urlscan.io logo urlscan.io
SecurityTrails logo

airdropcheck.htools.work Open in urlscan Pro
129.153.177.220  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://airdropcheck.htools.work/
Effective URL: https://airdropcheck.htools.work/
Submission Tags: @1c4m3by
Submission: On February 02 via manual from DK — Scanned from DK
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 2 countries across 4 domains to perform 8 HTTP transactions. The main IP is 129.153.177.220, located in Ashburn, United States and belongs to ORACLE-BMC-31898, US. The main domain is airdropcheck.htools.work.
TLS certificate: Issued by R3 on February 2nd 2023. Valid for: 3 months.
This is the only time airdropcheck.htools.work was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 6 129.153.177.220 31898 (ORACLE-BM...)
2 3 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 104.21.95.70 13335 (CLOUDFLAR...)
8 5
Apex Domain
Subdomains		 Transfer
6 htools.work
airdropcheck.htools.work
umami.htools.work
8 KB
3 unpkg.com
unpkg.com — Cisco Umbrella Rank: 777
225 KB
1 siasky.net
siasky.net — Cisco Umbrella Rank: 781779
999 B
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 198
469 KB
8 4
Domain Requested by
3 umami.htools.work airdropcheck.htools.work
umami.htools.work
3 unpkg.com 2 redirects airdropcheck.htools.work
3 airdropcheck.htools.work 1 redirects airdropcheck.htools.work
1 siasky.net airdropcheck.htools.work
1 cdnjs.cloudflare.com airdropcheck.htools.work
8 5

This site contains links to these domains. Also see Links.

Domain
htools.work
github.com
blek.ga
Subject Issuer Validity Valid
airdropcheck.htools.work
R3		 2023-02-02 -
2023-05-03		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-08-03 -
2023-08-02		 a year crt.sh
umami.htools.work
R3		 2023-02-01 -
2023-05-02		 3 months crt.sh
siasky.net
R3		 2023-01-19 -
2023-04-19		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://airdropcheck.htools.work/
Frame ID: 03E9F21873923380FDDFC159EE32B537
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Handshake Airdrop Claim Check

Page URL History Show full URLs

  1. http://airdropcheck.htools.work/ HTTP 301
    https://airdropcheck.htools.work/ Page URL

Page Statistics

8
Requests

88 %
HTTPS

50 %
IPv6

4
Domains

5
Subdomains

5
IPs

2
Countries

703 kB
Transfer

3074 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://airdropcheck.htools.work/ HTTP 301
    https://airdropcheck.htools.work/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://unpkg.com/tailwindcss-jit-cdn HTTP 302
  • https://unpkg.com/tailwindcss-jit-cdn@1.3.0 HTTP 302
  • https://unpkg.com/tailwindcss-jit-cdn@1.3.0/dist/tailwindcss-jit-cdn.umd.min.js

8 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
airdropcheck.htools.work/
Redirect Chain
  • http://airdropcheck.htools.work/
  • https://airdropcheck.htools.work/
4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://airdropcheck.htools.work/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
129.153.177.220 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e1376e1267460f51d8b7e386e61e257c64690bf8a05eb551df559ec20bb5fac2

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
da-DK,da;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Thu, 02 Feb 2023 13:58:39 GMT
ETag
W/"62ed1111-10e2"
Last-Modified
Fri, 05 Aug 2022 12:46:09 GMT
Server
nginx/1.18.0 (Ubuntu)
Transfer-Encoding
chunked

Redirect headers

Connection
keep-alive
Content-Length
178
Content-Type
text/html
Date
Thu, 02 Feb 2023 13:58:39 GMT
Location
https://airdropcheck.htools.work/
Server
nginx/1.18.0 (Ubuntu)
tailwindcss-jit-cdn.umd.min.js
unpkg.com/tailwindcss-jit-cdn@1.3.0/dist/
Redirect Chain
  • https://unpkg.com/tailwindcss-jit-cdn
  • https://unpkg.com/tailwindcss-jit-cdn@1.3.0
  • https://unpkg.com/tailwindcss-jit-cdn@1.3.0/dist/tailwindcss-jit-cdn.umd.min.js
760 KB
224 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/tailwindcss-jit-cdn@1.3.0/dist/tailwindcss-jit-cdn.umd.min.js
Requested by
Host: airdropcheck.htools.work
URL: https://airdropcheck.htools.work/
Protocol
H2
Server
2606:4700::6810:7aaf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
01e01777daea74fe259ad4ce809edf9759b8b2e71232971f3b83f059413f0c99
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
da-DK,da;q=0.9
Referer
https://airdropcheck.htools.work/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 13:58:40 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
29286319
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01FX0D4PCKD1WSQN9JEH8Y6J01-fra
server
cloudflare
etag
W/"bdf54-R+GO0nsBQrgGfMejCVCtNEFQ8qk"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
79337166aa629b6a-FRA

Redirect headers

date
Thu, 02 Feb 2023 13:58:40 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
fly-request-id
01GQM187YKV8CD8J77GH2JW4T8-fra
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
710408
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
location
/tailwindcss-jit-cdn@1.3.0/dist/tailwindcss-jit-cdn.umd.min.js
cache-control
public, max-age=31536000
cf-ray
793371665a069b6a-FRA
sql-asm.min.js
cdnjs.cloudflare.com/ajax/libs/sql.js/1.6.1/ 		2 MB
469 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/sql.js/1.6.1/sql-asm.min.js
Requested by
Host: airdropcheck.htools.work
URL: https://airdropcheck.htools.work/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a4378ca68db40127ee1cbf78892cdccf8b9d8dabe4fb3282e73f12bbf1951f1f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
da-DK,da;q=0.9
Referer
https://airdropcheck.htools.work/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 13:58:40 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
479240
last-modified
Wed, 18 Aug 2021 07:06:37 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"611cb17d-75008"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NzT7zkl9p49M9W2fIvblli%2FNEK2hHmgfySCrZBhaq0gVtXt%2FZdx57Zoc0rEoYk4BRaKKn55MWtR86yOk149BPyjkB%2FzDbaxbVJlO0OgbZowzP4s12fIN2VsAM9YIUzzlWCSpPztphDrC3bydSNRbtKU8"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
79337165fdf72c3d-FRA
expires
Tue, 23 Jan 2024 13:58:40 GMT
u.js
umami.htools.work/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://umami.htools.work/u.js
Requested by
Host: airdropcheck.htools.work
URL: https://airdropcheck.htools.work/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
129.153.177.220 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
86bdde6d4cb5feee5ae865ca48bf3cfbfdf70f0eadd62a9a205904758f208100
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src *; script-src 'self' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; connect-src 'self' api.umami.is; frame-ancestors 'self';
X-Frame-Options SAMEORIGIN

Request headers

accept-language
da-DK,da;q=0.9
Referer
https://airdropcheck.htools.work/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Thu, 02 Feb 2023 13:58:41 GMT
Content-Security-Policy
default-src 'self'; img-src *; script-src 'self' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; connect-src 'self' api.umami.is; frame-ancestors 'self';
Content-Encoding
gzip
Last-Modified
Tue, 15 Nov 2022 10:25:30 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
W/"a68-1847ad28ecb"
X-Frame-Options
SAMEORIGIN
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=UTF-8
X-DNS-Prefetch-Control
on
Cache-Control
public, max-age=0
Vary
Accept-Encoding
Connection
keep-alive
Accept-Ranges
bytes
script.js
airdropcheck.htools.work/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://airdropcheck.htools.work/script.js
Requested by
Host: airdropcheck.htools.work
URL: https://airdropcheck.htools.work/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
129.153.177.220 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
508776be8ac33adb0158148734aa4b876f3627bf9a8e0404a02b76181fcd26b2

Request headers

accept-language
da-DK,da;q=0.9
Referer
https://airdropcheck.htools.work/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Thu, 02 Feb 2023 13:58:40 GMT
Last-Modified
Fri, 05 Aug 2022 12:36:28 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"62ed0ecc-afa"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2810
fAetFUuTmXTjpTVsTBl8ZTZgkIRDxlWEkTeauIKLo5zNsQ
siasky.net/ 		1 KB
999 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://siasky.net/fAetFUuTmXTjpTVsTBl8ZTZgkIRDxlWEkTeauIKLo5zNsQ
Requested by
Host: airdropcheck.htools.work
URL: https://airdropcheck.htools.work/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.95.70 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c179b20e1c049d60222d6e832fd8abde157bd8017e5ebefe3f54c90e0517cdb0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
da-DK,da;q=0.9
Referer
https://airdropcheck.htools.work/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 13:58:43 GMT
content-encoding
br
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-cache-status
DYNAMIC
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BVYrriPl6u5eg26ZiIsFAnWY%2FjN5dSmNWxtQLnhxTcrGP6U6E0mbIBJPn8BLbIMQ32nN2LA2atvmcBGWEqIKAWg4uM3jIJrl6wWllmOhxTLi19aHZ%2F4Gl%2FCpyGVT"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
cf-ray
793371778a386949-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
truncated
/ 		121 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
eeed0082bc7a797bf2e58d8789c1527fae31f4bae2a7a0f47c9335eabf763c13

Request headers

accept-language
da-DK,da;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type
image/png
c
umami.htools.work/api/ 		508 B
981 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://umami.htools.work/api/c
Requested by
Host: umami.htools.work
URL: https://umami.htools.work/u.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
129.153.177.220 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
fcdfb75da5d422becd961c79747e691380280602f7e3bc9724258916225580fd
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src *; script-src 'self' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; connect-src 'self' api.umami.is; frame-ancestors 'self';
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://airdropcheck.htools.work/
accept-language
da-DK,da;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
application/json

Response headers

Date
Thu, 02 Feb 2023 13:58:43 GMT
Content-Security-Policy
default-src 'self'; img-src *; script-src 'self' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; connect-src 'self' api.umami.is; frame-ancestors 'self';
Server
nginx/1.18.0 (Ubuntu)
ETag
"3t4ljt1tcne4"
X-DNS-Prefetch-Control
on
X-Frame-Options
SAMEORIGIN
Content-Type
text/plain
Access-Control-Allow-Origin
*
Vary
Accept-Encoding
Connection
keep-alive
Content-Length
508
c
umami.htools.work/api/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://umami.htools.work/api/c
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
129.153.177.220 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src *; script-src 'self' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; connect-src 'self' api.umami.is; frame-ancestors 'self';
X-Frame-Options SAMEORIGIN

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://airdropcheck.htools.work
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Access-Control-Allow-Headers
content-type
Access-Control-Allow-Methods
GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin
*
Connection
keep-alive
Content-Length
0
Content-Security-Policy
default-src 'self'; img-src *; script-src 'self' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; connect-src 'self' api.umami.is; frame-ancestors 'self';
Date
Thu, 02 Feb 2023 13:58:43 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Access-Control-Request-Headers
X-DNS-Prefetch-Control
on
X-Frame-Options
SAMEORIGIN

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontentvisibilityautostatechange object| regeneratorRuntime function| _ object| tailwindCSS object| tailwindcss-jit-cdn string| /htmlInput object| initSqlJsPromise function| initSqlJs function| setLoading function| setResult function| checkIndex object| store undefined| module function| umami

0 Cookies