de.btcinvestor.biz Open in urlscan Pro
54.37.130.240 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://windings.co.ua/windings10/
Effective URL:
http://de.btcinvestor.biz/?a=8079&o=5314&s=6ffc2471b7ed4e478b4488d89b9f704e_53518&pid=country
Submission: On May 09 via manual (May 9th 2018, 4:14:15 pm UTC) from NL

Summary HTTP 39 Redirects Behaviour Indicators

Summary

This website contacted 10 IPs in 4 countries across 11 domains to perform 39 HTTP transactions. The main IP is 54.37.130.240, located in Woodbridge, United States and belongs to OVH, FR. The main domain is de.btcinvestor.biz.

This is the only time de.btcinvestor.biz was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Crypto (Crypto Exchange)

Domain & IP information

	IP Address	AS Autonomous System
3	206.189.30.17 206.189.30.17	14061 (DIGITALOC...) (DIGITALOCEAN-ASN - DigitalOcean)
3	62.149.0.222 62.149.0.222	15497 (COLOCALL ...) (COLOCALL Internet Data Center _ColoCALL_)
3	62.149.0.249 62.149.0.249	15497 (COLOCALL ...) (COLOCALL Internet Data Center _ColoCALL_)
1 1	34.242.123.234 34.242.123.234	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 1	52.17.221.26 52.17.221.26	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 1	108.61.208.149 108.61.208.149	20473 (AS-CHOOPA) (AS-CHOOPA - Choopa)
17	54.37.130.240 54.37.130.240	16276 (OVH) (OVH)
2	209.197.3.15 209.197.3.15	20446 (HIGHWINDS3) (HIGHWINDS3 - Highwinds Network Group)
5	104.19.196.151 104.19.196.151	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	172.217.21.232 172.217.21.232	15169 (GOOGLE) (GOOGLE - Google LLC)
1	172.217.18.170 172.217.18.170	15169 (GOOGLE) (GOOGLE - Google LLC)
4	172.217.23.131 172.217.23.131	15169 (GOOGLE) (GOOGLE - Google LLC)
39	10

3 206.189.30.17 (San Francisco, United States)

ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US)

windings.co.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 62.149.0.222 (Ukraine)

ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA)
PTR: 0-222.memphis2.cc.colocall.com

scripts.mycounter.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 62.149.0.249 (Ukraine)

ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA)
PTR: get.mycounter.ua

get.mycounter.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.242.123.234 (United States) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-34-242-123-234.eu-west-1.compute.amazonaws.com

securecloud-bizz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.17.221.26 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-17-221-26.eu-west-1.compute.amazonaws.com

securessl-bizz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.61.208.149 (Paris, France) 1 redirects

ASN20473 (AS-CHOOPA - Choopa, LLC, US)
PTR: 108.61.208.149.vultr.com

ct-redirect.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 54.37.130.240 (Woodbridge, United States)

ASN16276 (OVH, FR)

de.btcinvestor.biz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 209.197.3.15 (Phoenix, United States)

ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)
PTR: vip0x00f.map2.ssl.hwcdn.net

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.19.196.151 (San Francisco, United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.21.232 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s13-in-f232.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.170 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s29-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.23.131 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s18-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	btcinvestor.biz de.btcinvestor.biz	325 KB
6	mycounter.ua scripts.mycounter.ua get.mycounter.ua	14 KB
5	cloudflare.com cdnjs.cloudflare.com	96 KB
4	gstatic.com fonts.gstatic.com	126 KB
3	co.ua windings.co.ua	3 KB
2	bootstrapcdn.com maxcdn.bootstrapcdn.com	83 KB
1	googleapis.com fonts.googleapis.com	459 B
1	googletagmanager.com www.googletagmanager.com	24 KB
1	ct-redirect.com 1 redirects ct-redirect.com	223 B
1	securessl-bizz.com 1 redirects securessl-bizz.com	2 KB
1	securecloud-bizz.com 1 redirects securecloud-bizz.com	379 B
39	11

	Domain	Requested by
17	de.btcinvestor.biz	de.btcinvestor.biz cdnjs.cloudflare.com
5	cdnjs.cloudflare.com	de.btcinvestor.biz
4	fonts.gstatic.com	de.btcinvestor.biz
3	get.mycounter.ua	windings.co.ua
3	scripts.mycounter.ua	windings.co.ua
3	windings.co.ua
2	maxcdn.bootstrapcdn.com	de.btcinvestor.biz
1	fonts.googleapis.com	de.btcinvestor.biz
1	www.googletagmanager.com	de.btcinvestor.biz
1	ct-redirect.com	1 redirects
1	securessl-bizz.com	1 redirects
1	securecloud-bizz.com	1 redirects
39	12

This site contains no links.

Subject Issuer	Validity	Valid

This page contains 1 frames:

Primary Page: http://de.btcinvestor.biz/?a=8079&o=5314&s=6ffc2471b7ed4e478b4488d89b9f704e_53518&pid=country
Frame ID: EB2381517DA063E5A84E9C4C1A3A919C
Requests: 41 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://windings.co.ua/windings10/ Page URL
http://windings.co.ua/windings7/ Page URL
http://windings.co.ua/securecloud-bizz1/ Page URL
http://securecloud-bizz.com/?a=67327&c=171255&s1=click&s2=in&s3=country&s4=facebook&s5=060518 HTTP 302
https://securessl-bizz.com/?a=67327&c=169952&oc=66052&sr=t&rc=24_67070&s1=click&s2=in&s3=country&s4=fac... HTTP 302
http://ct-redirect.com/Y99no?a=8079&o=5314&s=6ffc2471b7ed4e478b4488d89b9f704e_53518&pid=country HTTP 302
http://de.btcinvestor.biz/?a=8079&o=5314&s=6ffc2471b7ed4e478b4488d89b9f704e_53518&pid=country Page URL

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+font-awesome(?:\.min)?\.css/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

env /^google_tag_manager$/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

env /^jQuery$/i

Twitter Bootstrap () Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]+bootstrap(?:\.min)?\.css/i

Page Statistics

39
Requests

0 %
HTTPS

0 %
IPv6

11
Domains

12
Subdomains

10
IPs

4
Countries

671 kB
Transfer

4939 kB
Size

4
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://windings.co.ua/windings10/ Page URL
http://windings.co.ua/windings7/ Page URL
http://windings.co.ua/securecloud-bizz1/ Page URL
http://securecloud-bizz.com/?a=67327&c=171255&s1=click&s2=in&s3=country&s4=facebook&s5=060518 HTTP 302
https://securessl-bizz.com/?a=67327&c=169952&oc=66052&sr=t&rc=24_67070&s1=click&s2=in&s3=country&s4=facebook&s5=060518&ref=http%3A%2F%2Fwindings.co.ua%2Fsecurecloud-bizz1%2F HTTP 302
http://ct-redirect.com/Y99no?a=8079&o=5314&s=6ffc2471b7ed4e478b4488d89b9f704e_53518&pid=country HTTP 302
http://de.btcinvestor.biz/?a=8079&o=5314&s=6ffc2471b7ed4e478b4488d89b9f704e_53518&pid=country Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

39 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK / Show response
windings.co.ua/windings10/ 646 B
929 B 47ms
25ms Document
text/html 206.189.30.17
DigitalOcean

General

Check archive.org

Show headers Download Go to

Full URL: http://windings.co.ua/windings10/
Protocol: HTTP/1.1
Server: 206.189.30.17 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
Software: Apache/2.2.22 (@RELEASE@) /
Resource Hash: f62003f4bdef7a21b7efdcbb96dbd7f180961ca7b3c3d64cbfe0853f8c751304

Request headers

Host: windings.co.ua
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: EB2381517DA063E5A84E9C4C1A3A919C

Response headers

Date: Wed, 09 May 2018 16:14:05 GMT
Server: Apache/2.2.22 (@RELEASE@)
Last-Modified: Mon, 07 May 2018 17:16:43 GMT
ETag: "bd75f-286-56ba0d56a5d06"
Accept-Ranges: bytes
Content-Length: 646
Connection: close
Content-Type: text/html
X-Pad: avoid browser bug

GET
H/1.1 200
OK counter2.0.js Show response
scripts.mycounter.ua/ 4 KB
4 KB 66ms
33ms Script
application/javascript 62.149.0.222
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to

Full URL: http://scripts.mycounter.ua/counter2.0.js
Requested by: Host: windings.co.ua
URL: http://windings.co.ua/windings10/
Protocol: HTTP/1.1
Server: 62.149.0.222 , Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS: 0-222.memphis2.cc.colocall.com
Software: nginx/1.10.3 /
Resource Hash: 73a51e9a913a1d5117e292fcccf9e3251506677b54ffd2afdaf3fd1860825e80

Request headers

Referer: http://windings.co.ua/windings10/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Wed, 09 May 2018 16:14:05 GMT
Last-Modified: Tue, 24 Apr 2018 09:33:35 GMT
Server: nginx/1.10.3
ETag: "5adef9ef-e44"
Content-Type: application/javascript
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3652
Expires: Wed, 09 May 2018 17:14:05 GMT

GET
H/1.1 200
OK counter.php
get.mycounter.ua/ 723 B
946 B 180ms
102ms Image
image/png 62.149.0.249
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://get.mycounter.ua/counter.php?id=164815&w=http%3A//windings.co.ua/windings10/&s=1600x1200x24&c=1&j=7
Requested by: Host: windings.co.ua
URL: http://windings.co.ua/windings10/
Protocol: HTTP/1.1
Server: 62.149.0.249 , Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS: get.mycounter.ua
Software: MyCounter TCP Server v.2.0.0 /
Resource Hash: 8fd301640d59281bf4582716ce458d76bf5b5ba8d73198986c62d4cd2c1a43d0

Request headers

Referer: http://windings.co.ua/windings10/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Wed, 09 May 2018 19:14:05 GMT
Server: MyCounter TCP Server v.2.0.0
Content-Type: image/png
Cache-control: no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 723
Expires: 0

GET
H/1.1 200
OK / Show response
windings.co.ua/windings7/ 654 B
937 B 45ms
24ms Document
text/html 206.189.30.17
DigitalOcean

General

Check archive.org

Show headers Download Go to

Full URL: http://windings.co.ua/windings7/
Protocol: HTTP/1.1
Server: 206.189.30.17 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
Software: Apache/2.2.22 (@RELEASE@) /
Resource Hash: 6aff6581c3e69b7dc70a22f1f9cfb5d528e9c766beafa592448040bf510da32d

Request headers

Host: windings.co.ua
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://windings.co.ua/windings10/
Accept-Encoding: gzip, deflate
Cookie: s=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: EB2381517DA063E5A84E9C4C1A3A919C
Referer: http://windings.co.ua/windings10/

Response headers

Date: Wed, 09 May 2018 16:14:06 GMT
Server: Apache/2.2.22 (@RELEASE@)
Last-Modified: Mon, 07 May 2018 17:16:41 GMT
ETag: "bd759-28e-56ba0d553008a"
Accept-Ranges: bytes
Content-Length: 654
Connection: close
Content-Type: text/html
X-Pad: avoid browser bug

GET
H/1.1 200
OK counter2.0.js Show response
scripts.mycounter.ua/ 4 KB
4 KB 33ms
33ms Script
application/javascript 62.149.0.222
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to

Full URL: http://scripts.mycounter.ua/counter2.0.js
Requested by: Host: windings.co.ua
URL: http://windings.co.ua/windings7/
Protocol: HTTP/1.1
Server: 62.149.0.222 , Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS: 0-222.memphis2.cc.colocall.com
Software: nginx/1.10.3 /
Resource Hash: 73a51e9a913a1d5117e292fcccf9e3251506677b54ffd2afdaf3fd1860825e80

Request headers

Referer: http://windings.co.ua/windings7/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Wed, 09 May 2018 16:14:06 GMT
Last-Modified: Tue, 24 Apr 2018 09:33:35 GMT
Server: nginx/1.10.3
ETag: "5adef9ef-e44"
Content-Type: application/javascript
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3652
Expires: Wed, 09 May 2018 17:14:06 GMT

GET
H/1.1 200
OK counter.php
get.mycounter.ua/ 723 B
946 B 49ms
48ms Image
image/png 62.149.0.249
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://get.mycounter.ua/counter.php?id=164815&w=http%3A//windings.co.ua/windings7/&s=1600x1200x24&r=http%3A//windings.co.ua/windings10/&c=1&j=7
Requested by: Host: windings.co.ua
URL: http://windings.co.ua/windings7/
Protocol: HTTP/1.1
Server: 62.149.0.249 , Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS: get.mycounter.ua
Software: MyCounter TCP Server v.2.0.0 /
Resource Hash: 8fd301640d59281bf4582716ce458d76bf5b5ba8d73198986c62d4cd2c1a43d0

Request headers

Referer: http://windings.co.ua/windings7/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Wed, 09 May 2018 19:14:06 GMT
Server: MyCounter TCP Server v.2.0.0
Content-Type: image/png
Cache-control: no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 723
Expires: 0

GET
H/1.1 200
OK / Show response
windings.co.ua/securecloud-bizz1/ 707 B
990 B 46ms
24ms Document
text/html 206.189.30.17
DigitalOcean

General

Check archive.org

Show headers Download Go to

Full URL: http://windings.co.ua/securecloud-bizz1/
Protocol: HTTP/1.1
Server: 206.189.30.17 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
Software: Apache/2.2.22 (@RELEASE@) /
Resource Hash: 7c7b841aa73e9cfd6393d60d91a17bb4eaaf6ddc989e69d56d46bc6d49933c0b

Request headers

Host: windings.co.ua
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://windings.co.ua/windings7/
Accept-Encoding: gzip, deflate
Cookie: s=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: EB2381517DA063E5A84E9C4C1A3A919C
Referer: http://windings.co.ua/windings7/

Response headers

Date: Wed, 09 May 2018 16:14:07 GMT
Server: Apache/2.2.22 (@RELEASE@)
Last-Modified: Mon, 07 May 2018 17:16:39 GMT
ETag: "bd753-2c3-56ba0d5338204"
Accept-Ranges: bytes
Content-Length: 707
Connection: close
Content-Type: text/html
X-Pad: avoid browser bug

GET
H/1.1 200
OK counter2.0.js Show response
scripts.mycounter.ua/ 4 KB
4 KB 33ms
33ms Script
application/javascript 62.149.0.222
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to

Full URL: http://scripts.mycounter.ua/counter2.0.js
Requested by: Host: windings.co.ua
URL: http://windings.co.ua/securecloud-bizz1/
Protocol: HTTP/1.1
Server: 62.149.0.222 , Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS: 0-222.memphis2.cc.colocall.com
Software: nginx/1.10.3 /
Resource Hash: 73a51e9a913a1d5117e292fcccf9e3251506677b54ffd2afdaf3fd1860825e80

Request headers

Referer: http://windings.co.ua/securecloud-bizz1/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Wed, 09 May 2018 16:14:07 GMT
Last-Modified: Tue, 24 Apr 2018 09:33:35 GMT
Server: nginx/1.10.3
ETag: "5adef9ef-e44"
Content-Type: application/javascript
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3652
Expires: Wed, 09 May 2018 17:14:07 GMT

GET
H/1.1 200
OK counter.php
get.mycounter.ua/ 723 B
946 B 38ms
38ms Image
image/png 62.149.0.249
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://get.mycounter.ua/counter.php?id=164815&w=http%3A//windings.co.ua/securecloud-bizz1/&s=1600x1200x24&r=http%3A//windings.co.ua/windings7/&c=1&j=7
Requested by: Host: windings.co.ua
URL: http://windings.co.ua/securecloud-bizz1/
Protocol: HTTP/1.1
Server: 62.149.0.249 , Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS: get.mycounter.ua
Software: MyCounter TCP Server v.2.0.0 /
Resource Hash: 8fd301640d59281bf4582716ce458d76bf5b5ba8d73198986c62d4cd2c1a43d0

Request headers

Referer: http://windings.co.ua/securecloud-bizz1/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Wed, 09 May 2018 19:14:07 GMT
Server: MyCounter TCP Server v.2.0.0
Content-Type: image/png
Cache-control: no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 723
Expires: 0

GET
H/1.1

200
OK

Primary Request / Show response
de.btcinvestor.biz/
Redirect Chain

http://securecloud-bizz.com/?a=67327&c=171255&s1=click&s2=in&s3=country&s4=facebook&s5=060518
https://securessl-bizz.com/?a=67327&c=169952&oc=66052&sr=t&rc=24_67070&s1=click&s2=in&s3=country&s4=facebook&s5=060518&ref=http%3A%2F%2Fwindings.co.ua%2Fsecurecloud-bizz1%2F
http://ct-redirect.com/Y99no?a=8079&o=5314&s=6ffc2471b7ed4e478b4488d89b9f704e_53518&pid=country
http://de.btcinvestor.biz/?a=8079&o=5314&s=6ffc2471b7ed4e478b4488d89b9f704e_53518&pid=country

17 KB
4 KB

71ms
27ms

Document
text/html

54.37.130.240
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://de.btcinvestor.biz/?a=8079&o=5314&s=6ffc2471b7ed4e478b4488d89b9f704e_53518&pid=country
Protocol: HTTP/1.1
Server: 54.37.130.240 Woodbridge, United States, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: 9c04ed837c88d6c6defb51c022783c4c20b97c3b3ad861d813dc2bca2d09909c

Request headers

Host: de.btcinvestor.biz
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://windings.co.ua/securecloud-bizz1/
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: EB2381517DA063E5A84E9C4C1A3A919C
Referer: http://windings.co.ua/securecloud-bizz1/

Response headers

Server: nginx
Date: Wed, 09 May 2018 16:14:09 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Vary: Accept-Encoding
ETag: W/"5aec4f53-4519"
X-Geo: DE
Content-Encoding: gzip

Redirect headers

Location: http://de.btcinvestor.biz?a=8079&o=5314&s=6ffc2471b7ed4e478b4488d89b9f704e_53518&pid=country
Date: Wed, 09 May 2018 16:14:09 GMT
Content-Length: 0
Content-Type: text/plain; charset=utf-8

GET
H/1.1 200
OK font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ 30 KB
7 KB 26ms
9ms Stylesheet
text/css 209.197.3.15
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Requested by: Host: de.btcinvestor.biz
URL: http://de.btcinvestor.biz/?a=8079&o=5314&s=6ffc2471b7ed4e478b4488d89b9f704e_53518&pid=country
Protocol: HTTP/1.1
Server: 209.197.3.15 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS: vip0x00f.map2.ssl.hwcdn.net
Software: /
Resource Hash: 799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Request headers

Referer: http://de.btcinvestor.biz/?a=8079&o=5314&s=6ffc2471b7ed4e478b4488d89b9f704e_53518&pid=country
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Wed, 09 May 2018 16:14:09 GMT
Content-Encoding: gzip
Last-Modified: Sat, 17 Feb 2018 21:46:17 GMT
Connection: Keep-Alive
ETag: "1518903977"
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
X-Hello-Human: Say hello back! @getBootstrapCDN on Twitter
Accept-Ranges: bytes
Content-Length: 7050

GET
S 200 bootstrap.min.css
cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.3.7/css/ 118 KB
20 KB 15ms
13ms Stylesheet
text/css 104.19.196.151
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.3.7/css/bootstrap.min.css

Requested by

Host: de.btcinvestor.biz
URL: http://de.btcinvestor.biz/?a=8079&o=5314&s=6ffc2471b7ed4e478b4488d89b9f704e_53518&pid=country

Protocol

SPDY

Server

104.19.196.151 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: http://de.btcinvestor.biz/?a=8079&o=5314&s=6ffc2471b7ed4e478b4488d89b9f704e_53518&pid=country
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date: Wed, 09 May 2018 16:14:09 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 26 Jul 2016 07:16:08 GMT
server: cloudflare
status: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=30672000
strict-transport-security: max-age=15780000; includeSubDomains
cf-ray: 4185751cea8796e2-FRA
expires: Mon, 29 Apr 2019 16:14:09 GMT

GET
H/1.1 200
OK style.css
de.btcinvestor.biz/css/ 16 KB
4 KB 30ms
28ms Stylesheet
text/css 54.37.130.240
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://de.btcinvestor.biz/css/style.css
Requested by: Host: de.btcinvestor.biz
URL: http://de.btcinvestor.biz/?a=8079&o=5314&s=6ffc2471b7ed4e478b4488d89b9f704e_53518&pid=country
Protocol: HTTP/1.1
Server: 54.37.130.240 Woodbridge, United States, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: 8de04aafe2dfbcbf827f74b9a0858b2733ee9daa6496a4e90e207d8f5f0e6e54

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: de.btcinvestor.biz
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://de.btcinvestor.biz/?a=8079&o=5314&s=6ffc2471b7ed4e478b4488d89b9f704e_53518&pid=country
Connection: keep-alive
Cache-Control: no-cache
Referer: http://de.btcinvestor.biz/?a=8079&o=5314&s=6ffc2471b7ed4e478b4488d89b9f704e_53518&pid=country
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Pragma: public
Date: Wed, 09 May 2018 16:14:09 GMT
Content-Encoding: gzip
Server: nginx
ETag: W/"5aec4f53-3f93"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=21600 public
Transfer-Encoding: chunked
Expires: Wed, 09 May 2018 22:14:09 GMT

GET
H/1.1 200
OK multistepform.css
de.btcinvestor.biz/css/ 3 KB
1 KB 54ms
27ms Stylesheet
text/css 54.37.130.240
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://de.btcinvestor.biz/css/multistepform.css
Requested by: Host: de.btcinvestor.biz
URL: http://de.btcinvestor.biz/?a=8079&o=5314&s=6ffc2471b7ed4e478b4488d89b9f704e_53518&pid=country
Protocol: HTTP/1.1
Server: 54.37.130.240 Woodbridge, United States, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: c20697edfbd96dffc10eb4023102d6e3e9f199e89837c51ccf313888e364cefd

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: de.btcinvestor.biz
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://de.btcinvestor.biz/?a=8079&o=5314&s=6ffc2471b7ed4e478b4488d89b9f704e_53518&pid=country
Connection: keep-alive
Cache-Control: no-cache
Referer: http://de.btcinvestor.biz/?a=8079&o=5314&s=6ffc2471b7ed4e478b4488d89b9f704e_53518&pid=country
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Pragma: public
Date: Wed, 09 May 2018 16:14:09 GMT
Content-Encoding: gzip
Server: nginx
ETag: W/"5aec4f53-d3c"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=21600 public
Transfer-Encoding: chunked
Expires: Wed, 09 May 2018 22:14:09 GMT

GET
H/1.1 200
OK crazypopup.css
de.btcinvestor.biz/css/ 1 KB
906 B 54ms
27ms Stylesheet
text/css 54.37.130.240
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://de.btcinvestor.biz/css/crazypopup.css
Requested by: Host: de.btcinvestor.biz
URL: http://de.btcinvestor.biz/?a=8079&o=5314&s=6ffc2471b7ed4e478b4488d89b9f704e_53518&pid=country
Protocol: HTTP/1.1
Server: 54.37.130.240 Woodbridge, United States, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: 988f92a92cdc0dacb2c1204eba4dccf9e45ec8c6d2f1008fdfc98c952e82609b

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: de.btcinvestor.biz
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://de.btcinvestor.biz/?a=8079&o=5314&s=6ffc2471b7ed4e478b4488d89b9f704e_53518&pid=country
Connection: keep-alive
Cache-Control: no-cache
Referer: http://de.btcinvestor.biz/?a=8079&o=5314&s=6ffc2471b7ed4e478b4488d89b9f704e_53518&pid=country
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Pragma: public
Date: Wed, 09 May 2018 16:14:09 GMT
Content-Encoding: gzip
Server: nginx
ETag: W/"5aec4f53-4e6"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=21600 public
Transfer-Encoding: chunked
Expires: Wed, 09 May 2018 22:14:09 GMT

GET
H/1.1 200
OK btcchart.css
de.btcinvestor.biz/css/ 2 KB
1003 B 55ms
28ms Stylesheet
text/css 54.37.130.240
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://de.btcinvestor.biz/css/btcchart.css
Requested by: Host: de.btcinvestor.biz
URL: http://de.btcinvestor.biz/?a=8079&o=5314&s=6ffc2471b7ed4e478b4488d89b9f704e_53518&pid=country
Protocol: HTTP/1.1
Server: 54.37.130.240 Woodbridge, United States, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: f0f91fe8e5ed2c3a77fdea79cc5a48d8fd5d4659811a3a5675bcd96afa5c5a8d

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: de.btcinvestor.biz
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://de.btcinvestor.biz/?a=8079&o=5314&s=6ffc2471b7ed4e478b4488d89b9f704e_53518&pid=country
Connection: keep-alive
Cache-Control: no-cache
Referer: http://de.btcinvestor.biz/?a=8079&o=5314&s=6ffc2471b7ed4e478b4488d89b9f704e_53518&pid=country
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Pragma: public
Date: Wed, 09 May 2018 16:14:09 GMT
Content-Encoding: gzip
Server: nginx
ETag: W/"5aec4f53-6b3"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=21600 public
Transfer-Encoding: chunked
Expires: Wed, 09 May 2018 22:14:09 GMT

GET
H/1.1 200
OK btc_investor_logo.svg
de.btcinvestor.biz/images/ 5 KB
2 KB 69ms
26ms Image
image/svg+xml 54.37.130.240
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://de.btcinvestor.biz/images/btc_investor_logo.svg
Requested by: Host: de.btcinvestor.biz
URL: http://de.btcinvestor.biz/?a=8079&o=5314&s=6ffc2471b7ed4e478b4488d89b9f704e_53518&pid=country
Protocol: HTTP/1.1
Server: 54.37.130.240 Woodbridge, United States, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: e94483aef81e9383a27dbbd6319358cb25649b8265cbc1535a4ad75ece8a44e5

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: de.btcinvestor.biz
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://de.btcinvestor.biz/?a=8079&o=5314&s=6ffc2471b7ed4e478b4488d89b9f704e_53518&pid=country
Connection: keep-alive
Cache-Control: no-cache
Referer: http://de.btcinvestor.biz/?a=8079&o=5314&s=6ffc2471b7ed4e478b4488d89b9f704e_53518&pid=country
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Pragma: public
Date: Wed, 09 May 2018 16:14:09 GMT
Content-Encoding: gzip
Last-Modified: Fri, 04 May 2018 12:17:23 GMT
Server: nginx
ETag: W/"5aec4f53-1386"
Vary: Accept-Encoding
Content-Type: image/svg+xml
Cache-Control: max-age=2145794 public
Transfer-Encoding: chunked
Expires: Sun, 03 Jun 2018 12:17:23 GMT

GET
S 200 gb.svg
cdnjs.cloudflare.com/ajax/libs/flag-icon-css/2.1.0/flags/4x3/ 934 B
557 B 15ms
14ms Image
image/svg+xml 104.19.196.151
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnjs.cloudflare.com/ajax/libs/flag-icon-css/2.1.0/flags/4x3/gb.svg

Requested by

Host: de.btcinvestor.biz
URL: http://de.btcinvestor.biz/?a=8079&o=5314&s=6ffc2471b7ed4e478b4488d89b9f704e_53518&pid=country

Protocol

SPDY

Server

104.19.196.151 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

8ccbf3724368fd3da007d3959266c24e00f8ec01758c5d8a97e451c3640261b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: http://de.btcinvestor.biz/?a=8079&o=5314&s=6ffc2471b7ed4e478b4488d89b9f704e_53518&pid=country
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date: Wed, 09 May 2018 16:14:09 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 22 Jun 2016 14:42:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
status: 200
cache-control: public, max-age=30672000
strict-transport-security: max-age=15780000; includeSubDomains
cf-ray: 4185751d3acd96e2-FRA
expires: Mon, 29 Apr 2019 16:14:09 GMT

GET
H/1.1 200
OK bloomberg_logo.min.png
de.btcinvestor.biz/images/ 3 KB
3 KB 71ms
26ms Image
image/png 54.37.130.240
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://de.btcinvestor.biz/images/bloomberg_logo.min.png
Requested by: Host: de.btcinvestor.biz
URL: http://de.btcinvestor.biz/?a=8079&o=5314&s=6ffc2471b7ed4e478b4488d89b9f704e_53518&pid=country
Protocol: HTTP/1.1
Server: 54.37.130.240 Woodbridge, United States, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: 09957f75cb1c1c557c6ded83d9418b47aeb77a4f3e103148b551d201ffaeffc0

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: de.btcinvestor.biz
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://de.btcinvestor.biz/?a=8079&o=5314&s=6ffc2471b7ed4e478b4488d89b9f704e_53518&pid=country
Connection: keep-alive
Cache-Control: no-cache
Referer: http://de.btcinvestor.biz/?a=8079&o=5314&s=6ffc2471b7ed4e478b4488d89b9f704e_53518&pid=country
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Pragma: public
Date: Wed, 09 May 2018 16:14:09 GMT
Last-Modified: Fri, 04 May 2018 12:17:23 GMT
Server: nginx
ETag: "5aec4f53-ad7"
Content-Type: image/png
Cache-Control: max-age=2145794 public
Accept-Ranges: bytes
Content-Length: 2775
Expires: Sun, 03 Jun 2018 12:17:23 GMT

GET
H/1.1 200
OK forbes_logo.min.png
de.btcinvestor.biz/images/ 2 KB
3 KB 49ms
29ms Image
image/png 54.37.130.240
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://de.btcinvestor.biz/images/forbes_logo.min.png
Requested by: Host: de.btcinvestor.biz
URL: http://de.btcinvestor.biz/?a=8079&o=5314&s=6ffc2471b7ed4e478b4488d89b9f704e_53518&pid=country
Protocol: HTTP/1.1
Server: 54.37.130.240 Woodbridge, United States, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: c2b29878df5517c5fd6660925cf172c0468a56680c6c7883b15363b48ee8d27d

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: de.btcinvestor.biz
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://de.btcinvestor.biz/?a=8079&o=5314&s=6ffc2471b7ed4e478b4488d89b9f704e_53518&pid=country
Connection: keep-alive
Cache-Control: no-cache
Referer: http://de.btcinvestor.biz/?a=8079&o=5314&s=6ffc2471b7ed4e478b4488d89b9f704e_53518&pid=country
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Pragma: public
Date: Wed, 09 May 2018 16:14:09 GMT
Last-Modified: Fri, 04 May 2018 12:17:23 GMT
Server: nginx
ETag: "5aec4f53-9fb"
Content-Type: image/png
Cache-Control: max-age=2145794 public
Accept-Ranges: bytes
Content-Length: 2555
Expires: Sun, 03 Jun 2018 12:17:23 GMT

GET
H/1.1 200
OK usr_fsdf45.jpg
de.btcinvestor.biz/images/users/ 8 KB
8 KB 51ms
26ms Image
image/jpeg 54.37.130.240
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://de.btcinvestor.biz/images/users/usr_fsdf45.jpg
Requested by: Host: de.btcinvestor.biz
URL: http://de.btcinvestor.biz/?a=8079&o=5314&s=6ffc2471b7ed4e478b4488d89b9f704e_53518&pid=country
Protocol: HTTP/1.1
Server: 54.37.130.240 Woodbridge, United States, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: 1bfaa563f8cd23dc4b7f108f33c94ee586e6141de4f09e2155a1ce050abf223b

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: de.btcinvestor.biz
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://de.btcinvestor.biz/?a=8079&o=5314&s=6ffc2471b7ed4e478b4488d89b9f704e_53518&pid=country
Connection: keep-alive
Cache-Control: no-cache
Referer: http://de.btcinvestor.biz/?a=8079&o=5314&s=6ffc2471b7ed4e478b4488d89b9f704e_53518&pid=country
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Pragma: public
Date: Wed, 09 May 2018 16:14:09 GMT
Last-Modified: Fri, 04 May 2018 12:17:23 GMT
Server: nginx
ETag: "5aec4f53-2040"
Content-Type: image/jpeg
Cache-Control: max-age=2145794 public
Accept-Ranges: bytes
Content-Length: 8256
Expires: Sun, 03 Jun 2018 12:17:23 GMT

GET
H/1.1 200
OK usr_sdf56g.jpg
de.btcinvestor.biz/images/users/ 10 KB
11 KB 70ms
26ms Image
image/jpeg 54.37.130.240
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://de.btcinvestor.biz/images/users/usr_sdf56g.jpg
Requested by: Host: de.btcinvestor.biz
URL: http://de.btcinvestor.biz/?a=8079&o=5314&s=6ffc2471b7ed4e478b4488d89b9f704e_53518&pid=country
Protocol: HTTP/1.1
Server: 54.37.130.240 Woodbridge, United States, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: 74a5641536c94b5e55dbe7226f295d925bbd45765abd22024fbcbe9734054cbd

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: de.btcinvestor.biz
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://de.btcinvestor.biz/?a=8079&o=5314&s=6ffc2471b7ed4e478b4488d89b9f704e_53518&pid=country
Connection: keep-alive
Cache-Control: no-cache
Referer: http://de.btcinvestor.biz/?a=8079&o=5314&s=6ffc2471b7ed4e478b4488d89b9f704e_53518&pid=country
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Pragma: public
Date: Wed, 09 May 2018 16:14:09 GMT
Last-Modified: Fri, 04 May 2018 12:17:23 GMT
Server: nginx
ETag: "5aec4f53-2979"
Content-Type: image/jpeg
Cache-Control: max-age=2145794 public
Accept-Ranges: bytes
Content-Length: 10617
Expires: Sun, 03 Jun 2018 12:17:23 GMT

GET
H/1.1 200
OK btc_investor_logo_white.svg
de.btcinvestor.biz/images/ 5 KB
2 KB 26ms
26ms Image
image/svg+xml 54.37.130.240
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://de.btcinvestor.biz/images/btc_investor_logo_white.svg
Requested by: Host: de.btcinvestor.biz
URL: http://de.btcinvestor.biz/?a=8079&o=5314&s=6ffc2471b7ed4e478b4488d89b9f704e_53518&pid=country
Protocol: HTTP/1.1
Server: 54.37.130.240 Woodbridge, United States, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: 39798ade383d97cb7ec6a3a921fba6719baa3652757957c240d6267b77e8f7dc

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: de.btcinvestor.biz
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://de.btcinvestor.biz/?a=8079&o=5314&s=6ffc2471b7ed4e478b4488d89b9f704e_53518&pid=country
Connection: keep-alive
Cache-Control: no-cache
Referer: http://de.btcinvestor.biz/?a=8079&o=5314&s=6ffc2471b7ed4e478b4488d89b9f704e_53518&pid=country
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Pragma: public
Date: Wed, 09 May 2018 16:14:09 GMT
Content-Encoding: gzip
Last-Modified: Fri, 04 May 2018 12:17:23 GMT
Server: nginx
ETag: W/"5aec4f53-1362"
Vary: Accept-Encoding
Content-Type: image/svg+xml
Cache-Control: max-age=2145794 public
Transfer-Encoding: chunked
Expires: Sun, 03 Jun 2018 12:17:23 GMT

GET
H/1.1 200
OK app.js Show response
de.btcinvestor.biz/js/ 831 KB
204 KB 56ms
31ms Script
application/javascript 54.37.130.240
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://de.btcinvestor.biz/js/app.js
Requested by: Host: de.btcinvestor.biz
URL: http://de.btcinvestor.biz/?a=8079&o=5314&s=6ffc2471b7ed4e478b4488d89b9f704e_53518&pid=country
Protocol: HTTP/1.1
Server: 54.37.130.240 Woodbridge, United States, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: e70eb9061534e6d29fc57c859dea9059c922d862319264a60391599fba0875a9

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: de.btcinvestor.biz
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: */*
Referer: http://de.btcinvestor.biz/?a=8079&o=5314&s=6ffc2471b7ed4e478b4488d89b9f704e_53518&pid=country
Connection: keep-alive
Cache-Control: no-cache
Referer: http://de.btcinvestor.biz/?a=8079&o=5314&s=6ffc2471b7ed4e478b4488d89b9f704e_53518&pid=country
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Pragma: public
Date: Wed, 09 May 2018 16:14:09 GMT
Content-Encoding: gzip
Server: nginx
ETag: W/"5aec4f7d-cfb3c"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=21600 public
Transfer-Encoding: chunked
Expires: Wed, 09 May 2018 22:14:09 GMT

GET
S 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/ 84 KB
29 KB 12ms
11ms Script
application/javascript 104.19.196.151
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js

Requested by

Host: de.btcinvestor.biz
URL: http://de.btcinvestor.biz/?a=8079&o=5314&s=6ffc2471b7ed4e478b4488d89b9f704e_53518&pid=country

Protocol

SPDY

Server

104.19.196.151 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: http://de.btcinvestor.biz/?a=8079&o=5314&s=6ffc2471b7ed4e478b4488d89b9f704e_53518&pid=country
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date: Wed, 09 May 2018 16:14:09 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 22 Jun 2016 14:42:33 GMT
server: cloudflare
status: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
strict-transport-security: max-age=15780000; includeSubDomains
cf-ray: 4185751d3aca96e2-FRA
expires: Mon, 29 Apr 2019 16:14:09 GMT

GET
S 200 bootstrap.min.js Show response
cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.3.7/js/ 36 KB
10 KB 15ms
15ms Script
application/javascript 104.19.196.151
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.3.7/js/bootstrap.min.js

Requested by

Host: de.btcinvestor.biz
URL: http://de.btcinvestor.biz/?a=8079&o=5314&s=6ffc2471b7ed4e478b4488d89b9f704e_53518&pid=country

Protocol

SPDY

Server

104.19.196.151 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: http://de.btcinvestor.biz/?a=8079&o=5314&s=6ffc2471b7ed4e478b4488d89b9f704e_53518&pid=country
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date: Wed, 09 May 2018 16:14:09 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 26 Jul 2016 07:16:08 GMT
server: cloudflare
status: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
strict-transport-security: max-age=15780000; includeSubDomains
cf-ray: 4185751d3acb96e2-FRA
expires: Mon, 29 Apr 2019 16:14:09 GMT

GET
H/1.1 200
OK winnermodal.js Show response
de.btcinvestor.biz/js/ 5 KB
3 KB 27ms
26ms Script
application/javascript 54.37.130.240
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://de.btcinvestor.biz/js/winnermodal.js
Requested by: Host: de.btcinvestor.biz
URL: http://de.btcinvestor.biz/?a=8079&o=5314&s=6ffc2471b7ed4e478b4488d89b9f704e_53518&pid=country
Protocol: HTTP/1.1
Server: 54.37.130.240 Woodbridge, United States, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: ea0bae2ce2088b9bc1e55eef53263e3058a2db1f9a21012f3e081fa005f6a2d0

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: de.btcinvestor.biz
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: */*
Referer: http://de.btcinvestor.biz/?a=8079&o=5314&s=6ffc2471b7ed4e478b4488d89b9f704e_53518&pid=country
Connection: keep-alive
Cache-Control: no-cache
Referer: http://de.btcinvestor.biz/?a=8079&o=5314&s=6ffc2471b7ed4e478b4488d89b9f704e_53518&pid=country
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Pragma: public
Date: Wed, 09 May 2018 16:14:09 GMT
Content-Encoding: gzip
Server: nginx
ETag: W/"5aec4f53-127c"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=21600 public
Transfer-Encoding: chunked
Expires: Wed, 09 May 2018 22:14:09 GMT

GET
S 200 bodymovin_light.min.js Show response
cdnjs.cloudflare.com/ajax/libs/bodymovin/4.10.2/ 140 KB
37 KB 10ms
9ms Script
application/javascript 104.19.196.151
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/bodymovin/4.10.2/bodymovin_light.min.js

Requested by

Host: de.btcinvestor.biz
URL: http://de.btcinvestor.biz/?a=8079&o=5314&s=6ffc2471b7ed4e478b4488d89b9f704e_53518&pid=country

Protocol

SPDY

Server

104.19.196.151 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

f8759b4002b5d3273049eca7e9ba054fa587f34a624a4f401f712a5596803f6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: http://de.btcinvestor.biz/?a=8079&o=5314&s=6ffc2471b7ed4e478b4488d89b9f704e_53518&pid=country
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date: Wed, 09 May 2018 16:14:09 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 07 Aug 2017 04:03:18 GMT
server: cloudflare
status: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
strict-transport-security: max-age=15780000; includeSubDomains
cf-ray: 4185751d3acc96e2-FRA
expires: Mon, 29 Apr 2019 16:14:09 GMT

GET
H/1.1 200
OK chart.js Show response
de.btcinvestor.biz/js/ 172 B
479 B 26ms
26ms Script
application/javascript 54.37.130.240
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://de.btcinvestor.biz/js/chart.js
Requested by: Host: de.btcinvestor.biz
URL: http://de.btcinvestor.biz/?a=8079&o=5314&s=6ffc2471b7ed4e478b4488d89b9f704e_53518&pid=country
Protocol: HTTP/1.1
Server: 54.37.130.240 Woodbridge, United States, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: 367778085f446b669d32cac74ec75cd027cd81d2d87aa7dad466060ca206726c

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: de.btcinvestor.biz
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: */*
Referer: http://de.btcinvestor.biz/?a=8079&o=5314&s=6ffc2471b7ed4e478b4488d89b9f704e_53518&pid=country
Connection: keep-alive
Cache-Control: no-cache
Referer: http://de.btcinvestor.biz/?a=8079&o=5314&s=6ffc2471b7ed4e478b4488d89b9f704e_53518&pid=country
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Pragma: public
Date: Wed, 09 May 2018 16:14:09 GMT
Content-Encoding: gzip
Server: nginx
ETag: W/"5aec4f53-ac"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=21600 public
Transfer-Encoding: chunked
Expires: Wed, 09 May 2018 22:14:09 GMT

GET
S 200 gtm.js Show response
www.googletagmanager.com/ 110 KB
24 KB 17ms
16ms Script
application/javascript 172.217.21.232
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WFBL9N7

Requested by

Host: de.btcinvestor.biz
URL: http://de.btcinvestor.biz/?a=8079&o=5314&s=6ffc2471b7ed4e478b4488d89b9f704e_53518&pid=country

Protocol

SPDY

Server

172.217.21.232 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s13-in-f232.1e100.net

Software

Google Tag Manager (scaffolding) /

Resource Hash

5b930db802c325d35e309ee21d9d294b931c717ee74ab5ecae09364afbcd5c63

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: http://de.btcinvestor.biz/?a=8079&o=5314&s=6ffc2471b7ed4e478b4488d89b9f704e_53518&pid=country
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date: Wed, 09 May 2018 16:14:09 GMT
content-encoding: gzip
server: Google Tag Manager (scaffolding)
access-control-allow-headers: Cache-Control
status: 200
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: http://www.googletagmanager.com
cache-control: private, max-age=900
access-control-allow-credentials: true
alt-svc: hq=":443"; ma=2592000; quic=51303433; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length: 24526
x-xss-protection: 1; mode=block
expires: Wed, 09 May 2018 16:14:09 GMT

GET
S 200 css
fonts.googleapis.com/ 1 KB
459 B 16ms
15ms Stylesheet
text/css 172.217.18.170
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Nunito:400,400i,700,900|Open+Sans:400,700&subset=latin-ext

Requested by

Host: de.btcinvestor.biz
URL: http://de.btcinvestor.biz/?a=8079&o=5314&s=6ffc2471b7ed4e478b4488d89b9f704e_53518&pid=country

Protocol

SPDY

Server

172.217.18.170 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s29-in-f10.1e100.net

Software

ESF /

Resource Hash

f84c38e8dfad47c4e74a34cee9561d8f62fd47774a666cce7566a699e768a492

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://de.btcinvestor.biz/?a=8079&o=5314&s=6ffc2471b7ed4e478b4488d89b9f704e_53518&pid=country
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date: Wed, 09 May 2018 16:14:09 GMT
content-encoding: gzip
server: ESF
status: 200
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400
timing-allow-origin: *
alt-svc: hq=":443"; ma=2592000; quic=51303433; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="43,42,41,39,35"
x-xss-protection: 1; mode=block
expires: Wed, 09 May 2018 16:14:09 GMT

GET
H/1.1 200
OK darkBg.jpg
de.btcinvestor.biz/images/ 66 KB
66 KB 31ms
26ms Image
image/jpeg 54.37.130.240
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://de.btcinvestor.biz/images/darkBg.jpg
Requested by: Host: de.btcinvestor.biz
URL: http://de.btcinvestor.biz/?a=8079&o=5314&s=6ffc2471b7ed4e478b4488d89b9f704e_53518&pid=country
Protocol: HTTP/1.1
Server: 54.37.130.240 Woodbridge, United States, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: bf5430788230af3cb081333c4c9cb81c4a15d37076feb7a72e0c4f93787a385b

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: de.btcinvestor.biz
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://de.btcinvestor.biz/css/style.css
Connection: keep-alive
Cache-Control: no-cache
Referer: http://de.btcinvestor.biz/css/style.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Pragma: public
Date: Wed, 09 May 2018 16:14:09 GMT
Last-Modified: Fri, 04 May 2018 12:17:23 GMT
Server: nginx
ETag: "5aec4f53-1088a"
Content-Type: image/jpeg
Cache-Control: max-age=2145794 public
Accept-Ranges: bytes
Content-Length: 67722
Expires: Sun, 03 Jun 2018 12:17:23 GMT

GET
S 200 mem8YaGs126MiZpBA-UFW50e.ttf
fonts.gstatic.com/s/opensans/v15/ 38 KB
24 KB 5ms
5ms Font
font/ttf 172.217.23.131
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v15/mem8YaGs126MiZpBA-UFW50e.ttf

Requested by

Host: de.btcinvestor.biz
URL: http://de.btcinvestor.biz/?a=8079&o=5314&s=6ffc2471b7ed4e478b4488d89b9f704e_53518&pid=country

Protocol

SPDY

Server

172.217.23.131 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s18-in-f3.1e100.net

Software

sffe /

Resource Hash

0c4595868d57ebb5f2793e22e8493bfe2606cd8c628a039d2d1a4fa79f642b05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Nunito:400,400i,700,900|Open+Sans:400,700&subset=latin-ext
Origin: http://de.btcinvestor.biz

Response headers

date: Mon, 12 Feb 2018 17:46:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7424834
status: 200
alt-svc: hq=":443"; ma=2592000; quic=51303433; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length: 24229
x-xss-protection: 1; mode=block
last-modified: Wed, 11 Oct 2017 21:49:47 GMT
server: sffe
vary: Accept-Encoding
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Feb 2019 17:46:55 GMT

GET
S 200 XRXW3I6Li01BKofAtsGUb-vN.ttf
fonts.gstatic.com/s/nunito/v9/ 79 KB
39 KB 6ms
6ms Font
font/ttf 172.217.23.131
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunito/v9/XRXW3I6Li01BKofAtsGUb-vN.ttf

Requested by

Host: de.btcinvestor.biz
URL: http://de.btcinvestor.biz/?a=8079&o=5314&s=6ffc2471b7ed4e478b4488d89b9f704e_53518&pid=country

Protocol

SPDY

Server

172.217.23.131 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s18-in-f3.1e100.net

Software

sffe /

Resource Hash

ca39073b7b6576d389e3e2d5dfbccf9d79f4fe211f7b28a262ec0687a1dd33d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Nunito:400,400i,700,900|Open+Sans:400,700&subset=latin-ext
Origin: http://de.btcinvestor.biz

Response headers

date: Mon, 12 Feb 2018 22:00:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7409649
status: 200
alt-svc: hq=":443"; ma=2592000; quic=51303433; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length: 39928
x-xss-protection: 1; mode=block
last-modified: Tue, 10 Oct 2017 23:05:57 GMT
server: sffe
vary: Accept-Encoding
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Feb 2019 22:00:00 GMT

GET
S 200 XRXV3I6Li01BKofIO-aE.ttf
fonts.gstatic.com/s/nunito/v9/ 78 KB
38 KB 8ms
7ms Font
font/ttf 172.217.23.131
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunito/v9/XRXV3I6Li01BKofIO-aE.ttf

Requested by

Host: de.btcinvestor.biz
URL: http://de.btcinvestor.biz/?a=8079&o=5314&s=6ffc2471b7ed4e478b4488d89b9f704e_53518&pid=country

Protocol

SPDY

Server

172.217.23.131 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s18-in-f3.1e100.net

Software

sffe /

Resource Hash

6755a4551fe0d600587802a540c2ea6f663c0e25d7a0cabfa9e5653fa00593f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Nunito:400,400i,700,900|Open+Sans:400,700&subset=latin-ext
Origin: http://de.btcinvestor.biz

Response headers

date: Mon, 12 Feb 2018 15:35:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7432719
status: 200
alt-svc: hq=":443"; ma=2592000; quic=51303433; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length: 38961
x-xss-protection: 1; mode=block
last-modified: Tue, 10 Oct 2017 23:05:35 GMT
server: sffe
vary: Accept-Encoding
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Feb 2019 15:35:30 GMT

GET
S 200 mem5YaGs126MiZpBA-UN7rgOXOhs.ttf
fonts.gstatic.com/s/opensans/v15/ 39 KB
25 KB 6ms
6ms Font
font/ttf 172.217.23.131
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v15/mem5YaGs126MiZpBA-UN7rgOXOhs.ttf

Requested by

Host: de.btcinvestor.biz
URL: http://de.btcinvestor.biz/?a=8079&o=5314&s=6ffc2471b7ed4e478b4488d89b9f704e_53518&pid=country

Protocol

SPDY

Server

172.217.23.131 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s18-in-f3.1e100.net

Software

sffe /

Resource Hash

d123a1a00d692830f1f5276c64edfbc7abc9d0640bbb02596f83e10b14f89c0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Nunito:400,400i,700,900|Open+Sans:400,700&subset=latin-ext
Origin: http://de.btcinvestor.biz

Response headers

date: Wed, 28 Feb 2018 13:48:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6056759
status: 200
alt-svc: hq=":443"; ma=2592000; quic=51303433; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length: 25116
x-xss-protection: 1; mode=block
last-modified: Wed, 11 Oct 2017 21:49:48 GMT
server: sffe
vary: Accept-Encoding
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 28 Feb 2019 13:48:10 GMT

GET
H/1.1 200
OK fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ 75 KB
76 KB 21ms
7ms Font
application/font-woff2 209.197.3.15
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: de.btcinvestor.biz
URL: http://de.btcinvestor.biz/?a=8079&o=5314&s=6ffc2471b7ed4e478b4488d89b9f704e_53518&pid=country
Protocol: HTTP/1.1
Server: 209.197.3.15 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS: vip0x00f.map2.ssl.hwcdn.net
Software: /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin: http://de.btcinvestor.biz

Response headers

Date: Wed, 09 May 2018 16:14:09 GMT
Content-Encoding: gzip
Last-Modified: Sat, 17 Feb 2018 21:46:23 GMT
Connection: Keep-Alive
ETag: "1518903983"
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: application/font-woff2
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
X-Hello-Human: Say hello back! @getBootstrapCDN on Twitter
Accept-Ranges: bytes
Content-Length: 77171

GET
H/1.1 200
OK chart.json Show response
de.btcinvestor.biz/js/ 45 KB
11 KB 31ms
31ms XHR
application/json 54.37.130.240
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://de.btcinvestor.biz/js/chart.json
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/bodymovin/4.10.2/bodymovin_light.min.js
Protocol: HTTP/1.1
Server: 54.37.130.240 Woodbridge, United States, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: 30030c6550721a8212e6f505e42add33ef5bf17a4a2376952b605718993622d3

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: de.btcinvestor.biz
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: */*
Referer: http://de.btcinvestor.biz/?a=8079&o=5314&s=6ffc2471b7ed4e478b4488d89b9f704e_53518&pid=country
Cookie: a=8079; o=5314; s=6ffc2471b7ed4e478b4488d89b9f704e_53518; pid=country
Connection: keep-alive
Cache-Control: no-cache
Referer: http://de.btcinvestor.biz/?a=8079&o=5314&s=6ffc2471b7ed4e478b4488d89b9f704e_53518&pid=country
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Wed, 09 May 2018 16:14:09 GMT
Content-Encoding: gzip
Server: nginx
ETag: W/"5aec4f53-b583"
Vary: Accept-Encoding
Content-Type: application/json
Transfer-Encoding: chunked
X-Geo: DE

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9d02d662da8a47fb5fb610b545007507b6017028043dbb63cd09ec897d3b9627

Request headers

Response headers

Access-Control-Allow-Origin: *
Content-Type: image/png

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 53a38379592286cea290cd5315d36768edf6640aff3169573517fe82541e5a0a

Request headers

Response headers

Access-Control-Allow-Origin: *
Content-Type: image/png

GET
H/1.1 206
Partial Content btc_investor_short_de.mp4
de.btcinvestor.biz/videos/ 3 MB
0 187ms
186ms Media
video/mp4 54.37.130.240
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://de.btcinvestor.biz/videos/btc_investor_short_de.mp4
Protocol: HTTP/1.1
Server: 54.37.130.240 Woodbridge, United States, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Pragma: no-cache
Accept-Encoding: identity;q=1, *;q=0
Host: de.btcinvestor.biz
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
chrome-proxy: frfr
Accept: */*
Cache-Control: no-cache
Referer: http://de.btcinvestor.biz/?a=8079&o=5314&s=6ffc2471b7ed4e478b4488d89b9f704e_53518&pid=country
Cookie: a=8079; o=5314; s=6ffc2471b7ed4e478b4488d89b9f704e_53518; pid=country
Connection: keep-alive
Range: bytes=0-
Referer: http://de.btcinvestor.biz/?a=8079&o=5314&s=6ffc2471b7ed4e478b4488d89b9f704e_53518&pid=country
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Range: bytes=0-
chrome-proxy: frfr

Response headers

Date: Wed, 09 May 2018 16:14:10 GMT
X-Openstack-Request-Id: tx04162b4c4a224d85ad370-005af31e52
Last-Modified: Fri, 12 Jan 2018 10:53:10 GMT
Server: nginx
Etag: e5e2aef5ddfeaaab30cf553fe790de12
Content-Type: video/mp4
Content-Range: bytes 0-20531729/20531730
X-Timestamp: 1515754389.41579
Accept-Ranges: bytes
X-Geo: DE
Content-Length: 20531730
X-Trans-Id: tx04162b4c4a224d85ad370-005af31e52

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Crypto (Crypto Exchange)

24 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
de.btcinvestor.biz/	1970-01-18 16:34:34	Name: pid Value: country
de.btcinvestor.biz/	1970-01-18 16:34:34	Name: o Value: 5314
de.btcinvestor.biz/	1970-01-18 16:34:34	Name: s Value: 6ffc2471b7ed4e478b4488d89b9f704e_53518
de.btcinvestor.biz/	1970-01-18 16:34:34	Name: a Value: 8079

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
ct-redirect.com
de.btcinvestor.biz
fonts.googleapis.com
fonts.gstatic.com
get.mycounter.ua
maxcdn.bootstrapcdn.com
scripts.mycounter.ua
securecloud-bizz.com
securessl-bizz.com
windings.co.ua
www.googletagmanager.com
104.19.196.151
108.61.208.149
172.217.18.170
172.217.21.232
172.217.23.131
206.189.30.17
209.197.3.15
34.242.123.234
52.17.221.26
54.37.130.240
62.149.0.222
62.149.0.249
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
09957f75cb1c1c557c6ded83d9418b47aeb77a4f3e103148b551d201ffaeffc0
0c4595868d57ebb5f2793e22e8493bfe2606cd8c628a039d2d1a4fa79f642b05
1bfaa563f8cd23dc4b7f108f33c94ee586e6141de4f09e2155a1ce050abf223b
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
30030c6550721a8212e6f505e42add33ef5bf17a4a2376952b605718993622d3
367778085f446b669d32cac74ec75cd027cd81d2d87aa7dad466060ca206726c
39798ade383d97cb7ec6a3a921fba6719baa3652757957c240d6267b77e8f7dc
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
53a38379592286cea290cd5315d36768edf6640aff3169573517fe82541e5a0a
5b930db802c325d35e309ee21d9d294b931c717ee74ab5ecae09364afbcd5c63
6755a4551fe0d600587802a540c2ea6f663c0e25d7a0cabfa9e5653fa00593f0
6aff6581c3e69b7dc70a22f1f9cfb5d528e9c766beafa592448040bf510da32d
73a51e9a913a1d5117e292fcccf9e3251506677b54ffd2afdaf3fd1860825e80
74a5641536c94b5e55dbe7226f295d925bbd45765abd22024fbcbe9734054cbd
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7c7b841aa73e9cfd6393d60d91a17bb4eaaf6ddc989e69d56d46bc6d49933c0b
8ccbf3724368fd3da007d3959266c24e00f8ec01758c5d8a97e451c3640261b4
8de04aafe2dfbcbf827f74b9a0858b2733ee9daa6496a4e90e207d8f5f0e6e54
8fd301640d59281bf4582716ce458d76bf5b5ba8d73198986c62d4cd2c1a43d0
988f92a92cdc0dacb2c1204eba4dccf9e45ec8c6d2f1008fdfc98c952e82609b
9c04ed837c88d6c6defb51c022783c4c20b97c3b3ad861d813dc2bca2d09909c
9d02d662da8a47fb5fb610b545007507b6017028043dbb63cd09ec897d3b9627
bf5430788230af3cb081333c4c9cb81c4a15d37076feb7a72e0c4f93787a385b
c20697edfbd96dffc10eb4023102d6e3e9f199e89837c51ccf313888e364cefd
c2b29878df5517c5fd6660925cf172c0468a56680c6c7883b15363b48ee8d27d
ca39073b7b6576d389e3e2d5dfbccf9d79f4fe211f7b28a262ec0687a1dd33d2
d123a1a00d692830f1f5276c64edfbc7abc9d0640bbb02596f83e10b14f89c0d
e70eb9061534e6d29fc57c859dea9059c922d862319264a60391599fba0875a9
e94483aef81e9383a27dbbd6319358cb25649b8265cbc1535a4ad75ece8a44e5
ea0bae2ce2088b9bc1e55eef53263e3058a2db1f9a21012f3e081fa005f6a2d0
f0f91fe8e5ed2c3a77fdea79cc5a48d8fd5d4659811a3a5675bcd96afa5c5a8d
f62003f4bdef7a21b7efdcbb96dbd7f180961ca7b3c3d64cbfe0853f8c751304
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
f84c38e8dfad47c4e74a34cee9561d8f62fd47774a666cce7566a699e768a492
f8759b4002b5d3273049eca7e9ba054fa587f34a624a4f401f712a5596803f6a

de.btcinvestor.biz Open in urlscan Pro 54.37.130.240 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

39 Requests

0 %HTTPS

0 %IPv6

11 Domains

12 Subdomains

10 IPs

4 Countries

671 kBTransfer

4939 kBSize

4 Cookies

0 Outgoing links

Page URL History

Redirected requests

39 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

de.btcinvestor.biz Open in urlscan Pro
54.37.130.240 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

39
Requests

0 %
HTTPS

0 %
IPv6

11
Domains

12
Subdomains

10
IPs

4
Countries

671 kB
Transfer

4939 kB
Size

4
Cookies

39 HTTP transactions
2 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!