airdropbnc.paywest.net Open in urlscan Pro
5.8.11.74 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://ngsl7.bemobtrcks.com/go/827fa843-2e94-4629-8a7d-18f3e25382fd?680
Effective URL:
https://airdropbnc.paywest.net/?pid=yk1&offid=psssq2
Submission Tags: @phish_report
Submission: On March 20 via api (March 20th 2024, 8:14:00 pm UTC) from FI — Scanned from FI

Summary HTTP 26 Redirects Behaviour Indicators

Summary

This website contacted 6 IPs in 3 countries across 8 domains to perform 26 HTTP transactions. The main IP is 5.8.11.74, located in Russian Federation and belongs to PINDC-AS, RU. The main domain is airdropbnc.paywest.net.
TLS certificate: Issued by R3 on March 7th 2024. Valid for: 3 months.

This is the only time airdropbnc.paywest.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2a05:d014:286... 2a05:d014:286:3501:c236:acb6:449f:1f92	16509 (AMAZON-02) (AMAZON-02)
1 1	195.80.51.252 195.80.51.252	9123 (TIMEWEB-AS) (TIMEWEB-AS)
13	5.8.11.74 5.8.11.74	34665 (PINDC-AS) (PINDC-AS)
3	2606:4700::68... 2606:4700::6810:5814	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42:600... 2a04:4e42:600::649	54113 (FASTLY) (FASTLY)
3	5.188.114.126 5.188.114.126	50340 (SELECTEL-MSK) (SELECTEL-MSK)
3	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
26	6

1 2a05:d014:286:3501:c236:acb6:449f:1f92 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)

ngsl7.bemobtrcks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.80.51.252 (St Petersburg, Russian Federation) 1 redirects

ASN9123 (TIMEWEB-AS, RU)

niples.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 5.8.11.74 (Russian Federation)

ASN34665 (PINDC-AS, RU)
PTR: mail-drosear.superbrandpowers.com

airdropbnc.paywest.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:5814 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:600::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 5.188.114.126 (Moscow, Russian Federation)

ASN50340 (SELECTEL-MSK, RU)

megatimer.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	paywest.net airdropbnc.paywest.net	1 MB
3	gstatic.com fonts.gstatic.com	68 KB
3	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 716 fonts.googleapis.com — Cisco Umbrella Rank: 110	34 KB
3	megatimer.ru megatimer.ru — Cisco Umbrella Rank: 541688	16 KB
3	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 437	89 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 1217	31 KB
1	niples.top 1 redirects niples.top	236 B
1	bemobtrcks.com 1 redirects ngsl7.bemobtrcks.com	749 B
26	8

	Domain	Requested by
13	airdropbnc.paywest.net	airdropbnc.paywest.net
3	fonts.gstatic.com	fonts.googleapis.com
3	megatimer.ru	airdropbnc.paywest.net megatimer.ru
3	cdn.jsdelivr.net	airdropbnc.paywest.net
2	fonts.googleapis.com	airdropbnc.paywest.net megatimer.ru
1	ajax.googleapis.com	airdropbnc.paywest.net
1	code.jquery.com	airdropbnc.paywest.net
1	niples.top	1 redirects
1	ngsl7.bemobtrcks.com	1 redirects
26	9

This site contains no links.

Subject Issuer	Validity	Valid
airdropbnc.paywest.net R3	`2024-03-07` - `2024-06-05`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-02` - `2024-05-01`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh
megatimer.ru R3	`2024-02-06` - `2024-05-06`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://airdropbnc.paywest.net/?pid=yk1&offid=psssq2
Frame ID: 44E7F55ABDED85025A33331BB218CE7C
Requests: 26 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Airdrop Binance

Page URL History Show full URLs

https://ngsl7.bemobtrcks.com/go/827fa843-2e94-4629-8a7d-18f3e25382fd?680 HTTP 302
https://niples.top/yk1/psssq2/yk11lihpsssq2 HTTP 302
https://airdropbnc.paywest.net/?pid=yk1&offid=psssq2 Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

26
Requests

100 %
HTTPS

63 %
IPv6

8
Domains

9
Subdomains

6
IPs

3
Countries

1312 kB
Transfer

3030 kB
Size

8
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://ngsl7.bemobtrcks.com/go/827fa843-2e94-4629-8a7d-18f3e25382fd?680 HTTP 302
https://niples.top/yk1/psssq2/yk11lihpsssq2 HTTP 302
https://airdropbnc.paywest.net/?pid=yk1&offid=psssq2 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

26 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
airdropbnc.paywest.net/
Redirect Chain

https://ngsl7.bemobtrcks.com/go/827fa843-2e94-4629-8a7d-18f3e25382fd?680
https://niples.top/yk1/psssq2/yk11lihpsssq2
https://airdropbnc.paywest.net/?pid=yk1&offid=psssq2

17 KB
6 KB

3242ms
768ms

Document
text/html

5.8.11.74
PINDC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://airdropbnc.paywest.net/?pid=yk1&offid=psssq2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.8.11.74 , Russian Federation, ASN34665 (PINDC-AS, RU),
Reverse DNS: mail-drosear.superbrandpowers.com
Software: nginx/1.20.2 / PHP/7.4.33
Resource Hash: 10b74211c84367a572051d7cb9ff0246c0763ceb666b9f7257d1f6fc5644b534

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Wed, 20 Mar 2024 20:13:55 GMT
Server: nginx/1.20.2
Transfer-Encoding: chunked
X-Powered-By: PHP/7.4.33

Redirect headers

Connection: keep-alive
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Date: Wed, 20 Mar 2024 20:13:51 GMT
Location: https://airdropbnc.paywest.net?pid=yk1&offid=psssq2
Server: nginx/1.18.0 (Ubuntu)

GET
H/1.1 200
OK redirect.js Show response
airdropbnc.paywest.net/js/ 4 KB
2 KB 56ms
56ms Script
application/javascript 5.8.11.74
PINDC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://airdropbnc.paywest.net/js/redirect.js
Requested by: Host: airdropbnc.paywest.net
URL: https://airdropbnc.paywest.net/?pid=yk1&offid=psssq2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.8.11.74 , Russian Federation, ASN34665 (PINDC-AS, RU),
Reverse DNS: mail-drosear.superbrandpowers.com
Software: nginx/1.20.2 /
Resource Hash: c1f025e774f26c2aff93dbcb09285b53207f7d7da93604ee0d405566e5c3e67d

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://airdropbnc.paywest.net/?pid=yk1&offid=psssq2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Wed, 20 Mar 2024 20:13:55 GMT
Content-Encoding: gzip
Last-Modified: Sat, 02 Mar 2024 11:26:14 GMT
Server: nginx/1.20.2
ETag: W/"65e30cd6-f80"
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=UTF-8
Cache-Control: max-age=86400
Connection: keep-alive
Expires: Thu, 21 Mar 2024 20:13:55 GMT

GET
H/1.1 200
OK style.css
airdropbnc.paywest.net/fonts/icomoon/ 3 KB
1 KB 115ms
58ms Stylesheet
text/css 5.8.11.74
PINDC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://airdropbnc.paywest.net/fonts/icomoon/style.css
Requested by: Host: airdropbnc.paywest.net
URL: https://airdropbnc.paywest.net/?pid=yk1&offid=psssq2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.8.11.74 , Russian Federation, ASN34665 (PINDC-AS, RU),
Reverse DNS: mail-drosear.superbrandpowers.com
Software: nginx/1.20.2 /
Resource Hash: 4a2ea9cab8fb15280b1da29fc5d4567af0ee36133709cb8dcb5c39f205cbf59b

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://airdropbnc.paywest.net/?pid=yk1&offid=psssq2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Wed, 20 Mar 2024 20:13:55 GMT
Content-Encoding: gzip
Last-Modified: Thu, 02 Feb 2023 07:32:18 GMT
Server: nginx/1.20.2
ETag: W/"63db6702-a64"
Transfer-Encoding: chunked
Content-Type: text/css
Cache-Control: max-age=86400
Connection: keep-alive
Expires: Thu, 21 Mar 2024 20:13:55 GMT

GET
H/1.1 200
OK stylesheet.css
airdropbnc.paywest.net/fonts/ 2 KB
714 B 161ms
53ms Stylesheet
text/css 5.8.11.74
PINDC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://airdropbnc.paywest.net/fonts/stylesheet.css
Requested by: Host: airdropbnc.paywest.net
URL: https://airdropbnc.paywest.net/?pid=yk1&offid=psssq2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.8.11.74 , Russian Federation, ASN34665 (PINDC-AS, RU),
Reverse DNS: mail-drosear.superbrandpowers.com
Software: nginx/1.20.2 /
Resource Hash: 2ac1486e3b13d93c3a10526b436af82617bb62c78a5041ec6cd75e5e81d71e08

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://airdropbnc.paywest.net/?pid=yk1&offid=psssq2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Wed, 20 Mar 2024 20:13:55 GMT
Content-Encoding: gzip
Last-Modified: Thu, 22 Aug 2019 22:57:38 GMT
Server: nginx/1.20.2
ETag: W/"5d5f1de2-92e"
Transfer-Encoding: chunked
Content-Type: text/css
Cache-Control: max-age=86400
Connection: keep-alive
Expires: Thu, 21 Mar 2024 20:13:55 GMT

GET
H2 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.3.3/dist/css/ 227 KB
33 KB 202ms
73ms Stylesheet
text/css 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@5.3.3/dist/css/bootstrap.min.css

Requested by

Host: airdropbnc.paywest.net
URL: https://airdropbnc.paywest.net/?pid=yk1&offid=psssq2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3c8f27e6009ccfd710a905e6dcf12d0ee3c6f2ac7da05b0572d3e0d12e736fc8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://airdropbnc.paywest.net/
Origin: https://airdropbnc.paywest.net
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 20:13:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 842965
x-jsd-version: 5.3.3
content-encoding: br
x-cache: MISS, MISS
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230118-FRA, cache-lga21940-LGA
x-jsd-version-type: version
server: cloudflare
etag: W/"38d63-xawd7pYctZoEUlbsID9p4xeHL3w"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AaPv0yRl%2B72cne2xk8NQvS1D1AEEK1e%2BSAV1fEav7lGb97kGpFBCe%2FoSwyQWLT9%2Fim6UDH4tioViVhF1qUHH%2FHo54DKcdtPH2qVP2ZE0S3%2F6qd%2BupLE7MZ1gXRQNInzEUk43xYxw8Sv1xqKwA6Y%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 86785d954fc95699-OSL

GET
H/1.1 200
OK style.css
airdropbnc.paywest.net/css/ 17 KB
4 KB 166ms
56ms Stylesheet
text/css 5.8.11.74
PINDC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://airdropbnc.paywest.net/css/style.css
Requested by: Host: airdropbnc.paywest.net
URL: https://airdropbnc.paywest.net/?pid=yk1&offid=psssq2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.8.11.74 , Russian Federation, ASN34665 (PINDC-AS, RU),
Reverse DNS: mail-drosear.superbrandpowers.com
Software: nginx/1.20.2 /
Resource Hash: 6aee37cb593ac956e4c71661f25f9ff4876b7729849c44305386fd68c9001cd8

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://airdropbnc.paywest.net/?pid=yk1&offid=psssq2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Wed, 20 Mar 2024 20:13:55 GMT
Content-Encoding: gzip
Last-Modified: Tue, 05 Mar 2024 12:11:10 GMT
Server: nginx/1.20.2
ETag: W/"65e70bde-4505"
Transfer-Encoding: chunked
Content-Type: text/css
Cache-Control: max-age=86400
Connection: keep-alive
Expires: Thu, 21 Mar 2024 20:13:55 GMT

GET
H2 200 jquery-3.6.3.min.js Show response
code.jquery.com/ 88 KB
31 KB 155ms
47ms Script
application/javascript 2a04:4e42:600::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.6.3.min.js
Requested by: Host: airdropbnc.paywest.net
URL: https://airdropbnc.paywest.net/?pid=yk1&offid=psssq2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:600::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: a6f3f0faea4b3d48e03176341bef0ed3151ffbf226d4c6635f1c6039c0500575

Request headers

Referer: https://airdropbnc.paywest.net/
Origin: https://airdropbnc.paywest.net
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 20:13:55 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 2884130
x-cache: HIT, HIT
content-length: 31046
x-served-by: cache-lga13623-LGA, cache-hel1410020-HEL
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1710965635.376759,VS0,VE0
etag: W/"28feccc0-15f5b"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 10, 197902

GET
H/1.1 200
OK logo_pds.png
airdropbnc.paywest.net/img/ 6 KB
6 KB 167ms
57ms Image
image/png 5.8.11.74
PINDC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://airdropbnc.paywest.net/img/logo_pds.png
Requested by: Host: airdropbnc.paywest.net
URL: https://airdropbnc.paywest.net/?pid=yk1&offid=psssq2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.8.11.74 , Russian Federation, ASN34665 (PINDC-AS, RU),
Reverse DNS: mail-drosear.superbrandpowers.com
Software: nginx/1.20.2 /
Resource Hash: d0d6466137acd792d823b12662208f33ee5bf24f41dbb6d8bfa2a48402a68745

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://airdropbnc.paywest.net/?pid=yk1&offid=psssq2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Wed, 20 Mar 2024 20:13:55 GMT
Last-Modified: Tue, 14 Nov 2023 15:21:28 GMT
Server: nginx/1.20.2
ETag: "65539078-18ab"
Content-Type: image/png
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6315
Expires: Thu, 21 Mar 2024 20:13:55 GMT

GET
H/1.1 200
OK restricted.gif
airdropbnc.paywest.net/img/ 331 KB
331 KB 223ms
111ms Image
image/gif 5.8.11.74
PINDC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://airdropbnc.paywest.net/img/restricted.gif
Requested by: Host: airdropbnc.paywest.net
URL: https://airdropbnc.paywest.net/?pid=yk1&offid=psssq2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.8.11.74 , Russian Federation, ASN34665 (PINDC-AS, RU),
Reverse DNS: mail-drosear.superbrandpowers.com
Software: nginx/1.20.2 /
Resource Hash: f8854f4ea1c02b4682eba0506d29234d79c28598db640895c1478a2ab212bc2e

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://airdropbnc.paywest.net/?pid=yk1&offid=psssq2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Wed, 20 Mar 2024 20:13:55 GMT
Last-Modified: Sat, 14 Oct 2023 07:03:38 GMT
Server: nginx/1.20.2
ETag: "652a3d4a-52aff"
Content-Type: image/gif
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 338687
Expires: Thu, 21 Mar 2024 20:13:55 GMT

GET
H2 200 9d966ac2ee5ff959bc48438cfa87acd3.js Show response
megatimer.ru/get/ 1 KB
848 B 201ms
64ms Script
application/javascript 5.188.114.126
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to

Full URL: https://megatimer.ru/get/9d966ac2ee5ff959bc48438cfa87acd3.js
Requested by: Host: airdropbnc.paywest.net
URL: https://airdropbnc.paywest.net/?pid=yk1&offid=psssq2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.188.114.126 Moscow, Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS
Software: nginx /
Resource Hash: 1e5d837ed5772d35bcabcabcd713ae0b2cb54b06e5a51959c01ac78423f59f1d

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://airdropbnc.paywest.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 20 Mar 2024 20:13:55 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: application/javascript

GET
H/1.1 200
OK register-gift.svg
airdropbnc.paywest.net/img/ 891 B
743 B 55ms
55ms Image
image/svg+xml 5.8.11.74
PINDC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://airdropbnc.paywest.net/img/register-gift.svg
Requested by: Host: airdropbnc.paywest.net
URL: https://airdropbnc.paywest.net/?pid=yk1&offid=psssq2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.8.11.74 , Russian Federation, ASN34665 (PINDC-AS, RU),
Reverse DNS: mail-drosear.superbrandpowers.com
Software: nginx/1.20.2 /
Resource Hash: 6e6e0a9ccd0b83dbe6143dee3c9b5a1bec01e9319f7a7d63b8659ffcd344be51

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://airdropbnc.paywest.net/?pid=yk1&offid=psssq2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Wed, 20 Mar 2024 20:13:55 GMT
Content-Encoding: gzip
Last-Modified: Fri, 01 Mar 2024 09:35:24 GMT
Server: nginx/1.20.2
ETag: W/"65e1a15c-37b"
Transfer-Encoding: chunked
Content-Type: image/svg+xml
Cache-Control: max-age=86400
Connection: keep-alive
Expires: Thu, 21 Mar 2024 20:13:55 GMT

GET
H/1.1 200
OK air.png
airdropbnc.paywest.net/img/ 93 KB
93 KB 55ms
54ms Image
image/png 5.8.11.74
PINDC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://airdropbnc.paywest.net/img/air.png
Requested by: Host: airdropbnc.paywest.net
URL: https://airdropbnc.paywest.net/?pid=yk1&offid=psssq2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.8.11.74 , Russian Federation, ASN34665 (PINDC-AS, RU),
Reverse DNS: mail-drosear.superbrandpowers.com
Software: nginx/1.20.2 /
Resource Hash: f0e0cf2650cc8fb18753576e5fe868f01f003ff9984ffc6e380da9bc00ac44c9

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://airdropbnc.paywest.net/?pid=yk1&offid=psssq2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Wed, 20 Mar 2024 20:13:55 GMT
Last-Modified: Fri, 01 Mar 2024 09:10:02 GMT
Server: nginx/1.20.2
ETag: "65e19b6a-17457"
Content-Type: image/png
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 95319
Expires: Thu, 21 Mar 2024 20:13:55 GMT

GET
H/1.1 200
OK ok__icon.png
airdropbnc.paywest.net/img/ 4 KB
4 KB 650ms
649ms Image
image/png 5.8.11.74
PINDC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://airdropbnc.paywest.net/img/ok__icon.png
Requested by: Host: airdropbnc.paywest.net
URL: https://airdropbnc.paywest.net/?pid=yk1&offid=psssq2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.8.11.74 , Russian Federation, ASN34665 (PINDC-AS, RU),
Reverse DNS: mail-drosear.superbrandpowers.com
Software: nginx/1.20.2 /
Resource Hash: 09600d7cdb468da0a2b51dc44ee1c8fdd06d85a85d8ce714159f34fef2475c9a

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://airdropbnc.paywest.net/?pid=yk1&offid=psssq2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Wed, 20 Mar 2024 20:13:55 GMT
Last-Modified: Fri, 01 Mar 2024 10:29:18 GMT
Server: nginx/1.20.2
ETag: "65e1adfe-f82"
Content-Type: image/png
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3970
Expires: Thu, 21 Mar 2024 20:13:55 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.6.3/ 88 KB
31 KB 77ms
77ms Script
text/javascript 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.6.3/jquery.min.js

Requested by

Host: airdropbnc.paywest.net
URL: https://airdropbnc.paywest.net/?pid=yk1&offid=psssq2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6f3f0faea4b3d48e03176341bef0ed3151ffbf226d4c6635f1c6039c0500575

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://airdropbnc.paywest.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 22:19:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 165280
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31191
x-xss-protection: 0
last-modified: Wed, 11 Jan 2023 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 18 Mar 2025 22:19:15 GMT

GET
H2 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.3.0-alpha1/dist/css/ 216 KB
32 KB 76ms
75ms Stylesheet
text/css 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@5.3.0-alpha1/dist/css/bootstrap.min.css

Requested by

Host: airdropbnc.paywest.net
URL: https://airdropbnc.paywest.net/?pid=yk1&offid=psssq2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

932ea15108928991bcf0c0a46415fc652de5ffc0158c35205357b90c65eeb386

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://airdropbnc.paywest.net/
Origin: https://airdropbnc.paywest.net
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 20:13:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 565106
x-jsd-version: 5.3.0-alpha1
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-etou8220074-FRA, cache-lga21927-LGA
x-jsd-version-type: version
server: cloudflare
etag: W/"35e6c-cZlWqlLbTIr9xcDPs8verWJYuKY"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WC0BcJgqUJESc2ZMqj8Fm5QNUXu%2BBJb%2B4T76UPVsilyCM9DSCk0jC5T5awYQSn4jIZhAOP8L1CnIjzogqkJUw2ZddWJMfXcI0Vd10DZzaiBrAx1pRPcgbug1ENF2VZwOQIDJewnASto4O7sccSI%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 86785d972abe5699-OSL

GET
H/1.1 200
OK all.min.js Show response
airdropbnc.paywest.net/js/ 2 MB
624 KB 127ms
126ms Script
application/javascript 5.8.11.74
PINDC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://airdropbnc.paywest.net/js/all.min.js
Requested by: Host: airdropbnc.paywest.net
URL: https://airdropbnc.paywest.net/?pid=yk1&offid=psssq2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.8.11.74 , Russian Federation, ASN34665 (PINDC-AS, RU),
Reverse DNS: mail-drosear.superbrandpowers.com
Software: nginx/1.20.2 /
Resource Hash: 8735c609d465ac29d79bd284e7f08bfe7777de77c4743ca96bb55284d041a785

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://airdropbnc.paywest.net/?pid=yk1&offid=psssq2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Wed, 20 Mar 2024 20:13:55 GMT
Content-Encoding: gzip
Last-Modified: Tue, 22 Mar 2022 23:08:02 GMT
Server: nginx/1.20.2
ETag: W/"623a56d2-1a58e4"
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=UTF-8
Cache-Control: max-age=86400
Connection: keep-alive
Expires: Thu, 21 Mar 2024 20:13:55 GMT

GET
H2 200 bootstrap.bundle.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@5.3.3/dist/js/ 79 KB
24 KB 85ms
85ms Script
application/javascript 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@5.3.3/dist/js/bootstrap.bundle.min.js

Requested by

Host: airdropbnc.paywest.net
URL: https://airdropbnc.paywest.net/?pid=yk1&offid=psssq2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0833b2e9c3a26c258476c46266e6877fc75218625162e0460be9a3a098a61c6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://airdropbnc.paywest.net/
Origin: https://airdropbnc.paywest.net
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 20:13:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2519164
x-jsd-version: 5.3.3
content-encoding: br
x-cache: MISS, MISS
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230062-FRA, cache-lga21945-LGA
x-jsd-version-type: version
server: cloudflare
etag: W/"13b51-3cbp6tbRaukjc5nOQejBYgzFnDY"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wEiHhW69tfaVDcMZWGgCfg9D3nlaIS1F%2F6mIBwVC%2FnCN3KYgwGHKmmuCvV0R8tKnIXfap1sUuMqEjl12ZUnx0kg3wVjO8I%2Fcx3HwQzKBoysEL5tionZ61ggLcJwFHbNZ09nFPbIndNV22y%2FNW7Q%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 86785d972ac05699-OSL

GET
H/1.1 200
OK main.js Show response
airdropbnc.paywest.net/js/ 318 B
544 B 55ms
55ms Script
application/javascript 5.8.11.74
PINDC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://airdropbnc.paywest.net/js/main.js
Requested by: Host: airdropbnc.paywest.net
URL: https://airdropbnc.paywest.net/?pid=yk1&offid=psssq2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.8.11.74 , Russian Federation, ASN34665 (PINDC-AS, RU),
Reverse DNS: mail-drosear.superbrandpowers.com
Software: nginx/1.20.2 /
Resource Hash: 104c5d87ac18d9875af5174d88a3d161fe2df732eabf199e5f3a92eb19561f2f

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://airdropbnc.paywest.net/?pid=yk1&offid=psssq2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Wed, 20 Mar 2024 20:13:55 GMT
Content-Encoding: gzip
Last-Modified: Tue, 05 Mar 2024 13:04:38 GMT
Server: nginx/1.20.2
ETag: W/"65e71866-13e"
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=UTF-8
Cache-Control: max-age=86400
Connection: keep-alive
Expires: Thu, 21 Mar 2024 20:13:55 GMT

GET
H/1.1 200
OK placeholder.js Show response
airdropbnc.paywest.net/js/ 115 B
481 B 54ms
54ms Script
application/javascript 5.8.11.74
PINDC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://airdropbnc.paywest.net/js/placeholder.js
Requested by: Host: airdropbnc.paywest.net
URL: https://airdropbnc.paywest.net/?pid=yk1&offid=psssq2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.8.11.74 , Russian Federation, ASN34665 (PINDC-AS, RU),
Reverse DNS: mail-drosear.superbrandpowers.com
Software: nginx/1.20.2 /
Resource Hash: f55cd9d7bdebebfc53d7b838f0aad0c64befdc4ff5a5233ab3410d499f62f0d9

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://airdropbnc.paywest.net/?pid=yk1&offid=psssq2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Wed, 20 Mar 2024 20:13:55 GMT
Content-Encoding: gzip
Last-Modified: Tue, 05 Mar 2024 06:26:18 GMT
Server: nginx/1.20.2
ETag: W/"65e6bb0a-73"
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=UTF-8
Cache-Control: max-age=86400
Connection: keep-alive
Expires: Thu, 21 Mar 2024 20:13:55 GMT

GET
H2 200 css2
fonts.googleapis.com/ 63 KB
3 KB 256ms
95ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=IBM+Plex+Sans:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;1,100;1,200;1,300;1,400;1,500;1,600;1,700&family=Montserrat:ital,wght@0,100..900;1,100..900&family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&family=Ruda:wght@400..900&display=swap

Requested by

Host: airdropbnc.paywest.net
URL: https://airdropbnc.paywest.net/css/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0f24404d393f6e6be607b85c2cc4592d273e701c8d0f8e2799f1c0d8b01582eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://airdropbnc.paywest.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 20 Mar 2024 20:13:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 20 Mar 2024 20:13:55 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 20 Mar 2024 20:13:55 GMT

GET
H2 200 timer.min.js Show response
megatimer.ru/timer/ 27 KB
8 KB 63ms
63ms Script
application/javascript 5.188.114.126
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to

Full URL: https://megatimer.ru/timer/timer.min.js?v=1
Requested by: Host: megatimer.ru
URL: https://megatimer.ru/get/9d966ac2ee5ff959bc48438cfa87acd3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.188.114.126 Moscow, Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS
Software: nginx /
Resource Hash: aedf3551219404450d4b89ae507abb6d9078aec674b24d3e5709b89ca52e1ee8

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://airdropbnc.paywest.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 20:13:55 GMT
content-encoding: gzip
last-modified: Fri, 01 May 2020 12:45:46 GMT
server: nginx
etag: W/"5eac19fa-6c37"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
expires: Fri, 19 Apr 2024 20:13:55 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 32 KB
32 KB 311ms
151ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=IBM+Plex+Sans:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;1,100;1,200;1,300;1,400;1,500;1,600;1,700&family=Montserrat:ital,wght@0,100..900;1,100..900&family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&family=Ruda:wght@400..900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://airdropbnc.paywest.net
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 17:34:04 GMT
x-content-type-options: nosniff
age: 182391
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33092
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:51:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 18 Mar 2025 17:34:04 GMT

GET
H2 200 k3kfo8YQJOpFqngdaA.woff2
fonts.gstatic.com/s/ruda/v28/ 22 KB
22 KB 236ms
77ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ruda/v28/k3kfo8YQJOpFqngdaA.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc49df8b4c162b38fdc92a11b7cd2bd10d59af9e93302f1052b77857a02da7c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://airdropbnc.paywest.net
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 07:31:13 GMT
x-content-type-options: nosniff
age: 132162
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22076
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 21:12:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 19 Mar 2025 07:31:13 GMT

GET
H2 200 timer.min.css
megatimer.ru/timer/ 8 KB
8 KB 62ms
61ms Stylesheet
text/css 5.188.114.126
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to

Full URL: https://megatimer.ru/timer/timer.min.css?v=3
Requested by: Host: megatimer.ru
URL: https://megatimer.ru/timer/timer.min.js?v=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.188.114.126 Moscow, Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS
Software: nginx /
Resource Hash: 998e9077ff84ffc792d8ad01004cb330e17486925f0be53c8c88cbca0a177ac8

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://airdropbnc.paywest.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 20:13:55 GMT
last-modified: Wed, 26 Dec 2018 07:02:35 GMT
server: nginx
etag: "5c23278b-1e02"
content-type: text/css
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 7682
expires: Fri, 19 Apr 2024 20:13:55 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
693 B 677ms
677ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Comfortaa&subset=latin,cyrillic

Requested by

Host: megatimer.ru
URL: https://megatimer.ru/timer/timer.min.js?v=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

924e6d3bce0f2b83869015382d8f366ed885b47432c632cc714c7a93e14fa13b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://airdropbnc.paywest.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 20 Mar 2024 20:13:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 20 Mar 2024 20:13:42 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 20 Mar 2024 20:13:56 GMT

GET
H2 200 1Pt_g8LJRfWJmhDAuUsSQamb1W0lwk4S4WjMDrMfIA.woff2
fonts.gstatic.com/s/comfortaa/v45/ 13 KB
13 KB 77ms
77ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/comfortaa/v45/1Pt_g8LJRfWJmhDAuUsSQamb1W0lwk4S4WjMDrMfIA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Comfortaa&subset=latin,cyrillic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a60cbbc3a467d154735820b68c3840319e675c0048dd2c10a8561e92263423c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://airdropbnc.paywest.net
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 14:26:34 GMT
x-content-type-options: nosniff
age: 539242
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13620
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 20:50:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 14 Mar 2025 14:26:34 GMT

Verdicts & Comments Add Verdict or Comment

26 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.ngsl7.bemobtrcks.com/	1970-01-21 04:01:41	Name: bemob-viewer-id Value: e0c572ef-4726-41c2-8835-79f173dc3de4
.ngsl7.bemobtrcks.com/	1970-01-20 19:17:32	Name: bemob-uniq-visit:827fa843-2e94-4629-8a7d-18f3e25382fd Value: 1
.ngsl7.bemobtrcks.com/	1970-01-20 19:17:32	Name: bemob-click-id Value: CcugSraGUkNLvDkKM8bsze
airdropbnc.paywest.net/	1970-01-21 04:52:05	Name: partner_id Value: yk1
airdropbnc.paywest.net/	1970-01-21 04:52:05	Name: offer_id Value: psssq2
airdropbnc.paywest.net/	1970-01-20 20:16:05	Name: country Value: Norway
airdropbnc.paywest.net/	1970-01-20 20:16:05	Name: ip Value: 193.138.7.240
airdropbnc.paywest.net/	1970-01-20 19:24:43	Name: timer9d966ac2ee5ff959bc48438cfa87acd3 Value: 1711224295750

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

airdropbnc.paywest.net
ajax.googleapis.com
cdn.jsdelivr.net
code.jquery.com
fonts.googleapis.com
fonts.gstatic.com
megatimer.ru
ngsl7.bemobtrcks.com
niples.top
195.80.51.252
2606:4700::6810:5814
2a00:1450:4001:80f::2003
2a00:1450:4001:827::200a
2a04:4e42:600::649
2a05:d014:286:3501:c236:acb6:449f:1f92
5.188.114.126
5.8.11.74
0833b2e9c3a26c258476c46266e6877fc75218625162e0460be9a3a098a61c6c
09600d7cdb468da0a2b51dc44ee1c8fdd06d85a85d8ce714159f34fef2475c9a
0f24404d393f6e6be607b85c2cc4592d273e701c8d0f8e2799f1c0d8b01582eb
104c5d87ac18d9875af5174d88a3d161fe2df732eabf199e5f3a92eb19561f2f
10b74211c84367a572051d7cb9ff0246c0763ceb666b9f7257d1f6fc5644b534
1e5d837ed5772d35bcabcabcd713ae0b2cb54b06e5a51959c01ac78423f59f1d
2ac1486e3b13d93c3a10526b436af82617bb62c78a5041ec6cd75e5e81d71e08
3c8f27e6009ccfd710a905e6dcf12d0ee3c6f2ac7da05b0572d3e0d12e736fc8
4a2ea9cab8fb15280b1da29fc5d4567af0ee36133709cb8dcb5c39f205cbf59b
6aee37cb593ac956e4c71661f25f9ff4876b7729849c44305386fd68c9001cd8
6e6e0a9ccd0b83dbe6143dee3c9b5a1bec01e9319f7a7d63b8659ffcd344be51
8735c609d465ac29d79bd284e7f08bfe7777de77c4743ca96bb55284d041a785
924e6d3bce0f2b83869015382d8f366ed885b47432c632cc714c7a93e14fa13b
932ea15108928991bcf0c0a46415fc652de5ffc0158c35205357b90c65eeb386
998e9077ff84ffc792d8ad01004cb330e17486925f0be53c8c88cbca0a177ac8
a60cbbc3a467d154735820b68c3840319e675c0048dd2c10a8561e92263423c7
a6f3f0faea4b3d48e03176341bef0ed3151ffbf226d4c6635f1c6039c0500575
aedf3551219404450d4b89ae507abb6d9078aec674b24d3e5709b89ca52e1ee8
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
c1f025e774f26c2aff93dbcb09285b53207f7d7da93604ee0d405566e5c3e67d
cc49df8b4c162b38fdc92a11b7cd2bd10d59af9e93302f1052b77857a02da7c0
d0d6466137acd792d823b12662208f33ee5bf24f41dbb6d8bfa2a48402a68745
f0e0cf2650cc8fb18753576e5fe868f01f003ff9984ffc6e380da9bc00ac44c9
f55cd9d7bdebebfc53d7b838f0aad0c64befdc4ff5a5233ab3410d499f62f0d9
f8854f4ea1c02b4682eba0506d29234d79c28598db640895c1478a2ab212bc2e

airdropbnc.paywest.net Open in urlscan Pro 5.8.11.74 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

26 Requests

100 %HTTPS

63 %IPv6

8 Domains

9 Subdomains

6 IPs

3 Countries

1312 kBTransfer

3030 kBSize

8 Cookies

0 Outgoing links

Page URL History

Redirected requests

26 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

26 JavaScript Global Variables

8 Cookies

Indicators

airdropbnc.paywest.net Open in urlscan Pro
5.8.11.74 Public Scan

Screenshot
Live screenshot

Full Image

26
Requests

100 %
HTTPS

63 %
IPv6

8
Domains

9
Subdomains

6
IPs

3
Countries

1312 kB
Transfer

3030 kB
Size

8
Cookies

26 HTTP transactions
0 data transactions