urlscan.io logo urlscan.io
SecurityTrails logo

ec2-34-218-225-161.us-west-2.compute.amazonaws.com Open in urlscan Pro
34.218.225.161  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://bankremir.ga/
Effective URL: http://ec2-34-218-225-161.us-west-2.compute.amazonaws.com/?613b158f6bab3=4fee2196b5bf0b8413c052c717dcfebe8d12d33dArray&m=313&q=file-b3272e&dedica=&
Submission: On September 10 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 3 countries across 12 domains to perform 16 HTTP transactions. The main IP is 34.218.225.161, located in Boardman, United States and belongs to AMAZON-02, US. The main domain is ec2-34-218-225-161.us-west-2.compute.amazonaws.com.
This is the only time ec2-34-218-225-161.us-west-2.compute.amazonaws.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 2606:4700:303... 13335 (CLOUDFLAR...)
1 165.22.198.175 14061 (DIGITALOC...)
4 213.174.135.24 39572 (ADVANCEDH...)
1 2 88.212.201.216 39134 (UNITEDNET)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2 2606:4700:303... 13335 (CLOUDFLAR...)
1 34.218.225.161 16509 (AMAZON-02)
2 2606:4700::68... 13335 (CLOUDFLAR...)
16 9
3    2606:4700:3032::6815:5b3b (United States)

ASN13335 (CLOUDFLARENET, US)
bankremir.ga
1    165.22.198.175 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
lib1.biz
4    213.174.135.24 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
sw.wpush.org
js.wpushsdk.com
js.jnkstff.com
2    88.212.201.216 (Russian Federation)

ASN39134 (UNITEDNET, RU)
counter.yadro.ru
1    2606:4700:3030::ac43:bc55 (United States)

ASN13335 (CLOUDFLARENET, US)
frezex.xyz
2    2606:4700:3036::ac43:8f77 (United States)

ASN13335 (CLOUDFLARENET, US)
twinclen.xyz
1    34.218.225.161 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-218-225-161.us-west-2.compute.amazonaws.com
ec2-34-218-225-161.us-west-2.compute.amazonaws.com
2    2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
Domain Requested by
3 bankremir.ga bankremir.ga
2 cdnjs.cloudflare.com ec2-34-218-225-161.us-west-2.compute.amazonaws.com
2 twinclen.xyz 1 redirects
2 js.wpushsdk.com sw.wpush.org
js.wpushsdk.com
2 counter.yadro.ru 1 redirects
1 ec2-34-218-225-161.us-west-2.compute.amazonaws.com
1 js.jnkstff.com js.wpushsdk.com
1 frezex.xyz bankremir.ga
1 sw.wpush.org bankremir.ga
1 lib1.biz bankremir.ga
0 ntvpinp.com Failed js.wpushsdk.com
0 nereserv.com Failed js.wpushsdk.com
16 12

This site contains no links.

Subject Issuer Validity Valid
*.bankremir.ga
R3		 2021-09-10 -
2021-12-09		 3 months crt.sh
10.lib2.biz
R3		 2021-09-09 -
2021-12-08		 3 months crt.sh
sw.wpush.org
R3		 2021-07-18 -
2021-10-16		 3 months crt.sh
counter.yadro.ru
GoGetSSL ECC DV CA		 2020-02-02 -
2022-05-02		 2 years crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-12-14 -
2021-12-13		 a year crt.sh
js.wpushsdk.com
R3		 2021-08-20 -
2021-11-18		 3 months crt.sh
js.jnkstff.com
R3		 2021-08-20 -
2021-11-18		 3 months crt.sh

This page contains 1 frames:

Primary Page: http://ec2-34-218-225-161.us-west-2.compute.amazonaws.com/?613b158f6bab3=4fee2196b5bf0b8413c052c717dcfebe8d12d33dArray&m=313&q=file-b3272e&dedica=&
Frame ID: F0C7293421035A85D803D97AC5F27CB4
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://bankremir.ga/ Page URL
  2. https://frezex.xyz/?s=313&q=file-b3272e Page URL
  3. http://twinclen.xyz/?s=313&q=file-b3272e&g=30430446c4b8f396f4242f79ae8adbe8&mode=&hmac=WyI5ZjUzY... HTTP 301
    https://twinclen.xyz/?s=313&q=file-b3272e&g=30430446c4b8f396f4242f79ae8adbe8&mode=&hmac=WyI5ZjUzY... Page URL
  4. http://ec2-34-218-225-161.us-west-2.compute.amazonaws.com/?613b158f6bab3=4fee2196b5bf0b8413c052c717dcfebe8d12d33dArray&m=313&q=file-b3... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Page Statistics

16
Requests

81 %
HTTPS

50 %
IPv6

12
Domains

12
Subdomains

9
IPs

3
Countries

175 kB
Transfer

459 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://bankremir.ga/ Page URL
  2. https://frezex.xyz/?s=313&q=file-b3272e Page URL
  3. http://twinclen.xyz/?s=313&q=file-b3272e&g=30430446c4b8f396f4242f79ae8adbe8&mode=&hmac=WyI5ZjUzYTE2ZWEwNzRkNGVlMjhmZTg4MGIzYTM0YmIxM2FhZjFkOWRkIiwiZWUwMmM2MjdlN2UyZDk3NTFiY2U4Nzc1ZjRiYzUyNThkNjdjMmFhNyIsIjkxNTJjNDczYTczZjZhMzUzZjU1OWVmOWM0ZDk1YWQ5OGQ5NWM3NTEiXQ== HTTP 301
    https://twinclen.xyz/?s=313&q=file-b3272e&g=30430446c4b8f396f4242f79ae8adbe8&mode=&hmac=WyI5ZjUzYTE2ZWEwNzRkNGVlMjhmZTg4MGIzYTM0YmIxM2FhZjFkOWRkIiwiZWUwMmM2MjdlN2UyZDk3NTFiY2U4Nzc1ZjRiYzUyNThkNjdjMmFhNyIsIjkxNTJjNDczYTczZjZhMzUzZjU1OWVmOWM0ZDk1YWQ5OGQ5NWM3NTEiXQ== Page URL
  4. http://ec2-34-218-225-161.us-west-2.compute.amazonaws.com/?613b158f6bab3=4fee2196b5bf0b8413c052c717dcfebe8d12d33dArray&m=313&q=file-b3272e&dedica=& Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6
  • https://counter.yadro.ru/hit;porno_kobec_freenom_real?t52.6;r;s1600*1200*24;uhttps%3A//bankremir.ga/;hAccess%20page;0.5241946121904373 HTTP 302
  • https://counter.yadro.ru/hit;porno_kobec_freenom_real?q;t52.6;r;s1600*1200*24;uhttps%3A//bankremir.ga/;hAccess%20page;0.5241946121904373
Request Chain 13
  • http://twinclen.xyz/?s=313&q=file-b3272e&g=30430446c4b8f396f4242f79ae8adbe8&mode=&hmac=WyI5ZjUzYTE2ZWEwNzRkNGVlMjhmZTg4MGIzYTM0YmIxM2FhZjFkOWRkIiwiZWUwMmM2MjdlN2UyZDk3NTFiY2U4Nzc1ZjRiYzUyNThkNjdjMmFhNyIsIjkxNTJjNDczYTczZjZhMzUzZjU1OWVmOWM0ZDk1YWQ5OGQ5NWM3NTEiXQ== HTTP 301
  • https://twinclen.xyz/?s=313&q=file-b3272e&g=30430446c4b8f396f4242f79ae8adbe8&mode=&hmac=WyI5ZjUzYTE2ZWEwNzRkNGVlMjhmZTg4MGIzYTM0YmIxM2FhZjFkOWRkIiwiZWUwMmM2MjdlN2UyZDk3NTFiY2U4Nzc1ZjRiYzUyNThkNjdjMmFhNyIsIjkxNTJjNDczYTczZjZhMzUzZjU1OWVmOWM0ZDk1YWQ5OGQ5NWM3NTEiXQ==
Request Chain 14
  • http://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.1.0/css/bootstrap.min.css HTTP 307
  • https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.1.0/css/bootstrap.min.css
Request Chain 15
  • http://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css HTTP 307
  • https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

16 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
bankremir.ga/ 		11 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bankremir.ga/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:5b3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.8
Resource Hash
ab9c991ffc00ed3d9d19466a50d231be976cc7a8ad5e4dcc246539f972d87a0b

Request headers

:method
GET
:authority
bankremir.ga
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Fri, 10 Sep 2021 08:21:32 GMT
content-type
text/html; charset=UTF-8
x-powered-by
PHP/7.4.8
set-cookie
ab_referer=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
access-control-allow-origin
*
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=23QFVhc%2FcBMjqHkTlmd1MnHLBSeaOg70Y7LYAPLCJjgjJAa8cyMr700ONmjwFZUAS7%2FAAfJpuqtJ%2Fd4qDmJ%2FYbxUOxHWa7LLZgHOB5eUl2O3chkGNdOjffChaA5KV%2BxMzqK8lEdMjhp4lE0%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
68c73e4be84c4e38-FRA
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
g4zdmy3dgu5ha3ddf4zdkma
lib1.biz/code/ 		14 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lib1.biz/code/g4zdmy3dgu5ha3ddf4zdkma
Requested by
Host: bankremir.ga
URL: https://bankremir.ga/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
165.22.198.175 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Content-Security-Policy img-src https: data:; upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bankremir.ga/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 10 Sep 2021 08:21:32 GMT
server
nginx
content-security-policy
img-src https: data:; upgrade-insecure-requests
strict-transport-security
max-age=31536000
content-type
application/javascript; charset=UTF-8
arrow.png
bankremir.ga/landing/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bankremir.ga/landing/arrow.png
Requested by
Host: bankremir.ga
URL: https://bankremir.ga/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:5b3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1e33356964f2769244bb45448d9b0680582b69f344b4f09fa85231efaf05adc2

Request headers

:path
/landing/arrow.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
bankremir.ga
referer
https://bankremir.ga/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://bankremir.ga/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 08:21:32 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
7572
last-modified
Sun, 18 Apr 2021 14:02:52 GMT
server
cloudflare
etag
"607c3c0c-1d94"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iyA9pd%2BH%2Fsbla2NEN8VkKjuKaRHjWtip7A%2Fy9HdZp7dTyb2JYOLrkW5%2B2aFZpOvJ0YX7ULE9IjXulJFQkA6HfnNA4P0cK4VilZvZ%2BLCcbGDnb1uSzoYqD9H31r1Oisv22%2Bm8N53H3PeLZz4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
68c73e4cb9cb4e38-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
robot-men.png
bankremir.ga/landing/ 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bankremir.ga/landing/robot-men.png
Requested by
Host: bankremir.ga
URL: https://bankremir.ga/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:5b3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:path
/landing/robot-men.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
bankremir.ga
referer
https://bankremir.ga/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://bankremir.ga/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 08:21:32 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
35511
last-modified
Sun, 18 Apr 2021 14:02:52 GMT
server
cloudflare
etag
"607c3c0c-8ab7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SAstEKzeFL4XotyyOBL8DusHzPOUp4nzxztNLe1tbjE3GTEqAEYkFD2gB1tQX7ZZUDWdAMV%2FWyh1QX6noYLPyghJdDfbn%2FdtRAbr4FXFo7%2FzWK9dsHPW9RfJpW%2F7pPtOLURrLFgQigO9acQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
68c73e4d3ac94e38-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
main.js
sw.wpush.org/script/ 		75 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sw.wpush.org/script/main.js?promo=24303&tcid=2833&src=1860236680
Requested by
Host: bankremir.ga
URL: https://bankremir.ga/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.24 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bankremir.ga/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 08:21:32 GMT
content-encoding
gzip
last-modified
Wed, 18 Aug 2021 13:25:45 GMT
server
nginx/1.18.0
etag
W/"611d0a59-12a35"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Fri, 10 Sep 2021 09:21:32 GMT
cache-control
max-age=3600
x-proxy-cache
HIT
truncated
/ 		42 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bankremir.ga/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/gif
hit;porno_kobec_freenom_real
counter.yadro.ru/
Redirect Chain
  • https://counter.yadro.ru/hit;porno_kobec_freenom_real?t52.6;r;s1600*1200*24;uhttps%3A//bankremir.ga/;hAccess%20page;0.5241946121904373
  • https://counter.yadro.ru/hit;porno_kobec_freenom_real?q;t52.6;r;s1600*1200*24;uhttps%3A//bankremir.ga/;hAccess%20page;0.5241946121904373
415 B
901 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://counter.yadro.ru/hit;porno_kobec_freenom_real?q;t52.6;r;s1600*1200*24;uhttps%3A//bankremir.ga/;hAccess%20page;0.5241946121904373
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
88.212.201.216 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bankremir.ga/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 10 Sep 2021 08:21:32 GMT
Server
nginx/1.17.9
Strict-Transport-Security
max-age=86400
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin
*
Cache-control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
415
Expires
Wed, 09 Sep 2020 21:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 10 Sep 2021 08:21:32 GMT
Server
nginx/1.17.9
Strict-Transport-Security
max-age=86400
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Location
https://counter.yadro.ru/hit;porno_kobec_freenom_real?q;t52.6;r;s1600*1200*24;uhttps%3A//bankremir.ga/;hAccess%20page;0.5241946121904373
Cache-control
no-cache
Connection
keep-alive
Content-Type
text/html
Content-Length
32
Expires
Wed, 09 Sep 2020 21:00:00 GMT
/
frezex.xyz/ 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://frezex.xyz/?s=313&q=file-b3272e
Requested by
Host: bankremir.ga
URL: https://bankremir.ga/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:bc55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5432b19cb0d34dca6e2ed078662715e045a399e64801ef09e566d90fba06bd51

Request headers

:method
GET
:authority
frezex.xyz
:scheme
https
:path
/?s=313&q=file-b3272e
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://bankremir.ga/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://bankremir.ga/

Response headers

date
Fri, 10 Sep 2021 08:21:32 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EeqwVdFdyQcKKvgk%2F12eikXal9jJZsT2hmGvCtQHGnmfFfOyA47dW9ovG%2FxJVKivc8NYajDuTXPqE245PS%2FRS89dofCL9m1Jh7q9nmakUH%2B27QOZqJDliBWfBT3fO1%2Bmmkk6H20%2BvD2G"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
68c73e4db88f4ea4-FRA
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
npush.js
js.wpushsdk.com/npc/sdk/wpu/ 		91 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.wpushsdk.com/npc/sdk/wpu/npush.js
Requested by
Host: sw.wpush.org
URL: https://sw.wpush.org/script/main.js?promo=24303&tcid=2833&src=1860236680
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.24 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bankremir.ga/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 08:21:32 GMT
content-encoding
gzip
last-modified
Thu, 02 Sep 2021 09:32:34 GMT
server
nginx/1.18.0
etag
W/"61309a32-16a1b"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Fri, 10 Sep 2021 09:21:32 GMT
cache-control
max-age=3600
x-proxy-cache
HIT
2833.php
js.jnkstff.com/npc/anpc/ 		130 B
339 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://js.jnkstff.com/npc/anpc/2833.php
Requested by
Host: js.wpushsdk.com
URL: https://js.wpushsdk.com/npc/sdk/wpu/npush.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.24 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 / PHP/7.1.28
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bankremir.ga/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 08:21:32 GMT
content-encoding
gzip
server
nginx/1.18.0
x-powered-by
PHP/7.1.28
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
expires
Fri, 10 Sep 2021 09:21:32 GMT
cache-control
max-age=3600
x-proxy-cache
HIT
csub.js
js.wpushsdk.com/npc/sdk/wpu/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.wpushsdk.com/npc/sdk/wpu/csub.js
Requested by
Host: js.wpushsdk.com
URL: https://js.wpushsdk.com/npc/sdk/wpu/npush.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.24 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bankremir.ga/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 08:21:32 GMT
content-encoding
gzip
last-modified
Mon, 23 Aug 2021 06:06:24 GMT
server
nginx/1.18.0
etag
W/"61233ae0-1e8b"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Fri, 10 Sep 2021 09:21:32 GMT
cache-control
max-age=3600
x-proxy-cache
HIT
dip
nereserv.com/in/ 		0
0
multy
ntvpinp.com/in/ 		0
0
/
twinclen.xyz/
Redirect Chain
  • http://twinclen.xyz/?s=313&q=file-b3272e&g=30430446c4b8f396f4242f79ae8adbe8&mode=&hmac=WyI5ZjUzYTE2ZWEwNzRkNGVlMjhmZTg4MGIzYTM0YmIxM2FhZjFkOWRkIiwiZWUwMmM2MjdlN2UyZDk3NTFiY2U4Nzc1ZjRiYzUyNThkNjdjMm...
  • https://twinclen.xyz/?s=313&q=file-b3272e&g=30430446c4b8f396f4242f79ae8adbe8&mode=&hmac=WyI5ZjUzYTE2ZWEwNzRkNGVlMjhmZTg4MGIzYTM0YmIxM2FhZjFkOWRkIiwiZWUwMmM2MjdlN2UyZDk3NTFiY2U4Nzc1ZjRiYzUyNThkNjdjM...
3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://twinclen.xyz/?s=313&q=file-b3272e&g=30430446c4b8f396f4242f79ae8adbe8&mode=&hmac=WyI5ZjUzYTE2ZWEwNzRkNGVlMjhmZTg4MGIzYTM0YmIxM2FhZjFkOWRkIiwiZWUwMmM2MjdlN2UyZDk3NTFiY2U4Nzc1ZjRiYzUyNThkNjdjMmFhNyIsIjkxNTJjNDczYTczZjZhMzUzZjU1OWVmOWM0ZDk1YWQ5OGQ5NWM3NTEiXQ==
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:8f77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
twinclen.xyz
:scheme
https
:path
/?s=313&q=file-b3272e&g=30430446c4b8f396f4242f79ae8adbe8&mode=&hmac=WyI5ZjUzYTE2ZWEwNzRkNGVlMjhmZTg4MGIzYTM0YmIxM2FhZjFkOWRkIiwiZWUwMmM2MjdlN2UyZDk3NTFiY2U4Nzc1ZjRiYzUyNThkNjdjMmFhNyIsIjkxNTJjNDczYTczZjZhMzUzZjU1OWVmOWM0ZDk1YWQ5OGQ5NWM3NTEiXQ==
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://frezex.xyz/?s=313&q=file-b3272e

Response headers

date
Fri, 10 Sep 2021 08:21:35 GMT
content-type
text/html; charset=UTF-8
cache-control
must-revalidate, post-check=0, pre-check=0
pragma
no-cache
vary
Accept-Encoding
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dpMnSVcLqaoAH3m9ahWhqhEvYryGTOLyO2hhQn1pHXDNHoYAzgcESvKcYldAmZDNJCPjTH5%2B0pQWL8s4ORSo6bk6r6BYmm30ip0w94BPNOnBhfvcjzv0R9S59COIVNuJ1lydis6IehR770s%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
68c73e5dbea24e80-FRA
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

Date
Fri, 10 Sep 2021 08:21:34 GMT
Transfer-Encoding
chunked
Connection
keep-alive
Cache-Control
max-age=3600
Expires
Fri, 10 Sep 2021 09:21:34 GMT
Location
https://twinclen.xyz/?s=313&q=file-b3272e&g=30430446c4b8f396f4242f79ae8adbe8&mode=&hmac=WyI5ZjUzYTE2ZWEwNzRkNGVlMjhmZTg4MGIzYTM0YmIxM2FhZjFkOWRkIiwiZWUwMmM2MjdlN2UyZDk3NTFiY2U4Nzc1ZjRiYzUyNThkNjdjMmFhNyIsIjkxNTJjNDczYTczZjZhMzUzZjU1OWVmOWM0ZDk1YWQ5OGQ5NWM3NTEiXQ==
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oGbSrO8QvCOokM8Q2hut0T2Qzyj2uGqjr7HwMmvo2ooeY2fR41s7epiy%2BsxVdUeoUIlthH7Ev1n141QRRJ1p8YvhPtr08th4Qn7Ij0LaQTQ90My%2F%2F%2FcFddLFdG1VzqrA95ApjSRxez%2FjFDU%3D"}],"group":"cf-nel","max_age":604800}
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary
Accept-Encoding
Server
cloudflare
CF-RAY
68c73e5d7c3a435d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Primary Request /
ec2-34-218-225-161.us-west-2.compute.amazonaws.com/ 		27 KB
27 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://ec2-34-218-225-161.us-west-2.compute.amazonaws.com/?613b158f6bab3=4fee2196b5bf0b8413c052c717dcfebe8d12d33dArray&m=313&q=file-b3272e&dedica=&
Protocol
HTTP/1.1
Server
34.218.225.161 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-218-225-161.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
38b8e048690980a3834eea1c6d6b444015e57fccb59fad94bcb67b66fb1a1e12

Request headers

Host
ec2-34-218-225-161.us-west-2.compute.amazonaws.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Server
nginx
Date
Fri, 10 Sep 2021 08:21:35 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Cache-Control
must-revalidate, post-check=0, pre-check=0
Pragma
no-cache
bootstrap.min.css
cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.1.0/css/
Redirect Chain
  • http://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.1.0/css/bootstrap.min.css
  • https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.1.0/css/bootstrap.min.css
137 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.1.0/css/bootstrap.min.css
Requested by
Host: ec2-34-218-225-161.us-west-2.compute.amazonaws.com
URL: http://ec2-34-218-225-161.us-west-2.compute.amazonaws.com/?613b158f6bab3=4fee2196b5bf0b8413c052c717dcfebe8d12d33dArray&m=313&q=file-b3272e&dedica=&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
34959e43e6ecf368807a84f92ad9aa6e2dcd5f0c5c1e57da55e8f3248d9d9255
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 08:21:36 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
220625
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
15749
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:17:20 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04010-22485"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y0n%2Bo1twj9%2Fsl1SuvnUeoeLvoCv%2B1NLfo0LtDMXSM8ZbdQwDXFCJPYp8yntbSRAFGHYCjFVDJuc8O%2BqNzJ2qIRRBDXWmUNZUG8acxyLZmjCn5sJJY9rxBA%2F4O1jY57ix3Jq28E17qBBLqKfa7KaqbfCr"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
68c73e642e1ec28b-FRA
expires
Wed, 31 Aug 2022 08:21:36 GMT

Redirect headers

Location
https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.1.0/css/bootstrap.min.css
Non-Authoritative-Reason
HSTS
font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/
Redirect Chain
  • http://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
  • https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
30 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: ec2-34-218-225-161.us-west-2.compute.amazonaws.com
URL: http://ec2-34-218-225-161.us-west-2.compute.amazonaws.com/?613b158f6bab3=4fee2196b5bf0b8413c052c717dcfebe8d12d33dArray&m=313&q=file-b3272e&dedica=&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 08:21:36 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1493313
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
5631
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:10:07 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e5f-7918"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PQW64Qn3d9mmLftsG0Pv8Jh2EWBISMTC6ldPmkGugW%2BZitchfI5EwQC7853Q0pOYPO759Qnm1JPu9Pijsy56aEwqqYT292XTOrBKOr3SwWtzQF98x0lbGcJ6WeZV2oagnTgbIo00LUvAsznzwFkZzpjn"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
68c73e642e23c28b-FRA
expires
Wed, 31 Aug 2022 08:21:36 GMT

Redirect headers

Location
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Non-Authoritative-Reason
HSTS
truncated
/ 		19 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
84622c5e07ef4c954dfafe38b098aca29ecea12f493996f606f2e7f2c527570c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/png

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
nereserv.com
URL
https://nereserv.com/in/dip?wl=0&event_id=1ee6c8a3-4cec-4798-bb38-293e007070a1&subid=1860236680&sid=4037494917&spot_id=0&created_at=2021-09-10&timezone=0&ver=2.20.9&is_native=1&site=native-push
Domain
ntvpinp.com
URL
https://ntvpinp.com/in/multy?wl=0&event_id=1ee6c8a3-4cec-4798-bb38-293e007070a1&subid=1860236680&sid=4037494917&spot_id=0&created_at=2021-09-10&timezone=0&ver=2.20.9&is_native=1&cid=0&tcid=2833&site=native-push&screen_resolution=1600x1200&tw=0&format=default-r-d&adblock=0&testab=0

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect boolean| originAgentCluster

3 Cookies

Domain/Path Name / Value
.lib1.biz/ Name: uuid
Value: c2d0e319-e09f-4aa7-a7f5-11ef5ee1e629
.yadro.ru/ Name: FTID
Value: 1XEnMC01Xku91XEnMC0004SX
.yadro.ru/ Name: VID
Value: 1dN-Og13nVO91XEnMC000JyW