btc-binance-hash.su Open in urlscan Pro
2606:4700:3036::6815:1170 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://btc-binance-hash.su/pay/V21ocVl6RXhNVEF5TURBMmV5SnZJam94TENKMWNITWlPakI5
Submission: On November 27 via manual (November 27th 2023, 6:45:17 pm UTC) from US — Scanned from DE

Summary HTTP 19 Redirects Behaviour Indicators

Summary

This website contacted 8 IPs in 1 countries across 7 domains to perform 19 HTTP transactions. The main IP is 2606:4700:3036::6815:1170, located in United States and belongs to CLOUDFLARENET, US. The main domain is btc-binance-hash.su.
TLS certificate: Issued by E1 on November 13th 2023. Valid for: 3 months.

This is the only time btc-binance-hash.su was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Community Verdicts: Malicious — 1 votes Show Verdicts

Domain & IP information

	IP Address	AS Autonomous System
3	2606:4700:303... 2606:4700:3036::6815:1170	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700::68... 2606:4700::6810:5814	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:440... 2606:4700:4400::6812:2844	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	2606:4700::68... 2606:4700::6810:7daf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2606:4700:e6:... 2606:4700:e6::ac40:cd14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.66.112.28 18.66.112.28	16509 (AMAZON-02) (AMAZON-02)
2	76.223.60.10 76.223.60.10	16509 (AMAZON-02) (AMAZON-02)
19	8

3 2606:4700:3036::6815:1170 (United States)

ASN13335 (CLOUDFLARENET, US)

btc-binance-hash.su	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6810:5814 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:2844 (United States)

ASN13335 (CLOUDFLARENET, US)

kit.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:7daf (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:e6::ac40:cd14 (United States)

ASN13335 (CLOUDFLARENET, US)

ka-f.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.112.28 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-28.fra56.r.cloudfront.net

fpjscdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 76.223.60.10 (United States)

ASN16509 (AMAZON-02, US)
PTR: a46a250059e296ddb.awsglobalaccelerator.com

api.fpjs.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	fontawesome.com kit.fontawesome.com — Cisco Umbrella Rank: 1492 ka-f.fontawesome.com — Cisco Umbrella Rank: 2891	206 KB
4	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 335	77 KB
3	btc-binance-hash.su btc-binance-hash.su	7 KB
2	fpjs.io api.fpjs.io — Cisco Umbrella Rank: 48285	2 KB
2	unpkg.com 1 redirects unpkg.com — Cisco Umbrella Rank: 903	50 KB
1	fpjscdn.net fpjscdn.net — Cisco Umbrella Rank: 49731	44 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 223	11 KB
19	7

	Domain	Requested by
6	ka-f.fontawesome.com	kit.fontawesome.com
4	cdn.jsdelivr.net	btc-binance-hash.su
3	btc-binance-hash.su	btc-binance-hash.su
2	api.fpjs.io	fpjscdn.net
2	unpkg.com	1 redirects btc-binance-hash.su
1	fpjscdn.net	btc-binance-hash.su
1	cdnjs.cloudflare.com	btc-binance-hash.su
1	kit.fontawesome.com	btc-binance-hash.su
19	8

This site contains no links.

Subject Issuer	Validity	Valid
btc-binance-hash.su E1	`2023-11-13` - `2024-02-11`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-02` - `2024-05-01`	a year	crt.sh
*.fontawesome.com DigiCert TLS RSA SHA256 2020 CA1	`2022-11-22` - `2023-12-23`	a year	crt.sh
ka-f.fontawesome.com GTS CA 1P5	`2023-11-08` - `2024-02-06`	3 months	crt.sh
fpcdn.io Amazon RSA 2048 M03	`2023-10-10` - `2024-11-08`	a year	crt.sh
api.fpjs.io Amazon RSA 2048 M03	`2023-11-15` - `2024-12-14`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://btc-binance-hash.su/pay/V21ocVl6RXhNVEF5TURBMmV5SnZJam94TENKMWNITWlPakI5
Frame ID: BD9CC5810AAD739DBB1B8BF972B530F8
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Pay page

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Axios (JavaScript libraries) Expand

Overall confidence: 100%
Detected patterns

/axios(@|/)([\d.]+)(?:/[a-z]+)?/axios(?:.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
kit\.fontawesome\.com/([0-9a-z]+).js

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

19
Requests

95 %
HTTPS

75 %
IPv6

7
Domains

8
Subdomains

8
IPs

1
Countries

397 kB
Transfer

971 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4

https://unpkg.com/vue@3/dist/vue.global.prod.js HTTP 302
https://unpkg.com/vue@3.3.9/dist/vue.global.prod.js

19 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request V21ocVl6RXhNVEF5TURBMmV5SnZJam94TENKMWNITWlPakI5 Show response
btc-binance-hash.su/pay/ 16 KB
5 KB 158ms
99ms Document
text/html 2606:4700:3036::6815:1170
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://btc-binance-hash.su/pay/V21ocVl6RXhNVEF5TURBMmV5SnZJam94TENKMWNITWlPakI5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:1170 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0a08a674dad5c376ff4c16d23142cf66fd0e74499e225d0130b71f1beb4b37f2

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 82cc86e4c98091dd-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 27 Nov 2023 18:45:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aPRYa68qzjc9S9WgpOPjfsj8porEELc2Yo5lGvqrCL%2F0QSbLw4BE%2FOs4VPViFuJrU3xGMScI91tGirDV%2FlmRu5JaQxUdPNDZu5gQ3Tj6s07PJam9mdAnQ4yrSfYLuDdUEEeq6wMa5U5JFUmQJibGm3rU"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.2.3/dist/css/ 190 KB
29 KB 45ms
26ms Stylesheet
text/css 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@5.2.3/dist/css/bootstrap.min.css

Requested by

Host: btc-binance-hash.su
URL: https://btc-binance-hash.su/pay/V21ocVl6RXhNVEF5TURBMmV5SnZJam94TENKMWNITWlPakI5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c0bcf7898fdc3b87babca678cd19a8e3ef570e931c80a3afbffcc453738c951a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://btc-binance-hash.su/
Origin: https://btc-binance-hash.su
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 18:45:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1273258
x-jsd-version: 5.2.3
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230036-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"2f955-d5HdHzFzoNYsw5wh0q1x/I2tDnI"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qScD3It5VxEZfYW2AE7XdB2OSTXuj6jYjKR1KGWLoepwydWtLHU3RbG5tVzTXvby0hFYRa801EAlI2jD3Yc9WLVue5ef9lnNqojvLTmxwq137Xf5VNXDHrQeseNu%2BKcQTebAnZv97ujOKe3I3p8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 82cc86e59f555d69-FRA

GET
H2 200 1.css
btc-binance-hash.su/form//css// 4 KB
1 KB 44ms
43ms Stylesheet
text/css 2606:4700:3036::6815:1170
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://btc-binance-hash.su/form//css//1.css
Requested by: Host: btc-binance-hash.su
URL: https://btc-binance-hash.su/pay/V21ocVl6RXhNVEF5TURBMmV5SnZJam94TENKMWNITWlPakI5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:1170 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 02fd91e250ad852d43b57d70bd6c5aeb10ad861dc9fac656db1a4c1a9a80a1e8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://btc-binance-hash.su/pay/V21ocVl6RXhNVEF5TURBMmV5SnZJam94TENKMWNITWlPakI5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 18:45:13 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 13 Sep 2023 19:13:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"650209f4-1136"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iaNrQb2YAO32LVH4n8Ws5aqqGCFBxOFw8%2F8poJmxDbsz9twMDwTSqDc5prYU5w9p1mFo30%2BaSqF0%2BbLu%2BKRTKeyAFyK7%2B%2F9ATtM4zpgPWOD%2FQuTMmSL1JSucSfw9dC1gg4K7bkDyFZ9ttvXprEUArkMo"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=86400
cf-ray: 82cc86e57a0591dd-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 28 Nov 2023 18:45:13 GMT

GET
H2 200 b9e303e80e.js Show response
kit.fontawesome.com/ 11 KB
5 KB 184ms
159ms Script
text/javascript 2606:4700:4400::6812:2844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kit.fontawesome.com/b9e303e80e.js
Requested by: Host: btc-binance-hash.su
URL: https://btc-binance-hash.su/pay/V21ocVl6RXhNVEF5TURBMmV5SnZJam94TENKMWNITWlPakI5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ade3b390869cbe57029688e4b22b11da919809a188c19e85e3029f433b498e95

Request headers

Referer: https://btc-binance-hash.su/
Origin: https://btc-binance-hash.su
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 18:45:13 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
server: cloudflare
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
access-control-max-age: 3000
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
content-type: text/javascript
cache-control: max-age=60, public, stale-while-revalidate=30
cf-ray: 82cc86e599885d7e-FRA
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
x-request-id: F5qnFV3_InC_RvgYcdvi

GET
H2 200 axios.min.js Show response
cdnjs.cloudflare.com/ajax/libs/axios/1.5.0/ 31 KB
11 KB 38ms
20ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/axios/1.5.0/axios.min.js

Requested by

Host: btc-binance-hash.su
URL: https://btc-binance-hash.su/pay/V21ocVl6RXhNVEF5TURBMmV5SnZJam94TENKMWNITWlPakI5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b9ecabaabf25f2bbceb0c2eabaff77ed61f69c29ce551b1a8ac7156f87108cf4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://btc-binance-hash.su
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 18:45:13 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1518656
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 10782
last-modified: Sun, 27 Aug 2023 02:36:45 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "64eab6bd-2a1e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=judXDhETW1ypE4yqcwljK49HPMdtRik%2BOr0dtVRfrJCxaa8W%2FvvMjxIImDEgydErwtNi%2BM%2Fvgw13tSvU8aizI0WiMm9K52KPoPA9MRF8%2FPiJ9%2BDYuoNZl6LSl8pvROzZCPyeaD4GuNVRG2tKK%2BxvNYLS"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 82cc86e59aca3a90-FRA
expires: Sat, 16 Nov 2024 18:45:13 GMT

GET
H2

200

vue.global.prod.js Show response
unpkg.com/vue@3.3.9/dist/
Redirect Chain

https://unpkg.com/vue@3/dist/vue.global.prod.js
https://unpkg.com/vue@3.3.9/dist/vue.global.prod.js

129 KB
50 KB

41ms
41ms

Script
application/javascript

2606:4700::6810:7daf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/vue@3.3.9/dist/vue.global.prod.js

Requested by

Host: btc-binance-hash.su
URL: https://btc-binance-hash.su/pay/V21ocVl6RXhNVEF5TURBMmV5SnZJam94TENKMWNITWlPakI5

Protocol

Server

2606:4700::6810:7daf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4c8c36c2be3e6a6b8668511f9a678aec1f28a10513fa973609e3353f62432a89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://btc-binance-hash.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 18:45:13 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 210506
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01HG2RTV6DEB4MX09V3D5828BT-fra
server: cloudflare
etag: W/"2050c-+j3ze0steo+GW6MtMjnjxNO/LZg"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 82cc86e5df9b193c-FRA

Redirect headers

date: Mon, 27 Nov 2023 18:45:13 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
fly-request-id: 01HG91CCZJ5BC0AKB2SPRZV49S-fra
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 219
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
location: /vue@3.3.9/dist/vue.global.prod.js
cache-control: public, s-maxage=600, max-age=60
cf-ray: 82cc86e5af66193c-FRA

GET
H2 200 bitcoin.svg
btc-binance-hash.su/form/img/ 2 KB
1 KB 42ms
42ms Image
image/svg+xml 2606:4700:3036::6815:1170
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://btc-binance-hash.su/form/img/bitcoin.svg
Requested by: Host: btc-binance-hash.su
URL: https://btc-binance-hash.su/pay/V21ocVl6RXhNVEF5TURBMmV5SnZJam94TENKMWNITWlPakI5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:1170 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9842c6a8f2484b4a765ce9e4524bf7a3b26b73fb4e74fb9a3ea5ce28c5cd024d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://btc-binance-hash.su/pay/V21ocVl6RXhNVEF5TURBMmV5SnZJam94TENKMWNITWlPakI5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 18:45:13 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 22 Dec 2022 01:02:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"63a3ac94-618"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FvsHywHCHCtN0mlNW2pN7OBpdmp5jqEm0pnGj7ZHrrpQoLUOAbTF7g%2FZFD076hYSzZ6n32gtPRhvZL5Yx6rX5Lk971NGitx7m1fa9qlFd3ySJw3FoJDjrQmknjpX0xbZKWG3lEmoxigiB%2BbYClszV7zP"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=86400
cf-ray: 82cc86e57a0991dd-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 28 Nov 2023 18:45:13 GMT

GET
H2 200 bootstrap.bundle.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@5.2.3/dist/js/ 79 KB
24 KB 45ms
27ms Script
application/javascript 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@5.2.3/dist/js/bootstrap.bundle.min.js

Requested by

Host: btc-binance-hash.su
URL: https://btc-binance-hash.su/pay/V21ocVl6RXhNVEF5TURBMmV5SnZJam94TENKMWNITWlPakI5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9520018fa5d81f4e4dc9d06afb576f90cbbaba209cfcc6cb60e1464647f7890b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://btc-binance-hash.su/
Origin: https://btc-binance-hash.su
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 18:45:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1704352
x-jsd-version: 5.2.3
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230097-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"13a24-kNFQNu9I/LM2oTW66BK0VmnxkEQ"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9HRzQrxZ9qtjpgZ8S5iLIe9spenngo4ty9c2PXAQALtY6C0l5wS68K1sXrgQaX6KN%2Fl1AWM8Fjuz%2BpiVhhb5F6ax0g8Q7VRa3Q0nbC0d9Hk5Vd5y91%2BTIy3leTFIgltY1%2BoOJBLUYIkP2czBfNM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 82cc86e59f575d69-FRA

GET
H2 200 popper.min.js Show response
cdn.jsdelivr.net/npm/@popperjs/core@2.11.6/dist/umd/ 20 KB
8 KB 28ms
25ms Script
application/javascript 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/@popperjs/core@2.11.6/dist/umd/popper.min.js

Requested by

Host: btc-binance-hash.su
URL: https://btc-binance-hash.su/pay/V21ocVl6RXhNVEF5TURBMmV5SnZJam94TENKMWNITWlPakI5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

051a8137b75880006ab58f47778ca713ed6c967130faba043c5cd0ed34517dc8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://btc-binance-hash.su/
Origin: https://btc-binance-hash.su
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 18:45:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1532001
x-jsd-version: 2.11.6
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230054-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"4e7f-YDO5/9GsCmSrp3VxzVXmgduuK5k"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NitowGVTEMozCCPoUYKuYjMnou6wkilAHohETuPWxPVNltWr6YkDxzVy5q%2BQ5dJl%2B%2Bp0elww45yR7wOf9Mg83TYwuei2kL0rt58kN6Z7AQCwjuPTu%2FofPfS0%2FewjdSXxL6s3aoXqmqfil0EJsFA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 82cc86e5cf805d69-FRA

GET
H2 200 bootstrap.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@5.2.3/dist/js/ 59 KB
17 KB 19ms
19ms Script
application/javascript 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@5.2.3/dist/js/bootstrap.min.js

Requested by

Host: btc-binance-hash.su
URL: https://btc-binance-hash.su/pay/V21ocVl6RXhNVEF5TURBMmV5SnZJam94TENKMWNITWlPakI5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9bcd4d0f29dc6556ebeeff44eaa0965f0c7f7308ee58394708cce2f698cca1b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://btc-binance-hash.su/
Origin: https://btc-binance-hash.su
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 18:45:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1339224
x-jsd-version: 5.2.3
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230042-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"ebf4-hH3/iZtbz47kNOOJ4qkQuh26128"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zm63DOrJgrDDEQUluKXOVOEyq31wvTqeWWQQiqCRP1jAhlyUrzQoqmSHxShVnOA%2Ftumf54VVdgEQe1rf1QTndSUqDuSwuHtzkWC6TbrntkMYOzUrF2ExXS5KVg%2FwHXZBqTQXyS7xGFxVTLbybw4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 82cc86e5cf895d69-FRA

GET
H2 200 free.min.css Show response
ka-f.fontawesome.com/releases/v6.4.2/css/ 100 KB
23 KB 41ms
24ms Fetch
text/css 2606:4700:e6::ac40:cd14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v6.4.2/css/free.min.css?token=b9e303e80e
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/b9e303e80e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:cd14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5e0821588462d15b0ff8e911760fc041332c162e2e30ab4b1071bcc8eb6c8223

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://btc-binance-hash.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 18:45:13 GMT
via: 1.1 3bdef981159de9c713020c64476ba0e4.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: AMS1-P2
age: 687855
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 01 Aug 2023 19:07:56 GMT
server: cloudflare
etag: W/"ae737a19e46fd502ba9cbe9e33213861"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vgNx9joJXETJ%2BoGtaJG2Jsutt4uUPz5tcVMvZ1j4I2y9DOMQ35BZ1kfwYMJ8IqJZEEzgoXSIyIzbCk6bn%2BhKpcMx05bewfwCWaBnU1mCa41vzCe%2BLB%2FLFUPqeo3zhlrOe7w5zuByO4jS5U01tMzRN1TS0A%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 82cc86e6bee53680-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: rqsHX79jgRiy1F-hRcSUJhcvBSNItUkTEDqGWjbDUGYBocIq8LQTSQ==

GET
H2 200 free-v4-shims.min.css Show response
ka-f.fontawesome.com/releases/v6.4.2/css/ 27 KB
5 KB 38ms
22ms Fetch
text/css 2606:4700:e6::ac40:cd14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v6.4.2/css/free-v4-shims.min.css?token=b9e303e80e
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/b9e303e80e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:cd14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 236e285339a2a692e9491d356489cdf83513cfb1add049a0620123d644e47554

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://btc-binance-hash.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 18:45:13 GMT
via: 1.1 27f780feafa4114cfc67d86fca85d124.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA56-C2
age: 372060
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 01 Aug 2023 19:07:56 GMT
server: cloudflare
etag: W/"da06df503ced6ee507b5fb4fa0999f74"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oL2CaDZKzp%2BXWwukl405pMQafX0bjoBZl9QVWf5hmylZUWY2Lqf1CFRp9NbJKHArcbhuO0Xe%2F%2Fws6Cu2fBTkMlZsG%2B%2FuC9vMosz87eH0voATLlYnvVGU35JSRyDse4%2B93zyDzbU1yd62UajOafjhmrBcRQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 82cc86e6bede3680-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: ZtwUhHuzOGC25EVOnFwkpoteCwBXd8ngnM8efQOCi8YRWAG7OfrDEA==

GET
H2 200 free-v5-font-face.min.css Show response
ka-f.fontawesome.com/releases/v6.4.2/css/ 823 B
1 KB 37ms
21ms Fetch
text/css 2606:4700:e6::ac40:cd14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v6.4.2/css/free-v5-font-face.min.css?token=b9e303e80e
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/b9e303e80e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:cd14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0e81443469aa4b967191ce19b7474eb223746a2b8d5dc42d3786da84d99dfad9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://btc-binance-hash.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 18:45:13 GMT
via: 1.1 0434556f8ccac61e8735f7c75767727c.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA56-C2
age: 372060
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 01 Aug 2023 19:07:56 GMT
server: cloudflare
etag: W/"dbf296002d53e56d340b105d9d764940"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oCEqs5O0kpu2MBUPloek77E0%2B1zCX7qK09SXs%2F%2FPEz9GnORf5Ee4S1odocLAR1WuBeddIVxcLQiHRtq988VhGlzSATLNdjdfBsSa61AgWSbay83ZdXUcWLtRokd21RNiCO1856Q72qVgrrfAwWKiEAqbXg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 82cc86e6bee13680-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: BMViZnqGnGlvQX4IEvYrRLW1IKLt-1VXea525x4b0k33zPoM4wYbSQ==

GET
H2 200 free-v4-font-face.min.css Show response
ka-f.fontawesome.com/releases/v6.4.2/css/ 2 KB
1 KB 39ms
22ms Fetch
text/css 2606:4700:e6::ac40:cd14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v6.4.2/css/free-v4-font-face.min.css?token=b9e303e80e
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/b9e303e80e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:cd14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6c58c4804370b9c347d517491c450416ca371fb1403aceaa1d6f751403b07c48

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://btc-binance-hash.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 18:45:13 GMT
via: 1.1 07fbd2276304c86925071791c7032950.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA56-C2
age: 372060
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 01 Aug 2023 19:07:56 GMT
server: cloudflare
etag: W/"9b853b50f37dd0ca770ce0f294d427df"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F5e%2FpL6u74fszJWcWyhBSOFm9vWBAN1IQJBM8XPljTb2zAgGf%2BP5hxN44erXKc30%2B%2F7WzvAX3xv2xppsS00A6lJFbZMfL7zqK39TBS4Jw%2BQkHn2t%2FW1BmdocE0dip5Z7i3wNun1JravxIB6LcEqlY4117Q%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 82cc86e6bee33680-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: IdSKcq2tcA7tNI4kuLkXKOBS7fjREMH3BtdGSvj2KleKmTnIDQ7TqA==

GET
H2 200 ZN9dhUT2fKcftXYhjkQp Show response
fpjscdn.net/v3/ 129 KB
44 KB 47ms
11ms Script
text/javascript 18.66.112.28
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fpjscdn.net/v3/ZN9dhUT2fKcftXYhjkQp

Requested by

Host: btc-binance-hash.su
URL: https://btc-binance-hash.su/pay/V21ocVl6RXhNVEF5TURBMmV5SnZJam94TENKMWNITWlPakI5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.28 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-28.fra56.r.cloudfront.net

Software

CloudFront /

Resource Hash

331a0af898ec0a9f49fbd65f46dfb9ca670fc18c2bf20500aa56ecac87351e20

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://btc-binance-hash.su/
Origin: https://btc-binance-hash.su
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 22:22:01 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: br
via: 1.1 fb49d852ca52c03c834ce98098b51516.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 246192
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
server: CloudFront
etag: W/"nvgnPzyaGIWXoPMUF9vWkIOGMnc"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3580, s-maxage=591483
timing-allow-origin: *
x-amz-cf-id: By2WdBr0HvTc3K-0HGgQ6ekcYzSBvfGOAUaD4MXquIHx4oRZPglE6g==

GET
H2 200 free-fa-solid-900.woff2
ka-f.fontawesome.com/releases/v6.4.2/webfonts/ 147 KB
147 KB 17ms
16ms Font
font/woff2 2606:4700:e6::ac40:cd14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v6.4.2/webfonts/free-fa-solid-900.woff2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:cd14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d3e9a900f61c6811de529e4227226b898ce88b65a66347d0088a2da3af5e60b5

Request headers

Referer: https://btc-binance-hash.su/
Origin: https://btc-binance-hash.su
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 18:45:13 GMT
via: 1.1 bfa7dfbe8ca6d4eb3690c4c82ca6c0fa.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA56-C2
age: 372060
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 150020
last-modified: Tue, 01 Aug 2023 19:25:32 GMT
server: cloudflare
etag: "a8dcee416ebfe6e615e5902a49500e48"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XjWYwDjumIcExOQ07%2FGt6V7wECglFoiynzxwQu%2BNjwLnJe6Wx4onRzgBVRNlx%2BCLwuto1uxEAk8mYibCaG09OVdYNd2qfIsPxJHGCOaR59HnnHH5JxsPLZmOb8MQaQAjVBGrtpPNBnPLoVoroIx%2BN87BzA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 82cc86e6ff2d3680-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: 9aBnEkeu5WlaMiLEm5U4OzyoymZR3NCHZvk-BJqBLhOYRE9fPMNvxw==

GET
H2 200 free-fa-regular-400.woff2
ka-f.fontawesome.com/releases/v6.4.2/webfonts/ 24 KB
24 KB 15ms
14ms Font
font/woff2 2606:4700:e6::ac40:cd14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v6.4.2/webfonts/free-fa-regular-400.woff2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:cd14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6fcf2a1cc0b01c13837cd5c8110ef9960ecdf7d45f37d2a4319b81eebd56db06

Request headers

Referer: https://btc-binance-hash.su/
Origin: https://btc-binance-hash.su
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 18:45:13 GMT
via: 1.1 cbe141923b7469a299306144733821c2.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA56-C2
age: 372060
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 24464
last-modified: Tue, 01 Aug 2023 19:25:32 GMT
server: cloudflare
etag: "e2b7a02eef2f9c93b609ba5831dc9b7f"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iSwFTZRhjScv4G3XLFe%2F2FLAt3MtNZevDcVP4JdiIEpcXY1kgKdjXfrzDjJx41OI2SzT6M7WEHA6s8ZXoRKu%2BZXG67d3nJ0vTdhdAWxlGuiwltzzvttfGDLCERK0PPc%2FwPJ%2BFGCJ4tXMXx9%2FzjfKxgOHLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 82cc86e6ff2f3680-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: zVZP0yQmYWbK7Ah9jsJtkd4RAEJ_50sg1IfT4GhNSP4ixsinMdMvbA==

GET
H2 200 KahAOv Show response
api.fpjs.io/Xnrig/ 96 B
464 B 673ms
100ms XHR
text/plain 76.223.60.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.fpjs.io/Xnrig/KahAOv

Requested by

Host: fpjscdn.net
URL: https://fpjscdn.net/v3/ZN9dhUT2fKcftXYhjkQp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.223.60.10 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a46a250059e296ddb.awsglobalaccelerator.com

Software

nginx/1.22.1 /

Resource Hash

461ff714ab297eb1e25a5eeadc8c0b354dc22416cbabd79dcc5b1cc70cd91d58

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; frame-ancestors 'none'
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://btc-binance-hash.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 18:45:14 GMT
content-security-policy: default-src 'none'; frame-ancestors 'none'
referrer-policy: no-referrer
strict-transport-security: max-age=63072000
server: nginx/1.22.1
x-content-type-options: nosniff
x-frame-options: DENY
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Retry-After
cache-control: max-age=31536000, immutable, private
timing-allow-origin: *
x-robots-tag: noindex
content-length: 96

POST
H2 200 / Show response
api.fpjs.io/ 983 B
1 KB 360ms
171ms XHR
text/plain 76.223.60.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.fpjs.io/?ci=js/3.8.29

Requested by

Host: fpjscdn.net
URL: https://fpjscdn.net/v3/ZN9dhUT2fKcftXYhjkQp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.223.60.10 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a46a250059e296ddb.awsglobalaccelerator.com

Software

nginx/1.22.1 /

Resource Hash

652b1b5b3f9978072762af20243f578eb23827bd10ff876490f16d646adeec42

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; frame-ancestors 'none'
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://btc-binance-hash.su/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 27 Nov 2023 18:45:14 GMT
content-security-policy: default-src 'none'; frame-ancestors 'none'
referrer-policy: no-referrer
strict-transport-security: max-age=63072000
server: nginx/1.22.1
x-content-type-options: nosniff
vary: Origin
x-frame-options: DENY
content-type: text/plain
access-control-allow-origin: https://btc-binance-hash.su
access-control-expose-headers: Retry-After
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 983

Verdicts & Comments Add Verdict or Comment

Malicious page.url
Submitted on November 27th 2023, 6:45:50 pm UTC — From United States

Threats: Scam
Comment: https://binance-partners-pay.pro/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1701100800

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
btc-binance-hash.su/	1970-01-20 16:41:55	Name: customer1 Value: %7B%22p%22%3A1%2C%22u%22%3A0%7D
.fpjs.io/	1970-01-21 01:17:26	Name: _iidt Value: TAe3WJXrGDtezSm3Nvlg8k5wqzxpSIZ0s6fsQwvArSOimTumBl3ac3KG3KcUFoeVQjO/xPHiyx1sWRm1xqJeChfS+DlzskGesQ==
.btc-binance-hash.su/	1970-01-21 01:17:26	Name: _vid_t Value: CWdgBX4EaPhF4p1BeV592CswBBHhzaCp13MSWm53AWtnAkJq0L1dKuKFnq3fDhW7lmKOZRYqScFte4HxL8so+gavelsizZ1LMg==

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.fpjs.io
btc-binance-hash.su
cdn.jsdelivr.net
cdnjs.cloudflare.com
fpjscdn.net
ka-f.fontawesome.com
kit.fontawesome.com
unpkg.com
18.66.112.28
2606:4700:3036::6815:1170
2606:4700:4400::6812:2844
2606:4700::6810:5814
2606:4700::6810:7daf
2606:4700::6811:180e
2606:4700:e6::ac40:cd14
76.223.60.10
02fd91e250ad852d43b57d70bd6c5aeb10ad861dc9fac656db1a4c1a9a80a1e8
051a8137b75880006ab58f47778ca713ed6c967130faba043c5cd0ed34517dc8
0a08a674dad5c376ff4c16d23142cf66fd0e74499e225d0130b71f1beb4b37f2
0e81443469aa4b967191ce19b7474eb223746a2b8d5dc42d3786da84d99dfad9
236e285339a2a692e9491d356489cdf83513cfb1add049a0620123d644e47554
331a0af898ec0a9f49fbd65f46dfb9ca670fc18c2bf20500aa56ecac87351e20
461ff714ab297eb1e25a5eeadc8c0b354dc22416cbabd79dcc5b1cc70cd91d58
4c8c36c2be3e6a6b8668511f9a678aec1f28a10513fa973609e3353f62432a89
5e0821588462d15b0ff8e911760fc041332c162e2e30ab4b1071bcc8eb6c8223
652b1b5b3f9978072762af20243f578eb23827bd10ff876490f16d646adeec42
6c58c4804370b9c347d517491c450416ca371fb1403aceaa1d6f751403b07c48
6fcf2a1cc0b01c13837cd5c8110ef9960ecdf7d45f37d2a4319b81eebd56db06
9520018fa5d81f4e4dc9d06afb576f90cbbaba209cfcc6cb60e1464647f7890b
9842c6a8f2484b4a765ce9e4524bf7a3b26b73fb4e74fb9a3ea5ce28c5cd024d
9bcd4d0f29dc6556ebeeff44eaa0965f0c7f7308ee58394708cce2f698cca1b0
ade3b390869cbe57029688e4b22b11da919809a188c19e85e3029f433b498e95
b9ecabaabf25f2bbceb0c2eabaff77ed61f69c29ce551b1a8ac7156f87108cf4
c0bcf7898fdc3b87babca678cd19a8e3ef570e931c80a3afbffcc453738c951a
d3e9a900f61c6811de529e4227226b898ce88b65a66347d0088a2da3af5e60b5

btc-binance-hash.su Open in urlscan Pro 2606:4700:3036::6815:1170 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Community Verdicts: Malicious — 1 votes Show Verdicts

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

19 Requests

95 %HTTPS

75 %IPv6

7 Domains

8 Subdomains

8 IPs

1 Countries

397 kBTransfer

971 kBSize

3 Cookies

0 Outgoing links

Redirected requests

19 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Malicious page.url Submitted on November 27th 2023, 6:45:50 pm UTC — From United States

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

11 JavaScript Global Variables

3 Cookies

Indicators

btc-binance-hash.su Open in urlscan Pro
2606:4700:3036::6815:1170 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

19
Requests

95 %
HTTPS

75 %
IPv6

7
Domains

8
Subdomains

8
IPs

1
Countries

397 kB
Transfer

971 kB
Size

3
Cookies

19 HTTP transactions
0 data transactions

Malicious page.url
Submitted on November 27th 2023, 6:45:50 pm UTC — From United States

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!