www.investisseurmalin.com Open in urlscan Pro
2606:4700::6810:fc2 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.academie3g.com/click.html?x=a62e&lc=cgx&mc=c&s=9hVX&u=p&z=OFC7tvY
Effective URL:
https://www.investisseurmalin.com/ba-auto-slo-vo
Submission Tags: falconsandbox
Submission: On May 01 via api (May 1st 2022, 6:11:33 am UTC) from US — Scanned from DE

Summary HTTP 15 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 2 IPs in 3 countries across 3 domains to perform 15 HTTP transactions. The main IP is 2606:4700::6810:fc2, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.investisseurmalin.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 4th 2021. Valid for: a year.

This is the only time www.investisseurmalin.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	188.114.81.51 188.114.81.51	198881 (IMPLIX-PL-AS) (IMPLIX-PL-AS)
1 1	52.59.165.42 52.59.165.42	16509 (AMAZON-02) (AMAZON-02)
13	2606:4700::68... 2606:4700::6810:fc2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
15	2

1 188.114.81.51 (Poland) 1 redirects

ASN198881 (IMPLIX-PL-AS, PL)
PTR: mta-1.academie3g.com

www.academie3g.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.59.165.42 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: eu-ip-1.short.io

go.blackalgo.biz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2606:4700::6810:fc2 (United States)

ASN13335 (CLOUDFLARENET, US)

www.investisseurmalin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	investisseurmalin.com www.investisseurmalin.com	144 KB
1	blackalgo.biz 1 redirects go.blackalgo.biz	423 B
1	academie3g.com 1 redirects www.academie3g.com	893 B
15	3

	Domain	Requested by
13	www.investisseurmalin.com	www.investisseurmalin.com
1	go.blackalgo.biz	1 redirects
1	www.academie3g.com	1 redirects
15	3

This site contains links to these domains. Also see Links.

Domain
www.cloudflare.com

Subject Issuer	Validity	Valid
www.investisseurmalin.com Cloudflare Inc ECC CA-3	`2021-06-04` - `2022-06-03`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://www.investisseurmalin.com/ba-auto-slo-vo
Frame ID: 1FC86ECC8C4CA579A2F0F47434AA3951
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Just a moment...

Page URL History Show full URLs

https://www.academie3g.com/click.html?x=a62e&lc=cgx&mc=c&s=9hVX&u=p&z=OFC7tvY HTTP 302
https://go.blackalgo.biz/3mois HTTP 302
https://www.investisseurmalin.com/ba-auto-slo-vo Page URL
https://www.investisseurmalin.com/ba-auto-slo-vo Page URL

Page Statistics

15
Requests

87 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

2
IPs

3
Countries

144 kB
Transfer

301 kB
Size

4
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.cloudflare.com/5xx-error-landing/
Title: Cloudflare

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.academie3g.com/click.html?x=a62e&lc=cgx&mc=c&s=9hVX&u=p&z=OFC7tvY HTTP 302
https://go.blackalgo.biz/3mois HTTP 302
https://www.investisseurmalin.com/ba-auto-slo-vo Page URL
https://www.investisseurmalin.com/ba-auto-slo-vo Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://www.academie3g.com/click.html?x=a62e&lc=cgx&mc=c&s=9hVX&u=p&z=OFC7tvY HTTP 302
https://go.blackalgo.biz/3mois HTTP 302
https://www.investisseurmalin.com/ba-auto-slo-vo

15 HTTP transactions
-1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

503

ba-auto-slo-vo Show response
www.investisseurmalin.com/
Redirect Chain

https://www.academie3g.com/click.html?x=a62e&lc=cgx&mc=c&s=9hVX&u=p&z=OFC7tvY
https://go.blackalgo.biz/3mois
https://www.investisseurmalin.com/ba-auto-slo-vo

10 KB
11 KB

359ms
22ms

Document
text/html

2606:4700::6810:fc2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.investisseurmalin.com/ba-auto-slo-vo

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:fc2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

775175977fe44db2592247d89a683a6caca16906900686cf8ae79a80b2019554

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 70465c277c520229-ZRH
content-type: text/html; charset=UTF-8
date: Sun, 01 May 2022 06:11:28 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: Thu, 01 Jan 1970 00:00:01 GMT
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN

Redirect headers

Date: Sun, 01 May 2022 06:11:28 GMT
cache-control: no-cache, no-store, max-age=0, must-revalidate
connection: close
content-length: 0
content-type: text/html; charset=utf-8
location: https://www.investisseurmalin.com/ba-auto-slo-vo
pragma: no-cache
x-content-type-options: nosniff
x-powered-by: Short.io link shortener
x-ratelimit-limit: 50
x-ratelimit-remaining: 49
x-ratelimit-reset: 60

GET
H2 200 v1 Show response
www.investisseurmalin.com/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/ 37 KB
14 KB 38ms
37ms Script
application/javascript 2606:4700::6810:fc2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.investisseurmalin.com/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/v1?ray=70465c277c520229
Requested by: Host: www.investisseurmalin.com
URL: https://www.investisseurmalin.com/ba-auto-slo-vo
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:fc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d9e0012a924be9256d9977a8d292eac51ed17c665d1ef5f243aebc9e7d423690

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.investisseurmalin.com/ba-auto-slo-vo?__cf_chl_rt_tk=oXecdTgqiceYaIlBsRYkuU4.TXB5WL0X2TSM4g3JoQg-1651385488-0-gaNycGzNCH0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sun, 01 May 2022 06:11:28 GMT
content-encoding: br
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, must-revalidate
cf-ray: 70465c27fcd10229-ZRH

GET
H2 200 transparent.gif
www.investisseurmalin.com/cdn-cgi/images/trace/jschal/js/ 42 B
220 B 15ms
15ms Image
image/gif 2606:4700::6810:fc2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.investisseurmalin.com/cdn-cgi/images/trace/jschal/js/transparent.gif?ray=70465c277c520229

Requested by

Host: www.investisseurmalin.com
URL: https://www.investisseurmalin.com/ba-auto-slo-vo?__cf_chl_rt_tk=oXecdTgqiceYaIlBsRYkuU4.TXB5WL0X2TSM4g3JoQg-1651385488-0-gaNycGzNCH0

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:fc2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.investisseurmalin.com/ba-auto-slo-vo?__cf_chl_rt_tk=oXecdTgqiceYaIlBsRYkuU4.TXB5WL0X2TSM4g3JoQg-1651385488-0-gaNycGzNCH0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sun, 01 May 2022 06:11:28 GMT
x-content-type-options: nosniff
last-modified: Fri, 29 Apr 2022 13:06:37 GMT
server: cloudflare
etag: "626be2dd-2a"
x-frame-options: DENY
content-type: image/gif
cache-control: max-age=7200, public
accept-ranges: bytes
cf-ray: 70465c27fcd50229-ZRH
vary: Accept-Encoding
content-length: 42
expires: Sun, 01 May 2022 08:11:28 GMT

GET
H2 200 transparent.gif
www.investisseurmalin.com/cdn-cgi/images/trace/jschal/nojs/ 42 B
101 B 15ms
15ms Image
image/gif 2606:4700::6810:fc2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.investisseurmalin.com/cdn-cgi/images/trace/jschal/nojs/transparent.gif?ray=70465c277c520229

Requested by

Host: www.investisseurmalin.com
URL: https://www.investisseurmalin.com/ba-auto-slo-vo?__cf_chl_rt_tk=oXecdTgqiceYaIlBsRYkuU4.TXB5WL0X2TSM4g3JoQg-1651385488-0-gaNycGzNCH0

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:fc2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.investisseurmalin.com/ba-auto-slo-vo?__cf_chl_rt_tk=oXecdTgqiceYaIlBsRYkuU4.TXB5WL0X2TSM4g3JoQg-1651385488-0-gaNycGzNCH0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sun, 01 May 2022 06:11:28 GMT
x-content-type-options: nosniff
last-modified: Fri, 29 Apr 2022 13:06:37 GMT
server: cloudflare
etag: "626be2dd-2a"
x-frame-options: DENY
content-type: image/gif
cache-control: max-age=7200, public
accept-ranges: bytes
cf-ray: 70465c27fcd60229-ZRH
vary: Accept-Encoding
content-length: 42
expires: Sun, 01 May 2022 08:11:28 GMT

POST
H2 200 d490e8aa0bc4849 Show response
www.investisseurmalin.com/cdn-cgi/challenge-platform/h/g/flow/ov1/0.7207141973820319:1651382871:d8ba325d64c00e7c838c2297fb304c4991b35dbb3cd37d8efcf480717dc5ac61/70465c277c520229/ 127 KB
62 KB 74ms
73ms XHR
text/plain 2606:4700::6810:fc2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.investisseurmalin.com/cdn-cgi/challenge-platform/h/g/flow/ov1/0.7207141973820319:1651382871:d8ba325d64c00e7c838c2297fb304c4991b35dbb3cd37d8efcf480717dc5ac61/70465c277c520229/d490e8aa0bc4849
Requested by: Host: www.investisseurmalin.com
URL: https://www.investisseurmalin.com/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/v1?ray=70465c277c520229
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:fc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fb80a8b6f0de470124821c13573de282cf3507fa63df92624f7c52c385f6a6ed

Request headers

Referer: https://www.investisseurmalin.com/ba-auto-slo-vo
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
CF-Challenge: d490e8aa0bc4849
Content-type: application/x-www-form-urlencoded

Response headers

date: Sun, 01 May 2022 06:11:28 GMT
content-encoding: br
cf_chl_gen: aE8BZoEKZR4xyJOwnvTbdXuaQdE54DqCuj9qu5JxVKHzuNqEu7K68wM492TwCPVYLK0YHJNbTlsLhbJJ10zd4dK3wBkTuM+7EsyP1batiTsqH81G17bBU4JeyXk0oOKAOp3nm1OkJkcFDYf+vDlbTgPLPrU8jZWGqfhizjbxvvToEDdNY133L2d78cNCL+VFU4IdycaU/vdCH7PoOSQ0GyykCW0c6XRe5EDXf78XghKS2QB/BGpguLWF2c8ckj7mQxymIpd7MNSuog1H79MPTVlytw/vmv8ZZAPJWh58yp3Fnyx/pMvqIHLOJEoEP6xtFFGb3/z/ONtDX/iAllrhMYQf11HW7NfG9MjocJEHdak=$VXI1CExrx6CvkDC8+v/2fQ==
server: cloudflare
cf-ray: 70465c291e250229-ZRH
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: text/plain; charset=UTF-8

GET
BLOB 200
OK 738a4521-d641-4256-b960-48ccc2d83637
https://www.investisseurmalin.com/ 120 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.investisseurmalin.com/738a4521-d641-4256-b960-48ccc2d83637
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c609febe6499f4d3ca41a5a6266ea0f7f1f5641c8917d26a20261f3c7ae89185

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Length: 120
Content-Type: application/javascript

GET
H2 200 nRPGnN8g_rEb0RY
www.investisseurmalin.com/cdn-cgi/challenge-platform/h/g/img/70465c277c520229/1651385488831/ 61 B
143 B 22ms
21ms Image
image/png 2606:4700::6810:fc2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.investisseurmalin.com/cdn-cgi/challenge-platform/h/g/img/70465c277c520229/1651385488831/nRPGnN8g_rEb0RY
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:fc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d0e83b1675b9ed9dd538c58a3dc76658001d04ad4fb743f696ce9087d8a8e3e0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.investisseurmalin.com/ba-auto-slo-vo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sun, 01 May 2022 06:11:29 GMT
server: cloudflare
cf-ray: 70465c2ecccc0229-ZRH
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png

POST
H2 200 d490e8aa0bc4849 Show response
www.investisseurmalin.com/cdn-cgi/challenge-platform/h/g/flow/ov1/0.7207141973820319:1651382871:d8ba325d64c00e7c838c2297fb304c4991b35dbb3cd37d8efcf480717dc5ac61/70465c277c520229/ 72 KB
28 KB 68ms
68ms XHR
text/plain 2606:4700::6810:fc2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.investisseurmalin.com/cdn-cgi/challenge-platform/h/g/flow/ov1/0.7207141973820319:1651382871:d8ba325d64c00e7c838c2297fb304c4991b35dbb3cd37d8efcf480717dc5ac61/70465c277c520229/d490e8aa0bc4849
Requested by: Host: www.investisseurmalin.com
URL: https://www.investisseurmalin.com/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/v1?ray=70465c277c520229
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:fc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 92380f143c99431d12205dc8eeba4aedefae023849fa7823553373ef8df278d4

Request headers

Referer: https://www.investisseurmalin.com/ba-auto-slo-vo
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
CF-Challenge: d490e8aa0bc4849
Content-type: application/x-www-form-urlencoded

Response headers

date: Sun, 01 May 2022 06:11:29 GMT
content-encoding: br
cf_chl_gen: c4gveKL6YIQjHKOq9mzmPBKM3nvQu+tILhIma8xDMcI9/sralfxMuiHBCPA10bdnGTp9OvBY8WSYrl2glY5pmFztttZeZCux6iFyS7VbA/o57gTU5qvtbJZWQ/rWIYasGG36mUuJsxfu/R1S/DIjKlYLsCbiUc0fGrZNJrywZ+AAzETS/ZtWY8oo4yKLXaJEFlemt5Pg5KGGxlYvyXiYwjwf57kKewMMPxzGQKFsN5w=$qBfpDBwV4vVdcyy3NDczjQ==
server: cloudflare
cf-ray: 70465c2fade30229-ZRH
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: text/plain; charset=UTF-8

GET
H2 200 V7VWnntEXF5YcbE
www.investisseurmalin.com/cdn-cgi/challenge-platform/h/g/img/70465c277c520229/1651385489900/ 61 B
135 B 29ms
28ms Image
image/png 2606:4700::6810:fc2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.investisseurmalin.com/cdn-cgi/challenge-platform/h/g/img/70465c277c520229/1651385489900/V7VWnntEXF5YcbE
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:fc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ac087b70fc2f090e5cfae1fbbf69a6d49852d784260a092b6ed24a4eaeac9956

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.investisseurmalin.com/ba-auto-slo-vo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sun, 01 May 2022 06:11:30 GMT
server: cloudflare
cf-ray: 70465c351c000229-ZRH
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png

POST
H2 200 d490e8aa0bc4849 Show response
www.investisseurmalin.com/cdn-cgi/challenge-platform/h/g/flow/ov1/0.7207141973820319:1651382871:d8ba325d64c00e7c838c2297fb304c4991b35dbb3cd37d8efcf480717dc5ac61/70465c277c520229/ 1 KB
2 KB 65ms
65ms XHR
text/html 2606:4700::6810:fc2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.investisseurmalin.com/cdn-cgi/challenge-platform/h/g/flow/ov1/0.7207141973820319:1651382871:d8ba325d64c00e7c838c2297fb304c4991b35dbb3cd37d8efcf480717dc5ac61/70465c277c520229/d490e8aa0bc4849
Requested by: Host: www.investisseurmalin.com
URL: https://www.investisseurmalin.com/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/v1?ray=70465c277c520229
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:fc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: df8cb5ee005e7d94f0d14294f9c9161dff1977e0b0f74188cec39f23b1f10bfa

Request headers

Referer: https://www.investisseurmalin.com/ba-auto-slo-vo
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
CF-Challenge: d490e8aa0bc4849
Content-type: application/x-www-form-urlencoded

Response headers

date: Sun, 01 May 2022 06:11:30 GMT
content-encoding: br
server: cloudflare
cf_chl_out: KeTjz5rHx0hzZ/Dy7+qpnfIQnY3vKRwrRMsDJBS+CQDCRauSxdp04/j29jE1D9CYvkOgqHHN2EOIGLmZvEGK6g==$GiyO6f5ubtBezgidAK6xbg==
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: text/html; charset=UTF-8
cf_chl_out_s: tQnb0aflKUA1JVag1KC6Aw0QEFMGYoqfJ08uYzOzKHX0vOnCfGmLzSHiNCuNMqSDYvYfIvGkszQHCJiuLxNXI6YY2OIwdn3MbVoDocwDVfnAnlsbEjHm23WWwJXp62uDaum5fQosZjgTYsQr5YZ5RCmfdVMqmM4WnOgcU9vjqeohmUOsT5XKOLHmXWNvEyVaSPCABFaEXoSSNPzgrOn0C+6M7y8XK9QQjdZ6zgUzJ7TG6VP4R8qTn8NPB8kpyit0jdRKQyHMKcQsXzr9JsM8daSXvhpneDvVPreubGM/Z8auuD1wCgzGD6fUMNEPfYmYlQNEgxwmhAdsO7jmuqyyLv+33LvbUtC1Xo9+55UVsIt0CJHXBX8nMSZnDsNfBW8B+DA7geIM6wE83ai2c9IpaI4nrnWGFPwL4xlK2QD7NFJleILwmr9ZG2xx4VvF/qnbgCLsTj74oAdGQhGA322WB9YH248B+RQmqT8YgTjHI0k5r7Lr7rw6C+M4XTZ5H+e5xpKsoouWosE/SrnGdbIa3oDnmwPmBtYpqF4xBvmjQG1lKq8wv3yUSuOLnKpjpmtIu6779TYYxsSPztSIdMkIpbsphBiiVm4TnlqitgJYV3TnuIyw2UScldYDc8Spc4TQK/hyW3cXrr2iDQTNEhVY2//sEmrHL4BW0t7Z+zBn/AxziunTfJ6/Bb0vmWCkS+vyYMlt29fpiYg2AynClSdt0cWZ7HnFiEb3nlE66pyfp7uGz61OtBOQWZCz8fEHnJ/0a17RUfXxYDm+TlEv/xQcMQ==$oI9iSiPu1UAj+0ZeAvJOAw==
cf-ray: 70465c35ece50229-ZRH

GET
H2 503 Primary Request ba-auto-slo-vo Show response
www.investisseurmalin.com/ 10 KB
11 KB 24ms
24ms Document
text/html 2606:4700::6810:fc2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.investisseurmalin.com/ba-auto-slo-vo

Requested by

Host: www.investisseurmalin.com
URL: https://www.investisseurmalin.com/ba-auto-slo-vo

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:fc2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

867361be8d9fb70b0b652aa67baa855908471d90d8482dc7397d78e17ed65a57

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.investisseurmalin.com/ba-auto-slo-vo
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 70465c42ead50229-ZRH
content-type: text/html; charset=UTF-8
date: Sun, 01 May 2022 06:11:32 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: Thu, 01 Jan 1970 00:00:01 GMT
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN

GET
H2 200 v1 Show response
www.investisseurmalin.com/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/ 43 KB
16 KB 40ms
39ms Script
application/javascript 2606:4700::6810:fc2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.investisseurmalin.com/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/v1?ray=70465c42ead50229
Requested by: Host: www.investisseurmalin.com
URL: https://www.investisseurmalin.com/ba-auto-slo-vo
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:fc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e01b0d49e1753b522a4fdd3ba76bf56a711ca1997e1833a6823dee232efca88f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.investisseurmalin.com/ba-auto-slo-vo?__cf_chl_rt_tk=ffQ_yOzeCGr6jmYtEQ7wZKuu5Ty_nThry6gQGSAv6Zg-1651385492-0-gaNycGzNB-U
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sun, 01 May 2022 06:11:33 GMT
content-encoding: br
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, must-revalidate
cf-ray: 70465c432b030229-ZRH

GET
H2 200 transparent.gif
www.investisseurmalin.com/cdn-cgi/images/trace/jschal/js/ 42 B
101 B 22ms
22ms Image
image/gif 2606:4700::6810:fc2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.investisseurmalin.com/cdn-cgi/images/trace/jschal/js/transparent.gif?ray=70465c42ead50229

Requested by

Host: www.investisseurmalin.com
URL: https://www.investisseurmalin.com/ba-auto-slo-vo?__cf_chl_rt_tk=ffQ_yOzeCGr6jmYtEQ7wZKuu5Ty_nThry6gQGSAv6Zg-1651385492-0-gaNycGzNB-U

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:fc2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.investisseurmalin.com/ba-auto-slo-vo?__cf_chl_rt_tk=ffQ_yOzeCGr6jmYtEQ7wZKuu5Ty_nThry6gQGSAv6Zg-1651385492-0-gaNycGzNB-U
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sun, 01 May 2022 06:11:32 GMT
x-content-type-options: nosniff
last-modified: Fri, 29 Apr 2022 13:06:37 GMT
server: cloudflare
etag: "626be2dd-2a"
x-frame-options: DENY
content-type: image/gif
cache-control: max-age=7200, public
accept-ranges: bytes
cf-ray: 70465c432b040229-ZRH
vary: Accept-Encoding
content-length: 42
expires: Sun, 01 May 2022 08:11:32 GMT

GET
H2 200 transparent.gif
www.investisseurmalin.com/cdn-cgi/images/trace/jschal/nojs/ 42 B
220 B 13ms
12ms Image
image/gif 2606:4700::6810:fc2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.investisseurmalin.com/cdn-cgi/images/trace/jschal/nojs/transparent.gif?ray=70465c42ead50229

Requested by

Host: www.investisseurmalin.com
URL: https://www.investisseurmalin.com/ba-auto-slo-vo?__cf_chl_rt_tk=ffQ_yOzeCGr6jmYtEQ7wZKuu5Ty_nThry6gQGSAv6Zg-1651385492-0-gaNycGzNB-U

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:fc2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.investisseurmalin.com/ba-auto-slo-vo?__cf_chl_rt_tk=ffQ_yOzeCGr6jmYtEQ7wZKuu5Ty_nThry6gQGSAv6Zg-1651385492-0-gaNycGzNB-U
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sun, 01 May 2022 06:11:32 GMT
x-content-type-options: nosniff
last-modified: Fri, 29 Apr 2022 13:06:37 GMT
server: cloudflare
etag: "626be2dd-2a"
x-frame-options: DENY
content-type: image/gif
cache-control: max-age=7200, public
accept-ranges: bytes
cf-ray: 70465c432b060229-ZRH
vary: Accept-Encoding
content-length: 42
expires: Sun, 01 May 2022 08:11:32 GMT

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.academie3g.com/	1969-12-31 23:59:59	Name: dtCookie Value: v_4_srv_2_sn_9773BC648CEDDAF83685B68F9EA9A69E_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_0_rcs-3Acss_0
.www.investisseurmalin.com/	1970-01-20 02:43:07	Name: __cf_bm Value: Z8HKXPRFe2yg.LWzsLByMjkT54rpxBXEXMiUCeUr5D8-1651385488-0-AWhf2EWn8HLAl0/aMG3hUJNXHJxjwMseXZlq6GCnVXRjR+jy9zsqcqidaiHCCDvL3q5cfgrOnKoPWZLdLqykyziPL2l6IONuCpRpc3Z/2C6E
www.investisseurmalin.com/	1970-01-20 02:43:09	Name: cf_chl_prog Value: F19
www.investisseurmalin.com/	1970-01-20 02:43:09	Name: cf_chl_rc_ni Value: 1

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network	error	URL: https://www.investisseurmalin.com/ba-auto-slo-vo Message: Failed to load resource: the server responded with a status of 503 ()
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network	error	URL: https://www.investisseurmalin.com/ba-auto-slo-vo Message: Failed to load resource: the server responded with a status of 503 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

go.blackalgo.biz
www.academie3g.com
www.investisseurmalin.com
188.114.81.51
2606:4700::6810:fc2
52.59.165.42
775175977fe44db2592247d89a683a6caca16906900686cf8ae79a80b2019554
867361be8d9fb70b0b652aa67baa855908471d90d8482dc7397d78e17ed65a57
92380f143c99431d12205dc8eeba4aedefae023849fa7823553373ef8df278d4
ac087b70fc2f090e5cfae1fbbf69a6d49852d784260a092b6ed24a4eaeac9956
c609febe6499f4d3ca41a5a6266ea0f7f1f5641c8917d26a20261f3c7ae89185
d0e83b1675b9ed9dd538c58a3dc76658001d04ad4fb743f696ce9087d8a8e3e0
d9e0012a924be9256d9977a8d292eac51ed17c665d1ef5f243aebc9e7d423690
df8cb5ee005e7d94f0d14294f9c9161dff1977e0b0f74188cec39f23b1f10bfa
e01b0d49e1753b522a4fdd3ba76bf56a711ca1997e1833a6823dee232efca88f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fb80a8b6f0de470124821c13573de282cf3507fa63df92624f7c52c385f6a6ed

www.investisseurmalin.com Open in urlscan Pro 2606:4700::6810:fc2 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

15 Requests

87 %HTTPS

33 %IPv6

3 Domains

3 Subdomains

2 IPs

3 Countries

144 kBTransfer

301 kBSize

4 Cookies

1 Outgoing links

Page URL History

Redirected requests

15 HTTP transactions Everything HTML Script AJAX CSS Image Expand all -1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

4 Cookies

4 Console Messages

Security Headers

Indicators

www.investisseurmalin.com Open in urlscan Pro
2606:4700::6810:fc2 Public Scan

Screenshot
Live screenshot

Full Image

15
Requests

87 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

2
IPs

3
Countries

144 kB
Transfer

301 kB
Size

4
Cookies

15 HTTP transactions
-1 data transactions