www.invest-cities.site Open in urlscan Pro
162.0.215.8 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.invest-cities.site/
Submission: On February 15 via automatic, source certstream-suspicious (February 15th 2023, 8:27:36 am UTC) — Scanned from DE

Summary HTTP 8 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 8 HTTP transactions. The main IP is 162.0.215.8, located in United States and belongs to NAMECHEAP-NET, US. The main domain is www.invest-cities.site.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on March 9th 2022. Valid for: a year.

This is the only time www.invest-cities.site was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
7	162.0.215.8 162.0.215.8	22612 (NAMECHEAP...) (NAMECHEAP-NET)
1	162.19.58.159 162.19.58.159	16276 (OVH) (OVH)
8	2

7 162.0.215.8 (United States)

ASN22612 (NAMECHEAP-NET, US)
PTR: premium181-2.web-hosting.com

www.invest-cities.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.58.159 (France)

ASN16276 (OVH, FR)
PTR: ns3096667.ip-162-19-58.eu

i.ibb.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	invest-cities.site www.invest-cities.site	93 KB
1	ibb.co i.ibb.co — Cisco Umbrella Rank: 13172	2 MB
8	2

	Domain	Requested by
7	www.invest-cities.site	www.invest-cities.site
1	i.ibb.co	www.invest-cities.site
8	2

This site contains links to these domains. Also see Links.

Domain
pergitidur.com

Subject Issuer	Validity	Valid
*.web-hosting.com Sectigo RSA Domain Validation Secure Server CA	`2022-03-09` - `2023-04-09`	a year	crt.sh
ibb.co R3	`2023-02-06` - `2023-05-07`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.invest-cities.site/
Frame ID: 5971EBC330367D12AA7CE0F2DBEC45D8
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

HUBUNGI KAMI LANGSUNG

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

8
Requests

13 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

1674 kB
Transfer

1811 kB
Size

0
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://pergitidur.com/?ref=VVIPMEWAH

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response www.invest-cities.site/	2 KB 885 B	638ms 214ms	Document text/html	162.0.215.8 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://www.invest-cities.site/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 162.0.215.8 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS premium181-2.web-hosting.com Software LiteSpeed / Resource Hash `59a3d53b0e617566102e8158fd7616d43af3e039bb9e6acf003ac579c4482f03` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes content-encoding br content-length 719 content-type text/html date Wed, 15 Feb 2023 08:27:29 GMT last-modified Wed, 15 Feb 2023 08:26:12 GMT server LiteSpeed vary Accept-Encoding x-turbo-charged-by LiteSpeed
GET H2	200	all.css www.invest-cities.site/css/	54 KB 12 KB	198ms 198ms	Stylesheet text/css	162.0.215.8 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://www.invest-cities.site/css/all.css Requested by Host: www.invest-cities.site URL: https://www.invest-cities.site/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 162.0.215.8 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS premium181-2.web-hosting.com Software LiteSpeed / Resource Hash `9feac7c9788927f4dfde0300e3fad0046b2554ebfdbfb56124cf754756d1272b` Request headers accept-language de-DE,de;q=0.9 Referer https://www.invest-cities.site/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36 Response headers date Wed, 15 Feb 2023 08:27:29 GMT content-encoding br last-modified Wed, 01 Feb 2023 11:28:13 GMT server LiteSpeed vary Accept-Encoding content-type text/css cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed accept-ranges bytes content-length 11584 expires Wed, 22 Feb 2023 08:27:29 GMT
GET H2	200	app1.css www.invest-cities.site/css/	45 KB 7 KB	385ms 384ms	Stylesheet text/css	162.0.215.8 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://www.invest-cities.site/css/app1.css Requested by Host: www.invest-cities.site URL: https://www.invest-cities.site/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 162.0.215.8 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS premium181-2.web-hosting.com Software LiteSpeed / Resource Hash `ec29f36fb96d1a3d3956cbe24508d27b0dee524264a947996228b358fdb8d721` Request headers accept-language de-DE,de;q=0.9 Referer https://www.invest-cities.site/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36 Response headers date Wed, 15 Feb 2023 08:27:29 GMT content-encoding br last-modified Wed, 01 Feb 2023 11:28:52 GMT server LiteSpeed vary Accept-Encoding content-type text/css cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed accept-ranges bytes content-length 6784 expires Wed, 22 Feb 2023 08:27:29 GMT
GET H2	200	neng4dads.png i.ibb.co/SQZ51rv/	2 MB 2 MB	233ms 89ms	Image image/png	162.19.58.159 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://i.ibb.co/SQZ51rv/neng4dads.png Requested by Host: www.invest-cities.site URL: https://www.invest-cities.site/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 162.19.58.159 , France, ASN16276 (OVH, FR), Reverse DNS ns3096667.ip-162-19-58.eu Software nginx / Resource Hash `487d6385c7882c10ccb8d405176e3caaec0c2f775aff09ebb7f9fe85a14391d4` Request headers accept-language de-DE,de;q=0.9 Referer https://www.invest-cities.site/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36 Response headers date Wed, 15 Feb 2023 08:27:30 GMT last-modified Wed, 15 Feb 2023 08:24:10 GMT server nginx access-control-allow-methods GET, OPTIONS content-type image/png access-control-allow-origin * cache-control max-age=315360000, public accept-ranges bytes content-length 1616597 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	jquery-3.6.1.min.js Show response www.invest-cities.site/	88 KB 30 KB	201ms 199ms	Script application/javascript	162.0.215.8 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://www.invest-cities.site/jquery-3.6.1.min.js Requested by Host: www.invest-cities.site URL: https://www.invest-cities.site/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 162.0.215.8 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS premium181-2.web-hosting.com Software LiteSpeed / Resource Hash `a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74` Request headers Referer https://www.invest-cities.site/ Origin https://www.invest-cities.site accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36 Response headers date Wed, 15 Feb 2023 08:27:30 GMT content-encoding br last-modified Sat, 27 Aug 2022 04:36:04 GMT server LiteSpeed vary Accept-Encoding content-type application/javascript cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed accept-ranges bytes content-length 30317 expires Wed, 22 Feb 2023 08:27:30 GMT
GET H2	200	css-1 www.invest-cities.site/	376 B 510 B	194ms 192ms	Stylesheet text/plain	162.0.215.8 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://www.invest-cities.site/css-1 Requested by Host: www.invest-cities.site URL: https://www.invest-cities.site/css/app1.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 162.0.215.8 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS premium181-2.web-hosting.com Software LiteSpeed / Resource Hash `49085c608b75323866f958f1a892cc3e4afeb331d6eed876b937df26e3b8904a` Request headers accept-language de-DE,de;q=0.9 Referer https://www.invest-cities.site/css/app1.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36 Response headers date Wed, 15 Feb 2023 08:27:30 GMT x-turbo-charged-by LiteSpeed last-modified Wed, 01 Feb 2023 10:35:53 GMT server LiteSpeed accept-ranges bytes content-length 376
GET H2	200	qkBIXvYC6trAT55ZBi1ueQVIjQTD-JqaE0lP.ttf www.invest-cities.site/s/karla/v23/	22 KB 22 KB	193ms 193ms	Font font/ttf	162.0.215.8 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://www.invest-cities.site/s/karla/v23/qkBIXvYC6trAT55ZBi1ueQVIjQTD-JqaE0lP.ttf Requested by Host: www.invest-cities.site URL: https://www.invest-cities.site/css-1 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 162.0.215.8 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS premium181-2.web-hosting.com Software LiteSpeed / Resource Hash `9d2a45738bcd3cb375e914967a0c6bf93732a3ae3460b532d038afd53e144e71` Request headers Referer https://www.invest-cities.site/css-1 Origin https://www.invest-cities.site accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36 Response headers date Wed, 15 Feb 2023 08:27:30 GMT last-modified Tue, 12 Jul 2022 07:39:38 GMT server LiteSpeed content-type font/ttf cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed accept-ranges bytes content-length 22024 expires Wed, 22 Feb 2023 08:27:30 GMT
GET H2	200	qkBIXvYC6trAT55ZBi1ueQVIjQTDH52aE0lP.ttf www.invest-cities.site/s/karla/v23/	22 KB 22 KB	530ms 530ms	Font font/ttf	162.0.215.8 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://www.invest-cities.site/s/karla/v23/qkBIXvYC6trAT55ZBi1ueQVIjQTDH52aE0lP.ttf Requested by Host: www.invest-cities.site URL: https://www.invest-cities.site/css-1 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 162.0.215.8 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS premium181-2.web-hosting.com Software LiteSpeed / Resource Hash `bd92686bc48b9e74377f19367e8895cf6bd9c5c9e3599ed5394729d94385486a` Request headers Referer https://www.invest-cities.site/css-1 Origin https://www.invest-cities.site accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36 Response headers date Wed, 15 Feb 2023 08:27:30 GMT last-modified Tue, 12 Jul 2022 07:38:52 GMT server LiteSpeed content-type font/ttf cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed accept-ranges bytes content-length 22044 expires Wed, 22 Feb 2023 08:27:30 GMT

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| oncontentvisibilityautostatechange function| $ function| jQuery

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

i.ibb.co
www.invest-cities.site
162.0.215.8
162.19.58.159
487d6385c7882c10ccb8d405176e3caaec0c2f775aff09ebb7f9fe85a14391d4
49085c608b75323866f958f1a892cc3e4afeb331d6eed876b937df26e3b8904a
59a3d53b0e617566102e8158fd7616d43af3e039bb9e6acf003ac579c4482f03
9d2a45738bcd3cb375e914967a0c6bf93732a3ae3460b532d038afd53e144e71
9feac7c9788927f4dfde0300e3fad0046b2554ebfdbfb56124cf754756d1272b
a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74
bd92686bc48b9e74377f19367e8895cf6bd9c5c9e3599ed5394729d94385486a
ec29f36fb96d1a3d3956cbe24508d27b0dee524264a947996228b358fdb8d721

www.invest-cities.site Open in urlscan Pro 162.0.215.8 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

8 Requests

13 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

2 IPs

2 Countries

1674 kBTransfer

1811 kBSize

0 Cookies

1 Outgoing links

Redirected requests

8 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

0 Cookies

Indicators

www.invest-cities.site Open in urlscan Pro
162.0.215.8 Public Scan

Screenshot
Live screenshot

Full Image

8
Requests

13 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

1674 kB
Transfer

1811 kB
Size

0
Cookies

8 HTTP transactions
0 data transactions