investment-times.org Open in urlscan Pro
2606:4700:3030::6815:4c6  Malicious Activity! Public Scan

URL: https://investment-times.org/btcde3/
Submission: On September 16 via manual from ES — Scanned from DE

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 14 HTTP transactions. The main IP is 2606:4700:3030::6815:4c6, located in United States and belongs to CLOUDFLARENET, US. The main domain is investment-times.org.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 4th 2021. Valid for: a year.
This is the only time investment-times.org was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Lion's Den Scam (Online)

Domain & IP information

IP Address AS Autonomous System
1 14 2606:4700:303... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
14 2
Apex Domain
Subdomains
Transfer
14 investment-times.org
investment-times.org
632 KB
1 bootstrapcdn.com
netdna.bootstrapcdn.com
7 KB
14 2
Domain Requested by
14 investment-times.org 1 redirects investment-times.org
1 netdna.bootstrapcdn.com investment-times.org
14 2

This site contains links to these domains. Also see Links.

Domain
sugendent-laused.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2021-07-04 -
2022-07-03
a year crt.sh

This page contains 1 frames:

Primary Page: https://investment-times.org/btcde3/
Frame ID: 23A55F835910364FE305BAE2DAD9929B
Requests: 14 HTTP requests in this frame

Screenshot

Page Title

TAZ

Page URL History Show full URLs

  1. https://investment-times.org/btcde3 HTTP 301
    https://investment-times.org/btcde3/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

14
Requests

100 %
HTTPS

100 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

639 kB
Transfer

731 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://investment-times.org/btcde3 HTTP 301
    https://investment-times.org/btcde3/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
investment-times.org/btcde3/
Redirect Chain
  • https://investment-times.org/btcde3
  • https://investment-times.org/btcde3/
14 KB
6 KB
Document
General
Full URL
https://investment-times.org/btcde3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:4c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
12a96189b8080cf25d98c3d0ec6522888acda15daf764d4fce694ce1141d5660

Request headers

:method
GET
:authority
investment-times.org
:scheme
https
:path
/btcde3/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Thu, 16 Sep 2021 21:34:52 GMT
content-type
text/html
last-modified
Thu, 25 Feb 2021 15:07:37 GMT
vary
Accept-Encoding
x-turbo-charged-by
LiteSpeed
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uFXzu1UkuvZ1XV%2BEIKWTZvKTxLRmOe004be95VEu3Sn%2FK2yD6RUWZTQkNjHIxuCF1LGqnjPFHG%2BdPhFhgzT6dHkQ27iMp9G%2Br1g8v6iwM0eBeMrbMUJqyph3oyhNFaFDR1a5kAj3KHdlWyrsRoH1xBYj2A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
68fd38a7cf6c1f2d-FRA
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

date
Thu, 16 Sep 2021 21:34:52 GMT
content-type
text/html
location
https://investment-times.org/btcde3/
x-turbo-charged-by
LiteSpeed
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MVmpb1EA6iG%2FjNcJkMcwLuuZAha2jluJ1s4GJcI4dXxA8YPUl%2F4cTKQKvu%2BBg%2B9DP3mEV37obDD9HAfnFgNNQfCfJrH2nX%2FbYsA%2Fs3zr3jvvMh5wtuF8dEtsanx1hQSbVeIg8fU%2FA4p89VdSEXf1eDwqjw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
68fd38a5dd2a1f2d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
jquery.min.js
investment-times.org/btcde3/index_files/
86 KB
31 KB
Script
General
Full URL
https://investment-times.org/btcde3/index_files/jquery.min.js
Requested by
Host: investment-times.org
URL: https://investment-times.org/btcde3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:4c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Request headers

:path
/btcde3/index_files/jquery.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
investment-times.org
referer
https://investment-times.org/btcde3/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://investment-times.org/btcde3/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 21:34:52 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 20 May 2020 09:12:53 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7OSzuxAW453wovkbZnM3JpQHMKs5jema0MqQyDwAEfTBUvZJn9QbG4nIoSQNFkTaazWmRlYSwlo5QbN4e478R4FE8OSFHva%2BBz1Q1H%2F0VnhVDIjIU0XibAXeDdCOtMU1y6jz%2FDKcIVh7u8hPnpdkRMabDA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-turbo-charged-by
LiteSpeed
cf-ray
68fd38a939be1f2d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Thu, 23 Sep 2021 21:34:52 GMT
styles.main.css
investment-times.org/btcde3/index_files/
13 KB
3 KB
Stylesheet
General
Full URL
https://investment-times.org/btcde3/index_files/styles.main.css
Requested by
Host: investment-times.org
URL: https://investment-times.org/btcde3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:4c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ac82b39e64db16df0c9d59832a78d60ca919fb39f39e22c1dd63e70d960cffb2

Request headers

:path
/btcde3/index_files/styles.main.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
investment-times.org
referer
https://investment-times.org/btcde3/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://investment-times.org/btcde3/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 21:34:52 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 20 May 2020 09:12:50 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nVRGe7RBubLPyg%2FfDTFKNv3WUC%2FVUPU%2BDV8WdqHDuRVN1O1dsl70DpXo77Bq6y6Kx9a2OqGh3kpDuxfaDxlFRxAc40EKXl0qzJHF%2BLik0u1f8%2FN9Eo7hzXcWSR%2B1hZNgw06nleVGx6fMXpGtzpmPKVllDg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-turbo-charged-by
LiteSpeed
cf-ray
68fd38a939c01f2d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Thu, 23 Sep 2021 21:34:52 GMT
hd-hero1.jpg
investment-times.org/btcde3/index_files/
118 KB
118 KB
Image
General
Full URL
https://investment-times.org/btcde3/index_files/hd-hero1.jpg
Requested by
Host: investment-times.org
URL: https://investment-times.org/btcde3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:4c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44d22dd34c6e3f0c9253be6aa002e79f353981ba21ec8b5f92c1a82923d65908

Request headers

:path
/btcde3/index_files/hd-hero1.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
investment-times.org
referer
https://investment-times.org/btcde3/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://investment-times.org/btcde3/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 21:34:53 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
120574
last-modified
Wed, 20 May 2020 09:12:54 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ehXj3q2GWIdq7E%2FKXPBNaqqQHm8T9jUfjrM%2B%2Btbtmy6lNTZGjl37fTak1w68vxhgOjuj97nwV1u63NsC85QSqpzjS4vyq2LbLcu0Wdl3gtU9E%2FGG54BXkf0zyfahY%2FUuzEdJA%2FutJoNz1bc61uAHJSfrLw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
68fd38ab3c7a1f2d-FRA
expires
Thu, 23 Sep 2021 21:34:52 GMT
2018-03-28_12.06.48.jpg
investment-times.org/btcde3/index_files/
188 KB
189 KB
Image
General
Full URL
https://investment-times.org/btcde3/index_files/2018-03-28_12.06.48.jpg
Requested by
Host: investment-times.org
URL: https://investment-times.org/btcde3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:4c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ef18c874e412f0827a0830ddf7f9f6ace52e3ba01e85dfb0de890601d085b30

Request headers

:path
/btcde3/index_files/2018-03-28_12.06.48.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
investment-times.org
referer
https://investment-times.org/btcde3/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://investment-times.org/btcde3/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 21:34:53 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
192930
last-modified
Wed, 20 May 2020 09:12:51 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4i4KOvDlM7Mggeljxg1clt0DhXnKb%2Bk8hh%2F2G%2FEU9CF89yk%2Fv%2Bv058pe%2F%2FfB2%2BwTCc%2FyFEBq7uAKQY1fM2p2unSeiI2QRLdVG5hOhKnatD0ttzPqrrYcg%2FCCh7FKNcny8inLwvcSunj46eaw21HJESFsxg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
68fd38ad2e051f2d-FRA
expires
Thu, 23 Sep 2021 21:34:53 GMT
carsten-maschmeyer-und-judith-williams.jpg
investment-times.org/btcde3/index_files/
71 KB
72 KB
Image
General
Full URL
https://investment-times.org/btcde3/index_files/carsten-maschmeyer-und-judith-williams.jpg
Requested by
Host: investment-times.org
URL: https://investment-times.org/btcde3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:4c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c155aa91c885690a76b7980782929e024d0a9c1c0eb718467f1984b190e91e39

Request headers

:path
/btcde3/index_files/carsten-maschmeyer-und-judith-williams.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
investment-times.org
referer
https://investment-times.org/btcde3/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://investment-times.org/btcde3/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 21:34:53 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
72905
last-modified
Wed, 20 May 2020 09:12:52 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FkP561ZB4SLW3iQZzWNGg7uTFiFkaSTId4ntMKUK8b5fu2iPFg%2BRF%2BTuOPdO0T974UBVJYyFAyphTXJV%2BBns4fJL2%2BcCSb%2FRPmemHss2aOe7LXcSXSX1KB26%2BomvCc4UiJ9Bt8KZF0nTybce4JMhVaKjzA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
68fd38ad5e281f2d-FRA
expires
Thu, 23 Sep 2021 21:34:53 GMT
ccccc.jpg
investment-times.org/btcde3/index_files/
138 KB
138 KB
Image
General
Full URL
https://investment-times.org/btcde3/index_files/ccccc.jpg
Requested by
Host: investment-times.org
URL: https://investment-times.org/btcde3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:4c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f51b53dba3c024c6ddb381aa17367a54be11c30b3a9411d9b0691aa3493882e

Request headers

:path
/btcde3/index_files/ccccc.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
investment-times.org
referer
https://investment-times.org/btcde3/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://investment-times.org/btcde3/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 21:34:53 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
140925
last-modified
Wed, 20 May 2020 09:12:49 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T278XGSNF55Cofl5Uk%2BQ0Pkdhz7QCzGzc35sz4fIEaMmuJb%2F%2F7kukw3A8inOlXk0Kkn3yg4prlh0Y4jlPlJJljhjbulOVnlfLGaLDaY%2BTXzbsmtN%2BGyJ%2FYgLLKDzE3M6QlVYvHefUi9RfcJf2n4zyV3Zog%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
68fd38ad5e2a1f2d-FRA
expires
Thu, 23 Sep 2021 21:34:53 GMT
prof1.jpg
investment-times.org/btcde3/index_files/
2 KB
2 KB
Image
General
Full URL
https://investment-times.org/btcde3/index_files/prof1.jpg
Requested by
Host: investment-times.org
URL: https://investment-times.org/btcde3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:4c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f6894acedc5915b51c9f1857f0da8ea062475edaff3b391b7cd7ffdf7115ad91

Request headers

:path
/btcde3/index_files/prof1.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
investment-times.org
referer
https://investment-times.org/btcde3/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://investment-times.org/btcde3/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 21:34:53 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
2197
last-modified
Wed, 20 May 2020 09:12:47 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rHNnskI%2BRMhm8opNXDT2IXNueX1xU%2BXTn2lGnWVuHvvQuU5kTrXXDkCNxqZWiW3mOjwERzjeF%2BMfLOn2v7Xx2hpnzk3xnL7GNpS0redQ3tYp8B95lVYfxy9q3rxf4n%2F%2BSnO8g6g3BPzvw9lQLAw8WppUZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
68fd38ad5e2b1f2d-FRA
expires
Thu, 23 Sep 2021 21:34:53 GMT
prof2.jpg
investment-times.org/btcde3/index_files/
3 KB
3 KB
Image
General
Full URL
https://investment-times.org/btcde3/index_files/prof2.jpg
Requested by
Host: investment-times.org
URL: https://investment-times.org/btcde3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:4c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1707346b93ea4f91be70ba1d144c800813af2ef6d7bf2a9785665d2e9764b4c8

Request headers

:path
/btcde3/index_files/prof2.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
investment-times.org
referer
https://investment-times.org/btcde3/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://investment-times.org/btcde3/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 21:34:53 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
2833
last-modified
Wed, 20 May 2020 09:12:46 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2S05lTQzpKmmQeo1VUcRVE1UxZgH1po1%2FecAUrksGG%2BvySffbJGlsMIZjsp%2BsWrSo2aj7NDza24QU5SJHB%2BQar2Rd7ZDKEtD5TDsTzKbHYDV8C14LjhBMjFC1qnOxHX%2BHNNGPL0f%2B5VDS94f1ZcuXRIVwg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
68fd38ad5e2c1f2d-FRA
expires
Thu, 23 Sep 2021 21:34:53 GMT
prof3.jpg
investment-times.org/btcde3/index_files/
2 KB
2 KB
Image
General
Full URL
https://investment-times.org/btcde3/index_files/prof3.jpg
Requested by
Host: investment-times.org
URL: https://investment-times.org/btcde3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:4c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df99f7229bbfb0bdf5ed771fca5acc2fcbe96e41429bc2b2451f238c42d3f948

Request headers

:path
/btcde3/index_files/prof3.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
investment-times.org
referer
https://investment-times.org/btcde3/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://investment-times.org/btcde3/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 21:34:53 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
1977
last-modified
Thu, 25 Feb 2021 10:04:13 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4EsmwGJy5Y0E2%2FxJj%2Bp5xLiF8DU2jHlxxlHZzMexzNuDxqQ6soqwayIDpgW8ZvnCxM241taOtrTYA6URyLAZsuDOhA86mMV%2FXN3IUvmRgw%2Bjmcm%2BrBNVn6H7Y2WuvxECAjNeIcM80sxIYKawqGoET%2FD%2BLA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
68fd38ad5e2d1f2d-FRA
expires
Thu, 23 Sep 2021 21:34:53 GMT
prof4.jpg
investment-times.org/btcde3/index_files/
2 KB
2 KB
Image
General
Full URL
https://investment-times.org/btcde3/index_files/prof4.jpg
Requested by
Host: investment-times.org
URL: https://investment-times.org/btcde3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:4c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f5653349d4d9eade79c3484fc521672332ffba22afbf1022e80ecb56973814c4

Request headers

:path
/btcde3/index_files/prof4.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
investment-times.org
referer
https://investment-times.org/btcde3/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://investment-times.org/btcde3/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 21:34:53 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
2208
last-modified
Wed, 20 May 2020 09:12:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z86a5zMRqV5A0WHqP0J0XXM7d0kvCa2CtQfAUCOUqiEQYmSotCFHvtoUXtoHekIH1QONrz4gKOcE%2FklhklWozzkAT0IZLPkLHysDXrX9L6SmSMidhgRNq%2F3LppKREXrN%2FMnHB%2BeMZjGqNCOkj0cLCtAwlg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
68fd38ad5e2e1f2d-FRA
expires
Thu, 23 Sep 2021 21:34:53 GMT
prof5.jpg
investment-times.org/btcde3/index_files/
2 KB
2 KB
Image
General
Full URL
https://investment-times.org/btcde3/index_files/prof5.jpg
Requested by
Host: investment-times.org
URL: https://investment-times.org/btcde3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:4c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e4a39e9f9298e25b326bd92f08b9cca6b15f0d617677c8ef2a6a3c037a8a0a1

Request headers

:path
/btcde3/index_files/prof5.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
investment-times.org
referer
https://investment-times.org/btcde3/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://investment-times.org/btcde3/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 21:34:53 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
1597
last-modified
Wed, 20 May 2020 09:12:49 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PA1k%2FXZhoE80T1W0okUgXW0%2FehKbMSg2jX8EmjCAUE8dYbtSQP%2FZO0z98jCDONK6JycPE0mAOcf4tu16zCnSTBRvr%2FJvQFf5WaDsdjaNUdbDaFR1VTxf2ENeClE61a%2FjI1KNdovBpj0wK1HuFqBpHl3RMQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
68fd38ad5e2f1f2d-FRA
expires
Thu, 23 Sep 2021 21:34:53 GMT
184dc9ab-6565-4fbf-a6a5-27cb70a870e3.jpg
investment-times.org/btcde3/index_files/
62 KB
62 KB
Image
General
Full URL
https://investment-times.org/btcde3/index_files/184dc9ab-6565-4fbf-a6a5-27cb70a870e3.jpg
Requested by
Host: investment-times.org
URL: https://investment-times.org/btcde3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:4c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70d81524ff46cf40ab5b8dafa8597489819bed792aeffde58837e55b99013464

Request headers

:path
/btcde3/index_files/184dc9ab-6565-4fbf-a6a5-27cb70a870e3.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
investment-times.org
referer
https://investment-times.org/btcde3/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://investment-times.org/btcde3/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 21:34:53 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
63131
last-modified
Wed, 20 May 2020 09:12:52 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aps5x3U06KtqHzn2%2F2uxZEMFDyzCwjOMMQ9cRLYBaz6cMaIvHsWta%2FnL0xt24zEE7Obv9oKo5JL%2BlXSSOtq0RZIlVHaShxvNJZfCQ%2FFvn11ShKP8e22dm6h7kzwUfPtswyZCDQgv%2BxEOAoK%2FvXbiew9Hww%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
68fd38ad5e301f2d-FRA
expires
Thu, 23 Sep 2021 21:34:53 GMT
font-awesome.min.css
netdna.bootstrapcdn.com/font-awesome/4.7.0/css/
30 KB
7 KB
Stylesheet
General
Full URL
https://netdna.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: investment-times.org
URL: https://investment-times.org/btcde3/index_files/styles.main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://investment-times.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 21:34:53 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
723, 617, 617
age
15379344
cdn-cachedat
2021-03-11 11:57:51
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:55 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
9298a31cd0a3cc5e6ffaa407ce3c7d54
cf-ray
68fd38ad6c9f4e38-FRA
cdn-requestcountrycode
DE
cdn-requestpullsuccess
True

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Lion's Den Scam (Online)

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect boolean| originAgentCluster string| newUrl function| $ function| jQuery object| dayNames object| monthNames object| now

0 Cookies