airdrop-muitibit.com Open in urlscan Pro
188.114.97.3 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://allocation-multibit.com/
Effective URL:
https://airdrop-muitibit.com/
Submission: On June 21 via api (June 21st 2024, 6:15:57 am UTC) from BE — Scanned from DE

Summary HTTP 21 Redirects Behaviour Indicators

Summary

This website contacted 5 IPs in 3 countries across 5 domains to perform 21 HTTP transactions. The main IP is 188.114.97.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is airdrop-muitibit.com.
TLS certificate: Issued by WE1 on June 10th 2024. Valid for: 3 months.

This is the only time airdrop-muitibit.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Cloudflare (Online)

Domain & IP information

	IP Address	AS Autonomous System
2 6	172.67.168.104 172.67.168.104	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	188.114.97.3 188.114.97.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	172.67.75.34 172.67.75.34	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.17.24.14 104.17.24.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
21	5

6 172.67.168.104 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

allocation-multibit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

airdrop-muitibit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.67.75.34 (United States)

ASN13335 (CLOUDFLARENET, US)

multibit.exchange	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	airdrop-muitibit.com airdrop-muitibit.com	2 MB
6	allocation-multibit.com 2 redirects allocation-multibit.com	10 KB
4	multibit.exchange multibit.exchange Failed	29 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 268	20 KB
0	checker-api.su Failed checker-api.su Failed
21	5

	Domain	Requested by
7	airdrop-muitibit.com	airdrop-muitibit.com
6	allocation-multibit.com	2 redirects allocation-multibit.com
4	multibit.exchange	airdrop-muitibit.com
1	cdnjs.cloudflare.com	airdrop-muitibit.com
0	checker-api.su Failed	airdrop-muitibit.com
21	5

This site contains no links.

Subject Issuer	Validity	Valid
allocation-multibit.com GTS CA 1P5	`2024-05-20` - `2024-08-18`	3 months	crt.sh
airdrop-muitibit.com WE1	`2024-06-10` - `2024-09-08`	3 months	crt.sh
multibit.exchange E1	`2024-05-17` - `2024-08-15`	3 months	crt.sh
cdnjs.cloudflare.com E1	`2024-06-02` - `2024-08-31`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://airdrop-muitibit.com/
Frame ID: 81529902A2CFDEE4F1C8CFE95671F378
Requests: 26 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

MultiBit

Page URL History Show full URLs

https://allocation-multibit.com/ Page URL
https://allocation-multibit.com/cdn-cgi/phish-bypass?atok=PlMDoF4fZhRA4d0O8WxtVbtfU8xjUtlqEr1iExuSX.w-171895... HTTP 301
https://allocation-multibit.com/ HTTP 301
https://airdrop-muitibit.com/ Page URL

Page Statistics

21
Requests

76 %
HTTPS

0 %
IPv6

5
Domains

5
Subdomains

5
IPs

3
Countries

1658 kB
Transfer

2889 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://allocation-multibit.com/ Page URL
https://allocation-multibit.com/cdn-cgi/phish-bypass?atok=PlMDoF4fZhRA4d0O8WxtVbtfU8xjUtlqEr1iExuSX.w-1718950545-0.0.1.1-%2F HTTP 301
https://allocation-multibit.com/ HTTP 301
https://airdrop-muitibit.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3 200 / Show response
allocation-multibit.com/ 5 KB
2 KB 140ms
35ms Document
text/html 172.67.168.104
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://allocation-multibit.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.168.104 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b402d66dc61fcd96bf509058451a2c21b6fadc8a81c32519a95935588be0c124

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cf-ray: 8971ddafbbdea02e-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 21 Jun 2024 06:15:45 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zEcCoonAbGOVagGt2QmgXQ%2FZuU9F0R%2FK%2B8g3WWfpRpkCh7a9YiKnfdhwflgCKX8jCrR1tT3CpQ5iAXErBbaijcBgRzpzxU8Sxk7jlkqciKVL8faCPeoT5WvtQJi9HjY86cDxzJTDb2YuLA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN

GET
H3 200 cf.errors.css
allocation-multibit.com/cdn-cgi/styles/ 23 KB
5 KB 22ms
22ms Stylesheet
text/css 172.67.168.104
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://allocation-multibit.com/cdn-cgi/styles/cf.errors.css

Requested by

Host: allocation-multibit.com
URL: https://allocation-multibit.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.168.104 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

84e3c77025ace5af143972b4a40fc834dcdfd4e449d4b36a57e62326f16b3091

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://allocation-multibit.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 06:15:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 14 Jun 2024 12:45:45 GMT
server: cloudflare
etag: W/"666c3b79-5df3"
x-frame-options: DENY
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=7200, public
cf-ray: 8971ddaffc11a02e-FRA
expires: Fri, 21 Jun 2024 08:15:45 GMT

GET
H3 200 icon-exclamation.png
allocation-multibit.com/cdn-cgi/images/ 452 B
635 B 21ms
21ms Image
image/png 172.67.168.104
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://allocation-multibit.com/cdn-cgi/images/icon-exclamation.png?1376755637

Requested by

Host: allocation-multibit.com
URL: https://allocation-multibit.com/cdn-cgi/styles/cf.errors.css

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.168.104 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f1591a5221136c49438642155691ae6c68e25b7241f3d7ebe975b09a77662016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://allocation-multibit.com/cdn-cgi/styles/cf.errors.css
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 06:15:45 GMT
x-content-type-options: nosniff
last-modified: Fri, 14 Jun 2024 12:45:45 GMT
server: cloudflare
etag: "666c3b79-1c4"
x-frame-options: DENY
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=7200, public
accept-ranges: bytes
cf-ray: 8971ddb02c29a02e-FRA
content-length: 452
expires: Fri, 21 Jun 2024 08:15:45 GMT

GET
H3 200 favicon.ico
allocation-multibit.com/ 5 KB
2 KB 30ms
29ms Other
text/html 172.67.168.104
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://allocation-multibit.com/favicon.ico

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.168.104 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

516fbae29f8985a613158f8d3fc6e0144560aadef641e1a8a9f03d62ab5fe32b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://allocation-multibit.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 06:15:45 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fs4FBdvXwqVYxSeGBast9TZlNUoHBPHlNuARPA%2B3h6Fyj5DB5mzXiMk2XxP7OnCPaHL6BiWq3gU%2FRMowlY6lfy%2Flkv2HQQTXFOKtGIbWV%2FSWQXqk8ds%2F3X2Tetlzq6f44IhxKy%2BmsuvBFw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cf-ray: 8971ddb05c52a02e-FRA
alt-svc: h3=":443"; ma=86400

GET
H3

200

Primary Request / Show response
airdrop-muitibit.com/
Redirect Chain

https://allocation-multibit.com/cdn-cgi/phish-bypass?atok=PlMDoF4fZhRA4d0O8WxtVbtfU8xjUtlqEr1iExuSX.w-1718950545-0.0.1.1-%2F
https://allocation-multibit.com/
https://airdrop-muitibit.com/

1 MB
68 KB

306ms
148ms

Document
text/html

188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://airdrop-muitibit.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 46cf6387d4cae9d64a259028aca61fc1930fb881abd08943780a6408b6b0bdb3

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://allocation-multibit.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8971ddd15f5f91ed-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Fri, 21 Jun 2024 06:15:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=q2NqIk5RaH65fNEjTalXFfFWtJkY7D080kwLC2g2tiOQMk8KMRORtrKK3Tl8nKd2SoR%2BorfkzULTwKb%2BR6GSA5B%2BJDWu8Pw01QFmyNIyC4QnkKKD%2Fvoca19MHGkhVkciiXEOk82Ueg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8971ddcfd872a02e-FRA
date: Fri, 21 Jun 2024 06:15:51 GMT
location: https://airdrop-muitibit.com/
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DO%2BG6q43mzQzr%2BxL4wlJX5I8at%2BGURttnO6pcVI9vU9dzS7UzEUTe58B4S18L2TNu8Lre9Wc66qmhg9hVgqpQ%2FmOweXG8P7sWvx9txC%2FQ6p5Oe7%2FbwVNwNS9xWD6Mm8HqDJIm3RBSI5Dqg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H3 200 contracts.js Show response
airdrop-muitibit.com/scripts/ 0
452 B 118ms
116ms Script
application/octet-stream 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://airdrop-muitibit.com/scripts/contracts.js
Requested by: Host: airdrop-muitibit.com
URL: https://airdrop-muitibit.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://airdrop-muitibit.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 06:15:51 GMT
cf-cache-status: MISS
last-modified: Fri, 21 Jun 2024 06:15:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OKxL0M9T5WPAbowpRr5vFJeJG2wAqTvdbzkCrc4B5%2FgobQQsTmIY5nPZAWbhM8wRFAJYQKJl2ztcQW6RbtcFop%2FfDwORjMmUi7LoEDK%2FMdkkhY3B7WC6Q969f7lP4cjDC69WaqKcZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8971ddd2682691ed-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 main.js Show response
airdrop-muitibit.com/scripts/ 1 MB
1 MB 190ms
188ms Script
application/octet-stream 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://airdrop-muitibit.com/scripts/main.js
Requested by: Host: airdrop-muitibit.com
URL: https://airdrop-muitibit.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0ab4572c9ac1354bd12c96829f55f0cbcd1364dcfce17de4dff4354789cc506e

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://airdrop-muitibit.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 06:15:51 GMT
cf-cache-status: EXPIRED
last-modified: Wed, 19 Jun 2024 19:23:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Qz%2FcaaWIiJ44SVzBA2d5k%2FvbYq15g0KCRBc3lcq7ZvN70DrAOrJgUFKszpA%2FVsERelwTtsg1SihahpbUkrwG58XlHX3K3%2BAks2pz3YbGhua1QovxiEQ1nN1GpoLFJX5MpVxPRJnDHg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8971ddd2682991ed-FRA
alt-svc: h3=":443"; ma=86400
content-length: 1505459

GET
H3 200 entry.js Show response
airdrop-muitibit.com/scripts/ 0
457 B 142ms
142ms Script
application/octet-stream 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://airdrop-muitibit.com/scripts/entry.js
Requested by: Host: airdrop-muitibit.com
URL: https://airdrop-muitibit.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://airdrop-muitibit.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 06:15:52 GMT
cf-cache-status: MISS
last-modified: Fri, 21 Jun 2024 06:15:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8MSsqc1lVmW1yPxDGAvogoT7ssvad5E%2BS%2FSKMtCA35%2F8To31SuGSNr0xq6ZNzf2laHeaCIPiD%2BuFPdIqfZBfQxy%2BTdNG%2BdiYLXWbQULj4UVTo4Tj8cRNrhGEuOEd%2B6f2FgT7CDUviQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8971ddd5db2491ed-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0

GET 88c9fa54c5f37659-s.p.ttf
multibit.exchange/_next/static/media/ 0
0

GET afb5a11a315b1354-s.p.ttf
multibit.exchange/_next/static/media/ 0
0

GET
H3 200 7289266ca9468941.css
multibit.exchange/_next/static/css/ 385 B
914 B 528ms
137ms Stylesheet
text/css 172.67.75.34
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://multibit.exchange/_next/static/css/7289266ca9468941.css

Requested by

Host: airdrop-muitibit.com
URL: https://airdrop-muitibit.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.75.34 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

db053e36ffe02b26642c973e97816e3baccf2b9c8ef696e50c1e3f4fffe137f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://airdrop-muitibit.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 06:15:51 GMT
via: 1.1 eab88762658052b4a1e386f8521a38ce.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains
x-amz-cf-pop: FRA2-C1
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 28 Mar 2024 10:24:36 GMT
server: cloudflare
etag: W/"3fd795459663d759564d6e1e720a33b5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BJQe4bo3DKIjQiJTHU4akMnXpf5DO%2FNGgxEEJOrwB1Zohun%2BKga7FCMQzp6T5qmPiju0lWCrp5z0g3fDf5g5AJ%2F5XyA5hZ2VR0kkl%2Brp3ApW0iapZG%2FJ%2F4QljPYXqldXWhvH"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public,max-age=3600,s-maxage=86400,must-revalidate
cf-ray: 8971ddd54bdc8c49-FRA
x-amz-cf-id: UDGnb9s5TjSwZWSBLD9nM66OCqUwTU8H4Y0r-DRyKsSYvk_6M2PdAw==

GET
H3 200 c48d9796a5fbd74e.css
multibit.exchange/_next/static/css/ 377 B
945 B 490ms
99ms Stylesheet
text/css 172.67.75.34
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://multibit.exchange/_next/static/css/c48d9796a5fbd74e.css

Requested by

Host: airdrop-muitibit.com
URL: https://airdrop-muitibit.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.75.34 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

86ddf161c9b7b0dd5b659a7cc37bf5077f3161f651b8033f62c1f7ea14ecd82a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://airdrop-muitibit.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 06:15:51 GMT
via: 1.1 e8763d44c4998cd590854aad30f4704e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains
x-amz-cf-pop: VIE50-P1
age: 55292
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 28 Mar 2024 10:24:36 GMT
server: cloudflare
etag: W/"a58155c65c89d07cec96b5255c81a803"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4obEoiGzaV7Q7NvwBWkU7t%2FWerI6O%2FSH7hBfIgwx8o%2BAuxtfyrOWKpS1kTHK30OP%2BYCqjRVesigI4djBGnjWGGTu%2FpNOaclgvW21emhYXzo1b4Mjhq1rC9xFDpQinQlkWpva"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public,max-age=3600,s-maxage=86400,must-revalidate
cf-ray: 8971ddd54bda8c49-FRA
x-amz-cf-id: 8vYAJhHBTEC_vwqF73ahLfTjN_lVPnMdfDt237guNUnebSt_HzRv-w==

GET
H3 200 email-decode.min.js Show response
airdrop-muitibit.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 115ms
114ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://airdrop-muitibit.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: airdrop-muitibit.com
URL: https://airdrop-muitibit.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://airdrop-muitibit.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 06:15:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 14 Jun 2024 12:46:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"666c3b9a-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=s4RjRKWe9LDLDz58IrBipkUl1sShHbY9S1sly8kT97P%2FmHoWQqOqrRN5xsOe5ATTZNu2TJl2A%2Fhsl19IvBKWF9D2dp7S%2FN5k2h61PSLtWEYVppvmDLGgaAYKrs3SALKf3XSmyUvoNQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 8971ddd54ac091ed-FRA
expires: Sun, 23 Jun 2024 06:15:51 GMT

GET
H3 200 crypto-js.min.js Show response
cdnjs.cloudflare.com/ajax/libs/crypto-js/4.2.0/ 59 KB
20 KB 55ms
30ms Script
application/javascript 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/crypto-js/4.2.0/crypto-js.min.js

Requested by

Host: airdrop-muitibit.com
URL: https://airdrop-muitibit.com/scripts/main.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

769a555de553babc35a3338f344dd7aa16260c93cea2c7db290707c90484e7cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://airdrop-muitibit.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 06:15:52 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 46909
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 19621
last-modified: Tue, 24 Oct 2023 23:03:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "65384d58-4ca5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rGPQUC8ggVoaK2cFMpe84iedPwMp1TMy9QkiOCsCk%2FmZ3mpdyE9tiW2dYiwGCdmnsrvJ8IfkEfRKqOUBWgUR1qGp7WJxQtYeLFz6%2BpFEBbJgWs15VYIhM%2BiSj19IqTknWZomz72j"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8971ddd688dd1e4d-FRA
expires: Wed, 11 Jun 2025 06:15:52 GMT

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 21c20918f702509dc1bf8af8bebac369bcb5a9a0258433f441e9f425fb910415

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 48 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 782df3a9f60a888c3c87751ecf058105f8d13d9c3072f6a0f9a0347d9903a221

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 37 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d5d16cd792f4d5982bad9ee22505ff18bb5dc07a2f2cdc6fc82d83b7e9c9e8f3

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 9 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 86e225aed7509a977fd9cb6367a8da137f092271953c843795b086870f1cd900

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 8 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f1788bc5278d17501887a7650f1c6ba22325d6d398e7a2c39df2d5e168b3a378

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET afb5a11a315b1354-s.p.ttf
multibit.exchange/_next/static/media/ 0
0

POST config
checker-api.su/ 0
0

GET
H3 200 afb5a11a315b1354-s.p.ttf
airdrop-muitibit.com/ 27 KB
7 KB 66ms
65ms Font
font/ttf 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://airdrop-muitibit.com/afb5a11a315b1354-s.p.ttf
Requested by: Host: airdrop-muitibit.com
URL: https://airdrop-muitibit.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bc9dfa6972e8017c1080d76eb028d75ddc68c23d6e56654b445160efa3ef575e

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://airdrop-muitibit.com/
Origin: https://airdrop-muitibit.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 06:15:52 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Thu, 25 Apr 2024 15:55:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6cc8-18f15f7ad9c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=q2venZKeY7TfnHjt7J4HK2MBZ831QyC7lEPjRCP%2BI5KKsGXFMI4KKQh1gz33MjhEbewYZsvE6L6lH2O%2Fs8bgZI2%2Fts%2B%2FT23iGhNX%2B0GNX0KxUt0GJW7MwfbMT%2F7GK07yKNT88KE97Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=14400
cf-ray: 8971ddd75c3791ed-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 image
multibit.exchange/_next/ 26 KB
26 KB 1166ms
1165ms Image
image/webp 172.67.75.34
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://multibit.exchange/_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fmission.8f4c0c46.png&w=1920&q=75

Requested by

Host: airdrop-muitibit.com
URL: https://airdrop-muitibit.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.75.34 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d3781447e67292e8c2959554afab5818b3dfb3131a8af144e17be0b597091271

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://airdrop-muitibit.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 06:15:53 GMT
via: 1.1 e1cbeb53ecac8d22eb72c392510efd7c.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains
x-amz-cf-pop: HEL51-P4
x-amzn-requestid: 9f02a6d3-083f-4a65-b114-4aa722c7d90c
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 26338
last-modified: Fri, 21 Jun 2024 01:32:14 GMT
server: cloudflare
x-amzn-trace-id: root=1-6674d81b-62b7e3de7215b77b3f18e1d7;parent=4c2d6c04eb920424;sampled=0;lineage=cb66c9ca:0
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ln2jxisqKQk2%2F8QyiONmdlZjrzh%2Bzii1GjIAa0TrvGcn3lDsriTfI2fzR%2FvGK809OkyLvAd%2BFdIlN09M798RprVq3gQ77U9cT4%2ByiNEi%2FcdLus3rj2k60a2DL6QlUl64t85C"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public,max-age=86400,immutable
accept-ranges: bytes
cf-ray: 8971ddd74db98c49-FRA
x-amz-cf-id: o1PWo8yhT82mRJro71A1jz5qYPNTa97bnDNd3ZeHdBMeyQR7q7ytyA==

GET
H3 200 88c9fa54c5f37659-s.p.ttf
airdrop-muitibit.com/ 106 KB
52 KB 81ms
81ms Font
font/ttf 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://airdrop-muitibit.com/88c9fa54c5f37659-s.p.ttf
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 143f3b1e7d30eac63ced736e598c6e4d122cee4921c8cb4fff904a50fc60d0be

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://airdrop-muitibit.com/
Origin: https://airdrop-muitibit.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 06:15:52 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Thu, 25 Apr 2024 15:55:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"1a6f4-18f15f7ad9c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=13BP4TiS8Q11lw1SOMOmu34sgEsBmc88VIsoZqyjij9ljlj3AhSU1W2i9LTaga%2FONwg%2FWxsXPFkSuE6m8x8tuuL2IDxzRbpQgIlBDioSWGQdc0kPRLamuQGCkWhkTeOBwm0byKsYVw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=14400
cf-ray: 8971ddd7ecc391ed-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 favicon.svg
multibit.exchange/ 1 KB
1 KB 62ms
61ms Other
image/svg+xml 172.67.75.34
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://multibit.exchange/favicon.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.75.34 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

21c20918f702509dc1bf8af8bebac369bcb5a9a0258433f441e9f425fb910415

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://airdrop-muitibit.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 06:15:52 GMT
via: 1.1 1a425d1c4a67bd62cbf8d7a0405627da.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains
x-amz-cf-pop: TLV50-C2
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 28 Mar 2024 10:24:37 GMT
server: cloudflare
etag: W/"e973084c070085ffb21a2ca70db29de4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yH4LFOj%2BAyvBaRAhujTwY%2FIzNlyZwTrBmkGlrdzi4a%2FkoB9bF6XC6LCvihLsmvCX0HN64Ywq9NlMtGVD9XWs6eQZyaDPqhd8mPjXYgPcJlCUf9gkpJXbNSuF0IRZSpHNOYNU"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public,max-age=3600,s-maxage=86400,must-revalidate
cf-ray: 8971ddd7fe3f8c49-FRA
x-amz-cf-id: ua_WTSTckN0U2QLeo7MOcREiqGetIuAG75s1z7YzHqChZ8ZH7U8BBQ==

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: multibit.exchange
URL: https://multibit.exchange/_next/static/media/88c9fa54c5f37659-s.p.ttf

Domain: multibit.exchange
URL: https://multibit.exchange/_next/static/media/afb5a11a315b1354-s.p.ttf

Domain: multibit.exchange
URL: https://multibit.exchange/_next/static/media/afb5a11a315b1354-s.p.ttf

Domain: checker-api.su
URL: https://checker-api.su/config

Domain: checker-api.su
URL: https://checker-api.su/config

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Cloudflare (Online)

31 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.allocation-multibit.com/	1970-01-20 21:30:36	Name: __cf_mw_byp Value: PlMDoF4fZhRA4d0O8WxtVbtfU8xjUtlqEr1iExuSX.w-1718950545-0.0.1.1-/

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://airdrop-muitibit.com/ Message: Access to font at 'https://multibit.exchange/_next/static/media/afb5a11a315b1354-s.p.ttf' from origin 'https://airdrop-muitibit.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://multibit.exchange/_next/static/media/afb5a11a315b1354-s.p.ttf Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://airdrop-muitibit.com/ Message: Access to font at 'https://multibit.exchange/_next/static/media/afb5a11a315b1354-s.p.ttf' from origin 'https://airdrop-muitibit.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://multibit.exchange/_next/static/media/afb5a11a315b1354-s.p.ttf Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://airdrop-muitibit.com/ Message: Access to font at 'https://multibit.exchange/_next/static/media/88c9fa54c5f37659-s.p.ttf' from origin 'https://airdrop-muitibit.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://multibit.exchange/_next/static/media/88c9fa54c5f37659-s.p.ttf Message: Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

airdrop-muitibit.com
allocation-multibit.com
cdnjs.cloudflare.com
checker-api.su
multibit.exchange
checker-api.su
multibit.exchange
104.17.24.14
172.67.168.104
172.67.75.34
188.114.97.3
0ab4572c9ac1354bd12c96829f55f0cbcd1364dcfce17de4dff4354789cc506e
143f3b1e7d30eac63ced736e598c6e4d122cee4921c8cb4fff904a50fc60d0be
21c20918f702509dc1bf8af8bebac369bcb5a9a0258433f441e9f425fb910415
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
46cf6387d4cae9d64a259028aca61fc1930fb881abd08943780a6408b6b0bdb3
516fbae29f8985a613158f8d3fc6e0144560aadef641e1a8a9f03d62ab5fe32b
769a555de553babc35a3338f344dd7aa16260c93cea2c7db290707c90484e7cc
782df3a9f60a888c3c87751ecf058105f8d13d9c3072f6a0f9a0347d9903a221
84e3c77025ace5af143972b4a40fc834dcdfd4e449d4b36a57e62326f16b3091
86ddf161c9b7b0dd5b659a7cc37bf5077f3161f651b8033f62c1f7ea14ecd82a
86e225aed7509a977fd9cb6367a8da137f092271953c843795b086870f1cd900
b402d66dc61fcd96bf509058451a2c21b6fadc8a81c32519a95935588be0c124
bc9dfa6972e8017c1080d76eb028d75ddc68c23d6e56654b445160efa3ef575e
d3781447e67292e8c2959554afab5818b3dfb3131a8af144e17be0b597091271
d5d16cd792f4d5982bad9ee22505ff18bb5dc07a2f2cdc6fc82d83b7e9c9e8f3
db053e36ffe02b26642c973e97816e3baccf2b9c8ef696e50c1e3f4fffe137f4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f1591a5221136c49438642155691ae6c68e25b7241f3d7ebe975b09a77662016
f1788bc5278d17501887a7650f1c6ba22325d6d398e7a2c39df2d5e168b3a378

airdrop-muitibit.com Open in urlscan Pro 188.114.97.3 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

21 Requests

76 %HTTPS

0 %IPv6

5 Domains

5 Subdomains

5 IPs

3 Countries

1658 kBTransfer

2889 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

21 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

31 JavaScript Global Variables

1 Cookies

6 Console Messages

Security Headers

Indicators

airdrop-muitibit.com Open in urlscan Pro
188.114.97.3 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

21
Requests

76 %
HTTPS

0 %
IPv6

5
Domains

5
Subdomains

5
IPs

3
Countries

1658 kB
Transfer

2889 kB
Size

1
Cookies

21 HTTP transactions
5 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!