urlscan.io logo urlscan.io
SecurityTrails logo

bitref.com Open in urlscan Pro
79.98.104.6  Public Scan

Go To Rescan Add Verdict Report
URL: https://bitref.com/16aqr3rXxCtxa8AK3ErftnBQLfzyyhjpXJ
Submission Tags: falconsandbox
Submission: On March 05 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 4 countries across 5 domains to perform 18 HTTP transactions. The main IP is 79.98.104.6, located in Sofia, Bulgaria and belongs to DELTA-BG-AS, BG. The main domain is bitref.com.
TLS certificate: Issued by R3 on February 25th 2023. Valid for: 3 months.
This is the only time bitref.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 10 79.98.104.6 197216 (DELTA-BG-AS)
2 2a0d:da00:a:4... 205072 (LAYERSHIFT)
2 164.138.222.99 201200 (SUPERHOST...)
3 2a0d:da00:a:4... 205072 (LAYERSHIFT)
1 104.16.13.151 13335 (CLOUDFLAR...)
1 2a02:6ea0:f40... 60068 (CDN77 ^_^)
18 7
10    79.98.104.6 (Sofia, Bulgaria)

ASN197216 (DELTA-BG-AS, BG)
PTR: web.jumphosting03.com
bitref.com
2    2a0d:da00:a:401e:: (United Kingdom)

ASN205072 (LAYERSHIFT, GB)
appsha1.cointraffic.io
2    164.138.222.99 (Bulgaria)

ASN201200 (SUPERHOSTING_AS, BG)
PTR: host-164-138-222-99.superhosting.bg
stats.cloxy.net
3    2a0d:da00:a:4024:: (United Kingdom)

ASN205072 (LAYERSHIFT, GB)
apps-prm.ctengine.io
1    104.16.13.151 (None, )

ASN13335 (CLOUDFLARENET, US)
blockchain.info
1    2a02:6ea0:f400::4 (Zagreb, Croatia)

ASN60068 (CDN77 ^_^, GB)
cdn.ctengine.io
Apex Domain
Subdomains		 Transfer
10 bitref.com
bitref.com
83 KB
4 ctengine.io
apps-prm.ctengine.io — Cisco Umbrella Rank: 376414
cdn.ctengine.io — Cisco Umbrella Rank: 315537
124 KB
2 cloxy.net
stats.cloxy.net
21 KB
2 cointraffic.io
appsha1.cointraffic.io — Cisco Umbrella Rank: 363828
6 KB
1 blockchain.info
blockchain.info — Cisco Umbrella Rank: 105575
15 KB
18 5
Domain Requested by
10 bitref.com 1 redirects bitref.com
3 apps-prm.ctengine.io appsha1.cointraffic.io
bitref.com
2 stats.cloxy.net bitref.com
stats.cloxy.net
2 appsha1.cointraffic.io bitref.com
appsha1.cointraffic.io
1 cdn.ctengine.io
1 blockchain.info bitref.com
18 6

This site contains links to these domains. Also see Links.

Domain
peername.com
cointraffic.io
apps-prm.ctengine.io
Subject Issuer Validity Valid
bitref.com
R3		 2023-02-25 -
2023-05-26		 3 months crt.sh
*.cointraffic.io
Gandi Standard SSL CA 2		 2022-12-19 -
2023-12-19		 a year crt.sh
stats.cloxy.net
cPanel, Inc. Certification Authority		 2022-12-25 -
2023-03-25		 3 months crt.sh
*.ctengine.io
Gandi Standard SSL CA 2		 2023-01-13 -
2024-01-13		 a year crt.sh
www.blockchain.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-28 -
2023-10-29		 a year crt.sh

This page contains 1 frames:

Primary Page: https://bitref.com/16aqr3rXxCtxa8AK3ErftnBQLfzyyhjpXJ
Frame ID: 3147D8A1F9F526FA82499455AE05DD7E
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

16aqr3rXxCtxa8AK3ErftnBQLfzyyhjpXJ | BitRef

Page URL History Show full URLs

  1. https://bitref.com/16aqr3rXxCtxa8AK3ErftnBQLfzyyhjpXJ Page URL
  2. https://bitref.com/z0f76a1d14fd21a8fb5fd0d03e0fdc3d3cedae52f?wsidchk=18885958 HTTP 302
    https://bitref.com/16aqr3rXxCtxa8AK3ErftnBQLfzyyhjpXJ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Page Statistics

18
Requests

100 %
HTTPS

50 %
IPv6

5
Domains

6
Subdomains

7
IPs

4
Countries

248 kB
Transfer

496 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://bitref.com/16aqr3rXxCtxa8AK3ErftnBQLfzyyhjpXJ Page URL
  2. https://bitref.com/z0f76a1d14fd21a8fb5fd0d03e0fdc3d3cedae52f?wsidchk=18885958 HTTP 302
    https://bitref.com/16aqr3rXxCtxa8AK3ErftnBQLfzyyhjpXJ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
16aqr3rXxCtxa8AK3ErftnBQLfzyyhjpXJ
bitref.com/ 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bitref.com/16aqr3rXxCtxa8AK3ErftnBQLfzyyhjpXJ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
79.98.104.6 Sofia, Bulgaria, ASN197216 (DELTA-BG-AS, BG),
Reverse DNS
web.jumphosting03.com
Software
imunify360-webshield/1.18 /
Resource Hash
79eb7db8ccd75b91911f5879abb3fc03d5f85dd1a232d30b72c3520c8d2acb1f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
cf-edge-cache
no-cache
content-type
text/html
date
Sun, 05 Mar 2023 10:01:31 GMT
last-modified
Sunday, 05-Mar-2023 10:01:31 GMT
server
imunify360-webshield/1.18
Primary Request 16aqr3rXxCtxa8AK3ErftnBQLfzyyhjpXJ
bitref.com/
Redirect Chain
  • https://bitref.com/z0f76a1d14fd21a8fb5fd0d03e0fdc3d3cedae52f?wsidchk=18885958
  • https://bitref.com/16aqr3rXxCtxa8AK3ErftnBQLfzyyhjpXJ
6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bitref.com/16aqr3rXxCtxa8AK3ErftnBQLfzyyhjpXJ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
79.98.104.6 Sofia, Bulgaria, ASN197216 (DELTA-BG-AS, BG),
Reverse DNS
web.jumphosting03.com
Software
imunify360-webshield/1.18 / PHP/8.1.12
Resource Hash
893c443d57adf3cc0b018fa4a8565abf3e3a884ef55c90b946ad033aba950681
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Referer
https://bitref.com/16aqr3rXxCtxa8AK3ErftnBQLfzyyhjpXJ
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
br
content-length
2705
content-type
text/html; charset=UTF-8
date
Sun, 05 Mar 2023 10:01:31 GMT
server
imunify360-webshield/1.18
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-powered-by
PHP/8.1.12
x-turbo-charged-by
LiteSpeed
x-xss-protection
1

Redirect headers

content-length
142
content-type
text/html
date
Sun, 05 Mar 2023 10:01:31 GMT
location
https://bitref.com/16aqr3rXxCtxa8AK3ErftnBQLfzyyhjpXJ
server
imunify360-webshield/1.18
bootstrap.min.css
bitref.com/css/ 		156 KB
21 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bitref.com/css/bootstrap.min.css
Requested by
Host: bitref.com
URL: https://bitref.com/16aqr3rXxCtxa8AK3ErftnBQLfzyyhjpXJ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
79.98.104.6 Sofia, Bulgaria, ASN197216 (DELTA-BG-AS, BG),
Reverse DNS
web.jumphosting03.com
Software
imunify360-webshield/1.18 /
Resource Hash
2ff5b959fa9f6b4b1d04d20a37d706e90039176ab1e2a202994d9580baeebfd6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bitref.com/16aqr3rXxCtxa8AK3ErftnBQLfzyyhjpXJ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sun, 05 Mar 2023 10:01:31 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
last-modified
Tue, 28 Apr 2020 08:44:15 GMT
server
imunify360-webshield/1.18
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
20995
x-xss-protection
1
expires
Sun, 12 Mar 2023 10:01:31 GMT
style.css
bitref.com/css/ 		1 KB
860 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bitref.com/css/style.css
Requested by
Host: bitref.com
URL: https://bitref.com/16aqr3rXxCtxa8AK3ErftnBQLfzyyhjpXJ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
79.98.104.6 Sofia, Bulgaria, ASN197216 (DELTA-BG-AS, BG),
Reverse DNS
web.jumphosting03.com
Software
imunify360-webshield/1.18 /
Resource Hash
d9f1f642d84cb9467b1bef74ecd9603ada29d9920d1503e60d2004531d368f81
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bitref.com/16aqr3rXxCtxa8AK3ErftnBQLfzyyhjpXJ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sun, 05 Mar 2023 10:01:31 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
last-modified
Thu, 03 Mar 2022 20:02:38 GMT
server
imunify360-webshield/1.18
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
488
x-xss-protection
1
expires
Sun, 12 Mar 2023 10:01:31 GMT
scripts.js
bitref.com/js/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bitref.com/js/scripts.js
Requested by
Host: bitref.com
URL: https://bitref.com/16aqr3rXxCtxa8AK3ErftnBQLfzyyhjpXJ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
79.98.104.6 Sofia, Bulgaria, ASN197216 (DELTA-BG-AS, BG),
Reverse DNS
web.jumphosting03.com
Software
imunify360-webshield/1.18 /
Resource Hash
e036bee8ff9e664bbc87257bf841ad671254daec0e82d0f2d34ca5dc6428d1ee
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bitref.com/16aqr3rXxCtxa8AK3ErftnBQLfzyyhjpXJ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sun, 05 Mar 2023 10:01:31 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
last-modified
Sun, 19 Feb 2023 10:48:13 GMT
server
imunify360-webshield/1.18
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
3441
x-xss-protection
1
expires
Sun, 12 Mar 2023 10:01:31 GMT
qrcode.min.js
bitref.com/js/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bitref.com/js/qrcode.min.js
Requested by
Host: bitref.com
URL: https://bitref.com/16aqr3rXxCtxa8AK3ErftnBQLfzyyhjpXJ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
79.98.104.6 Sofia, Bulgaria, ASN197216 (DELTA-BG-AS, BG),
Reverse DNS
web.jumphosting03.com
Software
imunify360-webshield/1.18 /
Resource Hash
c541ef06327885a8415bca8df6071e14189b4855336def4f36db54bde8484f36
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bitref.com/16aqr3rXxCtxa8AK3ErftnBQLfzyyhjpXJ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sun, 05 Mar 2023 10:01:31 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
last-modified
Thu, 03 Mar 2022 11:31:07 GMT
server
imunify360-webshield/1.18
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
6703
x-xss-protection
1
expires
Sun, 12 Mar 2023 10:01:31 GMT
/
appsha1.cointraffic.io/js/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://appsha1.cointraffic.io/js/?wkey=R5ehoHlfae
Requested by
Host: bitref.com
URL: https://bitref.com/16aqr3rXxCtxa8AK3ErftnBQLfzyyhjpXJ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a0d:da00:a:401e:: , United Kingdom, ASN205072 (LAYERSHIFT, GB),
Reverse DNS
Software
nginx /
Resource Hash
2200d78143d60c86166c43228df1042699f060a7868f5712ee44d43c0f7cc76a
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';frame-src 'self';
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bitref.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sun, 05 Mar 2023 10:01:31 GMT
content-security-policy
frame-ancestors 'self';frame-src 'self';
x-content-type-options
nosniff
content-encoding
gzip
x-permitted-cross-domain-policies
none
cross-origin-embedder-policy
unsafe-none
cross-origin-resource-policy
cross-origin
x-xss-protection
1; mode=block;
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
cross-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
no-cache, no-store, must-revalidate
permissions-policy
geolocation=(self), payment=(self)
expires
0
u9VnQ6kM-5PI2V8JsmWmHw.woff2
bitref.com/css/ 		19 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://bitref.com/css/u9VnQ6kM-5PI2V8JsmWmHw.woff2
Requested by
Host: bitref.com
URL: https://bitref.com/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
79.98.104.6 Sofia, Bulgaria, ASN197216 (DELTA-BG-AS, BG),
Reverse DNS
web.jumphosting03.com
Software
imunify360-webshield/1.18 /
Resource Hash
05e5b6d00bdd60e11fe961c7805ba60c27f09de235403b887a79755bc1dab412
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Referer
https://bitref.com/css/style.css
Origin
https://bitref.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sun, 05 Mar 2023 10:01:31 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Mon, 27 Apr 2020 17:47:46 GMT
server
imunify360-webshield/1.18
x-frame-options
SAMEORIGIN
content-type
font/woff2
cache-control
public, max-age=2592000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
19740
x-xss-protection
1
expires
Tue, 04 Apr 2023 10:01:31 GMT
peername-sm.png
bitref.com/images/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bitref.com/images/peername-sm.png
Requested by
Host: bitref.com
URL: https://bitref.com/16aqr3rXxCtxa8AK3ErftnBQLfzyyhjpXJ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
79.98.104.6 Sofia, Bulgaria, ASN197216 (DELTA-BG-AS, BG),
Reverse DNS
web.jumphosting03.com
Software
imunify360-webshield/1.18 /
Resource Hash
9f7291383e4d3952561960514233a8748389f290c30eed19764884d68f6442da
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bitref.com/16aqr3rXxCtxa8AK3ErftnBQLfzyyhjpXJ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sun, 05 Mar 2023 10:01:31 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 25 Oct 2020 15:40:02 GMT
server
imunify360-webshield/1.18
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
25485
x-xss-protection
1
expires
Sun, 12 Mar 2023 10:01:31 GMT
matomo.js
stats.cloxy.net/ 		64 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.cloxy.net/matomo.js
Requested by
Host: bitref.com
URL: https://bitref.com/16aqr3rXxCtxa8AK3ErftnBQLfzyyhjpXJ
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
164.138.222.99 , Bulgaria, ASN201200 (SUPERHOSTING_AS, BG),
Reverse DNS
host-164-138-222-99.superhosting.bg
Software
Apache /
Resource Hash
d7fc375178c93a2fc15fd888e30170eedf4ef3d04497e7f951ab7bfe0c921693

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bitref.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sun, 05 Mar 2023 10:01:32 GMT
content-encoding
gzip
last-modified
Tue, 31 Jan 2023 06:46:20 GMT
server
Apache
etag
"10931103-10132-5f389b0778d74-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800
accept-ranges
bytes
content-length
21441
expires
Sun, 12 Mar 2023 10:01:32 GMT
inpage.js
appsha1.cointraffic.io/ats/ 		11 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://appsha1.cointraffic.io/ats/inpage.js?v=1673340965394
Requested by
Host: appsha1.cointraffic.io
URL: https://appsha1.cointraffic.io/js/?wkey=R5ehoHlfae
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a0d:da00:a:401e:: , United Kingdom, ASN205072 (LAYERSHIFT, GB),
Reverse DNS
Software
nginx /
Resource Hash
f912101806c688ff68c1860085b24f38250d5e0d442247b4d569796cab0223b6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bitref.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sun, 05 Mar 2023 10:01:32 GMT
content-encoding
gzip
last-modified
Wed, 11 Jan 2023 11:31:14 GMT
server
nginx
etag
W/"63be9e02-2bfb"
access-control-allow-methods
GET, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
tmp
apps-prm.ctengine.io/ 		612 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://apps-prm.ctengine.io/tmp
Requested by
Host: appsha1.cointraffic.io
URL: https://appsha1.cointraffic.io/js/?wkey=R5ehoHlfae
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a0d:da00:a:4024:: , United Kingdom, ASN205072 (LAYERSHIFT, GB),
Reverse DNS
Software
nginx /
Resource Hash
eae24b54060661636aec58830f639e2fb6afe94a006de8d80ca46acdae41b5d4

Request headers

Referer
https://bitref.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Sun, 05 Mar 2023 10:01:32 GMT
server
nginx
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://bitref.com
access-control-expose-headers
Content-Length,Content-Range
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
expires
0
tmp
apps-prm.ctengine.io/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://apps-prm.ctengine.io/tmp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a0d:da00:a:4024:: , United Kingdom, ASN205072 (LAYERSHIFT, GB),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://bitref.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://bitref.com
access-control-expose-headers
Content-Length,Content-Range
access-control-max-age
1728000
date
Sun, 05 Mar 2023 10:01:32 GMT
server
nginx
matomo.php
stats.cloxy.net/ 		0
90 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.cloxy.net/matomo.php?action_name=16aqr3rXxCtxa8AK3ErftnBQLfzyyhjpXJ%20%7C%20BitRef&idsite=18&rec=1&r=138262&h=10&m=1&s=32&url=https%3A%2F%2Fbitref.com%2F16aqr3rXxCtxa8AK3ErftnBQLfzyyhjpXJ&urlref=https%3A%2F%2Fbitref.com%2F16aqr3rXxCtxa8AK3ErftnBQLfzyyhjpXJ&_id=05dab6e49feb998b&_idn=1&send_image=0&_refts=0&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&pv_id=pJQED4&pf_net=0&pf_srv=47&pf_tfr=1&pf_dm1=104&uadata=%7B%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Requested by
Host: stats.cloxy.net
URL: https://stats.cloxy.net/matomo.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
164.138.222.99 , Bulgaria, ASN201200 (SUPERHOSTING_AS, BG),
Reverse DNS
host-164-138-222-99.superhosting.bg
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://bitref.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=utf-8

Response headers

access-control-allow-origin
https://bitref.com
date
Sun, 05 Mar 2023 10:01:32 GMT
cache-control
max-age=3600
access-control-allow-credentials
true
server
Apache
expires
Sun, 05 Mar 2023 11:01:32 GMT
multiaddr
blockchain.info/ 		49 KB
15 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://blockchain.info/multiaddr?cors=true&active=16aqr3rXxCtxa8AK3ErftnBQLfzyyhjpXJ
Requested by
Host: bitref.com
URL: https://bitref.com/js/scripts.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.13.151 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b46cc1cc912ec4593a3677a359a8f06162139292a02d1bd16cd9b521fbc96a4f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bitref.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sun, 05 Mar 2023 10:01:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
gzip
via
1.1 google
x-original-host
blockchain.info
x-blockchain-cp-f
zz62 0.124 - 2c3bfe8ea910a63b0afc825f4c445767
x-xss-protection
1; mode=block
x-request-id
2c3bfe8ea910a63b0afc825f4c445767
x-blockchain-cp-b
haskoin-store-btc
server
cloudflare
x-blockchain-server
BlockchainFE/1.0
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-blockchain-language
de
x-blockchain-language-id
0:0:1 (en:en:de)
cf-ray
7a3184a87de29012-FRA
truncated
/ 		85 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4a711f5cd03c09fd79ae2f19bb2f71168e71c18b7562626a1ae8d99ebc3212ff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9c321fbb8799eed689dfc0296d33e20879321086bec815c25298a6b6cc79a88e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
image/png
/
apps-prm.ctengine.io/tmp/app/ 		0
448 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apps-prm.ctengine.io/tmp/app/?rid=ct6404687c343a27814673913
Requested by
Host: bitref.com
URL: https://bitref.com/16aqr3rXxCtxa8AK3ErftnBQLfzyyhjpXJ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a0d:da00:a:4024:: , United Kingdom, ASN205072 (LAYERSHIFT, GB),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bitref.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Mar 2023 10:01:32 GMT
server
nginx
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://bitref.com
access-control-expose-headers
Content-Length,Content-Range
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
expires
0
8a76924c97a66b5032fb7237bc86a2935ea9fbc7.gif
cdn.ctengine.io/pub/827a18a2e6753a65296a0a24d714e952a71e7269/ 		122 KB
122 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ctengine.io/pub/827a18a2e6753a65296a0a24d714e952a71e7269/8a76924c97a66b5032fb7237bc86a2935ea9fbc7.gif
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:f400::4 Zagreb, Croatia, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
1df761ed4bab7098672221bf3d0544e0a3ca7bf713082be246f16909491d5dfa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bitref.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-77-nzt
AamW8oroHOb/o0gCAA
x-accel-expires
@1678897625
date
Sun, 05 Mar 2023 10:01:32 GMT
x-77-pop
zagrebHR
last-modified
Sat, 18 Feb 2023 13:43:07 GMT
server
CDN77-Turbo
etag
"63f0d5eb-1e663"
x-77-nzt-ray
bcd92b1f04477d447c680464683ecd17
x-cache
HIT
content-type
image/gif
access-control-allow-origin
*
x-77-cache
HIT
x-age
149667
accept-ranges
bytes
content-length
124515
6.png
bitref.com/images/ 		531 B
870 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bitref.com/images/6.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
79.98.104.6 Sofia, Bulgaria, ASN197216 (DELTA-BG-AS, BG),
Reverse DNS
web.jumphosting03.com
Software
imunify360-webshield/1.18 /
Resource Hash
f1f84f4b6cfb0dbd68b867c20e959f939e2e5144a98bf35845416fccc066b450
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bitref.com/16aqr3rXxCtxa8AK3ErftnBQLfzyyhjpXJ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sun, 05 Mar 2023 10:01:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Wed, 06 May 2020 20:50:30 GMT
server
imunify360-webshield/1.18
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
531
x-xss-protection
1
expires
Sun, 12 Mar 2023 10:01:32 GMT

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless function| _0x4959 function| format function| init_data function| init_data2 function| init_data3 function| bitcoin_handler function| _0x8269 function| donate function| QRCode object| _paq object| ctR5ehoHlfae object| Piwik object| Matomo object| AnalyticsTracker function| piwik_log

3 Cookies

Domain/Path Name / Value
.bitref.com/ Name: wschkid
Value: b451817185ba08dab70b663c2118e7c316916c87.1678096891.1
bitref.com/ Name: _pk_id.18.a26b
Value: 05dab6e49feb998b.1678010492.
bitref.com/ Name: _pk_ses.18.a26b
Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

apps-prm.ctengine.io
appsha1.cointraffic.io
bitref.com
blockchain.info
cdn.ctengine.io
stats.cloxy.net
104.16.13.151
164.138.222.99
2a02:6ea0:f400::4
2a0d:da00:a:401e::
2a0d:da00:a:4024::
79.98.104.6
05e5b6d00bdd60e11fe961c7805ba60c27f09de235403b887a79755bc1dab412
1df761ed4bab7098672221bf3d0544e0a3ca7bf713082be246f16909491d5dfa
2200d78143d60c86166c43228df1042699f060a7868f5712ee44d43c0f7cc76a
2ff5b959fa9f6b4b1d04d20a37d706e90039176ab1e2a202994d9580baeebfd6
4a711f5cd03c09fd79ae2f19bb2f71168e71c18b7562626a1ae8d99ebc3212ff
79eb7db8ccd75b91911f5879abb3fc03d5f85dd1a232d30b72c3520c8d2acb1f
893c443d57adf3cc0b018fa4a8565abf3e3a884ef55c90b946ad033aba950681
9c321fbb8799eed689dfc0296d33e20879321086bec815c25298a6b6cc79a88e
9f7291383e4d3952561960514233a8748389f290c30eed19764884d68f6442da
b46cc1cc912ec4593a3677a359a8f06162139292a02d1bd16cd9b521fbc96a4f
c541ef06327885a8415bca8df6071e14189b4855336def4f36db54bde8484f36
d7fc375178c93a2fc15fd888e30170eedf4ef3d04497e7f951ab7bfe0c921693
d9f1f642d84cb9467b1bef74ecd9603ada29d9920d1503e60d2004531d368f81
e036bee8ff9e664bbc87257bf841ad671254daec0e82d0f2d34ca5dc6428d1ee
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eae24b54060661636aec58830f639e2fb6afe94a006de8d80ca46acdae41b5d4
f1f84f4b6cfb0dbd68b867c20e959f939e2e5144a98bf35845416fccc066b450
f912101806c688ff68c1860085b24f38250d5e0d442247b4d569796cab0223b6