btbonus.gives Open in urlscan Pro
2606:4700:3035::6815:32c Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://heromero1.site//
Effective URL:
https://btbonus.gives/offbitbonus_1120/
Submission: On December 12 via api (December 12th 2022, 6:41:35 pm UTC) from US — Scanned from DE

Summary HTTP 30 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 30 HTTP transactions. The main IP is 2606:4700:3035::6815:32c, located in United States and belongs to CLOUDFLARENET, US. The main domain is btbonus.gives.
TLS certificate: Issued by GTS CA 1P5 on December 10th 2022. Valid for: 3 months.

This is the only time btbonus.gives was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Cloudflare (Online)

Domain & IP information

	IP Address	AS Autonomous System
1	2a00:f940:2:2... 2a00:f940:2:2:1:1:0:183	() ()
1	2a00:f940:2:2... 2a00:f940:2:2:1:1:0:105	() ()
1 1	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 30	2606:4700:303... 2606:4700:3035::6815:32c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
30	4

1 2a00:f940:2:2:1:1:0:183 (Russian Federation)

ASN- ()

heromero1.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:f940:2:2:1:1:0:105 (Russian Federation)

ASN- ()

mainnutrausa.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3121::3 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

mainqxzxmejgvbxe.gives	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 2606:4700:3035::6815:32c (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

btbonus.gives	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
30	btbonus.gives 2 redirects btbonus.gives	778 KB
1	mainqxzxmejgvbxe.gives 1 redirects mainqxzxmejgvbxe.gives	846 B
1	mainnutrausa.site mainnutrausa.site	307 B
1	heromero1.site heromero1.site	291 B
30	4

	Domain	Requested by
30	btbonus.gives	2 redirects btbonus.gives
1	mainqxzxmejgvbxe.gives	1 redirects
1	mainnutrausa.site
1	heromero1.site
30	4

This site contains no links.

Subject Issuer	Validity	Valid
*.btbonus.gives GTS CA 1P5	`2022-12-10` - `2023-03-10`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://btbonus.gives/offbitbonus_1120/
Frame ID: A5B2A26EF7BE2F7686E4D1653CB319B8
Requests: 35 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Bitcoin Bonus

Page URL History Show full URLs

http://heromero1.site// Page URL
http://mainnutrausa.site/ Page URL
https://mainqxzxmejgvbxe.gives/go/6453/44 HTTP 302
https://btbonus.gives/offbitbonus_1120/?u=6453&s=44 HTTP 302
https://btbonus.gives/offbitbonus_1120/ Page URL
https://btbonus.gives/cdn-cgi/phish-bypass?atok=DnKebXoan09VZAoz.VUsIVEbKw9Foqa3VXDcEeYGqXU-167087... HTTP 301
https://btbonus.gives/offbitbonus_1120/ Page URL

Page Statistics

30
Requests

93 %
HTTPS

100 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

778 kB
Transfer

2031 kB
Size

7
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://heromero1.site// Page URL
http://mainnutrausa.site/ Page URL
https://mainqxzxmejgvbxe.gives/go/6453/44 HTTP 302
https://btbonus.gives/offbitbonus_1120/?u=6453&s=44 HTTP 302
https://btbonus.gives/offbitbonus_1120/ Page URL
https://btbonus.gives/cdn-cgi/phish-bypass?atok=DnKebXoan09VZAoz.VUsIVEbKw9Foqa3VXDcEeYGqXU-1670870485-0-%2Foffbitbonus_1120%2F HTTP 301
https://btbonus.gives/offbitbonus_1120/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2

https://mainqxzxmejgvbxe.gives/go/6453/44 HTTP 302
https://btbonus.gives/offbitbonus_1120/?u=6453&s=44 HTTP 302
https://btbonus.gives/offbitbonus_1120/

30 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK /
heromero1.site// 69 B
291 B 148ms
48ms Document
text/html 2a00:f940:2:2:1:1:0:183

General

Check archive.org

Show headers Download Go to

Full URL: http://heromero1.site//
Protocol: HTTP/1.1
Server: 2a00:f940:2:2:1:1:0:183 , Russian Federation, ASN (),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Mon, 12 Dec 2022 18:41:25 GMT
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding

GET
H/1.1 200
OK /
mainnutrausa.site/ 86 B
307 B 203ms
46ms Document
text/html 2a00:f940:2:2:1:1:0:105

General

Check archive.org

Show headers Download Go to

Full URL: http://mainnutrausa.site/
Protocol: HTTP/1.1
Server: 2a00:f940:2:2:1:1:0:105 , Russian Federation, ASN (),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: http://heromero1.site/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Mon, 12 Dec 2022 18:41:25 GMT
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding

GET
H2

200

/ Show response
btbonus.gives/offbitbonus_1120/
Redirect Chain

https://mainqxzxmejgvbxe.gives/go/6453/44
https://btbonus.gives/offbitbonus_1120/?u=6453&s=44
https://btbonus.gives/offbitbonus_1120/

5 KB
2 KB

39ms
37ms

Document
text/html

2606:4700:3035::6815:32c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://btbonus.gives/offbitbonus_1120/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::6815:32c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8cfdd7ad6b81ae08716d3bbbabf45c3f58529004bdd44b961ce122e1184acae7

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://mainnutrausa.site/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-ray: 77889818a92c9188-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 12 Dec 2022 18:41:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z3vIdMX99%2F%2BWcMBC7RFnwdEUxBUwh3tLn0ngzNZVQ%2BshLF%2B%2F7aByxCZ6SVFTdQm99y86w9W2miXrvhunVDyV5gK%2FMdrwjx2%2BTdwhJRjOK3R%2FhFJDf%2FUMUsdRZyi6L2xfhG%2BLPydq%2FdN%2F44n8"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7788981808509188-FRA
content-type: text/html
date: Mon, 12 Dec 2022 18:41:25 GMT
location: https://btbonus.gives/offbitbonus_1120/
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QaLccAYw%2FCMAGTR%2Fe%2BUvPpLXcv1EuBK4QjgknG5eUh1Ts%2Fn8VWMijB09idiVY14CwHfCJkso8pKq95sO9mRLXDMszJVSwYUszJ4vvxGhY1cjKug0Qq39Xczb4GX9WfwzJwRzQbC2tE4mjs2E"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/5.4.16

GET
H3 200 cf.errors.css
btbonus.gives/cdn-cgi/styles/ 24 KB
5 KB 17ms
16ms Stylesheet
text/css 2606:4700:3035::6815:32c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://btbonus.gives/cdn-cgi/styles/cf.errors.css

Requested by

Host: btbonus.gives
URL: https://btbonus.gives/offbitbonus_1120/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:32c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1103290e25ebda2712abe344a87facbac00ddaba712729be9fe5feef807bf91b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://btbonus.gives/offbitbonus_1120/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 18:41:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 07 Dec 2022 18:45:26 GMT
server: cloudflare
etag: W/"6390df46-5e44"
x-frame-options: DENY
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=7200, public
cf-ray: 77889818fa73caad-HAM
expires: Mon, 12 Dec 2022 20:41:25 GMT

GET
H3 200 icon-exclamation.png
btbonus.gives/cdn-cgi/images/ 452 B
635 B 25ms
22ms Image
image/png 2606:4700:3035::6815:32c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://btbonus.gives/cdn-cgi/images/icon-exclamation.png?1376755637

Requested by

Host: btbonus.gives
URL: https://btbonus.gives/cdn-cgi/styles/cf.errors.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:32c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f1591a5221136c49438642155691ae6c68e25b7241f3d7ebe975b09a77662016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://btbonus.gives/cdn-cgi/styles/cf.errors.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 18:41:25 GMT
x-content-type-options: nosniff
last-modified: Wed, 07 Dec 2022 18:45:26 GMT
server: cloudflare
etag: "6390df46-1c4"
x-frame-options: DENY
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=7200, public
accept-ranges: bytes
cf-ray: 778898191aaccaad-HAM
content-length: 452
expires: Mon, 12 Dec 2022 20:41:25 GMT

GET
H3

200

Primary Request / Show response
btbonus.gives/offbitbonus_1120/
Redirect Chain

https://btbonus.gives/cdn-cgi/phish-bypass?atok=DnKebXoan09VZAoz.VUsIVEbKw9Foqa3VXDcEeYGqXU-1670870485-0-%2Foffbitbonus_1120%2F
https://btbonus.gives/offbitbonus_1120/

82 KB
12 KB

97ms
96ms

Document
text/html

2606:4700:3035::6815:32c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://btbonus.gives/offbitbonus_1120/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:32c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/5.4.16
Resource Hash: db2171ea402309b7c4901961864e50ce6beb762352c0743f2020dadc95e214dc

Request headers

Referer: https://btbonus.gives/offbitbonus_1120/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 77889832fea8caad-HAM
content-encoding: br
content-type: text/html
date: Mon, 12 Dec 2022 18:41:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uJz76KNEYh0dx2u59aSzBX5H7V%2BcnCsmJzLAjZFYoMuNlK2pCCW6RqXmAHttNwQaBfhDOwx2xKaJt6odKBoQ1ueYLCdsAj%2BeuLNxJQTRon%2FU%2B2X%2BKRhKBie2b439Wt4%2FarMq3dYclcvlhY64"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/5.4.16

Redirect headers

cache-control: private, no-cache
cf-ray: 77889832de7acaad-HAM
content-length: 167
content-type: text/html
date: Mon, 12 Dec 2022 18:41:30 GMT
location: https://btbonus.gives/offbitbonus_1120/
server: cloudflare
x-content-type-options: nosniff
x-frame-options: DENY

GET
H3 200 init.js Show response
btbonus.gives/offbitbonus/js/ 7 KB
3 KB 42ms
42ms Script
application/javascript 2606:4700:3035::6815:32c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://btbonus.gives/offbitbonus/js/init.js
Requested by: Host: btbonus.gives
URL: https://btbonus.gives/offbitbonus_1120/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:32c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8dad675949a2414da0563dfe4d36d9cbafa90d6d6f71f4e62876b73172d0d969

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://btbonus.gives/offbitbonus_1120/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 18:41:30 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 02 Aug 2022 20:40:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 34179
etag: W/"62e98bb4-1a78"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3mv5yVEsYaqzFMMCyqW%2BHQ8waIiNLr8YlhkBe8o4quu%2BEgmSiP4FUTQEHolr7FeAZYpffSSDQG6lyWHNXVbjsKaeaZtQtEa1IhNuiiEwPKrMhOPDM9m463glC1qT7vEJo6WlFTgltRtz9MSH"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 778898339fcdcaad-HAM
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 13 Dec 2022 09:11:51 GMT

GET
H3 200 chunk-vendors.508d4aa5.css
btbonus.gives/offbitbonus/css/ 0
494 B 41ms
39ms Stylesheet
text/css 2606:4700:3035::6815:32c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://btbonus.gives/offbitbonus/css/chunk-vendors.508d4aa5.css
Requested by: Host: btbonus.gives
URL: https://btbonus.gives/offbitbonus_1120/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:32c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://btbonus.gives/offbitbonus_1120/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 18:41:30 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 34179
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
last-modified: Sat, 30 Jul 2022 13:15:58 GMT
server: cloudflare
etag: "62e52f0e-0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hDiY5N1Z57BL3nz23mqHf70puZdPHHj8tk3DOg8io66d2Gjisdh2JvPRGoPpMKztxggTjHXRjSkSXO3nGFhs%2BzErYXVWtVxMjDFSS2pFRYeti53gYQqu6lSzayh5BuhrqkBemmFfChj02z1S"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 778898339fd0caad-HAM
expires: Tue, 13 Dec 2022 09:11:51 GMT

GET
H3 200 index.3caaae60.css
btbonus.gives/offbitbonus/css/ 98 KB
26 KB 46ms
44ms Stylesheet
text/css 2606:4700:3035::6815:32c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://btbonus.gives/offbitbonus/css/index.3caaae60.css
Requested by: Host: btbonus.gives
URL: https://btbonus.gives/offbitbonus_1120/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:32c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eaa855b03a9d22f3d682d496779ecb6c5cfce05d3b4bc163273ce11835e01c07

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://btbonus.gives/offbitbonus_1120/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 18:41:30 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 30 Jul 2022 13:16:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 34179
etag: W/"62e52f2a-18747"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hxjL82WCduwViskB9vw%2FLIj6lwGYUPRCIDBh3cy87E2Jb1YoGl9ey183FkUxfgJMTxbF8WtlV9Mrw3ANDhPF91M2VNe7MPpsTQxncf%2FMRh7p0Fj6ss9lAKhjAWRCaFGJoEyCv4Nfrt1x9hgX"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=86400
cf-ray: 778898339fd2caad-HAM
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 13 Dec 2022 09:11:51 GMT

GET
H3 200 chunk-vendors.4c5f0612.js Show response
btbonus.gives/offbitbonus/js/ 1 MB
421 KB 61ms
60ms Script
application/javascript 2606:4700:3035::6815:32c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://btbonus.gives/offbitbonus/js/chunk-vendors.4c5f0612.js
Requested by: Host: btbonus.gives
URL: https://btbonus.gives/offbitbonus_1120/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:32c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e7595a373a7921aee66a838d400f565ef0bcd6cfaf1d7c5e8412193bbfc60088

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://btbonus.gives/offbitbonus_1120/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 18:41:30 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 30 Jul 2022 13:15:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 34179
etag: W/"62e52ed6-161009"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uSviV68XGTNSCFhCOJ7XQcNxAAit%2FqB3Hu8aaMEg1rdz4lA%2FtSY4h8VpIa41SrepaUgrUZ0pbHtS62Lk8yn%2F6cO7Vz8sk0yv3Pa8NWruO3of5veSGXXmkagKrTqgP4VR1eC%2FR609Dcykomzf"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 778898339fd3caad-HAM
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 13 Dec 2022 09:11:51 GMT

GET
H3 200 index.bc71eb62.js Show response
btbonus.gives/offbitbonus/js/ 258 KB
74 KB 55ms
54ms Script
application/javascript 2606:4700:3035::6815:32c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://btbonus.gives/offbitbonus/js/index.bc71eb62.js
Requested by: Host: btbonus.gives
URL: https://btbonus.gives/offbitbonus_1120/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:32c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e70748ae5cd128d7c7cd314380a4df9433fb2ce8a4b5341f7e7e2f981471a04

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://btbonus.gives/offbitbonus_1120/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 18:41:30 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 06 Dec 2022 09:45:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 34179
etag: W/"638f0f1c-4088a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pt9Vr6ttpQlcHZU35S7CNbk6SQJlornd1uBhq6MtNvcVCnADu1Q5QzlHIr28iWp%2BVvjBNAFupKeY75AG%2ByHm9MZ6EiwT%2F%2BxZk2TP9V%2FdPyHBwELNe5hzWb%2BC%2BLKm0LgXGvj2U8mSoFGTf471"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 778898339fd6caad-HAM
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 13 Dec 2022 09:11:51 GMT

GET
H3 200 font.css
btbonus.gives/offbitbonus/css/ 0
499 B 44ms
42ms Stylesheet
text/css 2606:4700:3035::6815:32c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://btbonus.gives/offbitbonus/css/font.css
Requested by: Host: btbonus.gives
URL: https://btbonus.gives/offbitbonus_1120/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:32c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://btbonus.gives/offbitbonus_1120/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 18:41:30 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 34179
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
last-modified: Sat, 30 Jul 2022 13:16:02 GMT
server: cloudflare
etag: "62e52f12-0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lEPE6iJTtg9cIpbfl6URfyXV3jiFLeGPGvOeEwC3UVHGNx1TjscWEo2Z83yg%2F986NizP86pjnAKQJjb04zykJHt5EcLXjUAgxLEUA%2Bej1gDnrpQzfrAyuSRb%2BHqIYEUHEZVjGfFMGPrFchQs"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 778898339fd7caad-HAM
expires: Tue, 13 Dec 2022 09:11:51 GMT

GET
H3 200 chunk-0539d65c.45b4ef5b.css
btbonus.gives/offbitbonus/css/ 1 KB
992 B 44ms
43ms Stylesheet
text/css 2606:4700:3035::6815:32c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://btbonus.gives/offbitbonus/css/chunk-0539d65c.45b4ef5b.css
Requested by: Host: btbonus.gives
URL: https://btbonus.gives/offbitbonus_1120/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:32c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 687ae01a0e00f4e3724ca0c7cf68d0027a174491ce9725e440947da149b65bde

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://btbonus.gives/offbitbonus_1120/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 18:41:30 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 30 Jul 2022 13:15:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 34179
etag: W/"62e52f0a-4ee"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a10OwMJ3uOdBQu39IrSWtQJ9ExfhsqPyLfI4bghQqaqEa%2F7l%2BaDwdw14A4f28gA4Pw3DfR50oONtRtGyL5efmU90v3cJNiS7pbPcEKiqJZIeuDkEinRLtLwN3P3FHDTP2qT%2FiUHO8fHOJcSW"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=86400
cf-ray: 778898339fd8caad-HAM
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 13 Dec 2022 09:11:51 GMT

GET
H3 200 chunk-0539d65c.1603fabc.js Show response
btbonus.gives/offbitbonus/js/ 15 KB
5 KB 116ms
114ms Script
application/javascript 2606:4700:3035::6815:32c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://btbonus.gives/offbitbonus/js/chunk-0539d65c.1603fabc.js
Requested by: Host: btbonus.gives
URL: https://btbonus.gives/offbitbonus_1120/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:32c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a0ee5928354bf64e2fd7062aa0d85c3235bbd00be3735221a200c74c77fadf3e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://btbonus.gives/offbitbonus_1120/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 18:41:30 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 02 Aug 2022 15:17:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 34179
etag: W/"62e94010-3ab6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h2%2F7VxAkxgeviXb0jhQ00Aaxl15gxP8OSskf1QlDS1uT6ga98CKNr99rzj0OpNCv20hTciL7H%2F5f81J%2BWaW3SUfns3qcrXcHfAbEReDiybMfi3YJA2NPJ3jt5aJikCAyMvSjnqZV21YCFcIx"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 778898339fd9caad-HAM
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 13 Dec 2022 09:11:51 GMT

GET
H3 200 prices.js Show response
btbonus.gives/offbitbonus/js/ 2 KB
1 KB 126ms
126ms Script
application/javascript 2606:4700:3035::6815:32c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://btbonus.gives/offbitbonus/js/prices.js?t=1670870490211
Requested by: Host: btbonus.gives
URL: https://btbonus.gives/offbitbonus_1120/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:32c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 517cfba35e8a0ff98aafa846a67c3e2909c5ce04df8b42424f78a3b49e2f0f6e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://btbonus.gives/offbitbonus_1120/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 18:41:30 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 10 Dec 2022 09:26:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"639450b6-956"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TwTSuPO%2BMkpSHfcMcTO9XIWe841fW1%2FECd7i9M4n45H2TtTHClWttEbmBdxPbu9mPIquA74566dMh4LYaL%2BXkGV6E5LWVEsIZENvVCKmrlntEqaD9LzmJ1YBuOsZByoJBTi12gE2fiEC%2FP1U"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 77889833d83ccaad-HAM
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 13 Dec 2022 18:41:30 GMT

GET
H3 200 chunk-0539d65c.45b4ef5b.css
btbonus.gives/offbitbonus/css/ 0
1003 B 48ms
47ms Other
text/css 2606:4700:3035::6815:32c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://btbonus.gives/offbitbonus/css/chunk-0539d65c.45b4ef5b.css
Requested by: Host: btbonus.gives
URL: https://btbonus.gives/offbitbonus_1120/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:32c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://btbonus.gives/offbitbonus_1120/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 18:41:30 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 30 Jul 2022 13:15:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 34179
etag: W/"62e52f0a-4ee"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eYz34vTWi97COvfmJ%2BbUcJMcgDP%2FfXL3FO9Sl%2FFUAw0G8W4zZLe%2BPaVb2oiyjVHAIR3UR2iqpzvqP7WnZ%2FUvjO%2B%2Bco7GeeifMO6Isd%2BNk90w52kPFRmCyJoko4%2BYrWXXsa%2FrfVY1qdVyasfE"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=86400
cf-ray: 778898359c05caad-HAM
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 13 Dec 2022 09:11:51 GMT

GET
H3 200 chunk-0a5d5e98.9e44dbc4.css
btbonus.gives/offbitbonus/css/ 0
3 KB 57ms
57ms Other
text/css 2606:4700:3035::6815:32c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://btbonus.gives/offbitbonus/css/chunk-0a5d5e98.9e44dbc4.css
Requested by: Host: btbonus.gives
URL: https://btbonus.gives/offbitbonus_1120/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:32c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://btbonus.gives/offbitbonus_1120/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 18:41:30 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 30 Jul 2022 13:47:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 34178
etag: W/"62e53688-249f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hlvQpJ4AGQJa8fyZJTJ0SjP2r0%2BVdnxBYUQHIxt%2BFd5aW%2BjJi3I82L1YNJSb6HgI3zQHwigQTkXBDIFhCM%2BiroHqsClhshiKMp1EX%2BYQx%2BHha%2BBLm36EdfuKEZWcb03ngzsXuTmhHxVKRhHo"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=86400
cf-ray: 778898359c0bcaad-HAM
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 13 Dec 2022 09:11:52 GMT

GET
H3 200 chunk-37a057ed.47842fdb.css
btbonus.gives/offbitbonus/css/ 0
1 KB 48ms
47ms Other
text/css 2606:4700:3035::6815:32c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://btbonus.gives/offbitbonus/css/chunk-37a057ed.47842fdb.css
Requested by: Host: btbonus.gives
URL: https://btbonus.gives/offbitbonus_1120/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:32c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://btbonus.gives/offbitbonus_1120/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 18:41:30 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 30 Jul 2022 13:45:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 34178
etag: W/"62e53610-c21"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IiJ6%2FsA6JC%2FtbzONfA6Jht3y16ewFvTQgMZKJf1WbVUJ8z4DkIql5BXp%2B9ac%2BKJI0y8rkV8QaNiU0wCmTbLCBTV6LsEmk5Mx0K62TWjxipjuXjDSFsOFyIgibQn5LDlferOoTBKGQcGNhHlF"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=86400
cf-ray: 778898359c15caad-HAM
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 13 Dec 2022 09:11:52 GMT

GET
H3 200 chunk-a1ff7a80.96a44107.css
btbonus.gives/offbitbonus/css/ 0
1 KB 55ms
54ms Other
text/css 2606:4700:3035::6815:32c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://btbonus.gives/offbitbonus/css/chunk-a1ff7a80.96a44107.css
Requested by: Host: btbonus.gives
URL: https://btbonus.gives/offbitbonus_1120/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:32c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://btbonus.gives/offbitbonus_1120/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 18:41:30 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 30 Jul 2022 13:45:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 34178
etag: W/"62e535fe-96b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nrewm74mrPW6GM%2FxjiE4AB2mEh7UnhoQuCuAQwGorDR5S%2FMu67%2FgtdGCE5Y30THJaoAH%2BMSDQGlJpexYb3gZ4aSsVq8YdVLuPARJptGla2Vokq%2F9qI33M6t7yV8h1gED81v4PE9PKnem3HcC"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=86400
cf-ray: 778898359c19caad-HAM
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 13 Dec 2022 09:11:52 GMT

GET
H3 200 chunk-ed495fa0.b92f45dd.css
btbonus.gives/offbitbonus/css/ 0
14 KB 51ms
50ms Other
text/css 2606:4700:3035::6815:32c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://btbonus.gives/offbitbonus/css/chunk-ed495fa0.b92f45dd.css
Requested by: Host: btbonus.gives
URL: https://btbonus.gives/offbitbonus_1120/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:32c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://btbonus.gives/offbitbonus_1120/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 18:41:30 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 30 Jul 2022 13:20:46 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 34178
etag: W/"62e5302e-a963"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KxlLUbq7h7mLXxntJUVAg93pd3v%2BNgCNLvjt4OhJh4A784KAhWSAxi9d9LYlLopsvKxPKxmaONNZMeBx%2BWKdtAXBcMdxA9I979BhXV0ktmbFMIFYqtKZm824HvOVvqHMQYfTAgfkZTk5Okeu"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=86400
cf-ray: 778898359c1bcaad-HAM
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 13 Dec 2022 09:11:52 GMT

GET
H3 200 chunk-0539d65c.1603fabc.js
btbonus.gives/offbitbonus/js/ 0
5 KB 27ms
26ms Other
application/javascript 2606:4700:3035::6815:32c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://btbonus.gives/offbitbonus/js/chunk-0539d65c.1603fabc.js
Requested by: Host: btbonus.gives
URL: https://btbonus.gives/offbitbonus_1120/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:32c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://btbonus.gives/offbitbonus_1120/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 18:41:30 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 02 Aug 2022 15:17:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 34179
etag: W/"62e94010-3ab6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hz5h42Lac6C6XgZfnbiR9SNPZBhVnxbBJMv3i1otzefl2P41zsbjdr0EPJTYQ4PQ%2FSOUs58tqdanZDpex0EaotU00EQFFNs5a9eEKPXRACOP1tFN20IHSXqij6wdcmTd46vS%2FGhRhjnDykSr"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 778898359c1ccaad-HAM
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 13 Dec 2022 09:11:51 GMT

GET
H3 200 chunk-0a5d5e98.fba77499.js
btbonus.gives/offbitbonus/js/ 0
77 KB 60ms
59ms Other
application/javascript 2606:4700:3035::6815:32c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://btbonus.gives/offbitbonus/js/chunk-0a5d5e98.fba77499.js
Requested by: Host: btbonus.gives
URL: https://btbonus.gives/offbitbonus_1120/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:32c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://btbonus.gives/offbitbonus_1120/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 18:41:30 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 06 Dec 2022 09:47:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 34178
etag: W/"638f0fc0-6ead8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sCX%2FJZfeUD%2BSg69Nv2rEAdei6MczVufmOMRANhk0eyY2MBiw0QV03Kmt39cxUzB0FLT05A2wM0SEw0M7HB6wVS%2BdVTpym5mAci8RFHSlUpx3%2BQ21sZ%2B%2F5hJA57rEzWtDSRBMYV5UGgQI%2BkyP"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 778898359c1ecaad-HAM
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 13 Dec 2022 09:11:52 GMT

GET
H3 200 chunk-37a057ed.308167fb.js
btbonus.gives/offbitbonus/js/ 0
4 KB 54ms
53ms Other
application/javascript 2606:4700:3035::6815:32c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://btbonus.gives/offbitbonus/js/chunk-37a057ed.308167fb.js
Requested by: Host: btbonus.gives
URL: https://btbonus.gives/offbitbonus_1120/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:32c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://btbonus.gives/offbitbonus_1120/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 18:41:30 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 30 Jul 2022 15:39:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 34178
etag: W/"62e550ca-2acd"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wem64r4mgJw00AH7k2i5pMkfWOUrAkHas7CTkV45Pq85Z%2FjFFt1lv7RUP0sbcK7nHnynG16lbP02qX9XnS%2Fp6QKSFc%2BwM0sl7lLaVOoaiZiAkkBokNdWYjDAol41bPnePkPoPw%2FsKjmzj47g"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 778898359c20caad-HAM
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 13 Dec 2022 09:11:52 GMT

GET
H3 200 chunk-a1ff7a80.8438863d.js
btbonus.gives/offbitbonus/js/ 0
5 KB 28ms
27ms Other
application/javascript 2606:4700:3035::6815:32c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://btbonus.gives/offbitbonus/js/chunk-a1ff7a80.8438863d.js
Requested by: Host: btbonus.gives
URL: https://btbonus.gives/offbitbonus_1120/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:32c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://btbonus.gives/offbitbonus_1120/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 18:41:30 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 30 Jul 2022 15:35:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 34178
etag: W/"62e54fae-4260"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8DTsZus%2BTfNlGmguwbNUw%2F2MKXekpzmfPIYNWwf9t4C%2B9K6RVppaPo%2BRjz2nTp9O8gJYo0OWRrzUvpN7aignemRwmTOWGKUQG6DVP%2Ff6O%2B%2FaDPWNUHQJU0gB8sKWjISZSv4sYJftQnvJD34%2B"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 778898359c21caad-HAM
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 13 Dec 2022 09:11:52 GMT

GET
H3 200 chunk-ed495fa0.34dce21b.js
btbonus.gives/offbitbonus/js/ 0
36 KB 63ms
62ms Other
application/javascript 2606:4700:3035::6815:32c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://btbonus.gives/offbitbonus/js/chunk-ed495fa0.34dce21b.js
Requested by: Host: btbonus.gives
URL: https://btbonus.gives/offbitbonus_1120/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:32c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://btbonus.gives/offbitbonus_1120/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 18:41:30 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 03 Aug 2022 21:03:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 34178
etag: W/"62eae2a2-4eff0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zzi6Hi4kCSChGcMeHqAMcKjaQt8ZKZP%2BvCP9g08Aks9fzTgTYnFSuK%2F3awfCVfhaNm0U3PZzZN3X8lw%2F3tb1CGuIriGJ5SsMT8CYwfDBLeUrLNmlTinB1aDafzMvzIKaXpzG0CmtJSZKPFtk"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 778898359c22caad-HAM
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 13 Dec 2022 09:11:52 GMT

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: be37de1a4ff4dfd03c7fad0e334fe607c38c845b05f52398c29e53c64dd5ea92

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 863 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 80251fd210894d7e2ce706e74c4635eec6638e74f23af223a7ed10de0466fd72

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 svg-icons.83eea0c0.svg
btbonus.gives/offbitbonus/img/ 59 KB
20 KB 58ms
58ms Other
image/svg+xml 2606:4700:3035::6815:32c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://btbonus.gives/offbitbonus/img/svg-icons.83eea0c0.svg
Requested by: Host: btbonus.gives
URL: https://btbonus.gives/offbitbonus/js/chunk-vendors.4c5f0612.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:32c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce0736a504b7fe38629aae260f8b53d6942aa0377a1d9fe28242fda697ea7e1a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://btbonus.gives/offbitbonus_1120/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 18:41:30 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 20 May 2022 14:41:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 34178
etag: W/"6287a888-ea66"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OfRw9X9MIKLPC%2Fkr2fy2n8eWwjd0BJ3QpXWHPjp5VPb3FFHoy0pdoPPek8n0MV60OTbowM0LN4V%2FVe2J5052F%2FWSIkNOueUbUKZpyXzvByzHzUDWqbRiJoTnXfn1ZnWajhkT7RigzL6FAjZe"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=86400
cf-ray: 778898370f14caad-HAM
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 13 Dec 2022 09:11:52 GMT

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c6ca64f7a1610aeba93fe46453308b8956baed1da16c8104d7a8c192e687f759

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 bit-king.788650c6.png
btbonus.gives/offbitbonus/img/ 15 KB
15 KB 24ms
24ms Image
image/png 2606:4700:3035::6815:32c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://btbonus.gives/offbitbonus/img/bit-king.788650c6.png
Requested by: Host: btbonus.gives
URL: https://btbonus.gives/offbitbonus_1120/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:32c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 46363c6474ed03ac5cc21bb80412074d9a40120ee7d05b722d8a3dd122a886a6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://btbonus.gives/offbitbonus_1120/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 18:41:30 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 32745
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15246
last-modified: Fri, 20 May 2022 14:41:10 GMT
server: cloudflare
etag: "6287a886-3b8e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iTVub5iLvF1DR%2BLycAE%2FUFJ7LMCNMWbO%2FBvl3XOQAlEht77JOgM4OxSvMZd%2B0TaDY5mv750VXQwA75PyzDOL26rdnE8MF4tl7wuiFSH84ZKFKyDrcgOHsqK9aA4CBwuWoABXMl9b%2BB0LjREr"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 778898378805caad-HAM
expires: Tue, 13 Dec 2022 09:35:44 GMT

GET
H3 200 bitcoins.e59a5c84.png
btbonus.gives/offbitbonus/img/ 20 KB
20 KB 51ms
51ms Image
image/png 2606:4700:3035::6815:32c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://btbonus.gives/offbitbonus/img/bitcoins.e59a5c84.png
Requested by: Host: btbonus.gives
URL: https://btbonus.gives/offbitbonus_1120/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:32c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc20e47712ad46c77bca8d311c1458395abc5510c7e3b0421aece61457323717

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://btbonus.gives/offbitbonus_1120/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 18:41:30 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 34178
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 20124
last-modified: Fri, 20 May 2022 14:41:10 GMT
server: cloudflare
etag: "6287a886-4e9c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cDyJqrunB5oaS98%2BIiePGyo8SGolaniOE7UqOEmiN%2FkGjIKo57l%2BZQxARKXTlTX%2FWrkbZtAd%2F98wl%2BlZk6p8IcSVvUQe3SQ38qXCo0drMKZ0evSiM%2BrGtiWMwUKNObzFzlTuTL2DM9PZNDcD"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 778898383924caad-HAM
expires: Tue, 13 Dec 2022 09:11:52 GMT

GET
DATA 200
OK truncated
/ 655 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 16cf7df98faf3739958eff52f6fcd1480f41fcf1f5e22c6ac33a634038afb73b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 heading-icon-retina.6e9c36df.png
btbonus.gives/offbitbonus/img/ 9 KB
10 KB 43ms
43ms Image
image/png 2606:4700:3035::6815:32c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://btbonus.gives/offbitbonus/img/heading-icon-retina.6e9c36df.png
Requested by: Host: btbonus.gives
URL: https://btbonus.gives/offbitbonus_1120/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:32c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c31a52eaec20e008b996590e625e87e6e526a74f9131e2e9f2f24dbd8f116337

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://btbonus.gives/offbitbonus_1120/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 18:41:30 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 32745
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9604
last-modified: Fri, 20 May 2022 14:41:12 GMT
server: cloudflare
etag: "6287a888-2584"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lh4yu2dL0GZFMBwjmAl50qWQc3BYKs0pHBknAzY9jYtKrWYK0htKYkVJH9oOpATYOpL9ZpFiY9dub41fnhl8U%2BrcSKwGhgIUCWwhNelYFRyp0iBPXSCreDiJr2R%2BPbWzw%2BBU68dGreDELkKu"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 77889838392acaad-HAM
expires: Tue, 13 Dec 2022 09:35:45 GMT

GET
H3 200 bit-magnet.c851cb06.png
btbonus.gives/offbitbonus/img/ 13 KB
14 KB 53ms
53ms Image
image/png 2606:4700:3035::6815:32c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://btbonus.gives/offbitbonus/img/bit-magnet.c851cb06.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:32c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4af79f8eef7b22a73e4c531d87bcfc3e48f039f4e29d9b22e462c86b7159f9eb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://btbonus.gives/offbitbonus_1120/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 18:41:31 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 32746
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 13751
last-modified: Fri, 20 May 2022 14:41:10 GMT
server: cloudflare
etag: "6287a886-35b7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DK%2F%2FNbICH5ZegTROjB59nD5zuBwmg9qhHWyILhRCZArSuN%2B3zuzWVaiKT9%2B3jhdsLjH1SIKhN6BGTb4X2aHlQ70WyzcS764iRuCugI%2Fsf15U%2BiQ30bK%2F4yFzEIbFTntCDTGwIl5jm2mvo5u9"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 778898394ae6caad-HAM
expires: Tue, 13 Dec 2022 09:35:45 GMT

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f937980b2be875ff0f7029016403f715a0796a43771b4c72947cddfd92851709

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type: image/png

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Cloudflare (Online)

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.mainqxzxmejgvbxe.gives/	1970-01-20 17:43:50	Name: WUSID Value: 1snq4lh2ivogu2u40anjcqcft4
.mainqxzxmejgvbxe.gives/	1970-01-20 08:52:28	Name: u Value: 6453
.mainqxzxmejgvbxe.gives/	1970-01-20 08:52:28	Name: nopd Value: mainqxzxmejgvbxe.gives
.mainqxzxmejgvbxe.gives/	1970-01-20 08:52:28	Name: o Value: 44
.btbonus.gives/	1970-01-20 08:52:28	Name: u Value: 6453
.btbonus.gives/	1970-01-20 08:52:28	Name: s Value: 44
.btbonus.gives/	1970-01-20 08:09:16	Name: __cf_mw_byp Value: DnKebXoan09VZAoz.VUsIVEbKw9Foqa3VXDcEeYGqXU-1670870485-0-/offbitbonus_1120/

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

btbonus.gives
heromero1.site
mainnutrausa.site
mainqxzxmejgvbxe.gives
2606:4700:3035::6815:32c
2a00:f940:2:2:1:1:0:105
2a00:f940:2:2:1:1:0:183
2a06:98c1:3121::3
1103290e25ebda2712abe344a87facbac00ddaba712729be9fe5feef807bf91b
16cf7df98faf3739958eff52f6fcd1480f41fcf1f5e22c6ac33a634038afb73b
46363c6474ed03ac5cc21bb80412074d9a40120ee7d05b722d8a3dd122a886a6
4af79f8eef7b22a73e4c531d87bcfc3e48f039f4e29d9b22e462c86b7159f9eb
4e70748ae5cd128d7c7cd314380a4df9433fb2ce8a4b5341f7e7e2f981471a04
517cfba35e8a0ff98aafa846a67c3e2909c5ce04df8b42424f78a3b49e2f0f6e
687ae01a0e00f4e3724ca0c7cf68d0027a174491ce9725e440947da149b65bde
80251fd210894d7e2ce706e74c4635eec6638e74f23af223a7ed10de0466fd72
8cfdd7ad6b81ae08716d3bbbabf45c3f58529004bdd44b961ce122e1184acae7
8dad675949a2414da0563dfe4d36d9cbafa90d6d6f71f4e62876b73172d0d969
a0ee5928354bf64e2fd7062aa0d85c3235bbd00be3735221a200c74c77fadf3e
be37de1a4ff4dfd03c7fad0e334fe607c38c845b05f52398c29e53c64dd5ea92
c31a52eaec20e008b996590e625e87e6e526a74f9131e2e9f2f24dbd8f116337
c6ca64f7a1610aeba93fe46453308b8956baed1da16c8104d7a8c192e687f759
ce0736a504b7fe38629aae260f8b53d6942aa0377a1d9fe28242fda697ea7e1a
db2171ea402309b7c4901961864e50ce6beb762352c0743f2020dadc95e214dc
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7595a373a7921aee66a838d400f565ef0bcd6cfaf1d7c5e8412193bbfc60088
eaa855b03a9d22f3d682d496779ecb6c5cfce05d3b4bc163273ce11835e01c07
f1591a5221136c49438642155691ae6c68e25b7241f3d7ebe975b09a77662016
f937980b2be875ff0f7029016403f715a0796a43771b4c72947cddfd92851709
fc20e47712ad46c77bca8d311c1458395abc5510c7e3b0421aece61457323717

btbonus.gives Open in urlscan Pro 2606:4700:3035::6815:32c Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

30 Requests

93 %HTTPS

100 %IPv6

4 Domains

4 Subdomains

4 IPs

2 Countries

778 kBTransfer

2031 kBSize

7 Cookies

0 Outgoing links

Page URL History

Redirected requests

30 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

btbonus.gives Open in urlscan Pro
2606:4700:3035::6815:32c Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

30
Requests

93 %
HTTPS

100 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

778 kB
Transfer

2031 kB
Size

7
Cookies

30 HTTP transactions
5 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!