo

Requested by
https://claim-buidl-token.com/
Certificate
IssuerLet's Encrypt
Subject*.claim-buidl-token.com
FingerprintA0:22:BB:20:CD:DC:2D:D9:28:A8:59:E4:8D:E7:07:E0:D6:FD:D7:01
ValidityThu, 09 May 2024 23:18:52 GMT - Wed, 07 Aug 2024 23:18:51 GMT

File type
PNG image data, 300 x 300, 8-bit gray+alpha, non-interlaced
Size
1.7 kB (1668 bytes)
Hash
b22f7e8357477d3b6cd283597929f517
0959fe3fbbc72dea9a16688d1ae6fdd22ab836f8
4baf356a1c61518aa3cf121a28f0182f70cea7d805462bf28669b08a32fe16fb

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet

HTTP Headers

GET /assets/img/Ledger_favicon.png HTTP/1.1
Host: claim-buidl-token.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://claim-buidl-token.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Fri, 17 May 2024 21:44:22 GMT
content-type: image/png
last-modified: Thu, 09 May 2024 16:07:44 GMT
accept-ranges: bytes
content-length: 1668
date: Fri, 10 May 2024 21:44:22 GMT

claim-buidl-token.com/assets/img/Ledger_favicon.png

91.215.85.79

200 OK

1.7 kB

URL GET HTTP/3
claim-buidl-token.com/assets/img/Ledger_favicon.png
IP
91.215.85.79:443
ASN
#200593 Prospero Ooo

Requested by
https://claim-buidl-token.com/
Certificate
IssuerLet's Encrypt
Subject*.claim-buidl-token.com
FingerprintA0:22:BB:20:CD:DC:2D:D9:28:A8:59:E4:8D:E7:07:E0:D6:FD:D7:01
ValidityThu, 09 May 2024 23:18:52 GMT - Wed, 07 Aug 2024 23:18:51 GMT

File type
PNG image data, 300 x 300, 8-bit gray+alpha, non-interlaced
Size
1.7 kB (1668 bytes)
Hash
b22f7e8357477d3b6cd283597929f517
0959fe3fbbc72dea9a16688d1ae6fdd22ab836f8
4baf356a1c61518aa3cf121a28f0182f70cea7d805462bf28669b08a32fe16fb

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet

HTTP Headers

GET /assets/img/Ledger_favicon.png HTTP/1.1
Host: claim-buidl-token.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://claim-buidl-token.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Fri, 17 May 2024 21:44:22 GMT
content-type: image/png
last-modified: Thu, 09 May 2024 16:07:44 GMT
accept-ranges: bytes
content-length: 1668
date: Fri, 10 May 2024 21:44:22 GMT

analytics.cbfw.dev/script.js

172.67.173.102

200 OK

2.5 kB

URL GET HTTP/2
analytics.cbfw.dev/script.js
IP
172.67.173.102:443
ASN
#13335 CLOUDFLARENET

Requested by
https://claim-buidl-token.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectcbfw.dev
FingerprintD6:B9:52:95:B1:41:C3:08:6F:61:05:D0:67:EC:B7:D9:D4:E9:8A:5D
ValidityWed, 27 Mar 2024 13:23:18 GMT - Tue, 25 Jun 2024 13:23:17 GMT

File type
JavaScript source, ASCII text, with very long lines (2611), with no line terminators
Size
2.5 kB (2526 bytes)
Hash
8e17484c46dd38112718504e891f5192
b577e1edf96b4feb523139bd11fb0f6da3c33f10
5477825745f566c2b80ee8435e594fa7b62f529a0d665970f57e83e75c8f3114

HTTP Headers

GET /script.js HTTP/1.1
Host: analytics.cbfw.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://claim-buidl-token.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 10 May 2024 21:44:21 GMT
content-type: application/javascript; charset=UTF-8
x-dns-prefetch-control: on
content-security-policy: default-src 'self';img-src *;script-src 'self' 'unsafe-eval' 'unsafe-inline';style-src 'self' 'unsafe-inline';connect-src 'self' api.umami.is cloud.umami.is;frame-ancestors 'self'
cache-control: public, max-age=14400
last-modified: Fri, 05 Apr 2024 02:11:24 GMT
etag: W/"9de-18eac066680"
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GwuX12xMIACr%2F2cm1Yv0LQSYbxvYv4cortMoGfbpfPVfsUWxpRE1YwbmqD3ZkAZy02tiRvqE7DY%2FT9C7ytZbGrzYQWQfVYLWG4dQ0bwz0ki65AyZi%2FkXpHhQbTTXhpYdjhi9IlE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881d1c2a1ee61c0e-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Inter:wght@100;200;300;400;500;600;700;800;900&display=swap

142.250.74.106

200 OK

22 kB

URL GET HTTP/2
fonts.googleapis.com/css2?family=Inter:wght@100;200;300;400;500;600;700;800;900&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://claim-buidl-token.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79
ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT

File type
ASCII text
Size
22 kB (21726 bytes)
Hash
9842b200db0dffb68c6b53eaacc8c0bc
66b0afafc96a0f5ae9dd9e969d0c407200cec696
90c4f0951056e5a82b2150c8b3fe6d011a08ea2abc957453d080b8179504e2d7

HTTP Headers

GET /css2?family=Inter:wght@100;200;300;400;500;600;700;800;900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://claim-buidl-token.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 10 May 2024 21:44:21 GMT
date: Fri, 10 May 2024 21:44:21 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (4)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (29)

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/3

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/3

IP

ASN

Requested by

Certificate

File type