safeheavenbtc.com
Open in
urlscan Pro
185.61.154.55
Malicious Activity!
Public Scan
Submitted URL: https://www.316track.com/rd/r.php?sid=396&pub=650355&c1=0617A
Effective URL: https://safeheavenbtc.com/jort-kelder/?ci=71&ai=2958268&gi=56&MPC_1=83a06af6-b231-11ea-8621-7ca7a37ecb4e&MPC_2=&so=https:/...
Submission: On June 19 via manual from US
Effective URL: https://safeheavenbtc.com/jort-kelder/?ci=71&ai=2958268&gi=56&MPC_1=83a06af6-b231-11ea-8621-7ca7a37ecb4e&MPC_2=&so=https:/...
Submission: On June 19 via manual from US
Summary
This website contacted 5 IPs
in 3 countries
across 6 domains to perform 52 HTTP transactions.
The main IP is 185.61.154.55, located in
United Kingdom and
belongs to NAMECHEAP-NET, US.
The main domain is safeheavenbtc.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on March 22nd 2020. Valid for: a year.
This is the only time safeheavenbtc.com was scanned on urlscan.io!
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on March 22nd 2020. Valid for: a year.
This is the only time safeheavenbtc.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Investment Scam (Online) Lion's Den Scam (Online)Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 1 1 | 45.79.107.58 45.79.107.58 | 63949 (LINODE-AP...) (LINODE-AP Linode) | |
| 1 1 | 157.52.193.101 157.52.193.101 | 46573 (LAYER-HOST) (LAYER-HOST) | |
| 1 2 | 179.61.143.108 179.61.143.108 | 61317 (ASDETUK h...) (ASDETUK http://www.heficed.com) | |
| 1 50 | 185.61.154.55 185.61.154.55 | 22612 (NAMECHEAP...) (NAMECHEAP-NET) | |
| 1 | 2606:4700:20:... 2606:4700:20::ac43:4824 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
| 1 | 2606:4700:303... 2606:4700:3031::681f:449e | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
| 52 | 5 |
1
45.79.107.58
(Fremont, United States)
ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li1206-58.members.linode.com
ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li1206-58.members.linode.com
| www.316track.com |
1
157.52.193.101
(Los Angeles, United States)
ASN46573 (LAYER-HOST, US)
PTR: a101.designerforumail.com
ASN46573 (LAYER-HOST, US)
PTR: a101.designerforumail.com
| 6w1.quickagilessl.com |
2
179.61.143.108
(Vienna, Austria)
ASN61317 (ASDETUK http://www.heficed.com, GB)
ASN61317 (ASDETUK http://www.heficed.com, GB)
| ucx0zs.22mww14dcu.top |
50
185.61.154.55
(United Kingdom)
ASN22612 (NAMECHEAP-NET, US)
PTR: premium61-4.web-hosting.com
ASN22612 (NAMECHEAP-NET, US)
PTR: premium61-4.web-hosting.com
| safeheavenbtc.com |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 50 |
safeheavenbtc.com
1 redirects
safeheavenbtc.com |
2 MB |
| 2 |
22mww14dcu.top
1 redirects
ucx0zs.22mww14dcu.top |
13 KB |
| 1 |
best-traffic.club
platform.best-traffic.club |
1 KB |
| 1 |
trackbox.guru
cdn.trackbox.guru |
62 KB |
| 1 |
quickagilessl.com
1 redirects
6w1.quickagilessl.com |
491 B |
| 1 |
316track.com
1 redirects
www.316track.com |
372 B |
| 52 | 6 |
| Domain | Requested by | |
|---|---|---|
| 50 | safeheavenbtc.com |
1 redirects
ucx0zs.22mww14dcu.top
safeheavenbtc.com |
| 2 | ucx0zs.22mww14dcu.top | 1 redirects |
| 1 | platform.best-traffic.club |
safeheavenbtc.com
|
| 1 | cdn.trackbox.guru |
safeheavenbtc.com
|
| 1 | 6w1.quickagilessl.com | 1 redirects |
| 1 | www.316track.com | 1 redirects |
| 52 | 6 |
This site contains no links.
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| 22mww14dcu.top Let's Encrypt Authority X3 |
2020-06-09 - 2020-09-07 |
3 months | crt.sh |
| safeheavenbtc.com Sectigo RSA Domain Validation Secure Server CA |
2020-03-22 - 2021-03-22 |
a year | crt.sh |
| sni.cloudflaressl.com CloudFlare Inc ECC CA-2 |
2019-12-11 - 2020-10-09 |
10 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://safeheavenbtc.com/jort-kelder/?ci=71&ai=2958268&gi=56&MPC_1=83a06af6-b231-11ea-8621-7ca7a37ecb4e&MPC_2=&so=https://topconversion.club/nl/btc-revolution&s2s2=83a06af6-b231-11ea-8621-7ca7a37ecb4e
Frame ID: B96B9B34CF62ABF5D9E39E01EE77F993
Requests: 60 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
https://www.316track.com/rd/r.php?sid=396&pub=650355&c1=0617A
HTTP 302
https://6w1.quickagilessl.com/?s1=650355&s2=289640738&s3=8 HTTP 302
https://ucx0zs.22mww14dcu.top/?sov=15704ff106c&hid=gwwmiwiwkimqigiw&s1=650355&s2=289640738&s3=8&cntrl=0000... Page URL
-
https://ucx0zs.22mww14dcu.top/ROI1255advertorialNL.html?sov=15704ff106c&s1=650355&s2=289640738&s3=8&cntrl=...
HTTP 302
https://safeheavenbtc.com/jort-kelder?ci=71&ai=2958268&gi=56&MPC_1=83a06af6-b231-11ea-8621-7ca7a37ecb4... HTTP 301
https://safeheavenbtc.com/jort-kelder/?ci=71&ai=2958268&gi=56&MPC_1=83a06af6-b231-11ea-8621-7ca7a37ecb... Page URL
Detected technologies
PHP
(Programming Languages)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- url /\.php(?:$|\?)/i
Bootstrap
(Web Frameworks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
Font Awesome
(Font Scripts)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i
jQuery
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://www.316track.com/rd/r.php?sid=396&pub=650355&c1=0617A
HTTP 302
https://6w1.quickagilessl.com/?s1=650355&s2=289640738&s3=8 HTTP 302
https://ucx0zs.22mww14dcu.top/?sov=15704ff106c&hid=gwwmiwiwkimqigiw&s1=650355&s2=289640738&s3=8&cntrl=00000&pid=22624&redid=85287&gsid=488&campaign_id=1228&p_id=22624&id=XNSX.-r85287-t488&impid=833edd36-b231-11ea-8c0f-cae258990218 Page URL
-
https://ucx0zs.22mww14dcu.top/ROI1255advertorialNL.html?sov=15704ff106c&s1=650355&s2=289640738&s3=8&cntrl=00000&pid=22624&redid=85287&gsid=488&campaign_id=1228&p_id=22624&id=XNSX.-r85287-t488&impid=833edd36-b231-11ea-8c0f-cae258990218&tov=685863
HTTP 302
https://safeheavenbtc.com/jort-kelder?ci=71&ai=2958268&gi=56&MPC_1=83a06af6-b231-11ea-8621-7ca7a37ecb4e&MPC_2=&so=https://topconversion.club/nl/btc-revolution&s2s2=83a06af6-b231-11ea-8621-7ca7a37ecb4e HTTP 301
https://safeheavenbtc.com/jort-kelder/?ci=71&ai=2958268&gi=56&MPC_1=83a06af6-b231-11ea-8621-7ca7a37ecb4e&MPC_2=&so=https://topconversion.club/nl/btc-revolution&s2s2=83a06af6-b231-11ea-8621-7ca7a37ecb4e Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- https://www.316track.com/rd/r.php?sid=396&pub=650355&c1=0617A HTTP 302
- https://6w1.quickagilessl.com/?s1=650355&s2=289640738&s3=8 HTTP 302
- https://ucx0zs.22mww14dcu.top/?sov=15704ff106c&hid=gwwmiwiwkimqigiw&s1=650355&s2=289640738&s3=8&cntrl=00000&pid=22624&redid=85287&gsid=488&campaign_id=1228&p_id=22624&id=XNSX.-r85287-t488&impid=833edd36-b231-11ea-8c0f-cae258990218
52 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H/1.1 |
 Cookie set
/
ucx0zs.22mww14dcu.top/ Redirect Chain
|
2 KB 10 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Primary Request
/
safeheavenbtc.com/jort-kelder/ Redirect Chain
|
102 KB 15 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery.min.js
safeheavenbtc.com/jort-kelder/ |
85 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
bootstrap.css
safeheavenbtc.com/jort-kelder/ |
148 KB 21 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
font-awesome.css
safeheavenbtc.com/jort-kelder/ |
17 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
style.css
safeheavenbtc.com/jort-kelder/ |
8 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
trackbot-roikingdom-special.js
cdn.trackbox.guru/ |
197 KB 62 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
NOS.png
safeheavenbtc.com/jort-kelder/ |
20 KB 20 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
as-seen-on-image-NL.png
safeheavenbtc.com/jort-kelder/ |
68 KB 68 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Duncan1.jpg
safeheavenbtc.com/jort-kelder/ |
534 KB 534 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Duncan2.jpg
safeheavenbtc.com/jort-kelder/ |
288 KB 288 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Duncan3.jpg
safeheavenbtc.com/jort-kelder/ |
132 KB 133 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
muskbranson.jpg
safeheavenbtc.com/jort-kelder/ |
160 KB 160 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
dreamcar.jpg
safeheavenbtc.com/jort-kelder/ |
160 KB 160 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
tisdale.jpg
safeheavenbtc.com/jort-kelder/ |
271 KB 271 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
check.jpg
safeheavenbtc.com/jort-kelder/ |
115 KB 115 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
checkmark.png
safeheavenbtc.com/jort-kelder/ |
341 B 453 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
step1-NL.jpg
safeheavenbtc.com/jort-kelder/ |
121 KB 121 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
bittrader-step2.png
safeheavenbtc.com/jort-kelder/ |
70 KB 70 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
bittrader-step3.png
safeheavenbtc.com/jort-kelder/ |
19 KB 19 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
files_au-f-1.jpg
safeheavenbtc.com/jort-kelder/ |
2 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
files_au-f-2.jpg
safeheavenbtc.com/jort-kelder/ |
2 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
files_au-f-3.jpg
safeheavenbtc.com/jort-kelder/ |
2 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
files_au-f-4.jpg
safeheavenbtc.com/jort-kelder/ |
2 KB 3 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
files_earnings.gif
safeheavenbtc.com/jort-kelder/ |
10 KB 11 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
files_au-f-5.jpg
safeheavenbtc.com/jort-kelder/ |
2 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
files_au-m-1.jpg
safeheavenbtc.com/jort-kelder/ |
2 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
files_au-m-2.jpg
safeheavenbtc.com/jort-kelder/ |
2 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
files_au-f-6.jpg
safeheavenbtc.com/jort-kelder/ |
2 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
files_au-f-7.jpg
safeheavenbtc.com/jort-kelder/ |
2 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
files_au-f-9.jpg
safeheavenbtc.com/jort-kelder/ |
2 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
files_4.jpg
safeheavenbtc.com/jort-kelder/ |
2 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
files_3.jpg
safeheavenbtc.com/jort-kelder/ |
2 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
files_car-comment.jpg
safeheavenbtc.com/jort-kelder/ |
8 KB 8 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
files_187364_20501998_2048679844_q.jpg
safeheavenbtc.com/jort-kelder/ |
2 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
files_273549_7706291_1106946751_q.jpg
safeheavenbtc.com/jort-kelder/ |
2 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
files_370345_7008369_2025512953_q.jpg
safeheavenbtc.com/jort-kelder/ |
2 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
files_371925_1426200070_1825128294_q.jpg
safeheavenbtc.com/jort-kelder/ |
2 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
files_275712_1815883270_368899092_q.jpg
safeheavenbtc.com/jort-kelder/ |
2 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
files_371788_39603151_990746142_q.jpg
safeheavenbtc.com/jort-kelder/ |
2 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
side1.png
safeheavenbtc.com/jort-kelder/ |
34 KB 34 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
side2.png
safeheavenbtc.com/jort-kelder/ |
34 KB 34 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
side3.png
safeheavenbtc.com/jort-kelder/ |
38 KB 38 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
side4.png
safeheavenbtc.com/jort-kelder/ |
25 KB 25 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
side5.png
safeheavenbtc.com/jort-kelder/ |
37 KB 37 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
side6.png
safeheavenbtc.com/jort-kelder/ |
34 KB 34 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
side7.png
safeheavenbtc.com/jort-kelder/ |
30 KB 31 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
bitcointrader-side-step1.png
safeheavenbtc.com/jort-kelder/ |
41 KB 41 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
bitcointrader-side-step2.png
safeheavenbtc.com/jort-kelder/ |
71 KB 71 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
bitcointrader-side-step3.png
safeheavenbtc.com/jort-kelder/ |
22 KB 22 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
2 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
715 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
178 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
243 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
381 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
everydayprofit_euro.mp4
safeheavenbtc.com/jort-kelder/ |
40 KB 40 KB |
Media
video/mp4 |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
547 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
552 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
352 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
Poolbox
platform.best-traffic.club/forms/ |
92 B 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Investment Scam (Online) Lion's Den Scam (Online)20 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate function| $ function| jQuery object| gvars object| core object| __core-js_shared__ object| global object| System function| asap function| Observable function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill object| dayNames object| monthNames object| now number| dayOfTheWeek string| url0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
6w1.quickagilessl.com
cdn.trackbox.guru
platform.best-traffic.club
safeheavenbtc.com
ucx0zs.22mww14dcu.top
www.316track.com
157.52.193.101
179.61.143.108
185.61.154.55
2606:4700:20::ac43:4824
2606:4700:3031::681f:449e
45.79.107.58
03a65e2d7fc5ca74c9c9a6c8f6691ac0790fcc36c3c1d95b14f7cd5c3e45ff50
04e953f0ee53304b86f0e58680127bd0810c9b63f660f59566184481dd72b571
0761efb5a453f0539f4c8d09888b7d6f5162766f5709a07fd7038aeb9adbd5c0
12ea67b3ad26763667dcba49477be6ebe3cfdf0ce50469283f136df026a80e75
155098aa15e39595339fd0536ffacdd2741a92ef0b4a5925fbbd36053d1147b5
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
1b7e0a2736aeb5f656f8b9cc2fda4b3eb2ea212d2f344dae9b7792136c9c5562
1f52fc1cfd28c8d9189924b128c05950fe0ff193070596ddfd2aa888c207af54
1fce13b9be8c2fd67007038bae6887e0c8c3bf9c5aabcfe22a0e892ef2725a75
2005d776f440c8bdf4895de6efe8eb86d8ffb9a25eb9ebeb35fde4545c2e305f
253573f46997713506a72b404386fb532fd220fd3e1b7c76950a798f2325b20b
27136be39109fe6e068dae618e286dfd3f6c7dae2b18417b79815bcf1e290d57
3dde975bef15653e64134deee5e1dd5220720f5ecb8fc26adc38f63b6cb57226
3ee0806e69f2ae70a2267a58ac5fc5d52b5aa7aca6f3c0c08adad605fd8fbc16
42de3c15f2f76bfcb849b10b509e06643c2ba6e4272c6d51c517f4dd6be937ab
44415f8c6602dfa29db63ec63370893a35033e08cb49eb805593a24d092f91c9
494a3efdafd5407a5a88d922f5a4a72d71ac2f3ad8f3f9fe607f8cf89314dfa1
4f6e50be254a165b58e3b70fc1fd50a59f48d1ca19456ae5a0416dcf9ed538ab
50b0010a63d5ede70e4e7c8e005892248e19117182e7634f89c956bbc23ac69b
54e408290bafacaad2eaf0b17ec04ecf29ae7333a69784730a1af7d749b3c4a9
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd
5adbed9d75481c04641b70a78519079b1aa08150757ee14f7c84327356e73b1f
5b6db2d4eb75d626812cc91b4f6ec9a94b2545dccaeb06beba062c66499bf1c9
5f3592a8b8037ea064764a2815799612063c6722d314d1d66d3a9391c3c16d66
61e6f86f82b85099b0dbcfb2d8b206dd35c2610d568e4bd35e799a503e695fd2
62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945
63271dcce1a2518271ecc2b0bdcc5afc9c5f0968a8635e0f97a4c9747309eb82
6555ce4eb5a9e1790d41a4faefda8707d57e07cf6622a01dcbb66165ad46d4cc
6945a3e9a1904fe2dedffa67fc7ae76bcc59b46b115bb9229d7f185b6b7afecb
6b014ca073b26a0961f3715afc118519c210a6cbb93c6540b75a8793924de4f6
73a33c88d90558bd4c9511c099f782b87af2faae53a36e9cbcae5fdedf277e21
74e6c7fc462cdd9b8a6876368c1aafe1830a75af5bfa86329ee3ccafa8319214
7ade842b1b59aafbac7004493efc3ea1520f2a4b4b2ef58926d1206fdf36d756
864a1b27b5346463852a3ea830625a6fe89b2c21e758c8f31e62214241e54065
86bd3ab98e6ba47772e58504e8f17820c1c01078b6f1aabaeb4127dcd07e1504
934f328030a8568f6f28c9183844503ca265ee1fc54b90a2d50b3d3e6fd76641
98bd4ba2651157e24c6c02f405e4c808b1555b113917c6a694fdcb0b35fd0cfe
9d02d662da8a47fb5fb610b545007507b6017028043dbb63cd09ec897d3b9627
9d2d8043c302d3a9da9277374a53e2285c471d5dc8397885b4931b82771d5cae
a3525ffd53596d03588ff1bceb57b5571395e10dae94c39a9cb1db4dcaf3d31b
a59423edef0f80aa6d1fa384c9dfe529de68c98e12018848d64e11831db8b13e
aa4e81d3622c8aaf55a1ea056d61b2a95cc7ef3026a2f8e146b615f26b4db19a
b8ff47c69f9495e6ea65471b668c7d0145a9b2122aa780087cd59ca4ef8644b5
c6565e0a5c5d1a1f53b973d242011d32a82dfc4f6fc34149557adc66e1c439db
c8a1916b926cd4b7d835be3541eae14be4fdf839357e701bd1e104378975e59e
d40b6ddebc5934e7075616be81b1c10e011590cc0210766773d87d8d329d0ac3
db19a1a8adab47798a3c8f18a2c69e134199e839882aadb363fc5705011b5a1a
df610ef617b5fb01d2cfccc47752e96e3b30669a7712b4fa2d2bbb3500a61e0b
df8633cb66d117686a19391925af8c42488c7fa4e60d65dbc36774d5d0425b22
e47374400288a7be95bdafe93df012387839c6ce349053c88a905f4e4b9a5158
e52805b60765c4c1729e510d1725b377586f4fc7e682f01bfd7f74189800556b
e559b7a5f5f7cdfbcf56f26a90d8e7db2013dd4b2778d378eeabac546f43695f
e5f99941f717ee56ec795c58e4c73d8f72d15494deb92d94894e2f0ea0f47b7e
e8534f5335522037c03fe544db314033fe5f05d847c5356b8ebe7f3f79beb6f5
e9d04e4fbd1f7c6a052cccf0588ed2c6ea41af104c59c70baaa10d8e0f5715a8
e9d82b380a6386f492a11fe3641b286efea44b485ff1f39db0a6990da0f0bd81
eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366
f0bcf3e7e302eec1112dd96aeb91bd8d28a2924698cb6637198b12d8d9bd5d40
f6ea097d50938f2d6067e83e7d8da04d3e7493576ae9bdfd92281fc7a7bc9765
fc6eb089d47eb8644370bb833b7752e850e08d770396fc17255e395e5105b776