www.investisseurmalin.com Open in urlscan Pro
2606:4700::6810:cc2 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.academie3g.com/click.html?x=a62e&lc=cg7&mc=5&s=Yx1c&u=p&z=OmBQVYO&]dont
Effective URL:
https://www.investisseurmalin.com/ba-auto-slo-vo
Submission: On November 06 via api (November 6th 2021, 1:49:14 am UTC) from BE — Scanned from DE

Summary HTTP 13 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 2 IPs in 3 countries across 3 domains to perform 13 HTTP transactions. The main IP is 2606:4700::6810:cc2, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.investisseurmalin.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 4th 2021. Valid for: a year.

This is the only time www.investisseurmalin.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	188.114.81.51 188.114.81.51	198881 (IMPLIX-PL-AS) (IMPLIX-PL-AS)
1 1	52.59.165.42 52.59.165.42	16509 (AMAZON-02) (AMAZON-02)
12	2606:4700::68... 2606:4700::6810:cc2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
13	2

1 188.114.81.51 (Poland) 1 redirects

ASN198881 (IMPLIX-PL-AS, PL)
PTR: mta-1.academie3g.com

www.academie3g.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.59.165.42 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: eu-ip-1.short.io

go.blackalgo.biz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2606:4700::6810:cc2 (United States)

ASN13335 (CLOUDFLARENET, US)

www.investisseurmalin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	investisseurmalin.com www.investisseurmalin.com	118 KB
1	blackalgo.biz 1 redirects go.blackalgo.biz	389 B
1	academie3g.com 1 redirects www.academie3g.com	600 B
13	3

	Domain	Requested by
12	www.investisseurmalin.com	www.investisseurmalin.com
1	go.blackalgo.biz	1 redirects
1	www.academie3g.com	1 redirects
13	3

This site contains links to these domains. Also see Links.

Domain
www.cloudflare.com

Subject Issuer	Validity	Valid
www.investisseurmalin.com Cloudflare Inc ECC CA-3	`2021-06-04` - `2022-06-03`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://www.investisseurmalin.com/ba-auto-slo-vo
Frame ID: CC4C5090BC69AD6446258431E3B5F8A0
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Just a moment...

Page URL History Show full URLs

https://www.academie3g.com/click.html?x=a62e&lc=cg7&mc=5&s=Yx1c&u=p&z=OmBQVYO&]dont HTTP 302
https://go.blackalgo.biz/3mois HTTP 302
https://www.investisseurmalin.com/ba-auto-slo-vo Page URL
https://www.investisseurmalin.com/ba-auto-slo-vo Page URL

Page Statistics

13
Requests

92 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

2
IPs

3
Countries

118 kB
Transfer

224 kB
Size

4
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.cloudflare.com/5xx-error-landing/
Title: Cloudflare

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.academie3g.com/click.html?x=a62e&lc=cg7&mc=5&s=Yx1c&u=p&z=OmBQVYO&]dont HTTP 302
https://go.blackalgo.biz/3mois HTTP 302
https://www.investisseurmalin.com/ba-auto-slo-vo Page URL
https://www.investisseurmalin.com/ba-auto-slo-vo Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://www.academie3g.com/click.html?x=a62e&lc=cg7&mc=5&s=Yx1c&u=p&z=OmBQVYO&]dont HTTP 302
https://go.blackalgo.biz/3mois HTTP 302
https://www.investisseurmalin.com/ba-auto-slo-vo

13 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

503

ba-auto-slo-vo Show response
www.investisseurmalin.com/
Redirect Chain

https://www.academie3g.com/click.html?x=a62e&lc=cg7&mc=5&s=Yx1c&u=p&z=OmBQVYO&]dont
https://go.blackalgo.biz/3mois
https://www.investisseurmalin.com/ba-auto-slo-vo

10 KB
10 KB

155ms
24ms

Document
text/html

2606:4700::6810:cc2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.investisseurmalin.com/ba-auto-slo-vo

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:cc2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

65dd9ee14c70ae2be7c0a2b2b5bb60552c87ef245a3ba178d937373c1ee3f686

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Sat, 06 Nov 2021 01:49:10 GMT
content-type: text/html; charset=UTF-8
x-frame-options: SAMEORIGIN
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
server: cloudflare
cf-ray: 6a9aa9eacbbc6967-FRA

Redirect headers

x-ratelimit-limit: 50
x-ratelimit-remaining: 49
x-ratelimit-reset: 2
connection: close
content-type: text/html; charset=utf-8
x-powered-by: Short.io link shortener
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
location: https://www.investisseurmalin.com/ba-auto-slo-vo
content-length: 0
Date: Sat, 06 Nov 2021 01:49:10 GMT

GET
H2 200 v1 Show response
www.investisseurmalin.com/cdn-cgi/challenge-platform/h/b/orchestrate/jsch/ 35 KB
13 KB 47ms
47ms Script
text/javascript 2606:4700::6810:cc2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.investisseurmalin.com/cdn-cgi/challenge-platform/h/b/orchestrate/jsch/v1?ray=6a9aa9eacbbc6967
Requested by: Host: www.investisseurmalin.com
URL: https://www.investisseurmalin.com/ba-auto-slo-vo
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:cc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 507cf78f4b3de359b0732b4035d06392bc49e27d7a061e7e3a34803b593049ac

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.investisseurmalin.com/ba-auto-slo-vo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 01:49:10 GMT
content-encoding: br
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=0, must-revalidate
cf-ray: 6a9aa9eb1c266967-FRA

GET
H2 200 transparent.gif
www.investisseurmalin.com/cdn-cgi/images/trace/jschal/js/ 42 B
220 B 9ms
9ms Image
image/gif 2606:4700::6810:cc2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.investisseurmalin.com/cdn-cgi/images/trace/jschal/js/transparent.gif?ray=6a9aa9eacbbc6967

Requested by

Host: www.investisseurmalin.com
URL: https://www.investisseurmalin.com/ba-auto-slo-vo

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:cc2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.investisseurmalin.com/ba-auto-slo-vo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 01:49:10 GMT
x-content-type-options: nosniff
last-modified: Fri, 05 Nov 2021 13:27:57 GMT
server: cloudflare
etag: "6185315d-2a"
x-frame-options: DENY
content-type: image/gif
cache-control: max-age=7200, public
accept-ranges: bytes
cf-ray: 6a9aa9eb1c276967-FRA
vary: Accept-Encoding
content-length: 42
expires: Sat, 06 Nov 2021 03:49:10 GMT

GET
H2 200 transparent.gif
www.investisseurmalin.com/cdn-cgi/images/trace/jschal/nojs/ 42 B
101 B 9ms
9ms Image
image/gif 2606:4700::6810:cc2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.investisseurmalin.com/cdn-cgi/images/trace/jschal/nojs/transparent.gif?ray=6a9aa9eacbbc6967

Requested by

Host: www.investisseurmalin.com
URL: https://www.investisseurmalin.com/ba-auto-slo-vo

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:cc2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.investisseurmalin.com/ba-auto-slo-vo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 01:49:10 GMT
x-content-type-options: nosniff
last-modified: Fri, 05 Nov 2021 13:27:57 GMT
server: cloudflare
etag: "6185315d-2a"
x-frame-options: DENY
content-type: image/gif
cache-control: max-age=7200, public
accept-ranges: bytes
cf-ray: 6a9aa9eb1c286967-FRA
vary: Accept-Encoding
content-length: 42
expires: Sat, 06 Nov 2021 03:49:10 GMT

POST
H2 200 61c960a392fcceb Show response
www.investisseurmalin.com/cdn-cgi/challenge-platform/h/b/flow/ov1/0.3890240784262326:1636160966:39eea53747d6ef24c347c159a14416d335f4485a4208538339442973938f42dc/6a9aa9eacbbc6967/ 91 KB
43 KB 61ms
61ms XHR
text/plain 2606:4700::6810:cc2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.investisseurmalin.com/cdn-cgi/challenge-platform/h/b/flow/ov1/0.3890240784262326:1636160966:39eea53747d6ef24c347c159a14416d335f4485a4208538339442973938f42dc/6a9aa9eacbbc6967/61c960a392fcceb
Requested by: Host: www.investisseurmalin.com
URL: https://www.investisseurmalin.com/cdn-cgi/challenge-platform/h/b/orchestrate/jsch/v1?ray=6a9aa9eacbbc6967
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:cc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ac2b295f21a4aa5a94d34c390be7e594dc0c4d93503521d87c43fe8a65922161

Request headers

Referer: https://www.investisseurmalin.com/ba-auto-slo-vo
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
CF-Challenge: 61c960a392fcceb
Content-type: application/x-www-form-urlencoded

Response headers

date: Sat, 06 Nov 2021 01:49:10 GMT
content-encoding: br
server: cloudflare
cf-ray: 6a9aa9eb9cb56967-FRA
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8

GET
DATA 200
OK truncated
/ 265 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2b6cd77fddc877b13112ef97b8cf5fc1b60e9510bfa9d718effe7be6d091b25f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
BLOB 200
OK 74bb59fd-716f-454d-bfec-f24f6758bb30
https://www.investisseurmalin.com/ 120 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.investisseurmalin.com/74bb59fd-716f-454d-bfec-f24f6758bb30
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c609febe6499f4d3ca41a5a6266ea0f7f1f5641c8917d26a20261f3c7ae89185

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Length: 120
Content-Type: application/javascript

POST
H2 200 61c960a392fcceb Show response
www.investisseurmalin.com/cdn-cgi/challenge-platform/h/b/flow/ov1/0.3890240784262326:1636160966:39eea53747d6ef24c347c159a14416d335f4485a4208538339442973938f42dc/6a9aa9eacbbc6967/ 2 KB
2 KB 139ms
138ms XHR
text/plain 2606:4700::6810:cc2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.investisseurmalin.com/cdn-cgi/challenge-platform/h/b/flow/ov1/0.3890240784262326:1636160966:39eea53747d6ef24c347c159a14416d335f4485a4208538339442973938f42dc/6a9aa9eacbbc6967/61c960a392fcceb
Requested by: Host: www.investisseurmalin.com
URL: https://www.investisseurmalin.com/cdn-cgi/challenge-platform/h/b/orchestrate/jsch/v1?ray=6a9aa9eacbbc6967
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:cc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aeb05446b9a5070e581c6dede6bbf585e50fa8e892cc352d8089bb763102d9c9

Request headers

Referer: https://www.investisseurmalin.com/ba-auto-slo-vo
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
CF-Challenge: 61c960a392fcceb
Content-type: application/x-www-form-urlencoded

Response headers

date: Sat, 06 Nov 2021 01:49:11 GMT
content-encoding: br
server: cloudflare
cf_chl_out: p4/GXEeb4Me4XCe8F3hmI5MGRvUd8FRmLI9O40/XFithmAzo1sBdmOztv/rOHaMKikQw8+WaPOfi/SBj80ibuQ==$T83yBeQR0oN7NU/++8zKzQ==
vary: Accept-Encoding
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: text/plain;charset=UTF-8
cf_chl_out_s: YmjtY3P1QqE+mcRaK2fLYHBtnwHh1NHPxckVcVjsnD8uKbbsG+mYQ6z2lYHKIJbA4irQnIyuvZDo3jlqQHq4R0Cf5JGfFGGZW2+UpnWo5x47/mloAwT0PvCEPHdu7lt4vNMDq/gZOkN6H4udSmmlt/LLBF/NXQ+m9Xt1X+CmrS/wG7u6EMz00AFzv9TJnwka$zPLbrGK5kVdf9ESMGUxtdg==
cf-ray: 6a9aa9efe99b6967-FRA

GET
H2 503 Primary Request ba-auto-slo-vo Show response
www.investisseurmalin.com/ 9 KB
10 KB 17ms
17ms Document
text/html 2606:4700::6810:cc2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.investisseurmalin.com/ba-auto-slo-vo

Requested by

Host: www.investisseurmalin.com
URL: https://www.investisseurmalin.com/ba-auto-slo-vo

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:cc2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8f5724065db19bf5e130e5b4a07219be982800cc841e565d707a6a6053a740db

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.investisseurmalin.com/ba-auto-slo-vo

Response headers

date: Sat, 06 Nov 2021 01:49:13 GMT
content-type: text/html; charset=UTF-8
x-frame-options: SAMEORIGIN
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
server: cloudflare
cf-ray: 6a9aa9fe3aa46967-FRA

GET
H2 200 v1 Show response
www.investisseurmalin.com/cdn-cgi/challenge-platform/h/b/orchestrate/jsch/ 36 KB
13 KB 23ms
22ms Script
text/javascript 2606:4700::6810:cc2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.investisseurmalin.com/cdn-cgi/challenge-platform/h/b/orchestrate/jsch/v1?ray=6a9aa9fe3aa46967
Requested by: Host: www.investisseurmalin.com
URL: https://www.investisseurmalin.com/ba-auto-slo-vo
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:cc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 374bdf67fad93f7eb798e88a9e5bebfbe73d30a0eef214ed2c640f9d95449360

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.investisseurmalin.com/ba-auto-slo-vo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 01:49:13 GMT
content-encoding: br
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=0, must-revalidate
cf-ray: 6a9aa9fe6ac76967-FRA

GET
H2 200 transparent.gif
www.investisseurmalin.com/cdn-cgi/images/trace/jschal/js/ 42 B
124 B 9ms
9ms Image
image/gif 2606:4700::6810:cc2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.investisseurmalin.com/cdn-cgi/images/trace/jschal/js/transparent.gif?ray=6a9aa9fe3aa46967

Requested by

Host: www.investisseurmalin.com
URL: https://www.investisseurmalin.com/ba-auto-slo-vo

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:cc2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.investisseurmalin.com/ba-auto-slo-vo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 01:49:13 GMT
x-content-type-options: nosniff
last-modified: Fri, 05 Nov 2021 13:27:57 GMT
server: cloudflare
etag: "6185315d-2a"
x-frame-options: DENY
content-type: image/gif
cache-control: max-age=7200, public
accept-ranges: bytes
cf-ray: 6a9aa9fe6ac96967-FRA
vary: Accept-Encoding
content-length: 42
expires: Sat, 06 Nov 2021 03:49:13 GMT

GET
H2 200 transparent.gif
www.investisseurmalin.com/cdn-cgi/images/trace/jschal/nojs/ 42 B
101 B 9ms
9ms Image
image/gif 2606:4700::6810:cc2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.investisseurmalin.com/cdn-cgi/images/trace/jschal/nojs/transparent.gif?ray=6a9aa9fe3aa46967

Requested by

Host: www.investisseurmalin.com
URL: https://www.investisseurmalin.com/ba-auto-slo-vo

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:cc2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.investisseurmalin.com/ba-auto-slo-vo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 01:49:13 GMT
x-content-type-options: nosniff
last-modified: Fri, 05 Nov 2021 13:27:57 GMT
server: cloudflare
etag: "6185315d-2a"
x-frame-options: DENY
content-type: image/gif
cache-control: max-age=7200, public
accept-ranges: bytes
cf-ray: 6a9aa9fe6acb6967-FRA
vary: Accept-Encoding
content-length: 42
expires: Sat, 06 Nov 2021 03:49:13 GMT

POST
H2 200 a0322b6cd1febf0 Show response
www.investisseurmalin.com/cdn-cgi/challenge-platform/h/b/flow/ov1/0.11534526810387379:1636160962:afee1a940a0d9423ea2ef4cd10fe830c243e40fbe67f0b4c928aa75dc6057762/6a9aa9fe3aa46967/ 38 KB
25 KB 83ms
82ms XHR
text/plain 2606:4700::6810:cc2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.investisseurmalin.com/cdn-cgi/challenge-platform/h/b/flow/ov1/0.11534526810387379:1636160962:afee1a940a0d9423ea2ef4cd10fe830c243e40fbe67f0b4c928aa75dc6057762/6a9aa9fe3aa46967/a0322b6cd1febf0
Requested by: Host: www.investisseurmalin.com
URL: https://www.investisseurmalin.com/cdn-cgi/challenge-platform/h/b/orchestrate/jsch/v1?ray=6a9aa9fe3aa46967
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:cc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a002234fac152db0f9eb0622766a81c2a9fd6fa69ae8f4b8d05d384a7168c588

Request headers

Referer: https://www.investisseurmalin.com/ba-auto-slo-vo
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
CF-Challenge: a0322b6cd1febf0
Content-type: application/x-www-form-urlencoded

Response headers

date: Sat, 06 Nov 2021 01:49:13 GMT
content-encoding: br
server: cloudflare
cf-ray: 6a9aa9febb506967-FRA
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8

GET
DATA 200
OK truncated
/ 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2a7080a80df968d1d83c2d377393159ee90f09e801aacd1735df42709cf6ffb7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 200 a0322b6cd1febf0 Show response
www.investisseurmalin.com/cdn-cgi/challenge-platform/h/b/flow/ov1/0.11534526810387379:1636160962:afee1a940a0d9423ea2ef4cd10fe830c243e40fbe67f0b4c928aa75dc6057762/6a9aa9fe3aa46967/ 2 KB
2 KB 106ms
106ms XHR
text/plain 2606:4700::6810:cc2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.investisseurmalin.com/cdn-cgi/challenge-platform/h/b/flow/ov1/0.11534526810387379:1636160962:afee1a940a0d9423ea2ef4cd10fe830c243e40fbe67f0b4c928aa75dc6057762/6a9aa9fe3aa46967/a0322b6cd1febf0
Requested by: Host: www.investisseurmalin.com
URL: https://www.investisseurmalin.com/cdn-cgi/challenge-platform/h/b/orchestrate/jsch/v1?ray=6a9aa9fe3aa46967
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:cc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7d918dc6c4c23f5e5a9f5432294855196bdb7c5a2671ff4d71c1110a4eff4fc9

Request headers

Referer: https://www.investisseurmalin.com/ba-auto-slo-vo
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
CF-Challenge: a0322b6cd1febf0
Content-type: application/x-www-form-urlencoded

Response headers

date: Sat, 06 Nov 2021 01:49:14 GMT
content-encoding: br
server: cloudflare
cf_chl_out: Fy0oyFVuB5DOZ7YZspOKFk5+pU1rMj2coAs2zAy/g2szwRVku3TWnohHaoqOeqfT+GXQTWD9plX/8z0gD4b13g==$adfP/oQ21w0uq6j0mvnKdQ==
vary: Accept-Encoding
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: text/plain;charset=UTF-8
cf_chl_out_s: XQ3xxo78D1I6XUxicIJt9cUOMia8b5nJs0SXsneMA+V6gK/wml+uW6UunJiEyDtK9AW/T7ZgbrE857iGl2h98+tom5MPZCoH9XflJXgzfpLWRWk9WCyMuzIu0XLLukNo8Hm4gZAKH01PJKWUJ0EI+HAyFlG3rhGRSXCsRRAxtSw5dQk2a65quzhmJSTAPcwc$ub/FiEoOnouH5LOEojYKHQ==
cf-ray: 6a9aaa047a9e6967-FRA

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.investisseurmalin.com/cdn-cgi/challenge-platform/h/b/flow/ov1/0.11534526810387379:1636160962:afee1a940a0d9423ea2ef4cd10fe830c243e40fbe67f0b4c928aa75dc6057762/6a9aa9fe3aa46967	1969-12-31 23:59:59	Name: cf_chl_seq_a0322b6cd1febf0 Value: e4178409c562bad
.www.investisseurmalin.com/	1970-01-19 22:29:25	Name: __cf_bm Value: n_VnM0krzOeux3vcYP6nJB5DVpMsQfB59ndeirfeIPY-1636163350-0-AUh9AnsmLsDplvOzuzlwQFqaiCuxGOpQVK9zwE3aLwRA8ckG0SXmvx2bUkLdfVSrLS4hce1gvT0OlmaWRYYPEpNZKbrju+GzS4K0cGdUjFq3
www.investisseurmalin.com/	1970-01-19 22:29:26	Name: cf_chl_rc_ni Value: 1
www.investisseurmalin.com/	1970-01-19 22:29:26	Name: cf_chl_prog Value: e

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'interest-cohort'.
network	error	URL: https://www.investisseurmalin.com/ba-auto-slo-vo Message: Failed to load resource: the server responded with a status of 503 ()
deprecation	warning	(Line 4) Message: 'window.webkitStorageInfo' is deprecated. Please use 'navigator.webkitTemporaryStorage' or 'navigator.webkitPersistentStorage' instead.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'interest-cohort'.
network	error	URL: https://www.investisseurmalin.com/ba-auto-slo-vo Message: Failed to load resource: the server responded with a status of 503 ()
deprecation	warning	(Line 4) Message: 'window.webkitStorageInfo' is deprecated. Please use 'navigator.webkitTemporaryStorage' or 'navigator.webkitPersistentStorage' instead.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

go.blackalgo.biz
www.academie3g.com
www.investisseurmalin.com
188.114.81.51
2606:4700::6810:cc2
52.59.165.42
2a7080a80df968d1d83c2d377393159ee90f09e801aacd1735df42709cf6ffb7
2b6cd77fddc877b13112ef97b8cf5fc1b60e9510bfa9d718effe7be6d091b25f
374bdf67fad93f7eb798e88a9e5bebfbe73d30a0eef214ed2c640f9d95449360
507cf78f4b3de359b0732b4035d06392bc49e27d7a061e7e3a34803b593049ac
65dd9ee14c70ae2be7c0a2b2b5bb60552c87ef245a3ba178d937373c1ee3f686
7d918dc6c4c23f5e5a9f5432294855196bdb7c5a2671ff4d71c1110a4eff4fc9
8f5724065db19bf5e130e5b4a07219be982800cc841e565d707a6a6053a740db
a002234fac152db0f9eb0622766a81c2a9fd6fa69ae8f4b8d05d384a7168c588
ac2b295f21a4aa5a94d34c390be7e594dc0c4d93503521d87c43fe8a65922161
aeb05446b9a5070e581c6dede6bbf585e50fa8e892cc352d8089bb763102d9c9
c609febe6499f4d3ca41a5a6266ea0f7f1f5641c8917d26a20261f3c7ae89185
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

www.investisseurmalin.com Open in urlscan Pro 2606:4700::6810:cc2 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

13 Requests

92 %HTTPS

33 %IPv6

3 Domains

3 Subdomains

2 IPs

3 Countries

118 kBTransfer

224 kBSize

4 Cookies

1 Outgoing links

Page URL History

Redirected requests

13 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

4 Cookies

6 Console Messages

Security Headers

Indicators

www.investisseurmalin.com Open in urlscan Pro
2606:4700::6810:cc2 Public Scan

Screenshot
Live screenshot

Full Image

13
Requests

92 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

2
IPs

3
Countries

118 kB
Transfer

224 kB
Size

4
Cookies

13 HTTP transactions
2 data transactions