urlscan.io logo urlscan.io
SecurityTrails logo

bitrock-airdrop.online Open in urlscan Pro
172.67.198.237  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://delivery.riya.travel/FOTVIEQ?id=84635=c0kBA1lWVAUCHlAPUFxXVQpRVlBVUAMFUFZXWAoCBVEFU1IDBQMGVwRRUAEFXVMAWlVIUg1EXw9aURt...
Effective URL: https://bitrock-airdrop.online/
Submission Tags: 0xscam
Submission: On November 28 via api from US — Scanned from IT
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 2 countries across 5 domains to perform 7 HTTP transactions. The main IP is 172.67.198.237, located in United States and belongs to CLOUDFLARENET, US. The main domain is bitrock-airdrop.online.
TLS certificate: Issued by WE1 on November 28th 2024. Valid for: 3 months.
This is the only time bitrock-airdrop.online was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2 34.117.197.73 396982 (GOOGLE-CL...)
1 1 31.170.164.140 47583 (AS-HOSTIN...)
4 172.67.198.237 13335 (CLOUDFLAR...)
7 2
Domain Requested by
4 bitrock-airdrop.online bitrock-airdrop.online
2 delivery.riya.travel 2 redirects
1 ingridnelsondfwhomes.com 1 redirects
0 cdn.jsdelivr.net Failed bitrock-airdrop.online
0 cdnjs.cloudflare.com Failed bitrock-airdrop.online
7 5

This site contains no links.

Subject Issuer Validity Valid
bitrock-airdrop.online
WE1		 2024-11-28 -
2025-02-26		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://bitrock-airdrop.online/
Frame ID: CC971710F04988F35AC4016575522FE6
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Just a moment...

Page URL History Show full URLs

  1. http://delivery.riya.travel/FOTVIEQ?id=84635=c0kBA1lWVAUCHlAPUFxXVQpRVlBVUAMFUFZXWAoCBVEFU1IDBQMGVwRRUAE... HTTP 307
    https://delivery.riya.travel/FOTVIEQ?id=84635=c0kBA1lWVAUCHlAPUFxXVQpRVlBVUAMFUFZXWAoCBVEFU1IDBQMGVwRRUAE... HTTP 302
    https://ingridnelsondfwhomes.com/dr/22/ HTTP 307
    http://delivery.riya.travel/FOTVIEQ?id=84635=c0kBA1lWVAUCHlAPUFxXVQpRVlBVUAMFUFZXWAoCBVEFU1IDBQMGVwRRUAE... HTTP 302
    https://ingridnelsondfwhomes.com/dr/22/ HTTP 302
    https://bitrock-airdrop.online/ Page URL

Page Statistics

7
Requests

57 %
HTTPS

0 %
IPv6

5
Domains

5
Subdomains

2
IPs

2
Countries

56 kB
Transfer

155 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://delivery.riya.travel/FOTVIEQ?id=84635=c0kBA1lWVAUCHlAPUFxXVQpRVlBVUAMFUFZXWAoCBVEFU1IDBQMGVwRRUAEFXVMAWlVIUg1EXw9aURtcQRVUBFFbcVEPGw9TWw4OWE9aDlpFVQMCUAACVwMCBg0FUAVRBwFNWxUWEgwYTQVTDVAXUksdGkMLT1dPQEZUT1cNHiB/YWd6JDNdX1MeFwU=&fl=WEFFQxJYTRleDAZECF0PUlUXW18GUEEJW1lQShwCXgsfUUMcU1BN HTTP 307
    https://delivery.riya.travel/FOTVIEQ?id=84635=c0kBA1lWVAUCHlAPUFxXVQpRVlBVUAMFUFZXWAoCBVEFU1IDBQMGVwRRUAEFXVMAWlVIUg1EXw9aURtcQRVUBFFbcVEPGw9TWw4OWE9aDlpFVQMCUAACVwMCBg0FUAVRBwFNWxUWEgwYTQVTDVAXUksdGkMLT1dPQEZUT1cNHiB/YWd6JDNdX1MeFwU=&fl=WEFFQxJYTRleDAZECF0PUlUXW18GUEEJW1lQShwCXgsfUUMcU1BN HTTP 302
    https://ingridnelsondfwhomes.com/dr/22/ HTTP 307
    http://delivery.riya.travel/FOTVIEQ?id=84635=c0kBA1lWVAUCHlAPUFxXVQpRVlBVUAMFUFZXWAoCBVEFU1IDBQMGVwRRUAEFXVMAWlVIUg1EXw9aURtcQRVUBFFbcVEPGw9TWw4OWE9aDlpFVQMCUAACVwMCBg0FUAVRBwFNWxUWEgwYTQVTDVAXUksdGkMLT1dPQEZUT1cNHiB/YWd6JDNdX1MeFwU=&fl=WEFFQxJYTRleDAZECF0PUlUXW18GUEEJW1lQShwCXgsfUUMcU1BN HTTP 302
    https://ingridnelsondfwhomes.com/dr/22/ HTTP 302
    https://bitrock-airdrop.online/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

7 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
bitrock-airdrop.online/
Redirect Chain
  • http://delivery.riya.travel/FOTVIEQ?id=84635=c0kBA1lWVAUCHlAPUFxXVQpRVlBVUAMFUFZXWAoCBVEFU1IDBQMGVwRRUAEFXVMAWlVIUg1EXw9aURtcQRVUBFFbcVEPGw9TWw4OWE9aDlpFVQMCUAACVwMCBg0FUAVRBwFNWxUWEgwYTQVTDVAXUksd...
  • https://delivery.riya.travel/FOTVIEQ?id=84635=c0kBA1lWVAUCHlAPUFxXVQpRVlBVUAMFUFZXWAoCBVEFU1IDBQMGVwRRUAEFXVMAWlVIUg1EXw9aURtcQRVUBFFbcVEPGw9TWw4OWE9aDlpFVQMCUAACVwMCBg0FUAVRBwFNWxUWEgwYTQVTDVAXUks...
  • https://ingridnelsondfwhomes.com/dr/22/
  • http://delivery.riya.travel/FOTVIEQ?id=84635=c0kBA1lWVAUCHlAPUFxXVQpRVlBVUAMFUFZXWAoCBVEFU1IDBQMGVwRRUAEFXVMAWlVIUg1EXw9aURtcQRVUBFFbcVEPGw9TWw4OWE9aDlpFVQMCUAACVwMCBg0FUAVRBwFNWxUWEgwYTQVTDVAXUksd...
  • https://ingridnelsondfwhomes.com/dr/22/
  • https://bitrock-airdrop.online/
4 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bitrock-airdrop.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.198.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b32a96eff5a10af5a529114387174309e54b66c7911c1853a472a54d8483dbe3

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache, no-store, private, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8e9c302a9dba62c6-HAM
content-encoding
zstd
content-type
text/html
date
Thu, 28 Nov 2024 17:48:19 GMT
expires
0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=r%2FUG%2F4Dv35DvgRHKKC2Ja9spdZqbAzT0An9EW91%2BqipX5Ak%2Fx4m60K9tkEU9OOiQ6TZDdUP%2BSL7a61QuBBfHOryML5szObw8Ms2OJO9NaxS1icWyNHNsFPm9MHNtFie76v9xzSSYO6oj"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=TCP&rtt=44515&min_rtt=44322&rtt_var=9644&sent=9&recv=11&lost=0&retrans=0&sent_bytes=3931&recv_bytes=2293&delivery_rate=84095&cwnd=183&unsent_bytes=0&cid=8fa7ffa10a56505e&ts=2022&x=0"
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
cache-control
no-cache, no-store, must-revalidate, max-age=0
content-length
0
content-security-policy
upgrade-insecure-requests
content-type
text/html; charset=UTF-8
date
Thu, 28 Nov 2024 17:48:16 GMT
location
https://bitrock-airdrop.online
panel
hpanel
platform
hostinger
server
LiteSpeed
x-powered-by
PHP/8.2.15
rocket-loader.min.js
bitrock-airdrop.online/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bitrock-airdrop.online/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: bitrock-airdrop.online
URL: https://bitrock-airdrop.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.198.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bitrock-airdrop.online/

Response headers

x-frame-options
DENY
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control
max-age=172800, public
content-encoding
gzip
etag
W/"6740aa56-302c"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KAgM18y06hWuAvp8JkNfDMocNP0UJKWYVOEKi5vX0ZCT9mgdAiga%2FNb4gK8EKkMudKqfCandnPF5FxLckts2thRrxp8UKqEyGcT8mDu6L0FZlV7IkGjUVnAUkR3iS2SbV4P0H2Zzszk0"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
cf-ray
8e9c3033990462c6-HAM
expires
Sat, 30 Nov 2024 17:48:20 GMT
date
Thu, 28 Nov 2024 17:48:20 GMT
content-type
application/javascript
last-modified
Fri, 22 Nov 2024 15:59:18 GMT
server
cloudflare
vary
Accept-Encoding
52cc9cf0
bitrock-airdrop.online/ 		135 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bitrock-airdrop.online/52cc9cf0
Requested by
Host: bitrock-airdrop.online
URL: https://bitrock-airdrop.online/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.198.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1408195106255e8b5234a3af287eee44120d04b4c8ecc297adc3e51946ccd8b9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bitrock-airdrop.online/

Response headers

cache-control
no-cache, no-store, private, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
DYNAMIC
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7ug6T92uhQMQX6r8gTUJx5Q%2FamzdIDmDP0QkCQnlu3qITIPu0oCm0SWTCQp064p3xqbhnXwWPyRv6zcLrsF4aLinXhFvNhh21lQ%2BsfK6kR1vnRQGvNDMWXdbgJAxQ8ITcT3GRx9g7F0W"}],"group":"cf-nel","max_age":604800}
cf-ray
8e9c3042ad0462c6-HAM
expires
0
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=44441&min_rtt=44000&rtt_var=1235&sent=23&recv=21&lost=0&retrans=1&sent_bytes=11194&recv_bytes=2583&delivery_rate=8721&cwnd=186&unsent_bytes=0&cid=8fa7ffa10a56505e&ts=5985&x=0"
date
Thu, 28 Nov 2024 17:48:23 GMT
content-type
application/javascript
vary
Accept-Encoding
server
cloudflare
favicon.ico
bitrock-airdrop.online/ 		4 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://bitrock-airdrop.online/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.198.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
576fa3f091bd73a3242220086669e7478f3945f32dfb31ccfc088d8de7ba07f1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bitrock-airdrop.online/

Response headers

cache-control
no-cache, no-store, private, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
BYPASS
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8MTbYXK6e18TfZCH0kPGj4csLQGoEXDtb%2BdR6bLvoq%2FSR8lGxa2fkmUqTpE4oFrYGpRQgvNPeG7GtpF%2FZaVFOps6MSfc8r8Ky7cy5n8otwcQsF1Co2RyydqxKgUEBYFMUrzBRFpyjXNR"}],"group":"cf-nel","max_age":604800}
cf-ray
8e9c30474b2662c6-HAM
expires
0
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=53465&min_rtt=44000&rtt_var=4911&sent=76&recv=42&lost=0&retrans=1&sent_bytes=60076&recv_bytes=2744&delivery_rate=852311&cwnd=186&unsent_bytes=0&cid=8fa7ffa10a56505e&ts=6618&x=0"
date
Thu, 28 Nov 2024 17:48:23 GMT
content-type
text/html
vary
Accept-Encoding
server
cloudflare
pako.min.js
cdnjs.cloudflare.com/ajax/libs/pako/2.1.0/ 		0
0
msgpack.min.js
cdn.jsdelivr.net/npm/@msgpack/msgpack@3.0.0-beta2/dist.es5+umd/ 		0
0
crypto-js.min.js
cdnjs.cloudflare.com/ajax/libs/crypto-js/4.1.1/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cdnjs.cloudflare.com
URL
https://cdnjs.cloudflare.com/ajax/libs/pako/2.1.0/pako.min.js
Domain
cdn.jsdelivr.net
URL
https://cdn.jsdelivr.net/npm/@msgpack/msgpack@3.0.0-beta2/dist.es5+umd/msgpack.min.js
Domain
cdnjs.cloudflare.com
URL
https://cdnjs.cloudflare.com/ajax/libs/crypto-js/4.1.1/crypto-js.min.js

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| __cfQR function| main boolean| __cfRLUnblockHandlers

4 Cookies

Domain/Path Name / Value
.bitrock-airdrop.online/ Name: __ddg1_
Value: TAOBu0aR0jdRPfVsxWCA
.bitrock-airdrop.online/ Name: __ddg8_
Value: 79PV1fcDSAXpFbos
.bitrock-airdrop.online/ Name: __ddg9_
Value: 162.158.203.163
.bitrock-airdrop.online/ Name: __ddg10_
Value: 1732816103

1 Console Messages

Source Level URL
Text
other error URL: https://bitrock-airdrop.online/#ur
Message:
The Cross-Origin-Opener-Policy header has been ignored, because the URL's origin was untrustworthy. It was defined either in the final response or a redirect. Please deliver the response using the HTTPS protocol. You can also use the 'localhost' origin instead. See https://www.w3.org/TR/powerful-features/#potentially-trustworthy-origin and https://html.spec.whatwg.org/#the-cross-origin-opener-policy-header.