Report - bitcoin-loophole.software/

Report Overview

Submitted URL
bitcoin-loophole.software/
IP
172.67.219.28
ASN
#13335 CLOUDFLARENET
Submitted
2024-05-09 06:07:06
Access
public
Website Title
Immediate DexAir Ai ™ | The Updated & Official Site【2024】
Final URL
bitcoin-loophole.software/
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
30

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
fonts.gstatic.com	unknown	2008-02-11	2014-09-09	2024-05-08	3.3 kB	218 kB	142.250.74.163
fonts.googleapis.com	8877	2005-01-25	2013-06-10	2024-05-07	976 B	64 kB	142.250.74.42
bitcoin-loophole.software	unknown	unknown	No data	No data	6.8 kB	1.3 MB	172.67.219.28
cdnjs.cloudflare.com	235	2009-02-17	2015-04-17	2024-05-08	2.8 kB	169 kB	104.17.24.14
cdn.jsdelivr.net	439	2012-05-16	2012-09-30	2024-05-08	911 B	13 kB	104.18.186.31
www.googletagmanager.com	75	2011-11-11	2013-05-22	2024-05-08	431 B	65 kB	142.250.74.168

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-05-09	medium	bitcoin-loophole.software	Sinkholed
2024-05-09	medium	bitcoin-loophole.software	Sinkholed
2024-05-09	medium	bitcoin-loophole.software	Sinkholed
2024-05-09	medium	bitcoin-loophole.software	Sinkholed
2024-05-09	medium	bitcoin-loophole.software	Sinkholed
2024-05-09	medium	bitcoin-loophole.software	Sinkholed
2024-05-09	medium	bitcoin-loophole.software	Sinkholed
2024-05-09	medium	bitcoin-loophole.software	Sinkholed
2024-05-09	medium	bitcoin-loophole.software	Sinkholed
2024-05-09	medium	bitcoin-loophole.software	Sinkholed
2024-05-09	medium	bitcoin-loophole.software	Sinkholed
2024-05-09	medium	bitcoin-loophole.software	Sinkholed
2024-05-09	medium	bitcoin-loophole.software	Sinkholed
2024-05-09	medium	bitcoin-loophole.software	Sinkholed
2024-05-09	medium	bitcoin-loophole.software	Sinkholed

ThreatFox

No alerts detected

JavaScript (12)

	URL	Size	First Seen	Last Seen
	bitcoin-loophole.software/	342 B	2024-05-09	2024-05-09
Pretty URL bitcoin-loophole.software/ IP 172.67.219.28 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-09 08:07:13 Last Seen2024-05-09 08:07:13 Times Seen1 Hash 86a3a941e4e4e3f4c1f982a6df1093f1 2b7d449549a034daca03337ec4bb326b92e779de b4f28dab0948239538734183f2f6b288aa449217319637cf912a5a409f99dcaa Loading...

	bitcoin-loophole.software/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js	1.2 kB	2023-03-07	2024-05-20
Pretty URL bitcoin-loophole.software/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js IP 172.67.219.28 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:00 Last Seen2024-05-20 08:37:30 Times Seen57782 Hash 9e8f56e8e1806253ba01a95cfc3d392c a8af90d7482e1e99d03de6bf88fed2315c5dd728 2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8 Loading...

	cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js	90 kB	2023-03-07	2024-05-20
Pretty URL cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js IP 104.17.24.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:13 Last Seen2024-05-20 08:27:32 Times Seen275317 Hash 8fb8fee4fcc3cc86ff6c724154c49c42 b82d238d4e31fdf618bae8ac11a6c812c03dd0d4 ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e Loading...

	cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.19/js/intlTelInput-jquery.min.js	30 kB	2023-04-06	2024-05-16
Pretty URL cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.19/js/intlTelInput-jquery.min.js IP 104.17.24.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-06 23:00:47 Last Seen2024-05-16 12:28:17 Times Seen31 Hash ec7cefea6b50dba78913ca89381ab31b 77a3bfb9435cf3cdb9753fb69fbdc0a948c4bcac 42375517c38cf9d0ac850f4adf60c55fdfb47b8f9c9d456216f73b8fa7cff1f2 Loading...

	bitcoin-loophole.software/main.js	3.2 kB	2024-05-09	2024-05-16
Pretty URL bitcoin-loophole.software/main.js IP 172.67.219.28 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-09 08:07:13 Last Seen2024-05-16 12:28:17 Times Seen2 Hash 9d2a27c1796b51aa4265a3366abfd9e9 a28ae229e7d57f97fc85660dee50f2c24fe2c734 4f5cc32639b27cf670e8766cf40560957543d4df4cc5fa9535cf9d53fa965b0c Loading...

	bitcoin-loophole.software/js/api.js	21 kB	2024-05-09	2024-05-16
Pretty URL bitcoin-loophole.software/js/api.js IP 172.67.219.28 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-09 08:07:13 Last Seen2024-05-16 12:28:17 Times Seen2 Hash 60053c5a3a5864cedce22bf0358eb128 46ceda3105dcce22b1fb5a0a675d9fdfe6a6761a b5feef7f89fa3341e36dd450e27d5716ea2409d7bb69c23207d5e70f6bff7bc4 Loading...

	cdnjs.cloudflare.com/ajax/libs/intl-tel-input/16.0.8/js/intlTelInput.min.js	28 kB	2023-04-16	2024-05-16
Pretty URL cdnjs.cloudflare.com/ajax/libs/intl-tel-input/16.0.8/js/intlTelInput.min.js IP 104.17.24.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-16 08:36:22 Last Seen2024-05-16 13:27:26 Times Seen41 Hash bec2ce5bb7962581da9ed1294b5fa90f 106adc98ab4e63e6e7ba88cd08e70847b36f96c7 3d8976c77d9e1e49779d82a83efd68b4df1846dc3acefb64f8e6a4f274e5d42a Loading...

	cdn.jsdelivr.net/npm/jquery-validation@1.19.3/dist/jquery.validate.min.js	24 kB	2023-04-06	2024-05-18
Pretty URL cdn.jsdelivr.net/npm/jquery-validation@1.19.3/dist/jquery.validate.min.js IP 104.18.186.31 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-06 13:19:37 Last Seen2024-05-18 10:19:27 Times Seen1509 Hash f7b447efb331a45dde576a832490fc6d 79498c8c7214beeb61d7c151c9ef819ebc1c547c 5c3aa33f77a00bc307a98564ffd04f9914d4c467a3b30fe47b491adce7d84670 Loading...

	cdn.jsdelivr.net/gh/mgalante/jquery.redirect@master/jquery.redirect.js	6.9 kB	2023-07-25	2024-05-16
Pretty URL cdn.jsdelivr.net/gh/mgalante/jquery.redirect@master/jquery.redirect.js IP 104.18.186.31 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-07-25 01:36:54 Last Seen2024-05-16 12:28:17 Times Seen22 Hash 3d18316efa0255096608d578ef51aabd 8eac502bcb7908f2a069509bba130cca219efc65 158d2fe8629671ced9dfcd070a1b332420595fb4e3420766a76c93df32133206 Loading...

	bitcoin-loophole.software/js/validator.js	9.2 kB	2024-05-09	2024-05-16
Pretty URL bitcoin-loophole.software/js/validator.js IP 172.67.219.28 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-09 08:07:13 Last Seen2024-05-16 12:28:17 Times Seen2 Hash f2a902a626688ce31846355cd29f5c3d 1161ece30497eeecbfbbf2ef9b1809448ee4c68b d84ce7a5cbd06755cfe61a10656670b36d79e49e96dedb2f38ecd73c0f164c86 Loading...

	www.googletagmanager.com/gtm.js?id=GTM-5NWSHW85	177 kB	2024-05-09	2024-05-09
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-5NWSHW85 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-09 08:07:13 Last Seen2024-05-09 08:07:13 Times Seen2 Hash 24cf1a28c0cb81310ef3f8ae9bab1953 0b7d13c10ac0fc0074ff06a9271b49a4b2e4351f 15915fa793442073e6c854d31cdea172115ee5105ed26bfb4d912c355efd5020 Loading...

	cdnjs.cloudflare.com/ajax/libs/intl-tel-input/16.0.8/js/utils.js	239 kB	2023-03-07	2024-05-16
Pretty URL cdnjs.cloudflare.com/ajax/libs/intl-tel-input/16.0.8/js/utils.js IP 104.17.24.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 21:45:39 Last Seen2024-05-16 13:27:27 Times Seen112 Hash 6cbc725386e043d896c9379c1c21a311 24f601db0688c59c0d8c43b5ff88081b144b638e 8171bc06dd2686fa266edbf806141c2aab2cacd093a0691ae61fa84f839b73d4 Loading...

HTTP Transactions (32)

URL IP Response Size

bitcoin-loophole.software/imgs/logo.webp

172.67.219.28

200 OK

23 kB

URL GET HTTP/3
bitcoin-loophole.software/imgs/logo.webp
IP
172.67.219.28:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bitcoin-loophole.software/
Certificate
IssuerLet's Encrypt
Subjectbitcoin-loophole.software
FingerprintCB:2A:8D:2C:16:8F:74:87:3E:D1:C1:3A:13:1F:41:B2:5A:1E:05:4F
ValiditySun, 14 Apr 2024 01:45:49 GMT - Sat, 13 Jul 2024 01:45:48 GMT

File type
RIFF (little-endian) data, Web/P image
Size
23 kB (22986 bytes)
Hash
2adabc6f2ad483e8fbde3992b6d7ba45
fdf23a9fc6c1fb8b92075ee0363a3d8893d38d7c
1c8090c377a8479f04aa390616a1559c2e60f269fd8b8a6a55a3239324743bdf

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /imgs/logo.webp HTTP/1.1
Host: bitcoin-loophole.software
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bitcoin-loophole.software/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 09 May 2024 06:06:39 GMT
content-type: image/webp
content-length: 22986
last-modified: Thu, 02 May 2024 14:38:53 GMT
etag: "6633a57d-59ca"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cache-control: max-age=31536000
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lg0vgLQQpwD8G8U0VVdALSMNiRFGjjSBY9abZCnsdUzvlKs%2BjexxqGJ6PSK2osQuYMLw6oX8yYkcwk1szFHjn8jyA%2FLJt6Ycf8cno1JYboVzB9O6RS1MCw4w4l9CIsPWTCCQR1FohG1I7B46"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880f8135ed2d56c5-OSL
alt-svc: h3=":443"; ma=86400

bitcoin-loophole.software/assets/sphere.webp

172.67.219.28

200 OK

22 kB

URL GET HTTP/3
bitcoin-loophole.software/assets/sphere.webp
IP
172.67.219.28:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bitcoin-loophole.software/
Certificate
IssuerLet's Encrypt
Subjectbitcoin-loophole.software
FingerprintCB:2A:8D:2C:16:8F:74:87:3E:D1:C1:3A:13:1F:41:B2:5A:1E:05:4F
ValiditySun, 14 Apr 2024 01:45:49 GMT - Sat, 13 Jul 2024 01:45:48 GMT

File type
RIFF (little-endian) data, Web/P image
Size
22 kB (22032 bytes)
Hash
6daaa9793f990908cdb050c1a75bee9c
b3dbb5cd7aac9fb78072477d75547101a1d7511d
f93db3c5132d3789847b16ff288c5d0a8b75534f125cf66168e3c8858c8201e5

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/sphere.webp HTTP/1.1
Host: bitcoin-loophole.software
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bitcoin-loophole.software/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 09 May 2024 06:06:39 GMT
content-type: image/webp
content-length: 22032
last-modified: Thu, 02 May 2024 14:38:53 GMT
etag: "6633a57d-5610"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cache-control: max-age=31536000
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Y8FA79DbK7r5f2rpSTcLuoeEZo%2F33rKx%2FfTsc50nM5wBUg7gMkib8CbE7kVihqwBoL3YWi5pIEKuePRGB4TXSwuPEklApyaafe8Y0XGJBcDbNWpRd4qSGJV%2B61%2FLu3iotddXRxEW7KyZps99"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880f8135ed2e56c5-OSL
alt-svc: h3=":443"; ma=86400

cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js

104.17.24.14

200 OK

28 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js
IP
104.17.24.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bitcoin-loophole.software/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (65447)
Size
28 kB (27938 bytes)
Hash
8fb8fee4fcc3cc86ff6c724154c49c42
b82d238d4e31fdf618bae8ac11a6c812c03dd0d4
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

HTTP Headers

GET /ajax/libs/jquery/3.6.0/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bitcoin-loophole.software
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 09 May 2024 06:06:39 GMT
content-type: application/javascript; charset=utf-8
content-length: 27938
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "603e8adc-15d9d"
last-modified: Tue, 02 Mar 2021 18:58:36 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 42441
expires: Tue, 29 Apr 2025 06:06:39 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wiuJrm22AQVYMTtaLy3Ns1bDDPA%2F8w0Bw5ZG8hBqGH5WNOpj5p0OVuCthExCGEL8IqlOOrVRjfDHVKIyKHminJg3IWq0ZfVm0MYIqKVGgEsqABtfTtWlbhB1OS6i11sSTW68ceir"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 880f81365ed156bb-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdn.jsdelivr.net/npm/jquery-validation@1.19.3/dist/jquery.validate.min.js

104.18.186.31

200 OK

8.4 kB

URL GET HTTP/2
cdn.jsdelivr.net/npm/jquery-validation@1.19.3/dist/jquery.validate.min.js
IP
104.18.186.31:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bitcoin-loophole.software/
Certificate
IssuerSectigo Limited
Subject*.jsdelivr.net
Fingerprint74:7A:63:DF:06:27:1E:52:8C:E8:0D:AD:1F:89:98:B5:EB:2D:49:EE
ValiditySat, 04 May 2024 00:00:00 GMT - Sun, 04 May 2025 23:59:59 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (24292)
Size
8.4 kB (8446 bytes)
Hash
08ea8682652b05beea01dda05766d2e1
a88370395f5758361f27803c429286aa12c3f7ee
4c0cc637858d6503cba9262f8be75740c29e853605a153a7bde46a6e2e367eb0

HTTP Headers

GET /npm/jquery-validation@1.19.3/dist/jquery.validate.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bitcoin-loophole.software/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 09 May 2024 06:06:39 GMT
content-type: application/javascript; charset=utf-8
content-length: 8446
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-jsd-version: 1.19.3
x-jsd-version-type: version
etag: W/"5f6e-qINwOV9XWDYfJ4A8QpKGqhLD9+4"
content-encoding: br
x-served-by: cache-fra-etou8220100-FRA, cache-lga21937-LGA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
age: 233354
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ISeCXOdq%2FgFbVmp9Rq1BOY8fWrkUxdYuTuR1BmOZs1nw8kSUf%2BG4e%2BsdawUjjQ0aZNwPGMgfOiAW8LTFU6w93g7xNOuJIfS9mWBDiSVdRS3W5TqpS9syp7NsIs1e6kBs4Io%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 880f81366ae356b5-OSL
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.19/js/intlTelInput-jquery.min.js

104.17.24.14

200 OK

9.1 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.19/js/intlTelInput-jquery.min.js
IP
104.17.24.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bitcoin-loophole.software/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (27026)
Size
9.1 kB (9091 bytes)
Hash
1414b4c7efa5ab819658267f45526081
07d50bcb557d2c4f5a391953dc0f4467a4ba68ff
e54049af3d8107661abd3d7acc9a5c2364e9f1bafa8264b84e6a8b069a4ded7c

HTTP Headers

GET /ajax/libs/intl-tel-input/17.0.19/js/intlTelInput-jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bitcoin-loophole.software
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 09 May 2024 06:06:39 GMT
content-type: application/javascript; charset=utf-8
content-length: 9091
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "63208edf-2383"
last-modified: Tue, 13 Sep 2022 14:08:31 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 736534
expires: Tue, 29 Apr 2025 06:06:39 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MVnPzs63EQNaH%2B4FQls%2B4XXao118Uir9aQKKjlU5%2BrmxhF9BQ5hG%2F8a3AOojxQiua1LQxQ6bKjvYJysVsYr%2BwCwCNDDZ8M8K5SVQeMH76Zv8BQ1yUTAAyVQ10yk%2Fq%2FKBt5H7VtwM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 880f81367ee056bb-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdn.jsdelivr.net/gh/mgalante/jquery.redirect@master/jquery.redirect.js

104.18.186.31

200 OK

2.3 kB

URL GET HTTP/2
cdn.jsdelivr.net/gh/mgalante/jquery.redirect@master/jquery.redirect.js
IP
104.18.186.31:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bitcoin-loophole.software/
Certificate
IssuerSectigo Limited
Subject*.jsdelivr.net
Fingerprint74:7A:63:DF:06:27:1E:52:8C:E8:0D:AD:1F:89:98:B5:EB:2D:49:EE
ValiditySat, 04 May 2024 00:00:00 GMT - Sun, 04 May 2025 23:59:59 GMT

File type
JavaScript source, ASCII text
Size
2.3 kB (2347 bytes)
Hash
3d18316efa0255096608d578ef51aabd
8eac502bcb7908f2a069509bba130cca219efc65
158d2fe8629671ced9dfcd070a1b332420595fb4e3420766a76c93df32133206

HTTP Headers

GET /gh/mgalante/jquery.redirect@master/jquery.redirect.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bitcoin-loophole.software/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 09 May 2024 06:06:39 GMT
content-type: application/javascript; charset=utf-8
content-length: 2347
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-jsd-version: master
x-jsd-version-type: branch
etag: W/"1aee-jqxQK8t5CPKgaVCbuhMMyiGe/GU"
content-encoding: br
x-served-by: cache-fra-eddf8230101-FRA, cache-lga21960-LGA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gN0d6fs%2FtAj8efUf9WKNCWO2cCaC5XTKMV023sGQbM4Jbs7IBK0wT%2FxvwDAJnUX2ew%2FcHcPA0URXk3H49tpdAu14700pd0%2FNgcE%2BRGl8syVSdxXHTvKNMY5xZiZsP1AVlYk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 880f81366ae656b5-OSL
X-Firefox-Spdy: h2

bitcoin-loophole.software/assets/main-bg.png

172.67.219.28

200 OK

844 kB

URL GET HTTP/3
bitcoin-loophole.software/assets/main-bg.png
IP
172.67.219.28:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bitcoin-loophole.software/
Certificate
IssuerLet's Encrypt
Subjectbitcoin-loophole.software
FingerprintCB:2A:8D:2C:16:8F:74:87:3E:D1:C1:3A:13:1F:41:B2:5A:1E:05:4F
ValiditySun, 14 Apr 2024 01:45:49 GMT - Sat, 13 Jul 2024 01:45:48 GMT

File type
PNG image data, 1920 x 1004, 8-bit/color RGBA, non-interlaced
Size
844 kB (844261 bytes)
Hash
2799862f5e4942c3c7d6c5ec714bdff6
324afdb4173fae97f1ffc4176951d9b502d2fdc1
4b5161e046849f6bc00df4239a90ba1e5bd867c9d813c305c5ea235f67709a8a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/main-bg.png HTTP/1.1
Host: bitcoin-loophole.software
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bitcoin-loophole.software/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 09 May 2024 06:06:39 GMT
content-type: image/png
content-length: 844261
last-modified: Thu, 02 May 2024 14:38:53 GMT
etag: "6633a57d-ce1e5"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TiPrgHamX7FZWjViyyLRYe2%2BS5NJzwPKUVvTQ%2FiOiVPGWuYUbmjJY%2FlOSQLmpmiv%2FNfCHT0el0ZRg5yIKu9gKkAsjORKXsmPRC4rr9YuJ3S1AjlPV8PgTkeRHuCgNBrYwjWVY5%2FOlB5VgbAk"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880f81364d7856c5-OSL
alt-svc: h3=":443"; ma=86400

bitcoin-loophole.software/imgs/flags/en.webp

172.67.219.28

200 OK

880 B

URL GET HTTP/3
bitcoin-loophole.software/imgs/flags/en.webp
IP
172.67.219.28:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bitcoin-loophole.software/
Certificate
IssuerLet's Encrypt
Subjectbitcoin-loophole.software
FingerprintCB:2A:8D:2C:16:8F:74:87:3E:D1:C1:3A:13:1F:41:B2:5A:1E:05:4F
ValiditySun, 14 Apr 2024 01:45:49 GMT - Sat, 13 Jul 2024 01:45:48 GMT

File type
RIFF (little-endian) data, Web/P image
Size
880 B (880 bytes)
Hash
f0310d4c83539c4cd76afcffb8e25fba
a90acb129aefd816f847b5bfe6162d29f92ce9b2
92263f51791a92ab6405b028bdf9f45161ce3cd8e1fd40c7991e8cb9ebd5bfd6

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /imgs/flags/en.webp HTTP/1.1
Host: bitcoin-loophole.software
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bitcoin-loophole.software/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 09 May 2024 06:06:39 GMT
content-type: image/webp
content-length: 880
last-modified: Thu, 02 May 2024 14:38:53 GMT
etag: "6633a57d-370"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cache-control: max-age=31536000
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kloVUNBOkE7OzJBpoIVDV8I%2B6fSSlfXS%2B2DXqsFWcIyluL30u1SlU29VyA7QodYl9BsJ6VGIcY6hbF%2FGR3ZO5SlhaT7oZJfqqorb7pyRx2KkKANUXNIfTMuJfqtJTkUa%2BZ%2BtVpkyHhyCUoOB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880f81380ea656c5-OSL
alt-svc: h3=":443"; ma=86400

www.googletagmanager.com/gtm.js?id=GTM-5NWSHW85

142.250.74.168

200 OK

64 kB

URL GET HTTP/2
www.googletagmanager.com/gtm.js?id=GTM-5NWSHW85
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://bitcoin-loophole.software/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE
ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT

File type
JavaScript source, ASCII text, with very long lines (1822)
Size
64 kB (64297 bytes)
Hash
24cf1a28c0cb81310ef3f8ae9bab1953
0b7d13c10ac0fc0074ff06a9271b49a4b2e4351f
15915fa793442073e6c854d31cdea172115ee5105ed26bfb4d912c355efd5020

HTTP Headers

GET /gtm.js?id=GTM-5NWSHW85 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bitcoin-loophole.software/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 09 May 2024 06:06:39 GMT
expires: Thu, 09 May 2024 06:06:39 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 64297
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/manrope/v15/xn7gYHE41ni1AdIRggexSg.woff2

142.250.74.163

200 OK

24 kB

URL GET HTTP/2
fonts.gstatic.com/s/manrope/v15/xn7gYHE41ni1AdIRggexSg.woff2
IP
142.250.74.163:443
ASN
#15169 GOOGLE

Requested by
https://bitcoin-loophole.software/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 24376, version 1.0
Size
24 kB (24376 bytes)
Hash
fc03edc2c67353b7608b593ee05565c6
72106071998b0ef5f145ea4f9d53459e52a33e9f
14be4114dcfde74652f19f9ffae8c9bb50707e9e88bd2b1fcd86fb50224109e7

HTTP Headers

GET /s/manrope/v15/xn7gYHE41ni1AdIRggexSg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://bitcoin-loophole.software
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 24376
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 03 May 2024 04:42:50 GMT
expires: Sat, 03 May 2025 04:42:50 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 13 Sep 2023 23:22:16 GMT
content-type: font/woff2
age: 523429
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

142.250.74.163

200 OK

47 kB

URL GET HTTP/2
fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
IP
142.250.74.163:443
ASN
#15169 GOOGLE

Requested by
https://bitcoin-loophole.software/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 46704, version 1.0
Size
47 kB (46704 bytes)
Hash
30a274cd01b6eeb0b082c918b0697f1e
393311bde26b99a4ad935fa55bad1dce7994388b
88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42

HTTP Headers

GET /s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://bitcoin-loophole.software
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 46704
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 14:44:38 GMT
expires: Fri, 02 May 2025 14:44:38 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 13 Sep 2023 23:49:07 GMT
content-type: font/woff2
age: 573721
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/manrope/v15/xn7gYHE41ni1AdIRggexSg.woff2

142.250.74.163

200 OK

24 kB

URL GET HTTP/2
fonts.gstatic.com/s/manrope/v15/xn7gYHE41ni1AdIRggexSg.woff2
IP
142.250.74.163:443
ASN
#15169 GOOGLE

Requested by
https://bitcoin-loophole.software/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 24376, version 1.0
Size
24 kB (24376 bytes)
Hash
fc03edc2c67353b7608b593ee05565c6
72106071998b0ef5f145ea4f9d53459e52a33e9f
14be4114dcfde74652f19f9ffae8c9bb50707e9e88bd2b1fcd86fb50224109e7

HTTP Headers

GET /s/manrope/v15/xn7gYHE41ni1AdIRggexSg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://bitcoin-loophole.software
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 24376
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 03 May 2024 04:42:50 GMT
expires: Sat, 03 May 2025 04:42:50 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 13 Sep 2023 23:22:16 GMT
content-type: font/woff2
age: 523429
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

142.250.74.163

200 OK

47 kB

URL GET HTTP/2
fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
IP
142.250.74.163:443
ASN
#15169 GOOGLE

Requested by
https://bitcoin-loophole.software/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 46704, version 1.0
Size
47 kB (46704 bytes)
Hash
30a274cd01b6eeb0b082c918b0697f1e
393311bde26b99a4ad935fa55bad1dce7994388b
88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42

HTTP Headers

GET /s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://bitcoin-loophole.software
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 46704
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 14:44:38 GMT
expires: Fri, 02 May 2025 14:44:38 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 13 Sep 2023 23:49:07 GMT
content-type: font/woff2
age: 573721
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

bitcoin-loophole.software/imgs/remove.svg

172.67.219.28

200 OK

25 kB

URL GET HTTP/3
bitcoin-loophole.software/imgs/remove.svg
IP
172.67.219.28:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bitcoin-loophole.software/
Certificate
IssuerLet's Encrypt
Subjectbitcoin-loophole.software
FingerprintCB:2A:8D:2C:16:8F:74:87:3E:D1:C1:3A:13:1F:41:B2:5A:1E:05:4F
ValiditySun, 14 Apr 2024 01:45:49 GMT - Sat, 13 Jul 2024 01:45:48 GMT

File type
SVG Scalable Vector Graphics image
Size
25 kB (24614 bytes)
Hash
0b3386fbb9c2a42fbf95944b0b79bef5
6675ab528310eab1054cee2b80df20ecb38e078c
71be34386e2a70dff4958a76b7c5d8b7c8f9c2a7e864d826d581a21a36b51d17

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /imgs/remove.svg HTTP/1.1
Host: bitcoin-loophole.software
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bitcoin-loophole.software/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 09 May 2024 06:06:39 GMT
content-type: image/svg+xml
last-modified: Thu, 02 May 2024 14:38:53 GMT
vary: Accept-Encoding
etag: W/"6633a57d-15c"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cache-control: max-age=31536000
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8fGlvaeN%2FOWvq32eq9VFr3dsGHtB0mGfeY3zoXFquILlS8%2BaxPzr9AU8jxDF2a7VVkt2qRWUxVkcw485F9r12V1bu19cqXk427gGqraVDZ9aFgqdGO%2FhMOcPrzaniJuF1hDYD%2Feko0XGEdJe"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 880f8135fd3256c5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

fonts.gstatic.com/s/manrope/v15/xn7gYHE41ni1AdIRggexSg.woff2

142.250.74.163

200 OK

24 kB

URL GET HTTP/2
fonts.gstatic.com/s/manrope/v15/xn7gYHE41ni1AdIRggexSg.woff2
IP
142.250.74.163:443
ASN
#15169 GOOGLE

Requested by
https://bitcoin-loophole.software/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 24376, version 1.0
Size
24 kB (24376 bytes)
Hash
fc03edc2c67353b7608b593ee05565c6
72106071998b0ef5f145ea4f9d53459e52a33e9f
14be4114dcfde74652f19f9ffae8c9bb50707e9e88bd2b1fcd86fb50224109e7

HTTP Headers

GET /s/manrope/v15/xn7gYHE41ni1AdIRggexSg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://bitcoin-loophole.software
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 24376
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 03 May 2024 04:42:50 GMT
expires: Sat, 03 May 2025 04:42:50 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 13 Sep 2023 23:22:16 GMT
content-type: font/woff2
age: 523429
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

bitcoin-loophole.software/styles/main.css

172.67.219.28

200 OK

76 kB

URL GET HTTP/3
bitcoin-loophole.software/styles/main.css
IP
172.67.219.28:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bitcoin-loophole.software/
Certificate
IssuerLet's Encrypt
Subjectbitcoin-loophole.software
FingerprintCB:2A:8D:2C:16:8F:74:87:3E:D1:C1:3A:13:1F:41:B2:5A:1E:05:4F
ValiditySun, 14 Apr 2024 01:45:49 GMT - Sat, 13 Jul 2024 01:45:48 GMT

File type
Unicode text, UTF-8 text, with very long lines (65307)
Size
76 kB (75536 bytes)
Hash
705275c4e9a9b0bc508d250a4acac4fa
43f91f07fbbf27b39614fd6c9bb716ed0d59df29
40a10b08f9a011e1fab7e91a3d3076f9248de5f245510a62fbd4ca067d883913

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /styles/main.css HTTP/1.1
Host: bitcoin-loophole.software
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bitcoin-loophole.software/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 09 May 2024 06:06:39 GMT
content-type: text/css
last-modified: Thu, 02 May 2024 14:38:53 GMT
vary: Accept-Encoding
etag: W/"6633a57d-2bf6e"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FYzWHTa0H0sIR%2BBjocfcrWSefHi%2BuT7pmU8p2usxq%2F8Gb2bRabpEGZSGuKNWSpxd4DyBirPRY7ljd7ihh4oKISwaCR4bcGTphy%2BVc0NGI%2BA4xE%2FmOs83E8Ri7cof4QBOIkwL8%2BJjRaIPqWp5"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 880f8135fd3556c5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

fonts.googleapis.com/css2?family=Inter:wght@100;200;300;400;500;600;700;800;900&display=swap

142.250.74.42

200 OK

48 kB

URL GET HTTP/2
fonts.googleapis.com/css2?family=Inter:wght@100;200;300;400;500;600;700;800;900&display=swap
IP
142.250.74.42:443
ASN
#15169 GOOGLE

Requested by
https://bitcoin-loophole.software/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79
ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT

File type
gzip compressed data, max compression
Size
48 kB (47607 bytes)
Hash
abb4c395664a8f6b9d1eed0f95a7c506
8c6c88985b1660e035239dabb29a15598e4cbb3a
981daccc5001b6183a02fd4cc3668e4ec064ae68181e3374054f9928d889ca0c

HTTP Headers

GET /css2?family=Inter:wght@100;200;300;400;500;600;700;800;900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bitcoin-loophole.software/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 09 May 2024 06:06:39 GMT
date: Thu, 09 May 2024 06:06:39 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

142.250.74.163

200 OK

47 kB

URL GET HTTP/2
fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
IP
142.250.74.163:443
ASN
#15169 GOOGLE

Requested by
https://bitcoin-loophole.software/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 46704, version 1.0
Size
47 kB (46704 bytes)
Hash
30a274cd01b6eeb0b082c918b0697f1e
393311bde26b99a4ad935fa55bad1dce7994388b
88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42

HTTP Headers

GET /s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://bitcoin-loophole.software
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 46704
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 14:44:38 GMT
expires: Fri, 02 May 2025 14:44:38 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 13 Sep 2023 23:49:07 GMT
content-type: font/woff2
age: 573721
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

bitcoin-loophole.software/imgs/risk/popup/en/risk-d.webp

172.67.219.28

200 OK

12 kB

URL GET HTTP/3
bitcoin-loophole.software/imgs/risk/popup/en/risk-d.webp
IP
172.67.219.28:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bitcoin-loophole.software/
Certificate
IssuerLet's Encrypt
Subjectbitcoin-loophole.software
FingerprintCB:2A:8D:2C:16:8F:74:87:3E:D1:C1:3A:13:1F:41:B2:5A:1E:05:4F
ValiditySun, 14 Apr 2024 01:45:49 GMT - Sat, 13 Jul 2024 01:45:48 GMT

File type
RIFF (little-endian) data, Web/P image
Size
12 kB (11560 bytes)
Hash
d5b719b35e551b60386c87f3a667e0be
656a97c4a58c2a2aeedcbadb287783f182027088
b245df71333e84df12349557e82a059b37578754d8a1194b8872192960940045

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /imgs/risk/popup/en/risk-d.webp HTTP/1.1
Host: bitcoin-loophole.software
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bitcoin-loophole.software/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 09 May 2024 06:06:39 GMT
content-type: image/webp
content-length: 11560
last-modified: Thu, 02 May 2024 14:38:53 GMT
etag: "6633a57d-2d28"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=igMBPLLProSRGgUGq1dBrExUgTEVAlnjEoWT0Wk02g1iDHhiUsMXRPV8y3BRTGmUgNpVkBLgIpM81xb%2B0HR5H0f0TKIyW22PRav0oXByiIOvhWxd1DKT7fE37XhyJ4FgJBqS2WZ017Ay3elc"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880f813b695656c5-OSL
alt-svc: h3=":443"; ma=86400

bitcoin-loophole.software/favicon-16x16.png

172.67.219.28

200 OK

768 B

URL GET HTTP/3
bitcoin-loophole.software/favicon-16x16.png
IP
172.67.219.28:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bitcoin-loophole.software/
Certificate
IssuerLet's Encrypt
Subjectbitcoin-loophole.software
FingerprintCB:2A:8D:2C:16:8F:74:87:3E:D1:C1:3A:13:1F:41:B2:5A:1E:05:4F
ValiditySun, 14 Apr 2024 01:45:49 GMT - Sat, 13 Jul 2024 01:45:48 GMT

File type
PNG image data, 16 x 16, 8-bit colormap, non-interlaced
Size
768 B (768 bytes)
Hash
9bac719a64f759cf94dd6114036bf513
22b79c1662b1ff810b86db56062f337df5a0bb80
09e5172dfdae885662cbeb8002c6d0b3098fde29a7323ffba061d0dd3576a551

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon-16x16.png HTTP/1.1
Host: bitcoin-loophole.software
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bitcoin-loophole.software/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 09 May 2024 06:06:40 GMT
content-type: image/png
content-length: 768
last-modified: Thu, 02 May 2024 14:38:53 GMT
etag: "6633a57d-300"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rjVGgRs158%2BbBb4FDPG32iWek0DWbdBNP8Kgg4cfeeKbxK60T1UdDHXYqONTgeOFOlQ8Oum%2FoKKY8gO02A4vFs2HtyA%2BI1DS393nWy7%2BnNmFy8%2BItaGNk2yHsb0RmD8NLCz6d1LL7T5obzH4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880f813bd9bf56c5-OSL
alt-svc: h3=":443"; ma=86400

bitcoin-loophole.software/favicon-512x512.png

172.67.219.28

200 OK

139 kB

URL GET HTTP/3
bitcoin-loophole.software/favicon-512x512.png
IP
172.67.219.28:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bitcoin-loophole.software/
Certificate
IssuerLet's Encrypt
Subjectbitcoin-loophole.software
FingerprintCB:2A:8D:2C:16:8F:74:87:3E:D1:C1:3A:13:1F:41:B2:5A:1E:05:4F
ValiditySun, 14 Apr 2024 01:45:49 GMT - Sat, 13 Jul 2024 01:45:48 GMT

File type
PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced
Size
139 kB (139434 bytes)
Hash
2d1d03ff3f74ec71193a44606aa9d4b7
b115c8662e9f6e9cf37ea082fab0d58e5c78d35f
90badb19c711af33182a4b8bf4b79f69c40a3aca4d14f7f691d273351803636b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon-512x512.png HTTP/1.1
Host: bitcoin-loophole.software
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bitcoin-loophole.software/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 09 May 2024 06:06:40 GMT
content-type: image/png
content-length: 139434
last-modified: Thu, 02 May 2024 14:38:53 GMT
etag: "6633a57d-220aa"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=g5eu3ga9J7O1SoO8jxIVFMfKc3yKaGDly0xwE1atlQKu3rE2jV3D4jyRWgOML4gehC2zts9zHeu7g4RIMFLmcoVuPip%2FJ2ogc2qWPG7hlZdcz9bfHW53hXKLrVz63gfcHYVOE57tuBxzqf%2Bg"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880f813bd9bc56c5-OSL
alt-svc: h3=":443"; ma=86400

cdnjs.cloudflare.com/ajax/libs/intl-tel-input/16.0.8/js/intlTelInput.min.js

104.17.24.14

200 OK

8.8 kB

URL GET HTTP/3
cdnjs.cloudflare.com/ajax/libs/intl-tel-input/16.0.8/js/intlTelInput.min.js
IP
104.17.24.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bitcoin-loophole.software/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (26769)
Size
8.8 kB (8785 bytes)
Hash
93f6382d5133c281b06c0be5ca586758
2136ce1c821d370037d49d5a95c098ff7b57578c
a9bcec844760f8897f435bf95daede0d8096356344e3f45b634d95bcec64effa

HTTP Headers

GET /ajax/libs/intl-tel-input/16.0.8/js/intlTelInput.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bitcoin-loophole.software/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 09 May 2024 06:06:40 GMT
content-type: application/javascript; charset=utf-8
content-length: 8785
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ea6-6f5f"
last-modified: Mon, 04 May 2020 16:11:18 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 724959
expires: Tue, 29 Apr 2025 06:06:40 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8rSt4qMX%2BicP7sI0kXNFq4AfWmtiSemLIf65s272Np%2BVxsPmU5mnntiQW%2Bx2ueounB5wIHLnEFYYMSk%2FdJmuffm%2BfPlZ2%2BF9nSVOvU2aXUkoFdQLuV3mbNXqvbIaEOoKYVS56lqR"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 880f813e388e0b3d-OSL
alt-svc: h3=":443"; ma=86400

cdnjs.cloudflare.com/ajax/libs/intl-tel-input/16.0.8/css/intlTelInput.css

104.17.24.14

200 OK

2.0 kB

URL GET HTTP/3
cdnjs.cloudflare.com/ajax/libs/intl-tel-input/16.0.8/css/intlTelInput.css
IP
104.17.24.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bitcoin-loophole.software/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
ASCII text
Size
2.0 kB (1970 bytes)
Hash
a69aa970266649e0b08c2cb4bc166568
d9314a52085a2bb6d284421bb18a4c546ecb73d4
ad32b1248207ba91fb945a37d38e7c9deafcba849245872203482db42930d491

HTTP Headers

GET /ajax/libs/intl-tel-input/16.0.8/css/intlTelInput.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 09 May 2024 06:06:40 GMT
content-type: text/css; charset=utf-8
content-length: 1970
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ea6-62a6"
last-modified: Mon, 04 May 2020 16:11:18 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 740322
expires: Tue, 29 Apr 2025 06:06:40 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vNEHvaGOKfRdkCJcoaOkTbEhprq167XzRElO3YldVEEG%2FvsvOzM%2BatFVPvlIzv%2Fj8yK8lesQQOXWnxEi9%2B%2FRB4gQMiFqRLr8YfyIr%2BEQWV5Ax%2FxVBviiofJhBjKfYSBQ39IFSk5N"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 880f813e38910b3d-OSL
alt-svc: h3=":443"; ma=86400

cdnjs.cloudflare.com/ajax/libs/intl-tel-input/16.0.8/js/utils.js

104.17.24.14

200 OK

44 kB

URL GET HTTP/3
cdnjs.cloudflare.com/ajax/libs/intl-tel-input/16.0.8/js/utils.js
IP
104.17.24.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bitcoin-loophole.software/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (1662)
Size
44 kB (44499 bytes)
Hash
6cbc725386e043d896c9379c1c21a311
24f601db0688c59c0d8c43b5ff88081b144b638e
8171bc06dd2686fa266edbf806141c2aab2cacd093a0691ae61fa84f839b73d4

HTTP Headers

GET /ajax/libs/intl-tel-input/16.0.8/js/utils.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bitcoin-loophole.software/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 09 May 2024 06:06:40 GMT
content-type: application/javascript; charset=utf-8
content-length: 44499
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ea6-3a59e"
last-modified: Mon, 04 May 2020 16:11:18 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 725743
expires: Tue, 29 Apr 2025 06:06:40 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4DmYwy6MkL8XaOMKX%2BqTZcPSatYj9x49scqFHI%2FpFXIInvgYDpGMrnkX3VHBz29hflCawXlFEiWoORPFJWxIG31qFRoyfbLDD7gPw%2Fk2JNZGxo0StLw0OLn8ObcAsxp3mlq%2BTXhu"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 880f813e68a20b3d-OSL
alt-svc: h3=":443"; ma=86400

cdnjs.cloudflare.com/ajax/libs/intl-tel-input/16.0.8/img/flags.png

104.17.24.14

71 kB

URL GET
cdnjs.cloudflare.com/ajax/libs/intl-tel-input/16.0.8/img/flags.png
IP
104.17.24.14:0
ASN
#13335 CLOUDFLARENET

Requested by
https://bitcoin-loophole.software/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
PNG image data, 5652 x 15, 8-bit/color RGBA, non-interlaced
Size
71 kB (70862 bytes)
Hash
416250f60d785a2e02f17e054d2e4e44
21572c9751e5a3dc20395befa0fcb349c32c4811
0a012cf808a24573168308916092d2d4bd3f2b4af8e16b59167013cc77acee55

HTTP Headers

GET /ajax/libs/intl-tel-input/16.0.8/img/flags.png HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cdnjs.cloudflare.com/ajax/libs/intl-tel-input/16.0.8/css/intlTelInput.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 09 May 2024 06:06:40 GMT
content-type: image/png; charset=utf-8
content-length: 70862
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ea6-114c9"
last-modified: Mon, 04 May 2020 16:11:18 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: MISS
expires: Tue, 29 Apr 2025 06:06:40 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=53mAnoxKTYuU8PKSEmT2LlV886P4oNvNWb7R5ILu9fVa4UFVLlQm2xhC0lS1NorEgsygkmgV7suqLX0iRk3rL6VOO2UwU2R0lvjL318HLTWyoVI7JgcNBYRajaoe3LS8g1iwqGba"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 880f813ef8e90b3d-OSL
alt-svc: h3=":443"; ma=86400

bitcoin-loophole.software/js/validator.js

172.67.219.28

200 OK

9.2 kB

URL GET HTTP/3
bitcoin-loophole.software/js/validator.js
IP
172.67.219.28:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bitcoin-loophole.software/
Certificate
IssuerLet's Encrypt
Subjectbitcoin-loophole.software
FingerprintCB:2A:8D:2C:16:8F:74:87:3E:D1:C1:3A:13:1F:41:B2:5A:1E:05:4F
ValiditySun, 14 Apr 2024 01:45:49 GMT - Sat, 13 Jul 2024 01:45:48 GMT

File type
JavaScript source, ASCII text, with very long lines (9957), with no line terminators
Size
9.2 kB (9152 bytes)
Hash
b359ba121a19ca88bdb5ba7f8c24f79d
86a6af018edc8d037ae6c946d47f6efc4c822faa
b251134e8732407d399166fb0bf3bfb1398371db451d43ea86b3e998b91febc7

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /js/validator.js HTTP/1.1
Host: bitcoin-loophole.software
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bitcoin-loophole.software/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 09 May 2024 06:06:39 GMT
content-type: application/javascript; charset=utf-8
last-modified: Thu, 02 May 2024 14:38:53 GMT
vary: Accept-Encoding
etag: W/"6633a57d-23c0"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PcVhwMgKws6EeBtJYgc%2BeRvI6%2F6WBbggJOMM%2Bx85DebG9OnzhKAukLFeJ59sMhClE5DjAqr%2FSgt1Y7BCH1QeDjwrqC5q8evcE%2F558LyuuLHJTGOyucuoWeRFTlZzd8HxSNbnUJb7usnKpS4l"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 880f81360d4956c5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

bitcoin-loophole.software/

172.67.219.28

200 OK

69 kB

URL User Request GET HTTP/2
bitcoin-loophole.software/
IP
172.67.219.28:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerLet's Encrypt
Subjectbitcoin-loophole.software
FingerprintCB:2A:8D:2C:16:8F:74:87:3E:D1:C1:3A:13:1F:41:B2:5A:1E:05:4F
ValiditySun, 14 Apr 2024 01:45:49 GMT - Sat, 13 Jul 2024 01:45:48 GMT

File type
HTML document, ASCII text, with very long lines (11843)
Size
69 kB (68606 bytes)
Hash
38bd003933f11aecc78d71d8466dd28a
e3c055688539dbc27392c6bf5cca0bce573145ab
84a6b7a88743e7dc95ed400283a8f003488bfbb5bcfbe453c5a6febe5a784ecc

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: bitcoin-loophole.software
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 09 May 2024 06:06:38 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lUpBECpWUgJuT7e%2BpQwtEsKsd%2FFFINg8jLLE54Qla0VmSCuU32OtO3pXcmMFmcFsoXQwfx2k0Iud2KU2zr1CvsFzCCmFlRjQW6v4ulmoYGVEABBLMXgDGO0bhW9sTF3Arh78J6yPz7xJgmIV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 880f8133fecc56ab-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

bitcoin-loophole.software/js/api.js

172.67.219.28

200 OK

21 kB

URL GET HTTP/3
bitcoin-loophole.software/js/api.js
IP
172.67.219.28:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bitcoin-loophole.software/
Certificate
IssuerLet's Encrypt
Subjectbitcoin-loophole.software
FingerprintCB:2A:8D:2C:16:8F:74:87:3E:D1:C1:3A:13:1F:41:B2:5A:1E:05:4F
ValiditySun, 14 Apr 2024 01:45:49 GMT - Sat, 13 Jul 2024 01:45:48 GMT

File type

Size
21 kB (21334 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /js/api.js HTTP/1.1
Host: bitcoin-loophole.software
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bitcoin-loophole.software/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 09 May 2024 06:06:39 GMT
content-type: application/javascript; charset=utf-8
last-modified: Thu, 02 May 2024 14:38:53 GMT
vary: Accept-Encoding
etag: W/"6633a57d-5356"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WZaucduhvxPmnabCdmmBpfbUoWqiUwE7FSv%2BQRGjz0DITBQUdULzZ4UoufDj%2FgpcEROfNOK1dcZ9p5lXbYRiq5Y%2BvNCoEukAMT%2F5LgmYxDB2NFEliWZf54sJK4tscoJuGQpqEYAjbrUKLrLu"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 880f81360d4a56c5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

bitcoin-loophole.software/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

172.67.219.28

200 OK

1.2 kB

URL GET HTTP/3
bitcoin-loophole.software/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
IP
172.67.219.28:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bitcoin-loophole.software/
Certificate
IssuerLet's Encrypt
Subjectbitcoin-loophole.software
FingerprintCB:2A:8D:2C:16:8F:74:87:3E:D1:C1:3A:13:1F:41:B2:5A:1E:05:4F
ValiditySun, 14 Apr 2024 01:45:49 GMT - Sat, 13 Jul 2024 01:45:48 GMT

File type
HTML document, ASCII text, with very long lines (1271), with no line terminators
Size
1.2 kB (1239 bytes)
Hash
40d981045a7516cdadd00e8dccc9c58d
8b8d9a48c6b9d2fba596034ef5db3dd0f2f781c3
71c7d5fc630ff38080f71945be1e8b0c43140d8c25338056b752495e18739c0c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/1.1
Host: bitcoin-loophole.software
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bitcoin-loophole.software/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 09 May 2024 06:06:39 GMT
content-type: application/javascript
last-modified: Fri, 03 May 2024 18:04:18 GMT
etag: W/"66352722-4d7"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=S5gZ%2F%2FVVBbC6kC2Zaa%2B0vH31W9SNs7GiPqKIqzyaJhh2ki93uXDKErGxcar6kRBHeSaoHkCtB5RoNn2Awu7vfbmLqI5oQbyOkj4cpEK6DiRpTXlpt%2B%2FfDl8VZM5LcfoZInkAGj2QV8NSrRpd"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880f8135fd3a56c5-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Sat, 11 May 2024 06:06:39 GMT
cache-control: max-age=172800, public
content-encoding: gzip

bitcoin-loophole.software/main.js

172.67.219.28

200 OK

3.2 kB

URL GET HTTP/3
bitcoin-loophole.software/main.js
IP
172.67.219.28:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bitcoin-loophole.software/
Certificate
IssuerLet's Encrypt
Subjectbitcoin-loophole.software
FingerprintCB:2A:8D:2C:16:8F:74:87:3E:D1:C1:3A:13:1F:41:B2:5A:1E:05:4F
ValiditySun, 14 Apr 2024 01:45:49 GMT - Sat, 13 Jul 2024 01:45:48 GMT

File type
JavaScript source, ASCII text, with very long lines (3300), with no line terminators
Size
3.2 kB (3155 bytes)
Hash
d498b26b8606ff04d3f1ab276f5c5155
29f7c2140ad5080e196bc6d879369e9c346e15c7
3a6305f9912afe19f93ea204c4686cedcca42bc243747b0539507829b2fda90b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /main.js HTTP/1.1
Host: bitcoin-loophole.software
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bitcoin-loophole.software/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 09 May 2024 06:06:39 GMT
content-type: application/javascript; charset=utf-8
last-modified: Thu, 02 May 2024 14:38:53 GMT
vary: Accept-Encoding
etag: W/"6633a57d-c53"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=S1gbPoMAQ5es9tmN%2B3qABk6OMi1dKqSAPXImK5CCvJIYlF1LQ47RCz7UPZLFV2KPu4rMZCpA80VuTFxKP03GTnqEktOvE0S%2Bh%2BSPAViy7LGIVwFIQJwJri3Zxkd6kHc7F8tzsAW3fklL7qsl"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 880f81360d4756c5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

fonts.googleapis.com/css2?family=Manrope:wght@200;300;400;500;600;700;800&display=swap

142.250.74.42

200 OK

15 kB

URL GET HTTP/2
fonts.googleapis.com/css2?family=Manrope:wght@200;300;400;500;600;700;800&display=swap
IP
142.250.74.42:443
ASN
#15169 GOOGLE

Requested by
https://bitcoin-loophole.software/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79
ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT

File type
ASCII text
Size
15 kB (14609 bytes)
Hash
0220bc93d83aefaf9fd01fb588b610a5
93386f9335177cb5a75ba236516c03d183ab506c
052677c71e9626b42accce0a8c40dfecf94784271e67547f30a4664c11750473

HTTP Headers

GET /css2?family=Manrope:wght@200;300;400;500;600;700;800&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bitcoin-loophole.software/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 09 May 2024 06:06:39 GMT
date: Thu, 09 May 2024 06:06:39 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

bitcoin-loophole.software/imgs/add.svg

172.67.219.28

200 OK

372 B

URL GET HTTP/3
bitcoin-loophole.software/imgs/add.svg
IP
172.67.219.28:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bitcoin-loophole.software/
Certificate
IssuerLet's Encrypt
Subjectbitcoin-loophole.software
FingerprintCB:2A:8D:2C:16:8F:74:87:3E:D1:C1:3A:13:1F:41:B2:5A:1E:05:4F
ValiditySun, 14 Apr 2024 01:45:49 GMT - Sat, 13 Jul 2024 01:45:48 GMT

File type
SVG Scalable Vector Graphics image
Size
372 B (372 bytes)
Hash
ecfb8e900068da48bb1538a4c6b66f80
e1b2d78143e64f3f4043c677c038061ad6a0ee87
c0cc1c0f49cee635a786154e1ca872caefec3d2d79c6a526d001f42fee112470

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /imgs/add.svg HTTP/1.1
Host: bitcoin-loophole.software
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bitcoin-loophole.software/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 09 May 2024 06:06:39 GMT
content-type: image/svg+xml
last-modified: Thu, 02 May 2024 14:38:53 GMT
vary: Accept-Encoding
etag: W/"6633a57d-174"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cache-control: max-age=31536000
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BrYVLxx6IBVbJ8FvAA0Z%2FVYo57l9js%2BK%2FznSZvGE98GCWZiF57wqu3BfSKnTUIv215Y8YtbECusxJELtf97gb9voSdfBbIRI2KEI5Bt6ZgGeV%2F4lDfDpx28I5k5NDvYNm%2BJKC2ggaxnuv4bA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 880f8135ed3056c5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (12)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML