nl.bitcoin-now.wallfirm.link Open in urlscan Pro
34.106.255.70  Malicious Activity! Public Scan

Submitted URL: https://bit.ly/3pA1H8N
Effective URL: http://nl.bitcoin-now.wallfirm.link/NL/1232/
Submission: On June 16 via api from BE

Summary

This website contacted 1 IPs in 2 countries across 3 domains to perform 21 HTTP transactions. The main IP is 34.106.255.70, located in Salt Lake City, United States and belongs to GOOGLE, US. The main domain is nl.bitcoin-now.wallfirm.link.
This is the only time nl.bitcoin-now.wallfirm.link was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Investment Scam (Online)

Domain & IP information

IP Address AS Autonomous System
1 1 67.199.248.10 396982 (GOOGLE-PR...)
1 1 8.209.70.83 45102 (CNNIC-ALI...)
1 22 34.106.255.70 15169 (GOOGLE)
21 1
Apex Domain
Subdomains
Transfer
22 wallfirm.link
nl.bitcoin-now.wallfirm.link
1 MB
1 skysafe.clothing
5pja.skysafe.clothing
346 B
1 bit.ly
bit.ly
255 B
21 3
Domain Requested by
22 nl.bitcoin-now.wallfirm.link 1 redirects nl.bitcoin-now.wallfirm.link
1 5pja.skysafe.clothing 1 redirects
1 bit.ly 1 redirects
21 3

This site contains no links.

Subject Issuer Validity Valid

This page contains 1 frames:

Primary Page: http://nl.bitcoin-now.wallfirm.link/NL/1232/
Frame ID: 8C1AE134DACF772545A3141809018E89
Requests: 21 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. https://bit.ly/3pA1H8N HTTP 301
    http://5pja.skysafe.clothing/apmix HTTP 302
    http://nl.bitcoin-now.wallfirm.link/NL/1232 HTTP 301
    http://nl.bitcoin-now.wallfirm.link/NL/1232/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

21
Requests

0 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

1
IPs

2
Countries

1053 kB
Transfer

1147 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://bit.ly/3pA1H8N HTTP 301
    http://5pja.skysafe.clothing/apmix HTTP 302
    http://nl.bitcoin-now.wallfirm.link/NL/1232 HTTP 301
    http://nl.bitcoin-now.wallfirm.link/NL/1232/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
nl.bitcoin-now.wallfirm.link/NL/1232/
Redirect Chain
  • https://bit.ly/3pA1H8N
  • http://5pja.skysafe.clothing/apmix
  • http://nl.bitcoin-now.wallfirm.link/NL/1232
  • http://nl.bitcoin-now.wallfirm.link/NL/1232/
126 KB
26 KB
Document
General
Full URL
http://nl.bitcoin-now.wallfirm.link/NL/1232/
Protocol
HTTP/1.1
Server
34.106.255.70 Salt Lake City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
70.255.106.34.bc.googleusercontent.com
Software
nginx/1.14.2 /
Resource Hash
f7447f18cde452d48bfa53b4aae9385344cb5351faf4ab677aa5f345316dc307

Request headers

Host
nl.bitcoin-now.wallfirm.link
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server
nginx/1.14.2
Date
Wed, 16 Jun 2021 00:10:33 GMT
Content-Type
text/html
Last-Modified
Thu, 11 Mar 2021 11:06:09 GMT
Transfer-Encoding
chunked
Connection
close
ETag
W/"6049f9a1-1f613"
Content-Encoding
gzip

Redirect headers

Server
nginx/1.14.2
Date
Wed, 16 Jun 2021 00:10:33 GMT
Content-Type
text/html
Content-Length
185
Location
http://nl.bitcoin-now.wallfirm.link/NL/1232/
Connection
close
main-ef66559740.css
nl.bitcoin-now.wallfirm.link/NL/1232/css/
33 KB
33 KB
Stylesheet
General
Full URL
http://nl.bitcoin-now.wallfirm.link/NL/1232/css/main-ef66559740.css
Requested by
Host: nl.bitcoin-now.wallfirm.link
URL: http://nl.bitcoin-now.wallfirm.link/NL/1232/
Protocol
HTTP/1.1
Server
34.106.255.70 Salt Lake City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
70.255.106.34.bc.googleusercontent.com
Software
nginx/1.14.2 /
Resource Hash
45412e6d036e03a94d24dafc2a2e2be806729dd84202beec5cb44b47ac5541a4

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
nl.bitcoin-now.wallfirm.link
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://nl.bitcoin-now.wallfirm.link/NL/1232/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://nl.bitcoin-now.wallfirm.link/NL/1232/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 16 Jun 2021 00:10:34 GMT
Last-Modified
Wed, 10 Mar 2021 22:25:48 GMT
Server
nginx/1.14.2
ETag
"6049476c-8440"
Content-Type
text/css
Cache-Control
max-age=315360000
Connection
close
Accept-Ranges
bytes
Content-Length
33856
Expires
Thu, 31 Dec 2037 23:55:55 GMT
brand-logo-dfb68a03e7.svg
nl.bitcoin-now.wallfirm.link/NL/1232/img/
4 KB
4 KB
Image
General
Full URL
http://nl.bitcoin-now.wallfirm.link/NL/1232/img/brand-logo-dfb68a03e7.svg
Requested by
Host: nl.bitcoin-now.wallfirm.link
URL: http://nl.bitcoin-now.wallfirm.link/NL/1232/
Protocol
HTTP/1.1
Server
34.106.255.70 Salt Lake City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
70.255.106.34.bc.googleusercontent.com
Software
nginx/1.14.2 /
Resource Hash
1c909ee29a0d98bce8178a0c17a5504e33b5d1f63a22dca84f34f83a9f5693a8

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
nl.bitcoin-now.wallfirm.link
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://nl.bitcoin-now.wallfirm.link/NL/1232/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://nl.bitcoin-now.wallfirm.link/NL/1232/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 16 Jun 2021 00:10:34 GMT
Last-Modified
Wed, 10 Mar 2021 22:25:48 GMT
Server
nginx/1.14.2
ETag
"6049476c-f70"
Content-Type
image/svg+xml
Connection
close
Accept-Ranges
bytes
Content-Length
3952
1-2.jpg
nl.bitcoin-now.wallfirm.link/NL/1232/img/
276 KB
277 KB
Image
General
Full URL
http://nl.bitcoin-now.wallfirm.link/NL/1232/img/1-2.jpg
Requested by
Host: nl.bitcoin-now.wallfirm.link
URL: http://nl.bitcoin-now.wallfirm.link/NL/1232/
Protocol
HTTP/1.1
Server
34.106.255.70 Salt Lake City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
70.255.106.34.bc.googleusercontent.com
Software
nginx/1.14.2 /
Resource Hash
a95db55fec4f2bd6cd856e64650645e8ca6f8bf87babfcd00c15a0618499ae2d

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
nl.bitcoin-now.wallfirm.link
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://nl.bitcoin-now.wallfirm.link/NL/1232/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://nl.bitcoin-now.wallfirm.link/NL/1232/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 16 Jun 2021 00:10:34 GMT
Last-Modified
Wed, 10 Mar 2021 22:25:48 GMT
Server
nginx/1.14.2
ETag
"6049476c-4513d"
Content-Type
image/jpeg
Cache-Control
max-age=315360000
Connection
close
Accept-Ranges
bytes
Content-Length
282941
Expires
Thu, 31 Dec 2037 23:55:55 GMT
2.jpg
nl.bitcoin-now.wallfirm.link/NL/1232/img/
77 KB
78 KB
Image
General
Full URL
http://nl.bitcoin-now.wallfirm.link/NL/1232/img/2.jpg
Requested by
Host: nl.bitcoin-now.wallfirm.link
URL: http://nl.bitcoin-now.wallfirm.link/NL/1232/
Protocol
HTTP/1.1
Server
34.106.255.70 Salt Lake City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
70.255.106.34.bc.googleusercontent.com
Software
nginx/1.14.2 /
Resource Hash
0feb25fd863d63e3d04773df3636afa4ac700980b17c05c92b7ee2739c05474a

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
nl.bitcoin-now.wallfirm.link
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://nl.bitcoin-now.wallfirm.link/NL/1232/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://nl.bitcoin-now.wallfirm.link/NL/1232/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 16 Jun 2021 00:10:34 GMT
Last-Modified
Wed, 10 Mar 2021 22:25:48 GMT
Server
nginx/1.14.2
ETag
"6049476c-135b0"
Content-Type
image/jpeg
Cache-Control
max-age=315360000
Connection
close
Accept-Ranges
bytes
Content-Length
79280
Expires
Thu, 31 Dec 2037 23:55:55 GMT
3.jpg
nl.bitcoin-now.wallfirm.link/NL/1232/img/
65 KB
65 KB
Image
General
Full URL
http://nl.bitcoin-now.wallfirm.link/NL/1232/img/3.jpg
Requested by
Host: nl.bitcoin-now.wallfirm.link
URL: http://nl.bitcoin-now.wallfirm.link/NL/1232/
Protocol
HTTP/1.1
Server
34.106.255.70 Salt Lake City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
70.255.106.34.bc.googleusercontent.com
Software
nginx/1.14.2 /
Resource Hash
7f714877c20249b549f049bcf9162b6199345b204147b7f1c04e7bb78bf4f656

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
nl.bitcoin-now.wallfirm.link
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://nl.bitcoin-now.wallfirm.link/NL/1232/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://nl.bitcoin-now.wallfirm.link/NL/1232/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 16 Jun 2021 00:10:34 GMT
Last-Modified
Wed, 10 Mar 2021 22:25:48 GMT
Server
nginx/1.14.2
ETag
"6049476c-10406"
Content-Type
image/jpeg
Cache-Control
max-age=315360000
Connection
close
Accept-Ranges
bytes
Content-Length
66566
Expires
Thu, 31 Dec 2037 23:55:55 GMT
image3.jpg
nl.bitcoin-now.wallfirm.link/NL/1232/img/
102 KB
103 KB
Image
General
Full URL
http://nl.bitcoin-now.wallfirm.link/NL/1232/img/image3.jpg
Requested by
Host: nl.bitcoin-now.wallfirm.link
URL: http://nl.bitcoin-now.wallfirm.link/NL/1232/
Protocol
HTTP/1.1
Server
34.106.255.70 Salt Lake City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
70.255.106.34.bc.googleusercontent.com
Software
nginx/1.14.2 /
Resource Hash
5a23b97c82a7b9740d5e21d42b15f9d3ed5d5aa27e111a8d24e319333e9becaf

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
nl.bitcoin-now.wallfirm.link
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://nl.bitcoin-now.wallfirm.link/NL/1232/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://nl.bitcoin-now.wallfirm.link/NL/1232/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 16 Jun 2021 00:10:34 GMT
Last-Modified
Wed, 10 Mar 2021 22:25:48 GMT
Server
nginx/1.14.2
ETag
"6049476c-1994e"
Content-Type
image/jpeg
Cache-Control
max-age=315360000
Connection
close
Accept-Ranges
bytes
Content-Length
104782
Expires
Thu, 31 Dec 2037 23:55:55 GMT
4.jpg
nl.bitcoin-now.wallfirm.link/NL/1232/img/
5 KB
5 KB
Image
General
Full URL
http://nl.bitcoin-now.wallfirm.link/NL/1232/img/4.jpg
Requested by
Host: nl.bitcoin-now.wallfirm.link
URL: http://nl.bitcoin-now.wallfirm.link/NL/1232/
Protocol
HTTP/1.1
Server
34.106.255.70 Salt Lake City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
70.255.106.34.bc.googleusercontent.com
Software
nginx/1.14.2 /
Resource Hash
06e45a46cdec5598dd0baed83e671eb824872e8b0e0a8a9b5382f0f5c2e45d86

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
nl.bitcoin-now.wallfirm.link
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://nl.bitcoin-now.wallfirm.link/NL/1232/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://nl.bitcoin-now.wallfirm.link/NL/1232/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 16 Jun 2021 00:10:36 GMT
Last-Modified
Wed, 10 Mar 2021 22:25:48 GMT
Server
nginx/1.14.2
ETag
"6049476c-125c"
Content-Type
image/jpeg
Cache-Control
max-age=315360000
Connection
close
Accept-Ranges
bytes
Content-Length
4700
Expires
Thu, 31 Dec 2037 23:55:55 GMT
5.jpg
nl.bitcoin-now.wallfirm.link/NL/1232/img/
81 KB
81 KB
Image
General
Full URL
http://nl.bitcoin-now.wallfirm.link/NL/1232/img/5.jpg
Requested by
Host: nl.bitcoin-now.wallfirm.link
URL: http://nl.bitcoin-now.wallfirm.link/NL/1232/
Protocol
HTTP/1.1
Server
34.106.255.70 Salt Lake City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
70.255.106.34.bc.googleusercontent.com
Software
nginx/1.14.2 /
Resource Hash
cd6b03b44af3d5a8a47f9fb1018e17c2546295d521fb3fc3e63f0f77fa87e77e

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
nl.bitcoin-now.wallfirm.link
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://nl.bitcoin-now.wallfirm.link/NL/1232/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://nl.bitcoin-now.wallfirm.link/NL/1232/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 16 Jun 2021 00:10:36 GMT
Last-Modified
Wed, 10 Mar 2021 22:25:48 GMT
Server
nginx/1.14.2
ETag
"6049476c-143e7"
Content-Type
image/jpeg
Cache-Control
max-age=315360000
Connection
close
Accept-Ranges
bytes
Content-Length
82919
Expires
Thu, 31 Dec 2037 23:55:55 GMT
6.jpg
nl.bitcoin-now.wallfirm.link/NL/1232/img/
7 KB
8 KB
Image
General
Full URL
http://nl.bitcoin-now.wallfirm.link/NL/1232/img/6.jpg
Requested by
Host: nl.bitcoin-now.wallfirm.link
URL: http://nl.bitcoin-now.wallfirm.link/NL/1232/
Protocol
HTTP/1.1
Server
34.106.255.70 Salt Lake City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
70.255.106.34.bc.googleusercontent.com
Software
nginx/1.14.2 /
Resource Hash
cbc37b6d8eea3b11467697ddf87878012153dbbd5e2d491cb63788686e6601a0

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
nl.bitcoin-now.wallfirm.link
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://nl.bitcoin-now.wallfirm.link/NL/1232/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://nl.bitcoin-now.wallfirm.link/NL/1232/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 16 Jun 2021 00:10:35 GMT
Last-Modified
Wed, 10 Mar 2021 22:25:48 GMT
Server
nginx/1.14.2
ETag
"6049476c-1d14"
Content-Type
image/jpeg
Cache-Control
max-age=315360000
Connection
close
Accept-Ranges
bytes
Content-Length
7444
Expires
Thu, 31 Dec 2037 23:55:55 GMT
7.jpg
nl.bitcoin-now.wallfirm.link/NL/1232/img/
12 KB
12 KB
Image
General
Full URL
http://nl.bitcoin-now.wallfirm.link/NL/1232/img/7.jpg
Requested by
Host: nl.bitcoin-now.wallfirm.link
URL: http://nl.bitcoin-now.wallfirm.link/NL/1232/
Protocol
HTTP/1.1
Server
34.106.255.70 Salt Lake City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
70.255.106.34.bc.googleusercontent.com
Software
nginx/1.14.2 /
Resource Hash
a1faa997ab702657d91c936fc5a8f0d317c35c4cabc28e8410ffa6aa70053351

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
nl.bitcoin-now.wallfirm.link
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://nl.bitcoin-now.wallfirm.link/NL/1232/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://nl.bitcoin-now.wallfirm.link/NL/1232/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 16 Jun 2021 00:10:35 GMT
Last-Modified
Wed, 10 Mar 2021 22:25:48 GMT
Server
nginx/1.14.2
ETag
"6049476c-2f27"
Content-Type
image/jpeg
Cache-Control
max-age=315360000
Connection
close
Accept-Ranges
bytes
Content-Length
12071
Expires
Thu, 31 Dec 2037 23:55:55 GMT
8.jpg
nl.bitcoin-now.wallfirm.link/NL/1232/img/
26 KB
27 KB
Image
General
Full URL
http://nl.bitcoin-now.wallfirm.link/NL/1232/img/8.jpg
Requested by
Host: nl.bitcoin-now.wallfirm.link
URL: http://nl.bitcoin-now.wallfirm.link/NL/1232/
Protocol
HTTP/1.1
Server
34.106.255.70 Salt Lake City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
70.255.106.34.bc.googleusercontent.com
Software
nginx/1.14.2 /
Resource Hash
9c05ea744591b3ab1cc5f614a7311b3fd60c1e7433ef0aaf106ac7717b811908

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
nl.bitcoin-now.wallfirm.link
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://nl.bitcoin-now.wallfirm.link/NL/1232/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://nl.bitcoin-now.wallfirm.link/NL/1232/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 16 Jun 2021 00:10:35 GMT
Last-Modified
Wed, 10 Mar 2021 22:25:48 GMT
Server
nginx/1.14.2
ETag
"6049476c-68ee"
Content-Type
image/jpeg
Cache-Control
max-age=315360000
Connection
close
Accept-Ranges
bytes
Content-Length
26862
Expires
Thu, 31 Dec 2037 23:55:55 GMT
9.jpg
nl.bitcoin-now.wallfirm.link/NL/1232/img/
117 KB
117 KB
Image
General
Full URL
http://nl.bitcoin-now.wallfirm.link/NL/1232/img/9.jpg
Requested by
Host: nl.bitcoin-now.wallfirm.link
URL: http://nl.bitcoin-now.wallfirm.link/NL/1232/
Protocol
HTTP/1.1
Server
34.106.255.70 Salt Lake City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
70.255.106.34.bc.googleusercontent.com
Software
nginx/1.14.2 /
Resource Hash
515d707246cb76a25ecebc554bf31fb9d1a8afb46b9a19c4c191b0e34f3b6900

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
nl.bitcoin-now.wallfirm.link
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://nl.bitcoin-now.wallfirm.link/NL/1232/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://nl.bitcoin-now.wallfirm.link/NL/1232/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 16 Jun 2021 00:10:36 GMT
Last-Modified
Wed, 10 Mar 2021 22:25:48 GMT
Server
nginx/1.14.2
ETag
"6049476c-1d277"
Content-Type
image/jpeg
Cache-Control
max-age=315360000
Connection
close
Accept-Ranges
bytes
Content-Length
119415
Expires
Thu, 31 Dec 2037 23:55:55 GMT
10.jpg
nl.bitcoin-now.wallfirm.link/NL/1232/img/
73 KB
74 KB
Image
General
Full URL
http://nl.bitcoin-now.wallfirm.link/NL/1232/img/10.jpg
Requested by
Host: nl.bitcoin-now.wallfirm.link
URL: http://nl.bitcoin-now.wallfirm.link/NL/1232/
Protocol
HTTP/1.1
Server
34.106.255.70 Salt Lake City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
70.255.106.34.bc.googleusercontent.com
Software
nginx/1.14.2 /
Resource Hash
c595f3ef3e02ce10ecde7abd14e36a127f30f00d776e1fca545ed864e8854bb7

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
nl.bitcoin-now.wallfirm.link
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://nl.bitcoin-now.wallfirm.link/NL/1232/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://nl.bitcoin-now.wallfirm.link/NL/1232/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 16 Jun 2021 00:10:36 GMT
Last-Modified
Wed, 10 Mar 2021 22:25:48 GMT
Server
nginx/1.14.2
ETag
"6049476c-125d3"
Content-Type
image/jpeg
Cache-Control
max-age=315360000
Connection
close
Accept-Ranges
bytes
Content-Length
75219
Expires
Thu, 31 Dec 2037 23:55:55 GMT
11.jpg
nl.bitcoin-now.wallfirm.link/NL/1232/img/
9 KB
9 KB
Image
General
Full URL
http://nl.bitcoin-now.wallfirm.link/NL/1232/img/11.jpg
Requested by
Host: nl.bitcoin-now.wallfirm.link
URL: http://nl.bitcoin-now.wallfirm.link/NL/1232/
Protocol
HTTP/1.1
Server
34.106.255.70 Salt Lake City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
70.255.106.34.bc.googleusercontent.com
Software
nginx/1.14.2 /
Resource Hash
d587dffa2c941f0a0196e2d9b386cfb06d822260879783ddb7c24593fd22e76d

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
nl.bitcoin-now.wallfirm.link
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://nl.bitcoin-now.wallfirm.link/NL/1232/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://nl.bitcoin-now.wallfirm.link/NL/1232/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 16 Jun 2021 00:10:36 GMT
Last-Modified
Wed, 10 Mar 2021 22:25:48 GMT
Server
nginx/1.14.2
ETag
"6049476c-235e"
Content-Type
image/jpeg
Cache-Control
max-age=315360000
Connection
close
Accept-Ranges
bytes
Content-Length
9054
Expires
Thu, 31 Dec 2037 23:55:55 GMT
12.jpg
nl.bitcoin-now.wallfirm.link/NL/1232/img/
9 KB
10 KB
Image
General
Full URL
http://nl.bitcoin-now.wallfirm.link/NL/1232/img/12.jpg
Requested by
Host: nl.bitcoin-now.wallfirm.link
URL: http://nl.bitcoin-now.wallfirm.link/NL/1232/
Protocol
HTTP/1.1
Server
34.106.255.70 Salt Lake City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
70.255.106.34.bc.googleusercontent.com
Software
nginx/1.14.2 /
Resource Hash
5bbed709ca1917d1297fe0136902d5e403dfc05326272e5d25f9009dcfa9ef08

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
nl.bitcoin-now.wallfirm.link
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://nl.bitcoin-now.wallfirm.link/NL/1232/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://nl.bitcoin-now.wallfirm.link/NL/1232/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 16 Jun 2021 00:10:36 GMT
Last-Modified
Wed, 10 Mar 2021 22:25:48 GMT
Server
nginx/1.14.2
ETag
"6049476c-24ef"
Content-Type
image/jpeg
Cache-Control
max-age=315360000
Connection
close
Accept-Ranges
bytes
Content-Length
9455
Expires
Thu, 31 Dec 2037 23:55:55 GMT
step1.jpg
nl.bitcoin-now.wallfirm.link/NL/1232/img/
17 KB
18 KB
Image
General
Full URL
http://nl.bitcoin-now.wallfirm.link/NL/1232/img/step1.jpg
Requested by
Host: nl.bitcoin-now.wallfirm.link
URL: http://nl.bitcoin-now.wallfirm.link/NL/1232/
Protocol
HTTP/1.1
Server
34.106.255.70 Salt Lake City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
70.255.106.34.bc.googleusercontent.com
Software
nginx/1.14.2 /
Resource Hash
089edc09ca1e924ecf8ed19b95472537bd424ee08e6d5ddf6ab409dad335c738

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
nl.bitcoin-now.wallfirm.link
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://nl.bitcoin-now.wallfirm.link/NL/1232/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://nl.bitcoin-now.wallfirm.link/NL/1232/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 16 Jun 2021 00:10:36 GMT
Last-Modified
Wed, 10 Mar 2021 22:25:48 GMT
Server
nginx/1.14.2
ETag
"6049476c-44ea"
Content-Type
image/jpeg
Cache-Control
max-age=315360000
Connection
close
Accept-Ranges
bytes
Content-Length
17642
Expires
Thu, 31 Dec 2037 23:55:55 GMT
step3.jpg
nl.bitcoin-now.wallfirm.link/NL/1232/img/
8 KB
8 KB
Image
General
Full URL
http://nl.bitcoin-now.wallfirm.link/NL/1232/img/step3.jpg
Requested by
Host: nl.bitcoin-now.wallfirm.link
URL: http://nl.bitcoin-now.wallfirm.link/NL/1232/
Protocol
HTTP/1.1
Server
34.106.255.70 Salt Lake City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
70.255.106.34.bc.googleusercontent.com
Software
nginx/1.14.2 /
Resource Hash
54a2f7cb035b48a1df692601ba4c7443adf3f407a44ccedf036f0da4807cb5f4

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
nl.bitcoin-now.wallfirm.link
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://nl.bitcoin-now.wallfirm.link/NL/1232/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://nl.bitcoin-now.wallfirm.link/NL/1232/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 16 Jun 2021 00:10:37 GMT
Last-Modified
Wed, 10 Mar 2021 22:25:48 GMT
Server
nginx/1.14.2
ETag
"6049476c-1ed5"
Content-Type
image/jpeg
Cache-Control
max-age=315360000
Connection
close
Accept-Ranges
bytes
Content-Length
7893
Expires
Thu, 31 Dec 2037 23:55:55 GMT
jquery.min.js
nl.bitcoin-now.wallfirm.link/NL/1232/js/
94 KB
94 KB
Script
General
Full URL
http://nl.bitcoin-now.wallfirm.link/NL/1232/js/jquery.min.js
Requested by
Host: nl.bitcoin-now.wallfirm.link
URL: http://nl.bitcoin-now.wallfirm.link/NL/1232/
Protocol
HTTP/1.1
Server
34.106.255.70 Salt Lake City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
70.255.106.34.bc.googleusercontent.com
Software
nginx/1.14.2 /
Resource Hash
ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
nl.bitcoin-now.wallfirm.link
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
*/*
Referer
http://nl.bitcoin-now.wallfirm.link/NL/1232/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://nl.bitcoin-now.wallfirm.link/NL/1232/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 16 Jun 2021 00:10:35 GMT
Last-Modified
Wed, 10 Mar 2021 22:25:48 GMT
Server
nginx/1.14.2
ETag
"6049476c-176d5"
Content-Type
application/javascript
Cache-Control
max-age=315360000
Connection
close
Accept-Ranges
bytes
Content-Length
95957
Expires
Thu, 31 Dec 2037 23:55:55 GMT
getdetector.js
nl.bitcoin-now.wallfirm.link/NL/1232/js/
224 B
543 B
Script
General
Full URL
http://nl.bitcoin-now.wallfirm.link/NL/1232/js/getdetector.js
Requested by
Host: nl.bitcoin-now.wallfirm.link
URL: http://nl.bitcoin-now.wallfirm.link/NL/1232/
Protocol
HTTP/1.1
Server
34.106.255.70 Salt Lake City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
70.255.106.34.bc.googleusercontent.com
Software
nginx/1.14.2 /
Resource Hash
37589fb05f8577887697102cb8ed962ec86d78d8135aa58bfff55e7caf20ec11

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
nl.bitcoin-now.wallfirm.link
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
*/*
Referer
http://nl.bitcoin-now.wallfirm.link/NL/1232/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://nl.bitcoin-now.wallfirm.link/NL/1232/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 16 Jun 2021 00:10:35 GMT
Last-Modified
Wed, 10 Mar 2021 22:25:48 GMT
Server
nginx/1.14.2
ETag
"6049476c-e0"
Content-Type
application/javascript
Cache-Control
max-age=315360000
Connection
close
Accept-Ranges
bytes
Content-Length
224
Expires
Thu, 31 Dec 2037 23:55:55 GMT
brand-title-8719773b15.svg
nl.bitcoin-now.wallfirm.link/NL/1232/img/
5 KB
6 KB
Image
General
Full URL
http://nl.bitcoin-now.wallfirm.link/NL/1232/img/brand-title-8719773b15.svg
Requested by
Host: nl.bitcoin-now.wallfirm.link
URL: http://nl.bitcoin-now.wallfirm.link/NL/1232/css/main-ef66559740.css
Protocol
HTTP/1.1
Server
34.106.255.70 Salt Lake City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
70.255.106.34.bc.googleusercontent.com
Software
nginx/1.14.2 /
Resource Hash
6618ae9df86aa85bf80ea4f009cfe6f50e08f9f257b42b01d788f14caeb1e8de

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
nl.bitcoin-now.wallfirm.link
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://nl.bitcoin-now.wallfirm.link/NL/1232/css/main-ef66559740.css
Connection
keep-alive
Cache-Control
no-cache
Referer
http://nl.bitcoin-now.wallfirm.link/NL/1232/css/main-ef66559740.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 16 Jun 2021 00:10:35 GMT
Last-Modified
Wed, 10 Mar 2021 22:25:48 GMT
Server
nginx/1.14.2
ETag
"6049476c-1531"
Content-Type
image/svg+xml
Connection
close
Accept-Ranges
bytes
Content-Length
5425

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Investment Scam (Online)

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5pja.skysafe.clothing
bit.ly
nl.bitcoin-now.wallfirm.link
34.106.255.70
67.199.248.10
8.209.70.83
06e45a46cdec5598dd0baed83e671eb824872e8b0e0a8a9b5382f0f5c2e45d86
089edc09ca1e924ecf8ed19b95472537bd424ee08e6d5ddf6ab409dad335c738
0feb25fd863d63e3d04773df3636afa4ac700980b17c05c92b7ee2739c05474a
1c909ee29a0d98bce8178a0c17a5504e33b5d1f63a22dca84f34f83a9f5693a8
37589fb05f8577887697102cb8ed962ec86d78d8135aa58bfff55e7caf20ec11
45412e6d036e03a94d24dafc2a2e2be806729dd84202beec5cb44b47ac5541a4
515d707246cb76a25ecebc554bf31fb9d1a8afb46b9a19c4c191b0e34f3b6900
54a2f7cb035b48a1df692601ba4c7443adf3f407a44ccedf036f0da4807cb5f4
5a23b97c82a7b9740d5e21d42b15f9d3ed5d5aa27e111a8d24e319333e9becaf
5bbed709ca1917d1297fe0136902d5e403dfc05326272e5d25f9009dcfa9ef08
6618ae9df86aa85bf80ea4f009cfe6f50e08f9f257b42b01d788f14caeb1e8de
7f714877c20249b549f049bcf9162b6199345b204147b7f1c04e7bb78bf4f656
9c05ea744591b3ab1cc5f614a7311b3fd60c1e7433ef0aaf106ac7717b811908
a1faa997ab702657d91c936fc5a8f0d317c35c4cabc28e8410ffa6aa70053351
a95db55fec4f2bd6cd856e64650645e8ca6f8bf87babfcd00c15a0618499ae2d
c595f3ef3e02ce10ecde7abd14e36a127f30f00d776e1fca545ed864e8854bb7
cbc37b6d8eea3b11467697ddf87878012153dbbd5e2d491cb63788686e6601a0
cd6b03b44af3d5a8a47f9fb1018e17c2546295d521fb3fc3e63f0f77fa87e77e
d587dffa2c941f0a0196e2d9b386cfb06d822260879783ddb7c24593fd22e76d
ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8
f7447f18cde452d48bfa53b4aae9385344cb5351faf4ab677aa5f345316dc307