investment-times.org
Open in
urlscan Pro
2606:4700:3030::6815:4c6
Malicious Activity!
Public Scan
Submission: On September 16 via manual from ES — Scanned from DE
Summary
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 4th 2021. Valid for: a year.
This is the only time investment-times.org was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Lion's Den Scam (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 14 | 2606:4700:303... 2606:4700:3030::6815:4c6 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2606:4700::68... 2606:4700::6812:acf | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
14 | 2 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
14 |
investment-times.org
1 redirects
investment-times.org |
632 KB |
1 |
bootstrapcdn.com
netdna.bootstrapcdn.com |
7 KB |
14 | 2 |
Domain | Requested by | |
---|---|---|
14 | investment-times.org |
1 redirects
investment-times.org
|
1 | netdna.bootstrapcdn.com |
investment-times.org
|
14 | 2 |
This site contains links to these domains. Also see Links.
Domain |
---|
sugendent-laused.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2021-07-04 - 2022-07-03 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://investment-times.org/btcde3/
Frame ID: 23A55F835910364FE305BAE2DAD9929B
Requests: 14 HTTP requests in this frame
Screenshot
Page Title
TAZPage URL History Show full URLs
-
https://investment-times.org/btcde3
HTTP 301
https://investment-times.org/btcde3/ Page URL
Detected technologies
Font Awesome (Font Scripts) ExpandDetected patterns
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Title: Folge um ein System
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://investment-times.org/btcde3
HTTP 301
https://investment-times.org/btcde3/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
14 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
investment-times.org/btcde3/ Redirect Chain
|
14 KB 6 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
investment-times.org/btcde3/index_files/ |
86 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
styles.main.css
investment-times.org/btcde3/index_files/ |
13 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hd-hero1.jpg
investment-times.org/btcde3/index_files/ |
118 KB 118 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2018-03-28_12.06.48.jpg
investment-times.org/btcde3/index_files/ |
188 KB 189 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
carsten-maschmeyer-und-judith-williams.jpg
investment-times.org/btcde3/index_files/ |
71 KB 72 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ccccc.jpg
investment-times.org/btcde3/index_files/ |
138 KB 138 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
prof1.jpg
investment-times.org/btcde3/index_files/ |
2 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
prof2.jpg
investment-times.org/btcde3/index_files/ |
3 KB 3 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
prof3.jpg
investment-times.org/btcde3/index_files/ |
2 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
prof4.jpg
investment-times.org/btcde3/index_files/ |
2 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
prof5.jpg
investment-times.org/btcde3/index_files/ |
2 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
184dc9ab-6565-4fbf-a6a5-27cb70a870e3.jpg
investment-times.org/btcde3/index_files/ |
62 KB 62 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
font-awesome.min.css
netdna.bootstrapcdn.com/font-awesome/4.7.0/css/ |
30 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Lion's Den Scam (Online)8 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onbeforexrselect boolean| originAgentCluster string| newUrl function| $ function| jQuery object| dayNames object| monthNames object| now0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
investment-times.org
netdna.bootstrapcdn.com
2606:4700:3030::6815:4c6
2606:4700::6812:acf
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
12a96189b8080cf25d98c3d0ec6522888acda15daf764d4fce694ce1141d5660
1707346b93ea4f91be70ba1d144c800813af2ef6d7bf2a9785665d2e9764b4c8
44d22dd34c6e3f0c9253be6aa002e79f353981ba21ec8b5f92c1a82923d65908
4f51b53dba3c024c6ddb381aa17367a54be11c30b3a9411d9b0691aa3493882e
5e4a39e9f9298e25b326bd92f08b9cca6b15f0d617677c8ef2a6a3c037a8a0a1
6ef18c874e412f0827a0830ddf7f9f6ace52e3ba01e85dfb0de890601d085b30
70d81524ff46cf40ab5b8dafa8597489819bed792aeffde58837e55b99013464
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
ac82b39e64db16df0c9d59832a78d60ca919fb39f39e22c1dd63e70d960cffb2
c155aa91c885690a76b7980782929e024d0a9c1c0eb718467f1984b190e91e39
df99f7229bbfb0bdf5ed771fca5acc2fcbe96e41429bc2b2451f238c42d3f948
f5653349d4d9eade79c3484fc521672332ffba22afbf1022e80ecb56973814c4
f6894acedc5915b51c9f1857f0da8ea062475edaff3b391b7cd7ffdf7115ad91