urlscan.io logo urlscan.io
SecurityTrails logo

www.account.cleverfundinvest.com Open in urlscan Pro
185.207.190.21  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.account.cleverfundinvest.com/
Effective URL: https://www.account.cleverfundinvest.com/en/login
Submission: On July 22 via automatic, source certstream-suspicious
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 4 countries across 5 domains to perform 18 HTTP transactions. The main IP is 185.207.190.21, located in Lithuania and belongs to WIBO-AS, LT. The main domain is www.account.cleverfundinvest.com.
TLS certificate: Issued by cPanel, Inc. Certification Authority on July 22nd 2021. Valid for: 3 months.
This is the only time www.account.cleverfundinvest.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 6 185.207.190.21 59939 (WIBO-AS)
2 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
7 2a03:90c0:41:... 199524 (GCORE)
1 2606:4700:303... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 3.249.73.113 16509 (AMAZON-02)
18 8
6    185.207.190.21 (Lithuania)

ASN59939 (WIBO-AS, LT)
www.account.cleverfundinvest.com
2    2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2606:4700::6812:1734 (United States)

ASN13335 (CLOUDFLARENET, US)
kit.fontawesome.com
7    2a03:90c0:41:2801::254 (Frankfurt am Main, Germany)

ASN199524 (GCORE, LU)
code.jivosite.com
1    2606:4700:3030::6815:5183 (United States)

ASN13335 (CLOUDFLARENET, US)
ka-f.fontawesome.com
2    2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    3.249.73.113 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-249-73-113.eu-west-1.compute.amazonaws.com
node346.jivosite.com
Domain Requested by
7 code.jivosite.com www.account.cleverfundinvest.com
code.jivosite.com
6 www.account.cleverfundinvest.com 2 redirects www.account.cleverfundinvest.com
2 fonts.gstatic.com fonts.googleapis.com
2 fonts.googleapis.com www.account.cleverfundinvest.com
1 node346.jivosite.com code.jivosite.com
1 ka-f.fontawesome.com kit.fontawesome.com
1 kit.fontawesome.com www.account.cleverfundinvest.com
18 7

This site contains links to these domains. Also see Links.

Domain
www.jivo.ru
Subject Issuer Validity Valid
account.cleverfundinvest.com
cPanel, Inc. Certification Authority		 2021-07-22 -
2021-10-20		 3 months crt.sh
upload.video.google.com
GTS CA 1O1		 2021-06-28 -
2021-09-20		 3 months crt.sh
*.fontawesome.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-13 -
2021-12-14		 a year crt.sh
*.jivosite.com
Go Daddy Secure Certificate Authority - G2		 2020-04-05 -
2022-06-04		 2 years crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-10-13 -
2021-10-12		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2021-06-22 -
2021-09-14		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://www.account.cleverfundinvest.com/en/login
Frame ID: 0417C3ACAF4EF4AEF9F4F7F74D2CD220
Requests: 21 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://www.account.cleverfundinvest.com/ HTTP 302
    https://www.account.cleverfundinvest.com/ru HTTP 302
    https://www.account.cleverfundinvest.com/en/login Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
Overall confidence: 100%
Detected patterns
  • html /<script[^>]* src=[^>]+fontawesome(?:\.js)?/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

18
Requests

100 %
HTTPS

71 %
IPv6

5
Domains

7
Subdomains

8
IPs

4
Countries

1282 kB
Transfer

3201 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.account.cleverfundinvest.com/ HTTP 302
    https://www.account.cleverfundinvest.com/ru HTTP 302
    https://www.account.cleverfundinvest.com/en/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set login
www.account.cleverfundinvest.com/en/
Redirect Chain
  • https://www.account.cleverfundinvest.com/
  • https://www.account.cleverfundinvest.com/ru
  • https://www.account.cleverfundinvest.com/en/login
6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.account.cleverfundinvest.com/en/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.207.190.21 , Lithuania, ASN59939 (WIBO-AS, LT),
Reverse DNS
Software
Apache /
Resource Hash
09a7e7278809434d9dc80bc63df9cc836a571ace4a6bab72a21df290cb64ed19

Request headers

Host
www.account.cleverfundinvest.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
XSRF-TOKEN=eyJpdiI6IkNoXC9yak01YzVjMG1tR2drWkhwb0pBPT0iLCJ2YWx1ZSI6ImFVb3RTMUNkR1pyWGF1MGtZVUo0UkZYRHlRRG5QT0xzUG5pQjJXNGhJQUE1cWVRKzJXbzl3R0VPS0l1Y0VLcmciLCJtYWMiOiIwYjFhMGIzNGJiMDBlOWY3NGZmYjE1ZWY2NmNiYjFlZWQ4MjU5YmFlMjgwZDI4MTNmYTdmZmI4ZGY5OGU3NDMyIn0%3D; telecominvest_session=eyJpdiI6IlhIVk4rMWZqOG9mVzkxb0dPbFZ2cWc9PSIsInZhbHVlIjoidmhtMlp1a1Vjblk2ZU1YRk0zUWNwRVwvYjlHVmwwaW52emJmdThBOHpSVFwvaUVsYVVqaUpxRzVQWTZiOW94bkk2IiwibWFjIjoiMzE5YTFmZDUyMTRhMWJiNmU4ZDgzOWQ3NzUzNDhmYmM5NjkyYmE2ODExNTY0MTY4NmZmYTc3YjYxYmJiNmRhZiJ9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 22 Jul 2021 18:05:15 GMT
Server
Apache
Cache-Control
no-cache, private
Set-Cookie
XSRF-TOKEN=eyJpdiI6IktmZTIwbldzWWhtN29kNFF5KzFZSGc9PSIsInZhbHVlIjoiRHJxMjJDMzBZSFc5aDZubEYzVnRRM1V5RmVnK0pOVStMZ3V0UEVQR1I3bzBNNGhId1RacEpweVYrMUMyMERFUiIsIm1hYyI6IjNiMjEzOGEzZDdlZDFlYzY2M2I3NTBjNjk1MzI4NzkxMjhmZGI0NDQ1ZjhmMmQ3MmEyODE1YzIzNWJiOWQxYmEifQ%3D%3D; expires=Thu, 22-Jul-2021 20:05:15 GMT; Max-Age=7200; path=/ telecominvest_session=eyJpdiI6Imo0UlY2WmpRYW5GWFwvbTNcL3c0Qk9qQT09IiwidmFsdWUiOiJ1U0xVWHdPRnp2RGZcL05zYkNkZ1A5VFg2NVZwRmF6M3hOQjlwUEtmem51OVkxT3ZHbHJvME9LT0gydmt3ZkZVNyIsIm1hYyI6IjkyMDlmYmZhZWIyMjZlZjM2YTgzNWU0NmViOTZjYmFmYjExMzlkOWM3Mzk0NTUzN2JmZTM5ODBhYTJlZWY0ZmUifQ%3D%3D; expires=Thu, 22-Jul-2021 20:05:15 GMT; Max-Age=7200; path=/; httponly
Keep-Alive
timeout=5, max=98
Connection
Keep-Alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8

Redirect headers

Date
Thu, 22 Jul 2021 18:05:15 GMT
Server
Apache
Cache-Control
no-cache, private
Set-Cookie
XSRF-TOKEN=eyJpdiI6IkNoXC9yak01YzVjMG1tR2drWkhwb0pBPT0iLCJ2YWx1ZSI6ImFVb3RTMUNkR1pyWGF1MGtZVUo0UkZYRHlRRG5QT0xzUG5pQjJXNGhJQUE1cWVRKzJXbzl3R0VPS0l1Y0VLcmciLCJtYWMiOiIwYjFhMGIzNGJiMDBlOWY3NGZmYjE1ZWY2NmNiYjFlZWQ4MjU5YmFlMjgwZDI4MTNmYTdmZmI4ZGY5OGU3NDMyIn0%3D; expires=Thu, 22-Jul-2021 20:05:15 GMT; Max-Age=7200; path=/ telecominvest_session=eyJpdiI6IlhIVk4rMWZqOG9mVzkxb0dPbFZ2cWc9PSIsInZhbHVlIjoidmhtMlp1a1Vjblk2ZU1YRk0zUWNwRVwvYjlHVmwwaW52emJmdThBOHpSVFwvaUVsYVVqaUpxRzVQWTZiOW94bkk2IiwibWFjIjoiMzE5YTFmZDUyMTRhMWJiNmU4ZDgzOWQ3NzUzNDhmYmM5NjkyYmE2ODExNTY0MTY4NmZmYTc3YjYxYmJiNmRhZiJ9; expires=Thu, 22-Jul-2021 20:05:15 GMT; Max-Age=7200; path=/; httponly
Location
https://www.account.cleverfundinvest.com/en/login
Keep-Alive
timeout=5, max=99
Connection
Keep-Alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
css2
fonts.googleapis.com/ 		11 KB
908 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,300;0,400;0,500;0,700;1,400&display=swap
Requested by
Host: www.account.cleverfundinvest.com
URL: https://www.account.cleverfundinvest.com/en/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1fb2b22af4f94d692fe58db3b57c718dae223b5bccf0a2ad5f419fc6092bcb25
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.account.cleverfundinvest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 22 Jul 2021 16:28:21 GMT
server
ESF
date
Thu, 22 Jul 2021 18:05:16 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 22 Jul 2021 18:05:16 GMT
app.js
www.account.cleverfundinvest.com/js/ 		329 KB
329 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.account.cleverfundinvest.com/js/app.js
Requested by
Host: www.account.cleverfundinvest.com
URL: https://www.account.cleverfundinvest.com/en/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.207.190.21 , Lithuania, ASN59939 (WIBO-AS, LT),
Reverse DNS
Software
Apache /
Resource Hash
d0ccc59c422f210e0856827dde672ec70c0395c98f053bc9e036cfe75ea1d8b2

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.account.cleverfundinvest.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://www.account.cleverfundinvest.com/en/login
Cookie
XSRF-TOKEN=eyJpdiI6IktmZTIwbldzWWhtN29kNFF5KzFZSGc9PSIsInZhbHVlIjoiRHJxMjJDMzBZSFc5aDZubEYzVnRRM1V5RmVnK0pOVStMZ3V0UEVQR1I3bzBNNGhId1RacEpweVYrMUMyMERFUiIsIm1hYyI6IjNiMjEzOGEzZDdlZDFlYzY2M2I3NTBjNjk1MzI4NzkxMjhmZGI0NDQ1ZjhmMmQ3MmEyODE1YzIzNWJiOWQxYmEifQ%3D%3D; telecominvest_session=eyJpdiI6Imo0UlY2WmpRYW5GWFwvbTNcL3c0Qk9qQT09IiwidmFsdWUiOiJ1U0xVWHdPRnp2RGZcL05zYkNkZ1A5VFg2NVZwRmF6M3hOQjlwUEtmem51OVkxT3ZHbHJvME9LT0gydmt3ZkZVNyIsIm1hYyI6IjkyMDlmYmZhZWIyMjZlZjM2YTgzNWU0NmViOTZjYmFmYjExMzlkOWM3Mzk0NTUzN2JmZTM5ODBhYTJlZWY0ZmUifQ%3D%3D
Connection
keep-alive
Referer
https://www.account.cleverfundinvest.com/en/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 22 Jul 2021 18:05:16 GMT
Last-Modified
Thu, 22 Jul 2021 16:56:16 GMT
Server
Apache
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
337106
fc323f1c1e.js
kit.fontawesome.com/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kit.fontawesome.com/fc323f1c1e.js
Requested by
Host: www.account.cleverfundinvest.com
URL: https://www.account.cleverfundinvest.com/en/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6798b74f40876578724ffddaede00a52762de1d5a88586a93964028e91cacafb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload

Request headers

Referer
https://www.account.cleverfundinvest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Jul 2021 18:05:16 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
origin, accept-encoding, access-control-request-headers, access-control-request-method
access-control-allow-methods
GET, OPTIONS
content-type
text/javascript
access-control-allow-origin
*
access-control-max-age
3000
cache-control
max-age=60, public, must-revalidate
strict-transport-security
max-age=31536000; preload
cf-ray
672e989f2d4ed725-FRA
access-control-allow-headers
accept, accept-langauge, content-language, content-type, fa-kit-token
x-request-id
FpP1acfekcvvR3wojYuB
app.css
www.account.cleverfundinvest.com/css/ 		125 KB
125 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.account.cleverfundinvest.com/css/app.css
Requested by
Host: www.account.cleverfundinvest.com
URL: https://www.account.cleverfundinvest.com/en/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.207.190.21 , Lithuania, ASN59939 (WIBO-AS, LT),
Reverse DNS
Software
Apache /
Resource Hash
135430d4e81436f929480d621ed2bd850e00f58e4363007e92644927cdb6141b

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.account.cleverfundinvest.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://www.account.cleverfundinvest.com/en/login
Cookie
XSRF-TOKEN=eyJpdiI6IktmZTIwbldzWWhtN29kNFF5KzFZSGc9PSIsInZhbHVlIjoiRHJxMjJDMzBZSFc5aDZubEYzVnRRM1V5RmVnK0pOVStMZ3V0UEVQR1I3bzBNNGhId1RacEpweVYrMUMyMERFUiIsIm1hYyI6IjNiMjEzOGEzZDdlZDFlYzY2M2I3NTBjNjk1MzI4NzkxMjhmZGI0NDQ1ZjhmMmQ3MmEyODE1YzIzNWJiOWQxYmEifQ%3D%3D; telecominvest_session=eyJpdiI6Imo0UlY2WmpRYW5GWFwvbTNcL3c0Qk9qQT09IiwidmFsdWUiOiJ1U0xVWHdPRnp2RGZcL05zYkNkZ1A5VFg2NVZwRmF6M3hOQjlwUEtmem51OVkxT3ZHbHJvME9LT0gydmt3ZkZVNyIsIm1hYyI6IjkyMDlmYmZhZWIyMjZlZjM2YTgzNWU0NmViOTZjYmFmYjExMzlkOWM3Mzk0NTUzN2JmZTM5ODBhYTJlZWY0ZmUifQ%3D%3D
Connection
keep-alive
Referer
https://www.account.cleverfundinvest.com/en/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 22 Jul 2021 18:05:16 GMT
Last-Modified
Thu, 22 Jul 2021 16:56:16 GMT
Server
Apache
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
127801
main.css
www.account.cleverfundinvest.com/css/ 		25 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.account.cleverfundinvest.com/css/main.css?907250
Requested by
Host: www.account.cleverfundinvest.com
URL: https://www.account.cleverfundinvest.com/en/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.207.190.21 , Lithuania, ASN59939 (WIBO-AS, LT),
Reverse DNS
Software
Apache /
Resource Hash
4579ae84dc46740d3d2295271e872cd236f827e18d6d05301208a71a6872ac43

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.account.cleverfundinvest.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://www.account.cleverfundinvest.com/en/login
Cookie
XSRF-TOKEN=eyJpdiI6IktmZTIwbldzWWhtN29kNFF5KzFZSGc9PSIsInZhbHVlIjoiRHJxMjJDMzBZSFc5aDZubEYzVnRRM1V5RmVnK0pOVStMZ3V0UEVQR1I3bzBNNGhId1RacEpweVYrMUMyMERFUiIsIm1hYyI6IjNiMjEzOGEzZDdlZDFlYzY2M2I3NTBjNjk1MzI4NzkxMjhmZGI0NDQ1ZjhmMmQ3MmEyODE1YzIzNWJiOWQxYmEifQ%3D%3D; telecominvest_session=eyJpdiI6Imo0UlY2WmpRYW5GWFwvbTNcL3c0Qk9qQT09IiwidmFsdWUiOiJ1U0xVWHdPRnp2RGZcL05zYkNkZ1A5VFg2NVZwRmF6M3hOQjlwUEtmem51OVkxT3ZHbHJvME9LT0gydmt3ZkZVNyIsIm1hYyI6IjkyMDlmYmZhZWIyMjZlZjM2YTgzNWU0NmViOTZjYmFmYjExMzlkOWM3Mzk0NTUzN2JmZTM5ODBhYTJlZWY0ZmUifQ%3D%3D
Connection
keep-alive
Referer
https://www.account.cleverfundinvest.com/en/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 22 Jul 2021 18:05:16 GMT
Last-Modified
Thu, 22 Jul 2021 16:56:16 GMT
Server
Apache
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
25684
rNNNCH5pyi
code.jivosite.com/widget/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jivosite.com/widget/rNNNCH5pyi
Requested by
Host: www.account.cleverfundinvest.com
URL: https://www.account.cleverfundinvest.com/en/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
b6a2ac4249c7a7140afa317d6cbaca9fcb20b81cacfd77eddc8855e89f61ff63

Request headers

Referer
https://www.account.cleverfundinvest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-id
fr5-up-gc32
date
Thu, 22 Jul 2021 18:05:16 GMT
content-encoding
br
access-control-allow-origin
*
x-cached-since
2021-07-21T16:43:54+00:00
x-shard
fr5-shard0-default_443
x-geo-shard
main
content-length
5992
last-modified
Mon, 19 Jul 2021 15:08:14 GMT
server
nginx
etag
"60f5955e-1768"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 sharxy
cache-control
max-age=7200
cache
STALE
accept-ranges
bytes
expires
Wed, 21 Jul 2021 18:43:53 GMT
free.min.js
ka-f.fontawesome.com/releases/v5.15.3/js/ 		1 MB
426 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v5.15.3/js/free.min.js?token=fc323f1c1e
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/fc323f1c1e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:5183 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2edb23e0218045a0ad6fa3ef0c6f0fd416e2b70a8dd000a81ee550fe200e2d1d

Request headers

Referer
https://www.account.cleverfundinvest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Jul 2021 18:05:16 GMT
via
1.1 2c7edebcbef52f9edd55fa61e184e994.cloudfront.net (CloudFront)
vary
Accept-Encoding
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
ATL50-C1
x-cache
Hit from cloudfront
access-control-allow-methods
GET
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified
Wed, 17 Mar 2021 02:23:57 GMT
server
cloudflare
etag
W/"0a248a85035b80c754b2a371f24692dd"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mlJMXxkJJgsvaQbMsTOlu%2Blj91ff2%2FU%2BXYL0cgZUe6QItS1%2BIyChHFrCue81upxD%2BhMhhREV4vAG%2BsYF4toqA9BflwgIZMR2xp6qTCaC6MQ2ukhIpKdPW8Ede%2BrKBLQ%2Fq1R6FJjuio2m2701p5WaBWJ7Ew%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31556926
cf-ray
672e989f8d562488-FRA
access-control-allow-headers
fa-kit-token
x-amz-cf-id
Wb3P0MrJmH4f2_sSPITaD7niDsf34tm5KxIhrdI2tBTIaVWiqZl8qw==
truncated
/ 		332 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0abd7459064b961395a4786cbcee310578496757851219c8a1d3ac5e60a3211b

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
css
fonts.googleapis.com/ 		2 KB
502 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Nunito
Requested by
Host: www.account.cleverfundinvest.com
URL: https://www.account.cleverfundinvest.com/css/app.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
92e84db6987ce882afbf7bf6a990760008eb6f08af890a00b0ee7f1301e5f7d2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.account.cleverfundinvest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 22 Jul 2021 17:52:00 GMT
server
ESF
date
Thu, 22 Jul 2021 18:05:16 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 22 Jul 2021 18:05:16 GMT
KFOkCnqEu92Fr1Mu51xIIzI.woff2
fonts.gstatic.com/s/roboto/v27/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOkCnqEu92Fr1Mu51xIIzI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,300;0,400;0,500;0,700;1,400&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
46375ee9192c1e0f6eabe4d32b2a48b996b93037f7b4beb970df5b87359548fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.account.cleverfundinvest.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Jul 2021 19:20:02 GMT
x-content-type-options
nosniff
age
254714
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17304
x-xss-protection
0
last-modified
Mon, 05 Apr 2021 21:10:35 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 19 Jul 2022 19:20:02 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,300;0,400;0,500;0,700;1,400&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.account.cleverfundinvest.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Jul 2021 18:26:24 GMT
x-content-type-options
nosniff
age
257932
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Mon, 05 Apr 2021 21:10:35 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 19 Jul 2022 18:26:24 GMT
rNNNCH5pyi
code.jivosite.com/script/widget/config/ 		2 KB
944 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://code.jivosite.com/script/widget/config/rNNNCH5pyi
Requested by
Host: code.jivosite.com
URL: https://code.jivosite.com/widget/rNNNCH5pyi
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
299b815b3394febe55413f28a1cb10a746195e2b085781fdd8d687c893a067f7

Request headers

Referer
https://www.account.cleverfundinvest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-id
fr5-up-gc32
date
Thu, 22 Jul 2021 18:05:16 GMT
content-encoding
gzip
access-control-allow-origin
*
x-cached-since
2021-07-21T16:43:54+00:00
x-shard
fr5-shard0-default_443
x-geo-shard
main
content-length
700
server
nginx
vary
Accept-Encoding
content-type
application/x-javascript
via
1.1 sharxy
cache-control
max-age=7200
cache
STALE
accept-ranges
bytes
expires
Wed, 21 Jul 2021 18:43:54 GMT
rNNNCH5pyi
node346.jivosite.com/widget/status/1643587/ 		445 B
722 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://node346.jivosite.com/widget/status/1643587/rNNNCH5pyi?rnd=0.10672412729336345
Requested by
Host: code.jivosite.com
URL: https://code.jivosite.com/widget/rNNNCH5pyi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.249.73.113 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-249-73-113.eu-west-1.compute.amazonaws.com
Software
foxy /
Resource Hash
0811bdc9ee4dcffb95ab8445e24b3c325306478456fc9f21272a71efd20ffd83

Request headers

Referer
https://www.account.cleverfundinvest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Jul 2021 18:05:16 GMT
server
foxy
x-botmode
no
x-geoip
CH;ZH;Zurich
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.account.cleverfundinvest.com
access-control-expose-headers
X-Geoip, X-Botmode
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-max-age
1728000
content-length
445
bundle_ru_RU.js
code.jivosite.com/js/ 		1 MB
261 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jivosite.com/js/bundle_ru_RU.js?rand=1626874492
Requested by
Host: code.jivosite.com
URL: https://code.jivosite.com/widget/rNNNCH5pyi
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
00e6e84942b3b627b2295e000f89fb6fff1fc3516ded5e18bb36d3e28bf69e83

Request headers

Referer
https://www.account.cleverfundinvest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-id
fr5-up-gc32
date
Thu, 22 Jul 2021 18:05:21 GMT
content-encoding
br
access-control-allow-origin
*
x-cached-since
2021-07-22T13:38:17+00:00
x-shard
fr5-shard0-default_443
x-geo-shard
main
content-length
266798
last-modified
Mon, 19 Jul 2021 15:10:08 GMT
server
nginx
etag
"60f595d0-4122e"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 sharxy
cache-control
max-age=86400
cache
HIT
accept-ranges
bytes
widget.css
code.jivosite.com/css/d96224af/ 		222 KB
48 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://code.jivosite.com/css/d96224af/widget.css
Requested by
Host: www.account.cleverfundinvest.com
URL: https://www.account.cleverfundinvest.com/en/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
e8a6ad35aeaf172d1502ca54682f03d76f7dabd5974e3460b14e5917cd673b60

Request headers

Referer
https://www.account.cleverfundinvest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-id
fr5-up-gc33
date
Thu, 22 Jul 2021 18:05:21 GMT
content-encoding
br
x-cached-since
2021-07-22T10:10:44+00:00
x-shard
fr5-shard0-default_443
x-geo-shard
main
content-length
48485
last-modified
Mon, 19 Jul 2021 15:09:34 GMT
server
nginx
etag
"60f595ae-bd65"
vary
Accept-Encoding
content-type
text/css
via
1.1 sharxy
cache-control
max-age=864000
cache
HIT
accept-ranges
bytes
expires
Sun, 01 Aug 2021 10:10:44 GMT
truncated
/ 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
238458332b22ccf7d78deac5a932f7d56fabaee575b8a1df679c46a65aa4583c

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		306 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8616d474d34514e7de3d775aef6524395dcfb4f22a56c500853b68ef3117c307

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
agent_message.mp3
code.jivosite.com/sounds/ 		4 KB
4 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://code.jivosite.com/sounds/agent_message.mp3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
ff81aad05612f90cf97c238f219765884e5cbf49351d8dc96a4a063c598c3f43

Request headers

Referer
https://www.account.cleverfundinvest.com/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

x-id
fr5-up-gc28
date
Thu, 22 Jul 2021 18:05:21 GMT
via
1.1 sharxy
x-cached-since
2021-07-22T10:19:37+00:00
Content-Range
bytes 0-3759/3760
x-shard
fr5-shard0-default_443
x-geo-shard
main
Content-Length
3760
last-modified
Mon, 19 Jul 2021 15:07:26 GMT
server
nginx
etag
"60f5952e-eb0"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
audio/mpeg
access-control-allow-origin
*
cache-control
max-age=2592000
cache
HIT
expires
Sat, 21 Aug 2021 10:19:37 GMT
notification.mp3
code.jivosite.com/sounds/ 		6 KB
6 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://code.jivosite.com/sounds/notification.mp3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
1112436abea08c851302bba4d4e37a27e25e5ec26b20474667a3369d41154bab

Request headers

Referer
https://www.account.cleverfundinvest.com/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

x-id
fr5-up-gc29
date
Thu, 22 Jul 2021 18:05:21 GMT
via
1.1 sharxy
x-cached-since
2021-07-22T10:09:14+00:00
Content-Range
bytes 0-5807/5808
x-shard
fr5-shard0-default_443
x-geo-shard
main
Content-Length
5808
last-modified
Mon, 19 Jul 2021 15:07:26 GMT
server
nginx
etag
"60f5952e-16b0"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
audio/mpeg
access-control-allow-origin
*
cache-control
max-age=2592000
cache
HIT
expires
Sat, 21 Aug 2021 10:09:14 GMT
outgoing_message.mp3
code.jivosite.com/sounds/ 		5 KB
5 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://code.jivosite.com/sounds/outgoing_message.mp3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
d44244617bf21df7a137694fa762d5cab3b82cb9fae8f33de5917977b02b2a11

Request headers

Referer
https://www.account.cleverfundinvest.com/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

x-id
fr5-up-gc29
date
Thu, 22 Jul 2021 18:05:21 GMT
via
1.1 sharxy
x-cached-since
2021-07-22T10:09:18+00:00
Content-Range
bytes 0-5013/5014
x-shard
fr5-shard0-default_443
x-geo-shard
main
Content-Length
5014
last-modified
Mon, 19 Jul 2021 15:07:26 GMT
server
nginx
etag
"60f5952e-1396"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
audio/mpeg
access-control-allow-origin
*
cache-control
max-age=2592000
cache
HIT
expires
Sat, 21 Aug 2021 10:09:18 GMT

Verdicts & Comments Add Verdict or Comment

34 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| FontAwesomeKitConfig function| _ function| Popper function| jQuery function| $ function| axios function| setImmediate function| clearImmediate function| Vue function| __jivoOnError boolean| __hasStorage boolean| jivo_magic_var function| __jivoBundleOnLoad function| __jivoBundleInit function| jivo_init function| jivo_destroy object| jivo_config object| ___FONT_AWESOME___ object| FontAwesomeConfig object| FontAwesome string| jivo_version object| jivo_api

2 Cookies

Domain/Path Name / Value
www.account.cleverfundinvest.com/ Name: telecominvest_session
Value: eyJpdiI6Imo0UlY2WmpRYW5GWFwvbTNcL3c0Qk9qQT09IiwidmFsdWUiOiJ1U0xVWHdPRnp2RGZcL05zYkNkZ1A5VFg2NVZwRmF6M3hOQjlwUEtmem51OVkxT3ZHbHJvME9LT0gydmt3ZkZVNyIsIm1hYyI6IjkyMDlmYmZhZWIyMjZlZjM2YTgzNWU0NmViOTZjYmFmYjExMzlkOWM3Mzk0NTUzN2JmZTM5ODBhYTJlZWY0ZmUifQ%3D%3D
www.account.cleverfundinvest.com/ Name: XSRF-TOKEN
Value: eyJpdiI6IktmZTIwbldzWWhtN29kNFF5KzFZSGc9PSIsInZhbHVlIjoiRHJxMjJDMzBZSFc5aDZubEYzVnRRM1V5RmVnK0pOVStMZ3V0UEVQR1I3bzBNNGhId1RacEpweVYrMUMyMERFUiIsIm1hYyI6IjNiMjEzOGEzZDdlZDFlYzY2M2I3NTBjNjk1MzI4NzkxMjhmZGI0NDQ1ZjhmMmQ3MmEyODE1YzIzNWJiOWQxYmEifQ%3D%3D

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

code.jivosite.com
fonts.googleapis.com
fonts.gstatic.com
ka-f.fontawesome.com
kit.fontawesome.com
node346.jivosite.com
www.account.cleverfundinvest.com
185.207.190.21
2606:4700:3030::6815:5183
2606:4700::6812:1734
2a00:1450:4001:812::2003
2a00:1450:4001:831::200a
2a03:90c0:41:2801::254
3.249.73.113
00e6e84942b3b627b2295e000f89fb6fff1fc3516ded5e18bb36d3e28bf69e83
0811bdc9ee4dcffb95ab8445e24b3c325306478456fc9f21272a71efd20ffd83
09a7e7278809434d9dc80bc63df9cc836a571ace4a6bab72a21df290cb64ed19
0abd7459064b961395a4786cbcee310578496757851219c8a1d3ac5e60a3211b
1112436abea08c851302bba4d4e37a27e25e5ec26b20474667a3369d41154bab
135430d4e81436f929480d621ed2bd850e00f58e4363007e92644927cdb6141b
1fb2b22af4f94d692fe58db3b57c718dae223b5bccf0a2ad5f419fc6092bcb25
238458332b22ccf7d78deac5a932f7d56fabaee575b8a1df679c46a65aa4583c
299b815b3394febe55413f28a1cb10a746195e2b085781fdd8d687c893a067f7
2edb23e0218045a0ad6fa3ef0c6f0fd416e2b70a8dd000a81ee550fe200e2d1d
4579ae84dc46740d3d2295271e872cd236f827e18d6d05301208a71a6872ac43
46375ee9192c1e0f6eabe4d32b2a48b996b93037f7b4beb970df5b87359548fd
6798b74f40876578724ffddaede00a52762de1d5a88586a93964028e91cacafb
8616d474d34514e7de3d775aef6524395dcfb4f22a56c500853b68ef3117c307
92e84db6987ce882afbf7bf6a990760008eb6f08af890a00b0ee7f1301e5f7d2
b6a2ac4249c7a7140afa317d6cbaca9fcb20b81cacfd77eddc8855e89f61ff63
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
d0ccc59c422f210e0856827dde672ec70c0395c98f053bc9e036cfe75ea1d8b2
d44244617bf21df7a137694fa762d5cab3b82cb9fae8f33de5917977b02b2a11
e8a6ad35aeaf172d1502ca54682f03d76f7dabd5974e3460b14e5917cd673b60
ff81aad05612f90cf97c238f219765884e5cbf49351d8dc96a4a063c598c3f43