de.btcinvestor.biz Open in urlscan Pro
54.37.130.240 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://eu.eurosale.biz.ua/eu3/
Effective URL:
http://de.btcinvestor.biz/?a=8079&o=5314&s=1f8c390b4371428fa1fe8aad67520a23_53518&pid=country
Submission: On May 15 via manual (May 15th 2018, 10:47:42 am UTC) from HU

Summary HTTP 39 Redirects Behaviour Indicators

Summary

This website contacted 11 IPs in 4 countries across 12 domains to perform 39 HTTP transactions. The main IP is 54.37.130.240, located in Woodbridge, United States and belongs to OVH, FR. The main domain is de.btcinvestor.biz.

This is the only time de.btcinvestor.biz was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Crypto (Crypto Exchange)

Domain & IP information

	IP Address	AS Autonomous System
3	178.62.83.37 178.62.83.37	14061 (DIGITALOC...) (DIGITALOCEAN-ASN - DigitalOcean)
3	62.149.0.222 62.149.0.222	15497 (COLOCALL ...) (COLOCALL Internet Data Center _ColoCALL_)
3	62.149.0.249 62.149.0.249	15497 (COLOCALL ...) (COLOCALL Internet Data Center _ColoCALL_)
1 1	34.241.118.9 34.241.118.9	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 1	34.246.246.223 34.246.246.223	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 1	108.61.208.149 108.61.208.149	20473 (AS-CHOOPA) (AS-CHOOPA - Choopa)
16	54.37.130.240 54.37.130.240	16276 (OVH) (OVH)
2	209.197.3.15 209.197.3.15	20446 (HIGHWINDS3) (HIGHWINDS3 - Highwinds Network Group)
5	104.19.199.151 104.19.199.151	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	172.217.21.232 172.217.21.232	15169 (GOOGLE) (GOOGLE - Google LLC)
1	172.217.21.234 172.217.21.234	15169 (GOOGLE) (GOOGLE - Google LLC)
4	172.217.23.163 172.217.23.163	15169 (GOOGLE) (GOOGLE - Google LLC)
1	54.37.202.204 54.37.202.204	16276 (OVH) (OVH)
39	11

3 178.62.83.37 (London, United Kingdom)

ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US)

eu.eurosale.biz.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 62.149.0.222 (Ukraine)

ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA)
PTR: 0-222.memphis2.cc.colocall.com

scripts.mycounter.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 62.149.0.249 (Ukraine)

ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA)
PTR: get.mycounter.ua

get.mycounter.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.241.118.9 (United States) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-34-241-118-9.eu-west-1.compute.amazonaws.com

securecloud-bizz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.246.246.223 (United States) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-34-246-246-223.eu-west-1.compute.amazonaws.com

securessl-bizz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.61.208.149 (Paris, France) 1 redirects

ASN20473 (AS-CHOOPA - Choopa, LLC, US)
PTR: 108.61.208.149.vultr.com

ct-redirect.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 54.37.130.240 (Woodbridge, United States)

ASN16276 (OVH, FR)

de.btcinvestor.biz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 209.197.3.15 (Phoenix, United States)

ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)
PTR: vip0x00f.map2.ssl.hwcdn.net

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.19.199.151 (San Francisco, United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.21.232 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s13-in-f232.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.21.234 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s13-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.23.163 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s22-in-f163.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.37.202.204 (Woodbridge, United States)

ASN16276 (OVH, FR)
PTR: ip204.ip-54-37-202.eu

storage.de1.cloud.ovh.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	btcinvestor.biz de.btcinvestor.biz	325 KB
6	mycounter.ua scripts.mycounter.ua get.mycounter.ua	14 KB
5	cloudflare.com cdnjs.cloudflare.com	97 KB
4	gstatic.com fonts.gstatic.com	126 KB
3	biz.ua eu.eurosale.biz.ua	3 KB
2	bootstrapcdn.com maxcdn.bootstrapcdn.com	83 KB
1	ovh.net storage.de1.cloud.ovh.net
1	googleapis.com fonts.googleapis.com	450 B
1	googletagmanager.com www.googletagmanager.com	24 KB
1	ct-redirect.com 1 redirects ct-redirect.com	223 B
1	securessl-bizz.com 1 redirects securessl-bizz.com	2 KB
1	securecloud-bizz.com 1 redirects securecloud-bizz.com	432 B
39	12

	Domain	Requested by
16	de.btcinvestor.biz	de.btcinvestor.biz cdnjs.cloudflare.com
5	cdnjs.cloudflare.com	de.btcinvestor.biz
4	fonts.gstatic.com	de.btcinvestor.biz
3	get.mycounter.ua	eu.eurosale.biz.ua
3	scripts.mycounter.ua	eu.eurosale.biz.ua
3	eu.eurosale.biz.ua
2	maxcdn.bootstrapcdn.com	de.btcinvestor.biz
1	storage.de1.cloud.ovh.net
1	fonts.googleapis.com	de.btcinvestor.biz
1	www.googletagmanager.com	de.btcinvestor.biz
1	ct-redirect.com	1 redirects
1	securessl-bizz.com	1 redirects
1	securecloud-bizz.com	1 redirects
39	13

This site contains no links.

Subject Issuer	Validity	Valid

This page contains 1 frames:

Primary Page: http://de.btcinvestor.biz/?a=8079&o=5314&s=1f8c390b4371428fa1fe8aad67520a23_53518&pid=country
Frame ID: 0607594ACECF8AD454ACAFC93CEDDB2F
Requests: 41 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://eu.eurosale.biz.ua/eu3/ Page URL
http://eu.eurosale.biz.ua/eu2/ Page URL
http://eu.eurosale.biz.ua/securecloud-bizz1/ Page URL
http://securecloud-bizz.com/?a=67327&c=171255&s1=id&s2=facebook&s3=country&s4=1505&s5=2018 HTTP 302
https://securessl-bizz.com/?a=67327&c=169952&oc=66052&sr=t&so=54350&rc=24_67070&s1=id&s2=facebook&s3=co... HTTP 302
http://ct-redirect.com/Y99no?a=8079&o=5314&s=1f8c390b4371428fa1fe8aad67520a23_53518&pid=country HTTP 302
http://de.btcinvestor.biz/?a=8079&o=5314&s=1f8c390b4371428fa1fe8aad67520a23_53518&pid=country Page URL

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+font-awesome(?:\.min)?\.css/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

env /^google_tag_manager$/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

env /^jQuery$/i

Twitter Bootstrap () Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]+bootstrap(?:\.min)?\.css/i

Page Statistics

39
Requests

0 %
HTTPS

0 %
IPv6

12
Domains

13
Subdomains

11
IPs

4
Countries

672 kB
Transfer

3785 kB
Size

4
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://eu.eurosale.biz.ua/eu3/ Page URL
http://eu.eurosale.biz.ua/eu2/ Page URL
http://eu.eurosale.biz.ua/securecloud-bizz1/ Page URL
http://securecloud-bizz.com/?a=67327&c=171255&s1=id&s2=facebook&s3=country&s4=1505&s5=2018 HTTP 302
https://securessl-bizz.com/?a=67327&c=169952&oc=66052&sr=t&so=54350&rc=24_67070&s1=id&s2=facebook&s3=country&s4=1505&s5=2018&ref=http%3A%2F%2Feu.eurosale.biz.ua%2Fsecurecloud-bizz1%2F&h=89966822b54f5a9bce6f460fa396eacb91f25d43 HTTP 302
http://ct-redirect.com/Y99no?a=8079&o=5314&s=1f8c390b4371428fa1fe8aad67520a23_53518&pid=country HTTP 302
http://de.btcinvestor.biz/?a=8079&o=5314&s=1f8c390b4371428fa1fe8aad67520a23_53518&pid=country Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

39 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK / Show response
eu.eurosale.biz.ua/eu3/ 644 B
927 B 44ms
23ms Document
text/html 178.62.83.37
DigitalOcean

General

Check archive.org

Show headers Download Go to

Full URL: http://eu.eurosale.biz.ua/eu3/
Protocol: HTTP/1.1
Server: 178.62.83.37 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
Software: Apache/2.2.22 (@RELEASE@) /
Resource Hash: df636b24dc2852f715ae5d6ab08f05a1fc41d9a40a548523d2ae161937384f58

Request headers

Host: eu.eurosale.biz.ua
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: 0607594ACECF8AD454ACAFC93CEDDB2F

Response headers

Date: Tue, 15 May 2018 10:47:31 GMT
Server: Apache/2.2.22 (@RELEASE@)
Last-Modified: Mon, 14 May 2018 19:37:54 GMT
ETag: "1ff36-284-56c2f9f3ad26e"
Accept-Ranges: bytes
Content-Length: 644
Connection: close
Content-Type: text/html
X-Pad: avoid browser bug

GET
H/1.1 200
OK counter2.0.js Show response
scripts.mycounter.ua/ 4 KB
4 KB 68ms
34ms Script
application/javascript 62.149.0.222
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to

Full URL: http://scripts.mycounter.ua/counter2.0.js
Requested by: Host: eu.eurosale.biz.ua
URL: http://eu.eurosale.biz.ua/eu3/
Protocol: HTTP/1.1
Server: 62.149.0.222 , Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS: 0-222.memphis2.cc.colocall.com
Software: nginx/1.10.3 /
Resource Hash: 73a51e9a913a1d5117e292fcccf9e3251506677b54ffd2afdaf3fd1860825e80

Request headers

Referer: http://eu.eurosale.biz.ua/eu3/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Tue, 15 May 2018 10:47:31 GMT
Last-Modified: Tue, 24 Apr 2018 09:33:35 GMT
Server: nginx/1.10.3
ETag: "5adef9ef-e44"
Content-Type: application/javascript
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3652
Expires: Tue, 15 May 2018 11:47:31 GMT

GET
H/1.1 200
OK counter.php
get.mycounter.ua/ 723 B
946 B 176ms
99ms Image
image/png 62.149.0.249
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://get.mycounter.ua/counter.php?id=164815&w=http%3A//eu.eurosale.biz.ua/eu3/&s=1600x1200x24&c=1&j=7
Requested by: Host: eu.eurosale.biz.ua
URL: http://eu.eurosale.biz.ua/eu3/
Protocol: HTTP/1.1
Server: 62.149.0.249 , Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS: get.mycounter.ua
Software: MyCounter TCP Server v.2.0.0 /
Resource Hash: 8fd301640d59281bf4582716ce458d76bf5b5ba8d73198986c62d4cd2c1a43d0

Request headers

Referer: http://eu.eurosale.biz.ua/eu3/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Tue, 15 May 2018 13:47:31 GMT
Server: MyCounter TCP Server v.2.0.0
Content-Type: image/png
Cache-control: no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 723
Expires: 0

GET
H/1.1 200
OK / Show response
eu.eurosale.biz.ua/eu2/ 658 B
941 B 42ms
22ms Document
text/html 178.62.83.37
DigitalOcean

General

Check archive.org

Show headers Download Go to

Full URL: http://eu.eurosale.biz.ua/eu2/
Protocol: HTTP/1.1
Server: 178.62.83.37 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
Software: Apache/2.2.22 (@RELEASE@) /
Resource Hash: 362d6dbbc1e608a3dc3d0e7cf55f7410780a580c4525305cf60aaa420a33847c

Request headers

Host: eu.eurosale.biz.ua
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://eu.eurosale.biz.ua/eu3/
Accept-Encoding: gzip, deflate
Cookie: s=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: 0607594ACECF8AD454ACAFC93CEDDB2F
Referer: http://eu.eurosale.biz.ua/eu3/

Response headers

Date: Tue, 15 May 2018 10:47:32 GMT
Server: Apache/2.2.22 (@RELEASE@)
Last-Modified: Mon, 14 May 2018 19:37:53 GMT
ETag: "1ff34-292-56c2f9f290ba9"
Accept-Ranges: bytes
Content-Length: 658
Connection: close
Content-Type: text/html
X-Pad: avoid browser bug

GET
H/1.1 200
OK counter2.0.js Show response
scripts.mycounter.ua/ 4 KB
4 KB 33ms
33ms Script
application/javascript 62.149.0.222
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to

Full URL: http://scripts.mycounter.ua/counter2.0.js
Requested by: Host: eu.eurosale.biz.ua
URL: http://eu.eurosale.biz.ua/eu2/
Protocol: HTTP/1.1
Server: 62.149.0.222 , Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS: 0-222.memphis2.cc.colocall.com
Software: nginx/1.10.3 /
Resource Hash: 73a51e9a913a1d5117e292fcccf9e3251506677b54ffd2afdaf3fd1860825e80

Request headers

Referer: http://eu.eurosale.biz.ua/eu2/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Tue, 15 May 2018 10:47:32 GMT
Last-Modified: Tue, 24 Apr 2018 09:33:35 GMT
Server: nginx/1.10.3
ETag: "5adef9ef-e44"
Content-Type: application/javascript
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3652
Expires: Tue, 15 May 2018 11:47:32 GMT

GET
H/1.1 200
OK counter.php
get.mycounter.ua/ 723 B
946 B 38ms
37ms Image
image/png 62.149.0.249
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://get.mycounter.ua/counter.php?id=164815&w=http%3A//eu.eurosale.biz.ua/eu2/&s=1600x1200x24&r=http%3A//eu.eurosale.biz.ua/eu3/&c=1&j=7
Requested by: Host: eu.eurosale.biz.ua
URL: http://eu.eurosale.biz.ua/eu2/
Protocol: HTTP/1.1
Server: 62.149.0.249 , Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS: get.mycounter.ua
Software: MyCounter TCP Server v.2.0.0 /
Resource Hash: 8fd301640d59281bf4582716ce458d76bf5b5ba8d73198986c62d4cd2c1a43d0

Request headers

Referer: http://eu.eurosale.biz.ua/eu2/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Tue, 15 May 2018 13:47:32 GMT
Server: MyCounter TCP Server v.2.0.0
Content-Type: image/png
Cache-control: no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 723
Expires: 0

GET
H/1.1 200
OK / Show response
eu.eurosale.biz.ua/securecloud-bizz1/ 704 B
987 B 43ms
23ms Document
text/html 178.62.83.37
DigitalOcean

General

Check archive.org

Show headers Download Go to

Full URL: http://eu.eurosale.biz.ua/securecloud-bizz1/
Protocol: HTTP/1.1
Server: 178.62.83.37 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
Software: Apache/2.2.22 (@RELEASE@) /
Resource Hash: 3f6aed2748b964d7d389b1524a353e3e55a66a9194951f98605c48fdad880b5f

Request headers

Host: eu.eurosale.biz.ua
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://eu.eurosale.biz.ua/eu2/
Accept-Encoding: gzip, deflate
Cookie: s=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: 0607594ACECF8AD454ACAFC93CEDDB2F
Referer: http://eu.eurosale.biz.ua/eu2/

Response headers

Date: Tue, 15 May 2018 10:47:33 GMT
Server: Apache/2.2.22 (@RELEASE@)
Last-Modified: Mon, 14 May 2018 19:37:51 GMT
ETag: "1ff32-2c0-56c2f9f0b8ce3"
Accept-Ranges: bytes
Content-Length: 704
Connection: close
Content-Type: text/html
X-Pad: avoid browser bug

GET
H/1.1 200
OK counter2.0.js Show response
scripts.mycounter.ua/ 4 KB
4 KB 34ms
33ms Script
application/javascript 62.149.0.222
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to

Full URL: http://scripts.mycounter.ua/counter2.0.js
Requested by: Host: eu.eurosale.biz.ua
URL: http://eu.eurosale.biz.ua/securecloud-bizz1/
Protocol: HTTP/1.1
Server: 62.149.0.222 , Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS: 0-222.memphis2.cc.colocall.com
Software: nginx/1.10.3 /
Resource Hash: 73a51e9a913a1d5117e292fcccf9e3251506677b54ffd2afdaf3fd1860825e80

Request headers

Referer: http://eu.eurosale.biz.ua/securecloud-bizz1/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Tue, 15 May 2018 10:47:33 GMT
Last-Modified: Tue, 24 Apr 2018 09:33:35 GMT
Server: nginx/1.10.3
ETag: "5adef9ef-e44"
Content-Type: application/javascript
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3652
Expires: Tue, 15 May 2018 11:47:33 GMT

GET
H/1.1 200
OK counter.php
get.mycounter.ua/ 723 B
946 B 37ms
37ms Image
image/png 62.149.0.249
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://get.mycounter.ua/counter.php?id=164815&w=http%3A//eu.eurosale.biz.ua/securecloud-bizz1/&s=1600x1200x24&r=http%3A//eu.eurosale.biz.ua/eu2/&c=1&j=7
Requested by: Host: eu.eurosale.biz.ua
URL: http://eu.eurosale.biz.ua/securecloud-bizz1/
Protocol: HTTP/1.1
Server: 62.149.0.249 , Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS: get.mycounter.ua
Software: MyCounter TCP Server v.2.0.0 /
Resource Hash: 8fd301640d59281bf4582716ce458d76bf5b5ba8d73198986c62d4cd2c1a43d0

Request headers

Referer: http://eu.eurosale.biz.ua/securecloud-bizz1/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Tue, 15 May 2018 13:47:33 GMT
Server: MyCounter TCP Server v.2.0.0
Content-Type: image/png
Cache-control: no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 723
Expires: 0

GET
H/1.1

200
OK

Primary Request / Show response
de.btcinvestor.biz/
Redirect Chain

http://securecloud-bizz.com/?a=67327&c=171255&s1=id&s2=facebook&s3=country&s4=1505&s5=2018
https://securessl-bizz.com/?a=67327&c=169952&oc=66052&sr=t&so=54350&rc=24_67070&s1=id&s2=facebook&s3=country&s4=1505&s5=2018&ref=http%3A%2F%2Feu.eurosale.biz.ua%2Fsecurecloud-bizz1%2F&h=89966822b54...
http://ct-redirect.com/Y99no?a=8079&o=5314&s=1f8c390b4371428fa1fe8aad67520a23_53518&pid=country
http://de.btcinvestor.biz/?a=8079&o=5314&s=1f8c390b4371428fa1fe8aad67520a23_53518&pid=country

17 KB
4 KB

78ms
27ms

Document
text/html

54.37.130.240
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://de.btcinvestor.biz/?a=8079&o=5314&s=1f8c390b4371428fa1fe8aad67520a23_53518&pid=country
Protocol: HTTP/1.1
Server: 54.37.130.240 Woodbridge, United States, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: 9c04ed837c88d6c6defb51c022783c4c20b97c3b3ad861d813dc2bca2d09909c

Request headers

Host: de.btcinvestor.biz
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://eu.eurosale.biz.ua/securecloud-bizz1/
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: 0607594ACECF8AD454ACAFC93CEDDB2F
Referer: http://eu.eurosale.biz.ua/securecloud-bizz1/

Response headers

Server: nginx
Date: Tue, 15 May 2018 10:47:35 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Vary: Accept-Encoding
ETag: W/"5afa9e7e-4519"
X-Geo: DE
Content-Encoding: gzip

Redirect headers

Location: http://de.btcinvestor.biz?a=8079&o=5314&s=1f8c390b4371428fa1fe8aad67520a23_53518&pid=country
Date: Tue, 15 May 2018 10:47:35 GMT
Content-Length: 0
Content-Type: text/plain; charset=utf-8

GET
H/1.1 200
OK font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ 30 KB
7 KB 24ms
9ms Stylesheet
text/css 209.197.3.15
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Requested by: Host: de.btcinvestor.biz
URL: http://de.btcinvestor.biz/?a=8079&o=5314&s=1f8c390b4371428fa1fe8aad67520a23_53518&pid=country
Protocol: HTTP/1.1
Server: 209.197.3.15 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS: vip0x00f.map2.ssl.hwcdn.net
Software: /
Resource Hash: 799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Request headers

Referer: http://de.btcinvestor.biz/?a=8079&o=5314&s=1f8c390b4371428fa1fe8aad67520a23_53518&pid=country
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Tue, 15 May 2018 10:47:35 GMT
Content-Encoding: gzip
Last-Modified: Sat, 17 Feb 2018 21:46:17 GMT
Connection: Keep-Alive
ETag: "1518903977"
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
X-Hello-Human: Say hello back! @getBootstrapCDN on Twitter
Accept-Ranges: bytes
Content-Length: 7050

GET
S 200 bootstrap.min.css
cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.3.7/css/ 118 KB
20 KB 55ms
29ms Stylesheet
text/css 104.19.199.151
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.3.7/css/bootstrap.min.css

Requested by

Host: de.btcinvestor.biz
URL: http://de.btcinvestor.biz/?a=8079&o=5314&s=1f8c390b4371428fa1fe8aad67520a23_53518&pid=country

Protocol

SPDY

Server

104.19.199.151 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: http://de.btcinvestor.biz/?a=8079&o=5314&s=1f8c390b4371428fa1fe8aad67520a23_53518&pid=country
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date: Tue, 15 May 2018 10:47:35 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 26 Jul 2016 07:16:08 GMT
server: cloudflare
status: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=30672000
strict-transport-security: max-age=15780000; includeSubDomains
cf-ray: 41b50700cbef63fd-FRA
expires: Sun, 05 May 2019 10:47:35 GMT

GET
H/1.1 200
OK style.css
de.btcinvestor.biz/css/ 16 KB
4 KB 29ms
27ms Stylesheet
text/css 54.37.130.240
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://de.btcinvestor.biz/css/style.css
Requested by: Host: de.btcinvestor.biz
URL: http://de.btcinvestor.biz/?a=8079&o=5314&s=1f8c390b4371428fa1fe8aad67520a23_53518&pid=country
Protocol: HTTP/1.1
Server: 54.37.130.240 Woodbridge, United States, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: 8de04aafe2dfbcbf827f74b9a0858b2733ee9daa6496a4e90e207d8f5f0e6e54

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: de.btcinvestor.biz
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://de.btcinvestor.biz/?a=8079&o=5314&s=1f8c390b4371428fa1fe8aad67520a23_53518&pid=country
Connection: keep-alive
Cache-Control: no-cache
Referer: http://de.btcinvestor.biz/?a=8079&o=5314&s=1f8c390b4371428fa1fe8aad67520a23_53518&pid=country
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Pragma: public
Date: Tue, 15 May 2018 10:47:35 GMT
Content-Encoding: gzip
Server: nginx
ETag: W/"5afa9e7e-3f93"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=21600 public
Transfer-Encoding: chunked
Expires: Tue, 15 May 2018 16:47:35 GMT

GET
H/1.1 200
OK multistepform.css
de.btcinvestor.biz/css/ 3 KB
1 KB 54ms
27ms Stylesheet
text/css 54.37.130.240
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://de.btcinvestor.biz/css/multistepform.css
Requested by: Host: de.btcinvestor.biz
URL: http://de.btcinvestor.biz/?a=8079&o=5314&s=1f8c390b4371428fa1fe8aad67520a23_53518&pid=country
Protocol: HTTP/1.1
Server: 54.37.130.240 Woodbridge, United States, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: c20697edfbd96dffc10eb4023102d6e3e9f199e89837c51ccf313888e364cefd

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: de.btcinvestor.biz
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://de.btcinvestor.biz/?a=8079&o=5314&s=1f8c390b4371428fa1fe8aad67520a23_53518&pid=country
Connection: keep-alive
Cache-Control: no-cache
Referer: http://de.btcinvestor.biz/?a=8079&o=5314&s=1f8c390b4371428fa1fe8aad67520a23_53518&pid=country
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Pragma: public
Date: Tue, 15 May 2018 10:47:35 GMT
Content-Encoding: gzip
Server: nginx
ETag: W/"5afa9e7e-d3c"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=21600 public
Transfer-Encoding: chunked
Expires: Tue, 15 May 2018 16:47:35 GMT

GET
H/1.1 200
OK crazypopup.css
de.btcinvestor.biz/css/ 1 KB
906 B 54ms
27ms Stylesheet
text/css 54.37.130.240
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://de.btcinvestor.biz/css/crazypopup.css
Requested by: Host: de.btcinvestor.biz
URL: http://de.btcinvestor.biz/?a=8079&o=5314&s=1f8c390b4371428fa1fe8aad67520a23_53518&pid=country
Protocol: HTTP/1.1
Server: 54.37.130.240 Woodbridge, United States, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: 988f92a92cdc0dacb2c1204eba4dccf9e45ec8c6d2f1008fdfc98c952e82609b

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: de.btcinvestor.biz
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://de.btcinvestor.biz/?a=8079&o=5314&s=1f8c390b4371428fa1fe8aad67520a23_53518&pid=country
Connection: keep-alive
Cache-Control: no-cache
Referer: http://de.btcinvestor.biz/?a=8079&o=5314&s=1f8c390b4371428fa1fe8aad67520a23_53518&pid=country
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Pragma: public
Date: Tue, 15 May 2018 10:47:35 GMT
Content-Encoding: gzip
Server: nginx
ETag: W/"5afa9e7e-4e6"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=21600 public
Transfer-Encoding: chunked
Expires: Tue, 15 May 2018 16:47:35 GMT

GET
H/1.1 200
OK btcchart.css
de.btcinvestor.biz/css/ 2 KB
1003 B 55ms
28ms Stylesheet
text/css 54.37.130.240
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://de.btcinvestor.biz/css/btcchart.css
Requested by: Host: de.btcinvestor.biz
URL: http://de.btcinvestor.biz/?a=8079&o=5314&s=1f8c390b4371428fa1fe8aad67520a23_53518&pid=country
Protocol: HTTP/1.1
Server: 54.37.130.240 Woodbridge, United States, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: f0f91fe8e5ed2c3a77fdea79cc5a48d8fd5d4659811a3a5675bcd96afa5c5a8d

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: de.btcinvestor.biz
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://de.btcinvestor.biz/?a=8079&o=5314&s=1f8c390b4371428fa1fe8aad67520a23_53518&pid=country
Connection: keep-alive
Cache-Control: no-cache
Referer: http://de.btcinvestor.biz/?a=8079&o=5314&s=1f8c390b4371428fa1fe8aad67520a23_53518&pid=country
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Pragma: public
Date: Tue, 15 May 2018 10:47:35 GMT
Content-Encoding: gzip
Server: nginx
ETag: W/"5afa9e7e-6b3"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=21600 public
Transfer-Encoding: chunked
Expires: Tue, 15 May 2018 16:47:35 GMT

GET
H/1.1 200
OK btc_investor_logo.svg
de.btcinvestor.biz/images/ 5 KB
2 KB 52ms
26ms Image
image/svg+xml 54.37.130.240
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://de.btcinvestor.biz/images/btc_investor_logo.svg
Requested by: Host: de.btcinvestor.biz
URL: http://de.btcinvestor.biz/?a=8079&o=5314&s=1f8c390b4371428fa1fe8aad67520a23_53518&pid=country
Protocol: HTTP/1.1
Server: 54.37.130.240 Woodbridge, United States, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: e94483aef81e9383a27dbbd6319358cb25649b8265cbc1535a4ad75ece8a44e5

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: de.btcinvestor.biz
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://de.btcinvestor.biz/?a=8079&o=5314&s=1f8c390b4371428fa1fe8aad67520a23_53518&pid=country
Connection: keep-alive
Cache-Control: no-cache
Referer: http://de.btcinvestor.biz/?a=8079&o=5314&s=1f8c390b4371428fa1fe8aad67520a23_53518&pid=country
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Pragma: public
Date: Tue, 15 May 2018 10:47:35 GMT
Content-Encoding: gzip
Last-Modified: Tue, 15 May 2018 08:46:54 GMT
Server: nginx
ETag: W/"5afa9e7e-1386"
Vary: Accept-Encoding
Content-Type: image/svg+xml
Cache-Control: max-age=2584759 public
Transfer-Encoding: chunked
Expires: Thu, 14 Jun 2018 08:46:54 GMT

GET
S 200 gb.svg
cdnjs.cloudflare.com/ajax/libs/flag-icon-css/2.1.0/flags/4x3/ 934 B
557 B 17ms
16ms Image
image/svg+xml 104.19.199.151
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnjs.cloudflare.com/ajax/libs/flag-icon-css/2.1.0/flags/4x3/gb.svg

Requested by

Host: de.btcinvestor.biz
URL: http://de.btcinvestor.biz/?a=8079&o=5314&s=1f8c390b4371428fa1fe8aad67520a23_53518&pid=country

Protocol

SPDY

Server

104.19.199.151 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

8ccbf3724368fd3da007d3959266c24e00f8ec01758c5d8a97e451c3640261b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: http://de.btcinvestor.biz/?a=8079&o=5314&s=1f8c390b4371428fa1fe8aad67520a23_53518&pid=country
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date: Tue, 15 May 2018 10:47:35 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 22 Jun 2016 14:42:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
status: 200
cache-control: public, max-age=30672000
strict-transport-security: max-age=15780000; includeSubDomains
cf-ray: 41b50700dbf363fd-FRA
expires: Sun, 05 May 2019 10:47:35 GMT

GET
H/1.1 200
OK bloomberg_logo.min.png
de.btcinvestor.biz/images/ 3 KB
3 KB 71ms
26ms Image
image/png 54.37.130.240
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://de.btcinvestor.biz/images/bloomberg_logo.min.png
Requested by: Host: de.btcinvestor.biz
URL: http://de.btcinvestor.biz/?a=8079&o=5314&s=1f8c390b4371428fa1fe8aad67520a23_53518&pid=country
Protocol: HTTP/1.1
Server: 54.37.130.240 Woodbridge, United States, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: 09957f75cb1c1c557c6ded83d9418b47aeb77a4f3e103148b551d201ffaeffc0

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: de.btcinvestor.biz
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://de.btcinvestor.biz/?a=8079&o=5314&s=1f8c390b4371428fa1fe8aad67520a23_53518&pid=country
Connection: keep-alive
Cache-Control: no-cache
Referer: http://de.btcinvestor.biz/?a=8079&o=5314&s=1f8c390b4371428fa1fe8aad67520a23_53518&pid=country
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Pragma: public
Date: Tue, 15 May 2018 10:47:35 GMT
Last-Modified: Tue, 15 May 2018 08:46:54 GMT
Server: nginx
ETag: "5afa9e7e-ad7"
Content-Type: image/png
Cache-Control: max-age=2584759 public
Accept-Ranges: bytes
Content-Length: 2775
Expires: Thu, 14 Jun 2018 08:46:54 GMT

GET
H/1.1 200
OK forbes_logo.min.png
de.btcinvestor.biz/images/ 2 KB
3 KB 71ms
26ms Image
image/png 54.37.130.240
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://de.btcinvestor.biz/images/forbes_logo.min.png
Requested by: Host: de.btcinvestor.biz
URL: http://de.btcinvestor.biz/?a=8079&o=5314&s=1f8c390b4371428fa1fe8aad67520a23_53518&pid=country
Protocol: HTTP/1.1
Server: 54.37.130.240 Woodbridge, United States, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: c2b29878df5517c5fd6660925cf172c0468a56680c6c7883b15363b48ee8d27d

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: de.btcinvestor.biz
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://de.btcinvestor.biz/?a=8079&o=5314&s=1f8c390b4371428fa1fe8aad67520a23_53518&pid=country
Connection: keep-alive
Cache-Control: no-cache
Referer: http://de.btcinvestor.biz/?a=8079&o=5314&s=1f8c390b4371428fa1fe8aad67520a23_53518&pid=country
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Pragma: public
Date: Tue, 15 May 2018 10:47:35 GMT
Last-Modified: Tue, 15 May 2018 08:46:54 GMT
Server: nginx
ETag: "5afa9e7e-9fb"
Content-Type: image/png
Cache-Control: max-age=2584759 public
Accept-Ranges: bytes
Content-Length: 2555
Expires: Thu, 14 Jun 2018 08:46:54 GMT

GET
H/1.1 200
OK usr_fsdf45.jpg
de.btcinvestor.biz/images/users/ 8 KB
8 KB 46ms
26ms Image
image/jpeg 54.37.130.240
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://de.btcinvestor.biz/images/users/usr_fsdf45.jpg
Requested by: Host: de.btcinvestor.biz
URL: http://de.btcinvestor.biz/?a=8079&o=5314&s=1f8c390b4371428fa1fe8aad67520a23_53518&pid=country
Protocol: HTTP/1.1
Server: 54.37.130.240 Woodbridge, United States, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: 1bfaa563f8cd23dc4b7f108f33c94ee586e6141de4f09e2155a1ce050abf223b

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: de.btcinvestor.biz
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://de.btcinvestor.biz/?a=8079&o=5314&s=1f8c390b4371428fa1fe8aad67520a23_53518&pid=country
Connection: keep-alive
Cache-Control: no-cache
Referer: http://de.btcinvestor.biz/?a=8079&o=5314&s=1f8c390b4371428fa1fe8aad67520a23_53518&pid=country
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Pragma: public
Date: Tue, 15 May 2018 10:47:35 GMT
Last-Modified: Tue, 15 May 2018 08:46:54 GMT
Server: nginx
ETag: "5afa9e7e-2040"
Content-Type: image/jpeg
Cache-Control: max-age=2584759 public
Accept-Ranges: bytes
Content-Length: 8256
Expires: Thu, 14 Jun 2018 08:46:54 GMT

GET
H/1.1 200
OK usr_sdf56g.jpg
de.btcinvestor.biz/images/users/ 10 KB
11 KB 70ms
26ms Image
image/jpeg 54.37.130.240
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://de.btcinvestor.biz/images/users/usr_sdf56g.jpg
Requested by: Host: de.btcinvestor.biz
URL: http://de.btcinvestor.biz/?a=8079&o=5314&s=1f8c390b4371428fa1fe8aad67520a23_53518&pid=country
Protocol: HTTP/1.1
Server: 54.37.130.240 Woodbridge, United States, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: 74a5641536c94b5e55dbe7226f295d925bbd45765abd22024fbcbe9734054cbd

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: de.btcinvestor.biz
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://de.btcinvestor.biz/?a=8079&o=5314&s=1f8c390b4371428fa1fe8aad67520a23_53518&pid=country
Connection: keep-alive
Cache-Control: no-cache
Referer: http://de.btcinvestor.biz/?a=8079&o=5314&s=1f8c390b4371428fa1fe8aad67520a23_53518&pid=country
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Pragma: public
Date: Tue, 15 May 2018 10:47:35 GMT
Last-Modified: Tue, 15 May 2018 08:46:54 GMT
Server: nginx
ETag: "5afa9e7e-2979"
Content-Type: image/jpeg
Cache-Control: max-age=2584759 public
Accept-Ranges: bytes
Content-Length: 10617
Expires: Thu, 14 Jun 2018 08:46:54 GMT

GET
H/1.1 200
OK btc_investor_logo_white.svg
de.btcinvestor.biz/images/ 5 KB
2 KB 29ms
29ms Image
image/svg+xml 54.37.130.240
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://de.btcinvestor.biz/images/btc_investor_logo_white.svg
Requested by: Host: de.btcinvestor.biz
URL: http://de.btcinvestor.biz/?a=8079&o=5314&s=1f8c390b4371428fa1fe8aad67520a23_53518&pid=country
Protocol: HTTP/1.1
Server: 54.37.130.240 Woodbridge, United States, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: 39798ade383d97cb7ec6a3a921fba6719baa3652757957c240d6267b77e8f7dc

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: de.btcinvestor.biz
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://de.btcinvestor.biz/?a=8079&o=5314&s=1f8c390b4371428fa1fe8aad67520a23_53518&pid=country
Connection: keep-alive
Cache-Control: no-cache
Referer: http://de.btcinvestor.biz/?a=8079&o=5314&s=1f8c390b4371428fa1fe8aad67520a23_53518&pid=country
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Pragma: public
Date: Tue, 15 May 2018 10:47:35 GMT
Content-Encoding: gzip
Last-Modified: Tue, 15 May 2018 08:46:54 GMT
Server: nginx
ETag: W/"5afa9e7e-1362"
Vary: Accept-Encoding
Content-Type: image/svg+xml
Cache-Control: max-age=2584759 public
Transfer-Encoding: chunked
Expires: Thu, 14 Jun 2018 08:46:54 GMT

GET
H/1.1 200
OK app.js Show response
de.btcinvestor.biz/js/ 831 KB
204 KB 59ms
34ms Script
application/javascript 54.37.130.240
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://de.btcinvestor.biz/js/app.js
Requested by: Host: de.btcinvestor.biz
URL: http://de.btcinvestor.biz/?a=8079&o=5314&s=1f8c390b4371428fa1fe8aad67520a23_53518&pid=country
Protocol: HTTP/1.1
Server: 54.37.130.240 Woodbridge, United States, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: f5d28ed61e6c6aef52a1e24ed4412b489b9195ffe6b977a6646f62a6dc62d681

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: de.btcinvestor.biz
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: */*
Referer: http://de.btcinvestor.biz/?a=8079&o=5314&s=1f8c390b4371428fa1fe8aad67520a23_53518&pid=country
Connection: keep-alive
Cache-Control: no-cache
Referer: http://de.btcinvestor.biz/?a=8079&o=5314&s=1f8c390b4371428fa1fe8aad67520a23_53518&pid=country
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Pragma: public
Date: Tue, 15 May 2018 10:47:35 GMT
Content-Encoding: gzip
Server: nginx
ETag: W/"5afa9ea8-cfb8e"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=21600 public
Transfer-Encoding: chunked
Expires: Tue, 15 May 2018 16:47:35 GMT

GET
S 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/ 84 KB
30 KB 9ms
9ms Script
application/javascript 104.19.199.151
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js

Requested by

Host: de.btcinvestor.biz
URL: http://de.btcinvestor.biz/?a=8079&o=5314&s=1f8c390b4371428fa1fe8aad67520a23_53518&pid=country

Protocol

SPDY

Server

104.19.199.151 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: http://de.btcinvestor.biz/?a=8079&o=5314&s=1f8c390b4371428fa1fe8aad67520a23_53518&pid=country
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date: Tue, 15 May 2018 10:47:35 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 22 Jun 2016 14:42:33 GMT
server: cloudflare
status: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
strict-transport-security: max-age=15780000; includeSubDomains
cf-ray: 41b50700dbf063fd-FRA
expires: Sun, 05 May 2019 10:47:35 GMT

GET
S 200 bootstrap.min.js Show response
cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.3.7/js/ 36 KB
10 KB 22ms
22ms Script
application/javascript 104.19.199.151
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.3.7/js/bootstrap.min.js

Requested by

Host: de.btcinvestor.biz
URL: http://de.btcinvestor.biz/?a=8079&o=5314&s=1f8c390b4371428fa1fe8aad67520a23_53518&pid=country

Protocol

SPDY

Server

104.19.199.151 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: http://de.btcinvestor.biz/?a=8079&o=5314&s=1f8c390b4371428fa1fe8aad67520a23_53518&pid=country
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date: Tue, 15 May 2018 10:47:35 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 26 Jul 2016 07:16:08 GMT
server: cloudflare
status: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
strict-transport-security: max-age=15780000; includeSubDomains
cf-ray: 41b50700dbf163fd-FRA
expires: Sun, 05 May 2019 10:47:35 GMT

GET
H/1.1 200
OK winnermodal.js Show response
de.btcinvestor.biz/js/ 5 KB
3 KB 28ms
28ms Script
application/javascript 54.37.130.240
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://de.btcinvestor.biz/js/winnermodal.js
Requested by: Host: de.btcinvestor.biz
URL: http://de.btcinvestor.biz/?a=8079&o=5314&s=1f8c390b4371428fa1fe8aad67520a23_53518&pid=country
Protocol: HTTP/1.1
Server: 54.37.130.240 Woodbridge, United States, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: ea0bae2ce2088b9bc1e55eef53263e3058a2db1f9a21012f3e081fa005f6a2d0

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: de.btcinvestor.biz
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: */*
Referer: http://de.btcinvestor.biz/?a=8079&o=5314&s=1f8c390b4371428fa1fe8aad67520a23_53518&pid=country
Connection: keep-alive
Cache-Control: no-cache
Referer: http://de.btcinvestor.biz/?a=8079&o=5314&s=1f8c390b4371428fa1fe8aad67520a23_53518&pid=country
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Pragma: public
Date: Tue, 15 May 2018 10:47:35 GMT
Content-Encoding: gzip
Server: nginx
ETag: W/"5afa9e7e-127c"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=21600 public
Transfer-Encoding: chunked
Expires: Tue, 15 May 2018 16:47:35 GMT

GET
S 200 bodymovin_light.min.js Show response
cdnjs.cloudflare.com/ajax/libs/bodymovin/4.10.2/ 140 KB
37 KB 17ms
16ms Script
application/javascript 104.19.199.151
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/bodymovin/4.10.2/bodymovin_light.min.js

Requested by

Host: de.btcinvestor.biz
URL: http://de.btcinvestor.biz/?a=8079&o=5314&s=1f8c390b4371428fa1fe8aad67520a23_53518&pid=country

Protocol

SPDY

Server

104.19.199.151 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

f8759b4002b5d3273049eca7e9ba054fa587f34a624a4f401f712a5596803f6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: http://de.btcinvestor.biz/?a=8079&o=5314&s=1f8c390b4371428fa1fe8aad67520a23_53518&pid=country
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date: Tue, 15 May 2018 10:47:35 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 07 Aug 2017 04:03:18 GMT
server: cloudflare
status: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
strict-transport-security: max-age=15780000; includeSubDomains
cf-ray: 41b50700dbf263fd-FRA
expires: Sun, 05 May 2019 10:47:35 GMT

GET
H/1.1 200
OK chart.js Show response
de.btcinvestor.biz/js/ 172 B
479 B 26ms
26ms Script
application/javascript 54.37.130.240
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://de.btcinvestor.biz/js/chart.js
Requested by: Host: de.btcinvestor.biz
URL: http://de.btcinvestor.biz/?a=8079&o=5314&s=1f8c390b4371428fa1fe8aad67520a23_53518&pid=country
Protocol: HTTP/1.1
Server: 54.37.130.240 Woodbridge, United States, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: 367778085f446b669d32cac74ec75cd027cd81d2d87aa7dad466060ca206726c

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: de.btcinvestor.biz
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: */*
Referer: http://de.btcinvestor.biz/?a=8079&o=5314&s=1f8c390b4371428fa1fe8aad67520a23_53518&pid=country
Connection: keep-alive
Cache-Control: no-cache
Referer: http://de.btcinvestor.biz/?a=8079&o=5314&s=1f8c390b4371428fa1fe8aad67520a23_53518&pid=country
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Pragma: public
Date: Tue, 15 May 2018 10:47:35 GMT
Content-Encoding: gzip
Server: nginx
ETag: W/"5afa9e7e-ac"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=21600 public
Transfer-Encoding: chunked
Expires: Tue, 15 May 2018 16:47:35 GMT

GET
S 200 gtm.js Show response
www.googletagmanager.com/ 107 KB
24 KB 14ms
13ms Script
application/javascript 172.217.21.232
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WFBL9N7

Requested by

Host: de.btcinvestor.biz
URL: http://de.btcinvestor.biz/?a=8079&o=5314&s=1f8c390b4371428fa1fe8aad67520a23_53518&pid=country

Protocol

SPDY

Server

172.217.21.232 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s13-in-f232.1e100.net

Software

Google Tag Manager (scaffolding) /

Resource Hash

0b917c4816d624fefffab3c4501131875b569896f054ae6da8b67fd93b07abad

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: http://de.btcinvestor.biz/?a=8079&o=5314&s=1f8c390b4371428fa1fe8aad67520a23_53518&pid=country
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date: Tue, 15 May 2018 10:47:35 GMT
content-encoding: gzip
server: Google Tag Manager (scaffolding)
access-control-allow-headers: Cache-Control
status: 200
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: http://www.googletagmanager.com
cache-control: private, max-age=900
access-control-allow-credentials: true
alt-svc: hq=":443"; ma=2592000; quic=51303433; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length: 24480
x-xss-protection: 1; mode=block
expires: Tue, 15 May 2018 10:47:35 GMT

GET
S 200 css
fonts.googleapis.com/ 1 KB
450 B 15ms
15ms Stylesheet
text/css 172.217.21.234
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Nunito:400,400i,700,900|Open+Sans:400,700&subset=latin-ext

Requested by

Host: de.btcinvestor.biz
URL: http://de.btcinvestor.biz/?a=8079&o=5314&s=1f8c390b4371428fa1fe8aad67520a23_53518&pid=country

Protocol

SPDY

Server

172.217.21.234 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s13-in-f10.1e100.net

Software

ESF /

Resource Hash

f84c38e8dfad47c4e74a34cee9561d8f62fd47774a666cce7566a699e768a492

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://de.btcinvestor.biz/?a=8079&o=5314&s=1f8c390b4371428fa1fe8aad67520a23_53518&pid=country
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date: Tue, 15 May 2018 10:47:35 GMT
content-encoding: gzip
server: ESF
status: 200
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400
timing-allow-origin: *
alt-svc: hq=":443"; ma=2592000; quic=51303433; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="43,42,41,39,35"
x-xss-protection: 1; mode=block
expires: Tue, 15 May 2018 10:47:35 GMT

GET
H/1.1 200
OK darkBg.jpg
de.btcinvestor.biz/images/ 66 KB
66 KB 27ms
27ms Image
image/jpeg 54.37.130.240
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://de.btcinvestor.biz/images/darkBg.jpg
Requested by: Host: de.btcinvestor.biz
URL: http://de.btcinvestor.biz/?a=8079&o=5314&s=1f8c390b4371428fa1fe8aad67520a23_53518&pid=country
Protocol: HTTP/1.1
Server: 54.37.130.240 Woodbridge, United States, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: bf5430788230af3cb081333c4c9cb81c4a15d37076feb7a72e0c4f93787a385b

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: de.btcinvestor.biz
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://de.btcinvestor.biz/css/style.css
Connection: keep-alive
Cache-Control: no-cache
Referer: http://de.btcinvestor.biz/css/style.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Pragma: public
Date: Tue, 15 May 2018 10:47:35 GMT
Last-Modified: Tue, 15 May 2018 08:46:54 GMT
Server: nginx
ETag: "5afa9e7e-1088a"
Content-Type: image/jpeg
Cache-Control: max-age=2584759 public
Accept-Ranges: bytes
Content-Length: 67722
Expires: Thu, 14 Jun 2018 08:46:54 GMT

GET
S 200 mem8YaGs126MiZpBA-UFW50e.ttf
fonts.gstatic.com/s/opensans/v15/ 38 KB
24 KB 7ms
7ms Font
font/ttf 172.217.23.163
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v15/mem8YaGs126MiZpBA-UFW50e.ttf

Requested by

Host: de.btcinvestor.biz
URL: http://de.btcinvestor.biz/?a=8079&o=5314&s=1f8c390b4371428fa1fe8aad67520a23_53518&pid=country

Protocol

SPDY

Server

172.217.23.163 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s22-in-f163.1e100.net

Software

sffe /

Resource Hash

0c4595868d57ebb5f2793e22e8493bfe2606cd8c628a039d2d1a4fa79f642b05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Nunito:400,400i,700,900|Open+Sans:400,700&subset=latin-ext
Origin: http://de.btcinvestor.biz

Response headers

date: Wed, 09 May 2018 15:54:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 499982
status: 200
alt-svc: hq=":443"; ma=2592000; quic=51303433; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length: 24229
x-xss-protection: 1; mode=block
last-modified: Wed, 11 Oct 2017 21:49:47 GMT
server: sffe
vary: Accept-Encoding
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 09 May 2019 15:54:33 GMT

GET
S 200 XRXW3I6Li01BKofAtsGUb-vN.ttf
fonts.gstatic.com/s/nunito/v9/ 79 KB
39 KB 120ms
120ms Font
font/ttf 172.217.23.163
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunito/v9/XRXW3I6Li01BKofAtsGUb-vN.ttf

Requested by

Host: de.btcinvestor.biz
URL: http://de.btcinvestor.biz/?a=8079&o=5314&s=1f8c390b4371428fa1fe8aad67520a23_53518&pid=country

Protocol

SPDY

Server

172.217.23.163 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s22-in-f163.1e100.net

Software

sffe /

Resource Hash

ca39073b7b6576d389e3e2d5dfbccf9d79f4fe211f7b28a262ec0687a1dd33d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Nunito:400,400i,700,900|Open+Sans:400,700&subset=latin-ext
Origin: http://de.btcinvestor.biz

Response headers

date: Fri, 09 Feb 2018 00:19:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8245691
status: 200
alt-svc: hq=":443"; ma=2592000; quic=51303433; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length: 39928
x-xss-protection: 1; mode=block
last-modified: Tue, 10 Oct 2017 23:05:57 GMT
server: sffe
vary: Accept-Encoding
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 09 Feb 2019 00:19:24 GMT

GET
S 200 XRXV3I6Li01BKofIO-aE.ttf
fonts.gstatic.com/s/nunito/v9/ 78 KB
38 KB 31ms
31ms Font
font/ttf 172.217.23.163
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunito/v9/XRXV3I6Li01BKofIO-aE.ttf

Requested by

Host: de.btcinvestor.biz
URL: http://de.btcinvestor.biz/?a=8079&o=5314&s=1f8c390b4371428fa1fe8aad67520a23_53518&pid=country

Protocol

SPDY

Server

172.217.23.163 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s22-in-f163.1e100.net

Software

sffe /

Resource Hash

6755a4551fe0d600587802a540c2ea6f663c0e25d7a0cabfa9e5653fa00593f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Nunito:400,400i,700,900|Open+Sans:400,700&subset=latin-ext
Origin: http://de.btcinvestor.biz

Response headers

date: Wed, 09 May 2018 20:33:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 483217
status: 200
alt-svc: hq=":443"; ma=2592000; quic=51303433; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length: 38961
x-xss-protection: 1; mode=block
last-modified: Tue, 10 Oct 2017 23:05:35 GMT
server: sffe
vary: Accept-Encoding
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 09 May 2019 20:33:58 GMT

GET
S 200 mem5YaGs126MiZpBA-UN7rgOXOhs.ttf
fonts.gstatic.com/s/opensans/v15/ 39 KB
25 KB 9ms
9ms Font
font/ttf 172.217.23.163
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v15/mem5YaGs126MiZpBA-UN7rgOXOhs.ttf

Requested by

Host: de.btcinvestor.biz
URL: http://de.btcinvestor.biz/?a=8079&o=5314&s=1f8c390b4371428fa1fe8aad67520a23_53518&pid=country

Protocol

SPDY

Server

172.217.23.163 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s22-in-f163.1e100.net

Software

sffe /

Resource Hash

d123a1a00d692830f1f5276c64edfbc7abc9d0640bbb02596f83e10b14f89c0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Nunito:400,400i,700,900|Open+Sans:400,700&subset=latin-ext
Origin: http://de.btcinvestor.biz

Response headers

date: Thu, 08 Feb 2018 17:57:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8268621
status: 200
alt-svc: hq=":443"; ma=2592000; quic=51303433; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length: 25116
x-xss-protection: 1; mode=block
last-modified: Wed, 11 Oct 2017 21:49:48 GMT
server: sffe
vary: Accept-Encoding
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 08 Feb 2019 17:57:14 GMT

GET
H/1.1 200
OK fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ 75 KB
76 KB 21ms
8ms Font
application/font-woff2 209.197.3.15
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: de.btcinvestor.biz
URL: http://de.btcinvestor.biz/?a=8079&o=5314&s=1f8c390b4371428fa1fe8aad67520a23_53518&pid=country
Protocol: HTTP/1.1
Server: 209.197.3.15 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS: vip0x00f.map2.ssl.hwcdn.net
Software: /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin: http://de.btcinvestor.biz

Response headers

Date: Tue, 15 May 2018 10:47:35 GMT
Content-Encoding: gzip
Last-Modified: Sat, 17 Feb 2018 21:46:23 GMT
Connection: Keep-Alive
ETag: "1518903983"
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: application/font-woff2
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
X-Hello-Human: Say hello back! @getBootstrapCDN on Twitter
Accept-Ranges: bytes
Content-Length: 77171

GET
H/1.1 200
OK chart.json Show response
de.btcinvestor.biz/js/ 45 KB
11 KB 33ms
33ms XHR
application/json 54.37.130.240
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://de.btcinvestor.biz/js/chart.json
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/bodymovin/4.10.2/bodymovin_light.min.js
Protocol: HTTP/1.1
Server: 54.37.130.240 Woodbridge, United States, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: 30030c6550721a8212e6f505e42add33ef5bf17a4a2376952b605718993622d3

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: de.btcinvestor.biz
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: */*
Referer: http://de.btcinvestor.biz/?a=8079&o=5314&s=1f8c390b4371428fa1fe8aad67520a23_53518&pid=country
Cookie: a=8079; o=5314; s=1f8c390b4371428fa1fe8aad67520a23_53518; pid=country
Connection: keep-alive
Cache-Control: no-cache
Referer: http://de.btcinvestor.biz/?a=8079&o=5314&s=1f8c390b4371428fa1fe8aad67520a23_53518&pid=country
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Tue, 15 May 2018 10:47:36 GMT
Content-Encoding: gzip
Server: nginx
ETag: W/"5afa9e7e-b583"
Vary: Accept-Encoding
Content-Type: application/json
Transfer-Encoding: chunked
X-Geo: DE

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9d02d662da8a47fb5fb610b545007507b6017028043dbb63cd09ec897d3b9627

Request headers

Response headers

Access-Control-Allow-Origin: *
Content-Type: image/png

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 53a38379592286cea290cd5315d36768edf6640aff3169573517fe82541e5a0a

Request headers

Response headers

Access-Control-Allow-Origin: *
Content-Type: image/png

GET
H/1.1 206
Partial Content btc_investor_short_de.mp4
storage.de1.cloud.ovh.net/v1/AUTH_95c7658e6c074ae78ac64f4328d9bdd6/btcinvestor_videos/ 2 MB
0 244ms
198ms Media
video/mp4 54.37.202.204
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.de1.cloud.ovh.net/v1/AUTH_95c7658e6c074ae78ac64f4328d9bdd6/btcinvestor_videos/btc_investor_short_de.mp4
Protocol: HTTP/1.1
Server: 54.37.202.204 Woodbridge, United States, ASN16276 (OVH, FR),
Reverse DNS: ip204.ip-54-37-202.eu
Software: /
Resource Hash

Request headers

Referer: http://de.btcinvestor.biz/?a=8079&o=5314&s=1f8c390b4371428fa1fe8aad67520a23_53518&pid=country
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Range: bytes=0-
chrome-proxy: frfr

Response headers

Date: Tue, 15 May 2018 10:47:36 GMT
X-Openstack-Request-Id: tx20671e6a37d64f9e85af0-005afabac8
Last-Modified: Fri, 12 Jan 2018 10:53:10 GMT
X-Trans-Id: tx20671e6a37d64f9e85af0-005afabac8
Etag: e5e2aef5ddfeaaab30cf553fe790de12
Content-Type: video/mp4
Content-Range: bytes 0-20531729/20531730
X-Timestamp: 1515754389.41579
Accept-Ranges: bytes
Content-Length: 20531730

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Crypto (Crypto Exchange)

24 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
de.btcinvestor.biz/	1970-01-18 16:42:53	Name: pid Value: country
de.btcinvestor.biz/	1970-01-18 16:42:53	Name: o Value: 5314
de.btcinvestor.biz/	1970-01-18 16:42:53	Name: s Value: 1f8c390b4371428fa1fe8aad67520a23_53518
de.btcinvestor.biz/	1970-01-18 16:42:53	Name: a Value: 8079

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
ct-redirect.com
de.btcinvestor.biz
eu.eurosale.biz.ua
fonts.googleapis.com
fonts.gstatic.com
get.mycounter.ua
maxcdn.bootstrapcdn.com
scripts.mycounter.ua
securecloud-bizz.com
securessl-bizz.com
storage.de1.cloud.ovh.net
www.googletagmanager.com
104.19.199.151
108.61.208.149
172.217.21.232
172.217.21.234
172.217.23.163
178.62.83.37
209.197.3.15
34.241.118.9
34.246.246.223
54.37.130.240
54.37.202.204
62.149.0.222
62.149.0.249
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
09957f75cb1c1c557c6ded83d9418b47aeb77a4f3e103148b551d201ffaeffc0
0b917c4816d624fefffab3c4501131875b569896f054ae6da8b67fd93b07abad
0c4595868d57ebb5f2793e22e8493bfe2606cd8c628a039d2d1a4fa79f642b05
1bfaa563f8cd23dc4b7f108f33c94ee586e6141de4f09e2155a1ce050abf223b
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
30030c6550721a8212e6f505e42add33ef5bf17a4a2376952b605718993622d3
362d6dbbc1e608a3dc3d0e7cf55f7410780a580c4525305cf60aaa420a33847c
367778085f446b669d32cac74ec75cd027cd81d2d87aa7dad466060ca206726c
39798ade383d97cb7ec6a3a921fba6719baa3652757957c240d6267b77e8f7dc
3f6aed2748b964d7d389b1524a353e3e55a66a9194951f98605c48fdad880b5f
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
53a38379592286cea290cd5315d36768edf6640aff3169573517fe82541e5a0a
6755a4551fe0d600587802a540c2ea6f663c0e25d7a0cabfa9e5653fa00593f0
73a51e9a913a1d5117e292fcccf9e3251506677b54ffd2afdaf3fd1860825e80
74a5641536c94b5e55dbe7226f295d925bbd45765abd22024fbcbe9734054cbd
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
8ccbf3724368fd3da007d3959266c24e00f8ec01758c5d8a97e451c3640261b4
8de04aafe2dfbcbf827f74b9a0858b2733ee9daa6496a4e90e207d8f5f0e6e54
8fd301640d59281bf4582716ce458d76bf5b5ba8d73198986c62d4cd2c1a43d0
988f92a92cdc0dacb2c1204eba4dccf9e45ec8c6d2f1008fdfc98c952e82609b
9c04ed837c88d6c6defb51c022783c4c20b97c3b3ad861d813dc2bca2d09909c
9d02d662da8a47fb5fb610b545007507b6017028043dbb63cd09ec897d3b9627
bf5430788230af3cb081333c4c9cb81c4a15d37076feb7a72e0c4f93787a385b
c20697edfbd96dffc10eb4023102d6e3e9f199e89837c51ccf313888e364cefd
c2b29878df5517c5fd6660925cf172c0468a56680c6c7883b15363b48ee8d27d
ca39073b7b6576d389e3e2d5dfbccf9d79f4fe211f7b28a262ec0687a1dd33d2
d123a1a00d692830f1f5276c64edfbc7abc9d0640bbb02596f83e10b14f89c0d
df636b24dc2852f715ae5d6ab08f05a1fc41d9a40a548523d2ae161937384f58
e94483aef81e9383a27dbbd6319358cb25649b8265cbc1535a4ad75ece8a44e5
ea0bae2ce2088b9bc1e55eef53263e3058a2db1f9a21012f3e081fa005f6a2d0
f0f91fe8e5ed2c3a77fdea79cc5a48d8fd5d4659811a3a5675bcd96afa5c5a8d
f5d28ed61e6c6aef52a1e24ed4412b489b9195ffe6b977a6646f62a6dc62d681
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
f84c38e8dfad47c4e74a34cee9561d8f62fd47774a666cce7566a699e768a492
f8759b4002b5d3273049eca7e9ba054fa587f34a624a4f401f712a5596803f6a

de.btcinvestor.biz Open in urlscan Pro 54.37.130.240 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

39 Requests

0 %HTTPS

0 %IPv6

12 Domains

13 Subdomains

11 IPs

4 Countries

672 kBTransfer

3785 kBSize

4 Cookies

0 Outgoing links

Page URL History

Redirected requests

39 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

de.btcinvestor.biz Open in urlscan Pro
54.37.130.240 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

39
Requests

0 %
HTTPS

0 %
IPv6

12
Domains

13
Subdomains

11
IPs

4
Countries

672 kB
Transfer

3785 kB
Size

4
Cookies

39 HTTP transactions
2 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!