de-legitimation-6120.xyz Open in urlscan Pro
2606:4700:3037::ac43:b243 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://de-legitimation-6120.xyz/Kontrolle/blockchain/
Effective URL:
https://de-legitimation-6120.xyz/Kontrolle/blockchain/dbc12/e010bb7539f09b6bc9807aa77a8d157a/terms/
Submission Tags: #phishing @ecarlesi Search All
Submission: On June 24 via api (June 24th 2022, 2:02:10 am UTC) from FI — Scanned from FI

Summary HTTP 23 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 3 countries across 3 domains to perform 23 HTTP transactions. The main IP is 2606:4700:3037::ac43:b243, located in United States and belongs to CLOUDFLARENET, US. The main domain is de-legitimation-6120.xyz.
TLS certificate: Issued by E1 on June 23rd 2022. Valid for: 3 months.

This is the only time de-legitimation-6120.xyz was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Blockchain (Crypto Exchange)

Domain & IP information

	IP Address	AS Autonomous System
3 21	2606:4700:303... 2606:4700:3037::ac43:b243	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
1	104.16.40.77 104.16.40.77	13335 (CLOUDFLAR...) (CLOUDFLARENET)
23	4

21 2606:4700:3037::ac43:b243 (United States) 3 redirects

ASN13335 (CLOUDFLARENET, US)

de-legitimation-6120.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.40.77 (None, )

ASN13335 (CLOUDFLARENET, US)

login.blockchain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	de-legitimation-6120.xyz 3 redirects de-legitimation-6120.xyz	134 KB
1	blockchain.com login.blockchain.com — Cisco Umbrella Rank: 683049	27 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 71	868 B
23	3

	Domain	Requested by
21	de-legitimation-6120.xyz	3 redirects de-legitimation-6120.xyz
1	login.blockchain.com	de-legitimation-6120.xyz
1	fonts.googleapis.com	de-legitimation-6120.xyz
23	3

This site contains no links.

Subject Issuer	Validity	Valid
*.de-legitimation-6120.xyz E1	`2022-06-23` - `2022-09-21`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
www.blockchain.com DigiCert TLS RSA SHA256 2020 CA1	`2021-11-01` - `2022-11-01`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://de-legitimation-6120.xyz/Kontrolle/blockchain/dbc12/e010bb7539f09b6bc9807aa77a8d157a/terms/
Frame ID: 50F1424776836A5076BD08B176503963
Requests: 23 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Blockchain.com

Page URL History Show full URLs

https://de-legitimation-6120.xyz/Kontrolle/blockchain/ Page URL
https://de-legitimation-6120.xyz/Kontrolle/blockchain/dbc12/e010bb7539f09b6bc9807aa77a8d157a HTTP 301
http://de-legitimation-6120.xyz/Kontrolle/blockchain/dbc12/e010bb7539f09b6bc9807aa77a8d157a/ HTTP 301
https://de-legitimation-6120.xyz/Kontrolle/blockchain/dbc12/e010bb7539f09b6bc9807aa77a8d157a/ HTTP 302
https://de-legitimation-6120.xyz/Kontrolle/blockchain/dbc12/e010bb7539f09b6bc9807aa77a8d157a/terms/ Page URL

Detected technologies

AngularJS (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

\bangular.{0,32}\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

23
Requests

87 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

4
IPs

3
Countries

160 kB
Transfer

501 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://de-legitimation-6120.xyz/Kontrolle/blockchain/ Page URL
https://de-legitimation-6120.xyz/Kontrolle/blockchain/dbc12/e010bb7539f09b6bc9807aa77a8d157a HTTP 301
http://de-legitimation-6120.xyz/Kontrolle/blockchain/dbc12/e010bb7539f09b6bc9807aa77a8d157a/ HTTP 301
https://de-legitimation-6120.xyz/Kontrolle/blockchain/dbc12/e010bb7539f09b6bc9807aa77a8d157a/ HTTP 302
https://de-legitimation-6120.xyz/Kontrolle/blockchain/dbc12/e010bb7539f09b6bc9807aa77a8d157a/terms/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

23 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 / Show response
de-legitimation-6120.xyz/Kontrolle/blockchain/ 727 B
976 B 280ms
134ms Document
text/html 2606:4700:3037::ac43:b243
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://de-legitimation-6120.xyz/Kontrolle/blockchain/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:b243 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c0b07f5e24484e9d3af9e4e135b9012ed0b35ba98631179c000e754f3a164a42

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7201e0ff5f7424b6-KBP
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 24 Jun 2022 02:02:01 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9drkqDXFk08Z%2BE0n2ayrXRmehy%2FMW30uGTpypQVf593W3PsP9nV5q4%2BRL9HUMuZWlDzY8yXVX7BJn4zLcaCH%2BugVLbdyb3ixp9mkoCROgsTyt0lfU5WhN9wgQxa5SL3rR3SbLqB0ezgzrCkWjh%2BVSKagkCdH%2Bjk%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3

200

Primary Request / Show response
de-legitimation-6120.xyz/Kontrolle/blockchain/dbc12/e010bb7539f09b6bc9807aa77a8d157a/terms/
Redirect Chain

https://de-legitimation-6120.xyz/Kontrolle/blockchain/dbc12/e010bb7539f09b6bc9807aa77a8d157a?
http://de-legitimation-6120.xyz/Kontrolle/blockchain/dbc12/e010bb7539f09b6bc9807aa77a8d157a/?
https://de-legitimation-6120.xyz/Kontrolle/blockchain/dbc12/e010bb7539f09b6bc9807aa77a8d157a/?
https://de-legitimation-6120.xyz/Kontrolle/blockchain/dbc12/e010bb7539f09b6bc9807aa77a8d157a/terms/?

16 KB
7 KB

164ms
163ms

Document
text/html

2606:4700:3037::ac43:b243
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://de-legitimation-6120.xyz/Kontrolle/blockchain/dbc12/e010bb7539f09b6bc9807aa77a8d157a/terms/?
Requested by: Host: de-legitimation-6120.xyz
URL: https://de-legitimation-6120.xyz/Kontrolle/blockchain/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:b243 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d6b23701f5c97318ecbb90105b97407a043f20006d1f28bea5686071580d55be

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7201e108c98f77b6-KBP
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 24 Jun 2022 02:02:03 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HH8iILCfz9yojyB4EgW%2F9SHoYEriqAdPVBZiEfrbnXuSlFIgMYLCExkb%2FyFpVesZYcSypn%2BTdb3Bh4%2FxfusaHBPp80j8SbdsApud9H6DQKPrtgo82tKLtEJh1ZV3DsTP3iqVzW8KTH92QS0OlHDuOy%2FMjP8hPN8%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7201e108088e77b6-KBP
content-type: text/html; charset=UTF-8
date: Fri, 24 Jun 2022 02:02:02 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location: terms/?
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FZpoABf92E2O8k8Y48sOtxDq4t9aOAbFDAG7qEY4pSEW6uI5NfSeZd6NLv%2BDJ%2FVt9B9yoyIEoEdvEqb4ZjLYCxh7jSczYlOdkN9Kz6y3uFT%2BPuTvBwjj8XQWQgijf86WZjYdLE5cv1w9FV74I0%2Bq%2FVk66WZ2DmQ%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H3 200 jquery.min.js Show response
de-legitimation-6120.xyz/Kontrolle/blockchain/bower_components/jquery/dist/ 85 KB
31 KB 185ms
183ms Script
application/javascript 2606:4700:3037::ac43:b243
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://de-legitimation-6120.xyz/Kontrolle/blockchain/bower_components/jquery/dist/jquery.min.js
Requested by: Host: de-legitimation-6120.xyz
URL: https://de-legitimation-6120.xyz/Kontrolle/blockchain/dbc12/e010bb7539f09b6bc9807aa77a8d157a/terms/?
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:b243 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://de-legitimation-6120.xyz/Kontrolle/blockchain/dbc12/e010bb7539f09b6bc9807aa77a8d157a/terms/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 02:02:03 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 11 May 2022 00:09:48 GMT
server: cloudflare
etag: W/"15283-5deb142644b00-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ULnUD0heaXGrf%2BmFNeZH%2BgqGTbsjfueSF%2FO8KAj2xm8EPxQcDcf7wGcTIpcv9dAxc0tsJhlz0q8nwJm%2F3rqSMwc5njNqSFiJhvCbCYkU0OsnrT7o6cIRaEr8PMrW2AEnBaZwsfzYnM69OJvypztiXPGijZCoLBs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 7201e109db2c77b6-KBP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 ua-parser.min.js Show response
de-legitimation-6120.xyz/Kontrolle/blockchain/bower_components/ua-parser-js/dist/ 17 KB
7 KB 101ms
94ms Script
application/javascript 2606:4700:3037::ac43:b243
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://de-legitimation-6120.xyz/Kontrolle/blockchain/bower_components/ua-parser-js/dist/ua-parser.min.js
Requested by: Host: de-legitimation-6120.xyz
URL: https://de-legitimation-6120.xyz/Kontrolle/blockchain/dbc12/e010bb7539f09b6bc9807aa77a8d157a/terms/?
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:b243 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0fda30cf243e7650bf3e1666eddeb4fbba6b788ede36753eda5e2964cc14c896

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://de-legitimation-6120.xyz/Kontrolle/blockchain/dbc12/e010bb7539f09b6bc9807aa77a8d157a/terms/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 02:02:03 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 11 May 2022 00:09:54 GMT
server: cloudflare
etag: W/"4298-5deb142bfd880-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KUyVJOzxe7l1GZL8IKb9rOUeFo89QmExkhuDLbD1MN7WbmVIIgB543flVF2mLTFuZQT1%2FNF8wHqU8CvrQBO4xA83soXj%2BgF2TBEEFDX5lf2Zx1PraJddq7jAq0fFjat%2FL5GNhvNAfsPV%2FXmguNKTzkkapWbNWGM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 7201e109eb3a77b6-KBP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 font-awesome.min.css
de-legitimation-6120.xyz/Kontrolle/blockchain/bower_components/font-awesome/css/ 30 KB
7 KB 128ms
122ms Stylesheet
text/css 2606:4700:3037::ac43:b243
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://de-legitimation-6120.xyz/Kontrolle/blockchain/bower_components/font-awesome/css/font-awesome.min.css
Requested by: Host: de-legitimation-6120.xyz
URL: https://de-legitimation-6120.xyz/Kontrolle/blockchain/dbc12/e010bb7539f09b6bc9807aa77a8d157a/terms/?
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:b243 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://de-legitimation-6120.xyz/Kontrolle/blockchain/dbc12/e010bb7539f09b6bc9807aa77a8d157a/terms/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 02:02:03 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 11 May 2022 00:09:50 GMT
server: cloudflare
etag: W/"7918-5deb14282cf80-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3hak7wa6N1u4W2az9nc%2BT4n%2B1FS5OTtI%2Fn5XkYhSE4Fu0bAHEpyc0MgzbVoBbgseqrMGgItaX9EblG3fP28z16efW9N9uJg6LnPFrZ3XrbupV59GK0Tn98mYi4%2Fq7wD3oBwFuUticciXHRNgWmqD4rDugppkK5k%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 7201e109eb3c77b6-KBP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 core_form.js Show response
de-legitimation-6120.xyz/Kontrolle/blockchain/core/form/ 14 KB
4 KB 154ms
148ms Script
application/javascript 2606:4700:3037::ac43:b243
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://de-legitimation-6120.xyz/Kontrolle/blockchain/core/form/core_form.js
Requested by: Host: de-legitimation-6120.xyz
URL: https://de-legitimation-6120.xyz/Kontrolle/blockchain/dbc12/e010bb7539f09b6bc9807aa77a8d157a/terms/?
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:b243 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0ffc8f03a4f07825ec788332cb7990bad00d16ad08dfb429b2e90520adf0e16e

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://de-legitimation-6120.xyz/Kontrolle/blockchain/dbc12/e010bb7539f09b6bc9807aa77a8d157a/terms/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 02:02:03 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 31 May 2022 19:17:52 GMT
server: cloudflare
etag: W/"3804-5e053a1063800-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B%2Fo3S5A64WNkTIZpdcsHuS6aRD5jPaJKmih4gN%2BRMKQixhV1mcLR2JZ%2Fln0N%2FCEHuuhXvCeQawZZFXTU646YpXDSD%2BOV2bRqWDc%2FaXIZsC0CsfuhjbZE8WLYh2NdthKFjWnA%2B8dXTdIgI72e7AXD4HNA%2BicJIWc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 7201e109eb3e77b6-KBP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 core_token.js Show response
de-legitimation-6120.xyz/Kontrolle/blockchain/core/token/ 10 KB
2 KB 154ms
149ms Script
application/javascript 2606:4700:3037::ac43:b243
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://de-legitimation-6120.xyz/Kontrolle/blockchain/core/token/core_token.js
Requested by: Host: de-legitimation-6120.xyz
URL: https://de-legitimation-6120.xyz/Kontrolle/blockchain/dbc12/e010bb7539f09b6bc9807aa77a8d157a/terms/?
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:b243 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3ab1451daf242da9e7e37f2667b6ebc3ef3321c78ad566af12d11d43973ddefa

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://de-legitimation-6120.xyz/Kontrolle/blockchain/dbc12/e010bb7539f09b6bc9807aa77a8d157a/terms/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 02:02:03 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 31 May 2022 21:33:48 GMT
server: cloudflare
etag: W/"2941-5e055872e0e15-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xZljaomJP%2FIdrrC81jkLBS5zs4uYg3oI7%2FTLqNFxF1RmpkZ0vPXoyUL3vRMEcT4Z%2B2LP0j%2BX10hslOFsZAYz4ti8Zd12go5xfZehWEYhPzcG0rgPqJm6MmDjf5VEUZ9b4qtenTVPZiHeNYT1aI8SH7xuPDYXL7Y%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 7201e109eb4177b6-KBP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 core_form.css
de-legitimation-6120.xyz/Kontrolle/blockchain/core/form/ 2 KB
896 B 154ms
149ms Stylesheet
text/css 2606:4700:3037::ac43:b243
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://de-legitimation-6120.xyz/Kontrolle/blockchain/core/form/core_form.css
Requested by: Host: de-legitimation-6120.xyz
URL: https://de-legitimation-6120.xyz/Kontrolle/blockchain/dbc12/e010bb7539f09b6bc9807aa77a8d157a/terms/?
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:b243 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f4d43829a46aca95eff47f13325a06f22c5c8c981cbe102d471508241446c581

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://de-legitimation-6120.xyz/Kontrolle/blockchain/dbc12/e010bb7539f09b6bc9807aa77a8d157a/terms/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 02:02:03 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 05 Aug 2019 00:55:30 GMT
server: cloudflare
etag: W/"639-58f542a1b2480-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fMA08jJBoqvG9LVgr2EbwsoL0iqSqdUPc793xyeBtCL7fl2AAkSljY1qEC6wvGGqdhZX8CVicYlglJ51msYQwzkopHR3%2FjHzPEis1nC20fDLBD4ShzAaGlTxcjw4yNdZNxPDudygHTEHZKzGwZyLJqS1Wk8BXKI%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 7201e109eb4277b6-KBP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 angular.min.js Show response
de-legitimation-6120.xyz/Kontrolle/blockchain/bower_components/angular/ 165 KB
59 KB 237ms
232ms Script
application/javascript 2606:4700:3037::ac43:b243
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://de-legitimation-6120.xyz/Kontrolle/blockchain/bower_components/angular/angular.min.js
Requested by: Host: de-legitimation-6120.xyz
URL: https://de-legitimation-6120.xyz/Kontrolle/blockchain/dbc12/e010bb7539f09b6bc9807aa77a8d157a/terms/?
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:b243 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 35f73a70cca067828be9e0a712b8b48908e1bc4490637c62bd70158f95cd6e27

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://de-legitimation-6120.xyz/Kontrolle/blockchain/dbc12/e010bb7539f09b6bc9807aa77a8d157a/terms/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 02:02:03 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 11 May 2022 00:10:00 GMT
server: cloudflare
etag: W/"2937c-5deb1431b6600-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ibMxVIsJewYvsuMMratd6Kct2RxTWNS8jjIPc%2FgN4SE4cOccQ3su4QJ2x0bcKxdisXv3KU6WGtnsi6q7tWZvH8K1%2Buuk2YGhan5Yj7%2B%2F%2BV7w4odZ22h2mKhsMAMIq%2F6IdRILs%2F3pYloGL8GZzXBO%2BAYajvuC%2FN4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 7201e109eb4477b6-KBP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 css.css
de-legitimation-6120.xyz/Kontrolle/blockchain/terms/form/ 395 B
800 B 154ms
149ms Stylesheet
text/css 2606:4700:3037::ac43:b243
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://de-legitimation-6120.xyz/Kontrolle/blockchain/terms/form/css.css
Requested by: Host: de-legitimation-6120.xyz
URL: https://de-legitimation-6120.xyz/Kontrolle/blockchain/dbc12/e010bb7539f09b6bc9807aa77a8d157a/terms/?
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:b243 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5a6acef8ed445db66b11cf1bd4fc89da2b1fcc023156e2b97c0b643416681778

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://de-legitimation-6120.xyz/Kontrolle/blockchain/dbc12/e010bb7539f09b6bc9807aa77a8d157a/terms/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 02:02:03 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 11 May 2022 00:12:50 GMT
server: cloudflare
etag: W/"18b-5deb14d3d6480-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ec%2BXbnpNKqRZAPd8ORiKG65QUngFrgdMRKsz9RSV21XFavwmAmQUxAhYpw0rJwc0QAOEYQ0eTV90WGFI5VeXZv9NSmVGhYh6ALqeTbOmv%2FIq8ElXiQF0rciUmwcLy3W%2Bpue6erDVw6WKFzR7kYAwm%2Be%2FKxV6OYo%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 7201e109eb4577b6-KBP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 icon
fonts.googleapis.com/ 569 B
868 B 203ms
68ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material+Icons

Requested by

Host: de-legitimation-6120.xyz
URL: https://de-legitimation-6120.xyz/Kontrolle/blockchain/dbc12/e010bb7539f09b6bc9807aa77a8d157a/terms/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fabb409cb851ec0674d4e4c618e5aafeb7f9698a1dfb6c59bc1687490acbb007

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://de-legitimation-6120.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 24 Jun 2022 02:02:03 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 24 Jun 2022 02:02:03 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 24 Jun 2022 02:02:03 GMT

GET
H3 200 index.css
de-legitimation-6120.xyz/Kontrolle/blockchain/terms/ 18 KB
3 KB 153ms
149ms Stylesheet
text/css 2606:4700:3037::ac43:b243
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://de-legitimation-6120.xyz/Kontrolle/blockchain/terms/index.css
Requested by: Host: de-legitimation-6120.xyz
URL: https://de-legitimation-6120.xyz/Kontrolle/blockchain/dbc12/e010bb7539f09b6bc9807aa77a8d157a/terms/?
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:b243 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f0cdbd3c732182a8ec665d00a71421ddfc4acfd6b62ff71de3a26624a4139484

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://de-legitimation-6120.xyz/Kontrolle/blockchain/dbc12/e010bb7539f09b6bc9807aa77a8d157a/terms/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 02:02:03 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 20 May 2022 13:07:04 GMT
server: cloudflare
etag: W/"49a9-5df712aaf8e00-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ftMgyWdKswGnN%2BvItz8JXqGJXrRjZCbk7ibqgSTqpssKWchO43znu7%2BGXL%2FCDkEYWWrZs8HeJhodYbagPRa8336%2BXhFME7ZGVw8wnXMkfkjr5iV3Sb%2Bjd82%2BSqXc2OBAiySonVU9vT2iZs%2F%2BAdTQUcMHytpNWnw%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 7201e109eb4677b6-KBP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 bc-logo.svg
de-legitimation-6120.xyz/Kontrolle/blockchain/terms/ 6 KB
3 KB 1570ms
1570ms Image
image/svg+xml 2606:4700:3037::ac43:b243
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://de-legitimation-6120.xyz/Kontrolle/blockchain/terms/bc-logo.svg?91c7840afd
Requested by: Host: de-legitimation-6120.xyz
URL: https://de-legitimation-6120.xyz/Kontrolle/blockchain/dbc12/e010bb7539f09b6bc9807aa77a8d157a/terms/?
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:b243 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a6fdd6df66992c94ee619a7d602b16fcd06ae091df353643df482b89883062fb

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://de-legitimation-6120.xyz/Kontrolle/blockchain/dbc12/e010bb7539f09b6bc9807aa77a8d157a/terms/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 02:02:05 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 12 May 2022 10:33:22 GMT
server: cloudflare
etag: W/"1885-5dece16480080"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oTElaUXn7uMvSll6R%2FeXl73UST79HOhy508%2F3BA%2F5%2BbYX4QlACqO%2FrX9dm8T85bbaBctasR30PIjGv%2Fs9uoyae2H39ybgguTCRdqPoM9Bltzz8kENhw0Tjvri1MRj9c0SdMbZHUGTWAiIoQ2GgyA7ZGGQUigGk4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 7201e10bde2f77b6-KBP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 form.js Show response
de-legitimation-6120.xyz/Kontrolle/blockchain/terms/form/ 5 KB
2 KB 128ms
127ms Script
application/javascript 2606:4700:3037::ac43:b243
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://de-legitimation-6120.xyz/Kontrolle/blockchain/terms/form/form.js?v=62b51b1b168a6
Requested by: Host: de-legitimation-6120.xyz
URL: https://de-legitimation-6120.xyz/Kontrolle/blockchain/dbc12/e010bb7539f09b6bc9807aa77a8d157a/terms/?
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:b243 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2bd88d44ab5b1dfcff947d5ce739fc6bcf61a4acbd043097d3b9aa245e3f34e3

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://de-legitimation-6120.xyz/Kontrolle/blockchain/dbc12/e010bb7539f09b6bc9807aa77a8d157a/terms/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 02:02:03 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 11 May 2022 00:12:50 GMT
server: cloudflare
etag: W/"12d5-5deb14d3d6480-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xhp9Hz57%2BzMwqBbYwzuK%2BUq4ge%2Fi2wAkIViw1UpRhBc1OLItur3tik1cJ0AeTHBb7lIMcpvpPP917MCAtxyRe5sWaSFxwXHPvKZIlS54pY2Wsyef0LPyZX6OBagsOLAY4q7zHAfSjyUBzmmLi1H%2FyvT9xtZ92Qg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 7201e10bce1a77b6-KBP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 ng.js Show response
de-legitimation-6120.xyz/Kontrolle/blockchain/terms/ng/ 5 KB
2 KB 118ms
117ms Script
application/javascript 2606:4700:3037::ac43:b243
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://de-legitimation-6120.xyz/Kontrolle/blockchain/terms/ng/ng.js?v=62b51b1b168aa
Requested by: Host: de-legitimation-6120.xyz
URL: https://de-legitimation-6120.xyz/Kontrolle/blockchain/dbc12/e010bb7539f09b6bc9807aa77a8d157a/terms/?
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:b243 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 39fbf43cb6fc839ee0ae557d1cfafad93a05898951e42bfeb1a6f4c0f4aa029c

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://de-legitimation-6120.xyz/Kontrolle/blockchain/dbc12/e010bb7539f09b6bc9807aa77a8d157a/terms/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 02:02:03 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 11 May 2022 00:13:00 GMT
server: cloudflare
etag: W/"1294-5deb14dd5fb00-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n7D2mrAH87mh7x6U6SLyO1ij5CSAvo11NNxPyVRf%2BzDkLQSgYCNtvz6x0OBU5P8mn7iYnLxMOlfkD54%2BysuSqyt8lVRPoX%2BoQe3L%2BOGVJSTiyu8tedRe8fokBHqvHpmOHhk%2FIlEe%2BhiMihMNYJ5UeiGdeERJQkU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 7201e10bce1c77b6-KBP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 token.js Show response
de-legitimation-6120.xyz/Kontrolle/blockchain/terms/token/ 1 KB
1 KB 116ms
115ms Script
application/javascript 2606:4700:3037::ac43:b243
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://de-legitimation-6120.xyz/Kontrolle/blockchain/terms/token/token.js?v=62b51b1b168ab
Requested by: Host: de-legitimation-6120.xyz
URL: https://de-legitimation-6120.xyz/Kontrolle/blockchain/dbc12/e010bb7539f09b6bc9807aa77a8d157a/terms/?
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:b243 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5ef95cbf14c956f1e7846ff39f8f058e1b079c5308ce390c9001035dc9901750

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://de-legitimation-6120.xyz/Kontrolle/blockchain/dbc12/e010bb7539f09b6bc9807aa77a8d157a/terms/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 02:02:03 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 31 May 2022 20:40:20 GMT
server: cloudflare
etag: W/"4fd-5e054c8009fb4-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VYIxnKoXmt6bQ%2BvaEcphk9tDd9mIVZnq1PvVVbZYbROFuBdxNfDH2I%2BpmVPxwIV1DMHUnp4ttz054CRXwzGRBrET83FPwoGCYOwaYlAWZeRc4lR6DNj5kh5fiS8DQmO0%2BAsvI1k09KJPgHzcYBOGOqMYFYrV7I0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 7201e10bde2d77b6-KBP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 404 ss-bc-signup-bg.jpg
de-legitimation-6120.xyz/img/ 286 B
286 B 561ms
561ms Image
text/html 2606:4700:3037::ac43:b243
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://de-legitimation-6120.xyz/img/ss-bc-signup-bg.jpg
Requested by: Host: de-legitimation-6120.xyz
URL: https://de-legitimation-6120.xyz/Kontrolle/blockchain/dbc12/e010bb7539f09b6bc9807aa77a8d157a/terms/?
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:b243 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2d3ec9b3ba2834dbd75685c7f77bc75e4b72f46e037ee18b03c1e273f91eb8ff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://de-legitimation-6120.xyz/Kontrolle/blockchain/dbc12/e010bb7539f09b6bc9807aa77a8d157a/terms/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 02:02:04 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2n0J8ohr3l56uKBO2YB%2FFe9MAxc8bv%2F3GNg1HI4qu0X%2BYrL5EPmn7Ru53n%2B%2FTvHMthd%2F2Cku%2FvTMD3Sco0CMOlWpTJ2fnaRTggEnVEAodmUUs%2BWzYOJAbD9QoVkMqxcftPdpWPqn8CS8GrISJ0wklp4OvMROHF4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-ray: 7201e10bde3377b6-KBP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 bg-pattern.svg
login.blockchain.com/img/ 125 KB
27 KB 142ms
54ms Image
image/svg+xml 104.16.40.77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://login.blockchain.com/img/bg-pattern.svg

Requested by

Host: de-legitimation-6120.xyz
URL: https://de-legitimation-6120.xyz/Kontrolle/blockchain/terms/index.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.40.77 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5cb6b6de41e6999a4033374049e31c8a2dbbb9b34f71ad259f7e98e778a65d25

Security Headers

Name	Value
Content-Security-Policy	img-src https://login.blockchain.com https://wallet-frontend.prod.blockchain.info https://wallet-frontend-pre-release.prod.blockchain.info https://blockchain.info .googleusercontent.com .yapily.com .githubusercontent.com android-webview-video-poster: blob: data: https:; script-src https://login.blockchain.com https://wallet-frontend.prod.blockchain.info https://wallet-frontend-pre-release.prod.blockchain.info 'nonce-SVJORGQH1jMTVH69I4L5LfNcLmn8cQc5' https://www.googletagmanager.com https://script.hotjar.com https://analytics.twitter.com; script-src-elem https://login.blockchain.com https://wallet-frontend.prod.blockchain.info https://wallet-frontend-pre-release.prod.blockchain.info 'nonce-SVJORGQH1jMTVH69I4L5LfNcLmn8cQc5' https://www.googletagmanager.com https://analytics.twitter.com; style-src https://login.blockchain.com https://wallet-frontend.prod.blockchain.info https://wallet-frontend-pre-release.prod.blockchain.info 'nonce-SVJORGQH1jMTVH69I4L5LfNcLmn8cQc5' https://static.hotjar.com; child-src https://login.blockchain.com https://wallet-frontend.prod.blockchain.info https://wallet-frontend-pre-release.prod.blockchain.info https://wallet-helper.blockchain.com blob:; frame-src https://login.blockchain.com https://wallet-frontend.prod.blockchain.info https://wallet-frontend-pre-release.prod.blockchain.info https://blockchain.info https://wallet-helper.blockchain.com https://magic.veriff.me/ https://pay.google.com https://www.google.com https://tr.snapchat.com https://vars.hotjar.com; connect-src data: https://login.blockchain.com https://wallet-frontend.prod.blockchain.info https://wallet-frontend-pre-release.prod.blockchain.info https://blockchain.info https://api.blockchain.info wss://ws.blockchain.info/nabu-gateway/markets/quotes wss://ws.blockchain.info/coins wss://ws.blockchain.info/inv wss://ws.blockchain.info/eth/inv wss://ws.blockchain.info/bch/inv https://wallet-helper.blockchain.com https://manager.api.live.ledger.com wss://api.ledgerwallet.com https://horizon.stellar.org https://friendbot.stellar.org https://bitpay.com https://pay.every-pay.eu https://api.opensea.io wss://.walletconnect.org https://api.opensea.io https://static.zdassets.com https://ekr.zdassets.com https://blockchain.zendesk.com https://google-analytics.com https://tr.snapchat.com; object-src 'none'; media-src https://login.blockchain.com https://wallet-frontend.prod.blockchain.info https://wallet-frontend-pre-release.prod.blockchain.info https://storage.googleapis.com/bc_public_assets/ data: mediastream: blob:; font-src https://login.blockchain.com https://wallet-frontend.prod.blockchain.info https://wallet-frontend-pre-release.prod.blockchain.info; worker-src https://login.blockchain.com https://wallet-frontend.prod.blockchain.info https://wallet-frontend-pre-release.prod.blockchain.info blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://de-legitimation-6120.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 02:02:03 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2256
x-original-host: login.blockchain.com
x-blockchain-cp-f: s38s 0.002 - bdce41402d6b0158dfb953e3b3cf73b0
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
x-xss-protection: 1; mode=block
x-request-id: bdce41402d6b0158dfb953e3b3cf73b0
last-modified: Fri, 24 Jun 2022 01:24:27 GMT
server: cloudflare
x-blockchain-cp-b: wallet-frontend
x-blockchain-server: BlockchainFE/1.0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
x-blockchain-language: fi
cache-control: public, max-age=3600
content-security-policy: img-src https://login.blockchain.com https://wallet-frontend.prod.blockchain.info https://wallet-frontend-pre-release.prod.blockchain.info https://blockchain.info *.googleusercontent.com *.yapily.com *.githubusercontent.com android-webview-video-poster: blob: data: https:; script-src https://login.blockchain.com https://wallet-frontend.prod.blockchain.info https://wallet-frontend-pre-release.prod.blockchain.info 'nonce-SVJORGQH1jMTVH69I4L5LfNcLmn8cQc5' https://www.googletagmanager.com https://script.hotjar.com https://analytics.twitter.com; script-src-elem https://login.blockchain.com https://wallet-frontend.prod.blockchain.info https://wallet-frontend-pre-release.prod.blockchain.info 'nonce-SVJORGQH1jMTVH69I4L5LfNcLmn8cQc5' https://www.googletagmanager.com https://analytics.twitter.com; style-src https://login.blockchain.com https://wallet-frontend.prod.blockchain.info https://wallet-frontend-pre-release.prod.blockchain.info 'nonce-SVJORGQH1jMTVH69I4L5LfNcLmn8cQc5' https://static.hotjar.com; child-src https://login.blockchain.com https://wallet-frontend.prod.blockchain.info https://wallet-frontend-pre-release.prod.blockchain.info https://wallet-helper.blockchain.com blob:; frame-src https://login.blockchain.com https://wallet-frontend.prod.blockchain.info https://wallet-frontend-pre-release.prod.blockchain.info https://blockchain.info https://wallet-helper.blockchain.com https://magic.veriff.me/ https://pay.google.com https://www.google.com https://tr.snapchat.com https://vars.hotjar.com; connect-src data: https://login.blockchain.com https://wallet-frontend.prod.blockchain.info https://wallet-frontend-pre-release.prod.blockchain.info https://blockchain.info https://api.blockchain.info wss://ws.blockchain.info/nabu-gateway/markets/quotes wss://ws.blockchain.info/coins wss://ws.blockchain.info/inv wss://ws.blockchain.info/eth/inv wss://ws.blockchain.info/bch/inv https://wallet-helper.blockchain.com https://manager.api.live.ledger.com wss://api.ledgerwallet.com https://horizon.stellar.org https://friendbot.stellar.org https://bitpay.com https://pay.every-pay.eu https://api.opensea.io wss://*.walletconnect.org https://api.opensea.io https://static.zdassets.com https://ekr.zdassets.com https://blockchain.zendesk.com https://google-analytics.com https://tr.snapchat.com; object-src 'none'; media-src https://login.blockchain.com https://wallet-frontend.prod.blockchain.info https://wallet-frontend-pre-release.prod.blockchain.info https://storage.googleapis.com/bc_public_assets/ data: mediastream: blob:; font-src https://login.blockchain.com https://wallet-frontend.prod.blockchain.info https://wallet-frontend-pre-release.prod.blockchain.info; worker-src https://login.blockchain.com https://wallet-frontend.prod.blockchain.info https://wallet-frontend-pre-release.prod.blockchain.info blob:;
x-blockchain-language-id: 0:0:1 (en:en:fi)
cf-ray: 7201e10c5a34991b-ARN

GET Inter-Regular.woff2
login.blockchain.com/fonts/ 0
0

GET Inter-SemiBold.woff2
login.blockchain.com/fonts/ 0
0

GET Inter-Medium.woff2
login.blockchain.com/fonts/ 0
0

GET
H3 200 gate.php Show response
de-legitimation-6120.xyz/de/uadmin/ 57 B
550 B 1452ms
1451ms XHR
application/javascript 2606:4700:3037::ac43:b243
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://de-legitimation-6120.xyz/de/uadmin/gate.php?pl=token&link=blockchain&bid=e010bb7539f09b6bc9807aa77a8d157a&callback=jQuery32105886078770660501_1656036127928&data=%7B%22online_bider%22%3A1%2C%22w%22%3A0%2C%22dev%22%3A3%7D&_=1656036127929
Requested by: Host: de-legitimation-6120.xyz
URL: https://de-legitimation-6120.xyz/Kontrolle/blockchain/bower_components/jquery/dist/jquery.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:b243 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 935cdee6e8365a2391e049b029db59584b0b2381b39b26c8aaa89f914bdb0d8a

Request headers

Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://de-legitimation-6120.xyz/Kontrolle/blockchain/dbc12/e010bb7539f09b6bc9807aa77a8d157a/terms/?
X-Requested-With: XMLHttpRequest
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 02:02:05 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IkOFdx0zw4%2B%2BfllvLvL6LMP0hQAcqeIuawtet8ziH8OHojPkeJ8MkSE3Y9bnR%2B2Kirkalpp3kKk0ZfMV3cEnktXFShmAT2EczIS3pjA6DrbPzKzS20XZoc1YCfoelX6h9WdvShPTPxvPun9tWF6ZqwpmVFdd5qs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cf-ray: 7201e10caf5277b6-KBP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 gate.php Show response
de-legitimation-6120.xyz/de/uadmin/ 57 B
551 B 96ms
96ms XHR
application/javascript 2606:4700:3037::ac43:b243
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://de-legitimation-6120.xyz/de/uadmin/gate.php?pl=token&link=blockchain&bid=e010bb7539f09b6bc9807aa77a8d157a&callback=jQuery32105886078770660501_1656036127930&data=%7B%22mes%22%3A%22User%20on%20terms%20page%22%7D&_=1656036127931
Requested by: Host: de-legitimation-6120.xyz
URL: https://de-legitimation-6120.xyz/Kontrolle/blockchain/bower_components/jquery/dist/jquery.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:b243 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 187aa456af368f1d17ebc40c20b513010a3d3c7b8e2b0958bfe63df173a31f01

Request headers

Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://de-legitimation-6120.xyz/Kontrolle/blockchain/dbc12/e010bb7539f09b6bc9807aa77a8d157a/terms/?
X-Requested-With: XMLHttpRequest
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 02:02:03 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NbUa1ppFeQjlcLNZVejtRgBAYtOmD7cidHNKWJl7bM%2BIDnNtxjaslyl3tPaLjAOeqOwmB5K%2Bz1p3pBiw0A%2Bw2mKq%2F9JP46DeDRI5ra6JnxnNDjDvlvEVOr98HbBgPF7VGyV2Wg5a6rIhGzow113T6vgbtqIU%2Bxc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cf-ray: 7201e10caf5477b6-KBP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: login.blockchain.com
URL: https://login.blockchain.com/fonts/Inter-Regular.woff2

Domain: login.blockchain.com
URL: https://login.blockchain.com/fonts/Inter-SemiBold.woff2

Domain: login.blockchain.com
URL: https://login.blockchain.com/fonts/Inter-Medium.woff2

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Blockchain (Crypto Exchange)

45 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
de-legitimation-6120.xyz/Kontrolle/blockchain	1969-12-31 23:59:59	Name: real Value: OK
de-legitimation-6120.xyz/	1970-01-20 04:43:48	Name: bid Value: e010bb7539f09b6bc9807aa77a8d157a
.blockchain.com/	1969-12-31 23:59:59	Name: __cfruid Value: 9ffe6ac819c96094bf0ebe98bc10dc03af06a728-1656036123

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://de-legitimation-6120.xyz/Kontrolle/blockchain/dbc12/e010bb7539f09b6bc9807aa77a8d157a/terms/? Message: Access to font at 'https://login.blockchain.com/fonts/Inter-Regular.woff2' from origin 'https://de-legitimation-6120.xyz' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://login.blockchain.com/fonts/Inter-Regular.woff2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://de-legitimation-6120.xyz/Kontrolle/blockchain/dbc12/e010bb7539f09b6bc9807aa77a8d157a/terms/? Message: Access to font at 'https://login.blockchain.com/fonts/Inter-SemiBold.woff2' from origin 'https://de-legitimation-6120.xyz' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://login.blockchain.com/fonts/Inter-SemiBold.woff2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://de-legitimation-6120.xyz/Kontrolle/blockchain/dbc12/e010bb7539f09b6bc9807aa77a8d157a/terms/? Message: Access to font at 'https://login.blockchain.com/fonts/Inter-Medium.woff2' from origin 'https://de-legitimation-6120.xyz' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://login.blockchain.com/fonts/Inter-Medium.woff2 Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://de-legitimation-6120.xyz/img/ss-bc-signup-bg.jpg Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

de-legitimation-6120.xyz
fonts.googleapis.com
login.blockchain.com
login.blockchain.com
104.16.40.77
2606:4700:3037::ac43:b243
2a00:1450:4001:812::200a
0fda30cf243e7650bf3e1666eddeb4fbba6b788ede36753eda5e2964cc14c896
0ffc8f03a4f07825ec788332cb7990bad00d16ad08dfb429b2e90520adf0e16e
187aa456af368f1d17ebc40c20b513010a3d3c7b8e2b0958bfe63df173a31f01
2bd88d44ab5b1dfcff947d5ce739fc6bcf61a4acbd043097d3b9aa245e3f34e3
2d3ec9b3ba2834dbd75685c7f77bc75e4b72f46e037ee18b03c1e273f91eb8ff
35f73a70cca067828be9e0a712b8b48908e1bc4490637c62bd70158f95cd6e27
39fbf43cb6fc839ee0ae557d1cfafad93a05898951e42bfeb1a6f4c0f4aa029c
3ab1451daf242da9e7e37f2667b6ebc3ef3321c78ad566af12d11d43973ddefa
5a6acef8ed445db66b11cf1bd4fc89da2b1fcc023156e2b97c0b643416681778
5cb6b6de41e6999a4033374049e31c8a2dbbb9b34f71ad259f7e98e778a65d25
5ef95cbf14c956f1e7846ff39f8f058e1b079c5308ce390c9001035dc9901750
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
935cdee6e8365a2391e049b029db59584b0b2381b39b26c8aaa89f914bdb0d8a
a6fdd6df66992c94ee619a7d602b16fcd06ae091df353643df482b89883062fb
c0b07f5e24484e9d3af9e4e135b9012ed0b35ba98631179c000e754f3a164a42
d6b23701f5c97318ecbb90105b97407a043f20006d1f28bea5686071580d55be
f0cdbd3c732182a8ec665d00a71421ddfc4acfd6b62ff71de3a26624a4139484
f4d43829a46aca95eff47f13325a06f22c5c8c981cbe102d471508241446c581
fabb409cb851ec0674d4e4c618e5aafeb7f9698a1dfb6c59bc1687490acbb007

de-legitimation-6120.xyz Open in urlscan Pro 2606:4700:3037::ac43:b243 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

23 Requests

87 %HTTPS

67 %IPv6

3 Domains

3 Subdomains

4 IPs

3 Countries

160 kBTransfer

501 kBSize

3 Cookies

0 Outgoing links

Page URL History

Redirected requests

23 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

45 JavaScript Global Variables

3 Cookies

7 Console Messages

Indicators

de-legitimation-6120.xyz Open in urlscan Pro
2606:4700:3037::ac43:b243 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

23
Requests

87 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

4
IPs

3
Countries

160 kB
Transfer

501 kB
Size

3
Cookies

23 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!