hbvestment.org - urlscan.io

Summary

This website contacted 2 IPs in 3 countries across 2 domains to perform 7 HTTP transactions. The main IP is 2a01:4f9:2a:a2a::2, located in Germany and belongs to HETZNER-AS, DE. The main domain is hbvestment.org.
TLS certificate: Issued by R3 on February 4th 2022. Valid for: 3 months.

This is the only time hbvestment.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
5	2a01:4f9:2a:a... 2a01:4f9:2a:a2a::2	24940 (HETZNER-AS) (HETZNER-AS)
2 2	34.152.4.205 34.152.4.205	396982 (GOOGLE-PR...) (GOOGLE-PRIVATE-CLOUD)
2	38.108.81.58 38.108.81.58	174 (COGENT-174) (COGENT-174)
7	2

5 2a01:4f9:2a:a2a::2 (Germany)

ASN24940 (HETZNER-AS, DE)

hbvestment.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.152.4.205 (Montreal, Canada) 2 redirects

ASN396982 (GOOGLE-PRIVATE-CLOUD, US)
PTR: 205.4.152.34.bc.googleusercontent.com

kitconet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 38.108.81.58 (United States)

ASN174 (COGENT-174, US)

www.kitconet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	hbvestment.org hbvestment.org	23 KB
4	kitconet.com 2 redirects kitconet.com — Cisco Umbrella Rank: 131559 www.kitconet.com — Cisco Umbrella Rank: 131600	4 KB
7	2

	Domain	Requested by
5	hbvestment.org	hbvestment.org
2	www.kitconet.com	hbvestment.org
2	kitconet.com	2 redirects
7	3

This site contains no links.

Subject Issuer	Validity	Valid
hbvestment.org R3	`2022-02-04` - `2022-05-05`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://hbvestment.org/?a=forgot_password
Frame ID: 220ADB482294D482FA8A93FA8E582AD5
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

hbvestment.org

Page Statistics

7
Requests

71 %
HTTPS

33 %
IPv6

2
Domains

3
Subdomains

2
IPs

3
Countries

27 kB
Transfer

33 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3

https://kitconet.com/charts/metals/gold/t24_au_en_usoz_2.gif HTTP 301
https://www.kitconet.com/charts/metals/gold/t24_au_en_usoz_2.gif

Request Chain 4

https://kitconet.com/charts/metals/gold/t24_au_en_euoz_2.gif HTTP 301
https://www.kitconet.com/charts/metals/gold/t24_au_en_euoz_2.gif

7 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
hbvestment.org/ 7 KB
2 KB 1165ms
1076ms Document
text/html 2a01:4f9:2a:a2a::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://hbvestment.org/?a=forgot_password

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a01:4f9:2a:a2a::2 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

LiteSpeed /

Resource Hash

c6311f273af3bfb78531973eb8873c10c80e3f5777e2ffded3ad218058e2828b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: max-age=60, private, proxy-revalidate
pragma: no-cache
content-type: text/html; charset=UTF-8
content-length: 1727
content-encoding: br
vary: Accept-Encoding,User-Agent
date: Fri, 18 Feb 2022 21:11:31 GMT
server: LiteSpeed
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"

GET
H2 200 style.css
hbvestment.org/ 2 KB
713 B 98ms
97ms Stylesheet
text/css 2a01:4f9:2a:a2a::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://hbvestment.org/style.css

Requested by

Host: hbvestment.org
URL: https://hbvestment.org/?a=forgot_password

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a01:4f9:2a:a2a::2 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

LiteSpeed /

Resource Hash

e148c4d21e1d09c40ad512a6fc8e71cb460e45439eb067fa2df0b709843bc697

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hbvestment.org/?a=forgot_password
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 21:11:31 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Fri, 31 May 2019 02:58:08 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: max-age=172800, proxy-revalidate
accept-ranges: bytes
content-length: 596
x-xss-protection: 1; mode=block
expires: Sun, 20 Mar 2022 21:11:31 GMT

GET
H2 200 top.gif
hbvestment.org/images/ 20 KB
20 KB 98ms
98ms Image
image/gif 2a01:4f9:2a:a2a::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hbvestment.org/images/top.gif

Requested by

Host: hbvestment.org
URL: https://hbvestment.org/?a=forgot_password

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a01:4f9:2a:a2a::2 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

LiteSpeed /

Resource Hash

57d67cc16ad7672c7c6d9d02b517d215ac3f2cadc897dc6dd0997357d11f6370

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hbvestment.org/?a=forgot_password
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 21:11:31 GMT
x-content-type-options: nosniff
last-modified: Tue, 28 Jan 2020 03:36:30 GMT
server: LiteSpeed
vary: User-Agent
content-type: image/gif
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 20076
x-xss-protection: 1; mode=block
expires: Sat, 18 Feb 2023 21:11:31 GMT

GET
H2 200 q.gif
hbvestment.org/images/ 49 B
82 B 98ms
97ms Image
image/gif 2a01:4f9:2a:a2a::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hbvestment.org/images/q.gif

Requested by

Host: hbvestment.org
URL: https://hbvestment.org/?a=forgot_password

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a01:4f9:2a:a2a::2 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

LiteSpeed /

Resource Hash

2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hbvestment.org/?a=forgot_password
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 21:11:31 GMT
x-content-type-options: nosniff
last-modified: Tue, 28 Jan 2020 03:36:30 GMT
server: LiteSpeed
vary: User-Agent
content-type: image/gif
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 49
x-xss-protection: 1; mode=block
expires: Sat, 18 Feb 2023 21:11:31 GMT

GET
H/1.1

200
OK

t24_au_en_usoz_2.gif
www.kitconet.com/charts/metals/gold/
Redirect Chain

https://kitconet.com/charts/metals/gold/t24_au_en_usoz_2.gif
https://www.kitconet.com/charts/metals/gold/t24_au_en_usoz_2.gif

2 KB
2 KB

556ms
110ms

Image
image/gif

38.108.81.58
COGENT-174

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.kitconet.com/charts/metals/gold/t24_au_en_usoz_2.gif
Requested by: Host: hbvestment.org
URL: https://hbvestment.org/?a=forgot_password
Protocol: HTTP/1.1
Server: 38.108.81.58 , United States, ASN174 (COGENT-174, US),
Reverse DNS
Software: Microsoft-IIS/8.5 /
Resource Hash: 162288806f0964364a03ebed6fea23c478faea97cfc1b4579de004e0a45e2568

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hbvestment.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Fri, 18 Feb 2022 21:11:31 GMT
Last-Modified: Fri, 18 Feb 2022 18:17:48 GMT
Server: Microsoft-IIS/8.5
Accept-Ranges: bytes
ETag: "3c71c0d5f324d81:0"
Content-Length: 1823
Content-Type: image/gif

Redirect headers

Location: https://www.kitconet.com/charts/metals/gold/t24_au_en_usoz_2.gif
Date: Fri, 18 Feb 2022 21:11:31 GMT
Server: nginx/1.20.1
Connection: keep-alive
Content-Length: 169
Content-Type: text/html

GET
H/1.1

200
OK

t24_au_en_euoz_2.gif
www.kitconet.com/charts/metals/gold/
Redirect Chain

https://kitconet.com/charts/metals/gold/t24_au_en_euoz_2.gif
https://www.kitconet.com/charts/metals/gold/t24_au_en_euoz_2.gif

2 KB
2 KB

569ms
109ms

Image
image/gif

38.108.81.58
COGENT-174

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.kitconet.com/charts/metals/gold/t24_au_en_euoz_2.gif
Requested by: Host: hbvestment.org
URL: https://hbvestment.org/?a=forgot_password
Protocol: HTTP/1.1
Server: 38.108.81.58 , United States, ASN174 (COGENT-174, US),
Reverse DNS
Software: Microsoft-IIS/8.5 /
Resource Hash: 883c051d35e4c089045017d28067f573e92993ce9fed4394f738f5da2b6f751f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hbvestment.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Fri, 18 Feb 2022 21:11:31 GMT
Last-Modified: Fri, 18 Feb 2022 21:10:09 GMT
Server: Microsoft-IIS/8.5
Accept-Ranges: bytes
ETag: "e6ba51e9b25d81:0"
Content-Length: 1831
Content-Type: image/gif

Redirect headers

Location: https://www.kitconet.com/charts/metals/gold/t24_au_en_euoz_2.gif
Date: Fri, 18 Feb 2022 21:11:31 GMT
Server: nginx/1.20.1
Connection: keep-alive
Content-Length: 169
Content-Type: text/html

GET
H2 200 ver.gif
hbvestment.org/images/ 211 B
244 B 55ms
55ms Image
image/gif 2a01:4f9:2a:a2a::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hbvestment.org/images/ver.gif

Requested by

Host: hbvestment.org
URL: https://hbvestment.org/?a=forgot_password

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a01:4f9:2a:a2a::2 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

LiteSpeed /

Resource Hash

42e47ee428cbdef2307f721b72f1f5cbc8e641158763fc7778351ad155e28591

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hbvestment.org/?a=forgot_password
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 21:11:31 GMT
x-content-type-options: nosniff
last-modified: Tue, 28 Jan 2020 03:36:30 GMT
server: LiteSpeed
vary: User-Agent
content-type: image/gif
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 211
x-xss-protection: 1; mode=block
expires: Sat, 18 Feb 2023 21:11:31 GMT

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| structuredClone function| checklogin function| checkform

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.hbvestment.org/	1969-12-31 23:59:59	Name: PHPSESSID Value: ckqk1h94ff3jeoeleq1e97rrk6

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://hbvestment.org/?a=forgot_password Message: Mixed Content: The page at 'https://hbvestment.org/?a=forgot_password' was loaded over HTTPS, but requested an insecure element 'http://kitconet.com/charts/metals/gold/t24_au_en_usoz_2.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://hbvestment.org/?a=forgot_password Message: Mixed Content: The page at 'https://hbvestment.org/?a=forgot_password' was loaded over HTTPS, but requested an insecure element 'http://kitconet.com/charts/metals/gold/t24_au_en_euoz_2.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://hbvestment.org/?a=forgot_password Message: Mixed Content: The page at 'https://hbvestment.org/?a=forgot_password' was loaded over HTTPS, but requested an insecure element 'http://kitconet.com/charts/metals/gold/t24_au_en_usoz_2.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://hbvestment.org/?a=forgot_password Message: Mixed Content: The page at 'https://hbvestment.org/?a=forgot_password' was loaded over HTTPS, but requested an insecure element 'http://kitconet.com/charts/metals/gold/t24_au_en_euoz_2.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

hbvestment.org
kitconet.com
www.kitconet.com
2a01:4f9:2a:a2a::2
34.152.4.205
38.108.81.58
162288806f0964364a03ebed6fea23c478faea97cfc1b4579de004e0a45e2568
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
42e47ee428cbdef2307f721b72f1f5cbc8e641158763fc7778351ad155e28591
57d67cc16ad7672c7c6d9d02b517d215ac3f2cadc897dc6dd0997357d11f6370
883c051d35e4c089045017d28067f573e92993ce9fed4394f738f5da2b6f751f
c6311f273af3bfb78531973eb8873c10c80e3f5777e2ffded3ad218058e2828b
e148c4d21e1d09c40ad512a6fc8e71cb460e45439eb067fa2df0b709843bc697

hbvestment.org Open in urlscan Pro 2a01:4f9:2a:a2a::2 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

7 Requests

71 %HTTPS

33 %IPv6

2 Domains

3 Subdomains

2 IPs

3 Countries

27 kBTransfer

33 kBSize

1 Cookies

0 Outgoing links

Redirected requests

7 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

1 Cookies

4 Console Messages

Security Headers

Indicators

hbvestment.org Open in urlscan Pro
2a01:4f9:2a:a2a::2 Public Scan

Screenshot
Live screenshot

Full Image

7
Requests

71 %
HTTPS

33 %
IPv6

2
Domains

3
Subdomains

2
IPs

3
Countries

27 kB
Transfer

33 kB
Size

1
Cookies

7 HTTP transactions
0 data transactions