bitcoin-news.biz Open in urlscan Pro
88.198.137.131  Malicious Activity! Public Scan

Submitted URL: http://www.catonegroup.com/
Effective URL: https://bitcoin-news.biz/landers/de-m-015e8e7fadd1d74/index.html?lpkey=157890c66574072f70&uclick=irb7hexs&uclickhash=irb7...
Submission: On May 28 via api from US

Summary

This website contacted 2 IPs in 3 countries across 4 domains to perform 16 HTTP transactions. The main IP is 88.198.137.131, located in Germany and belongs to HETZNER-AS, DE. The main domain is bitcoin-news.biz.
TLS certificate: Issued by Let's Encrypt Authority X3 on May 16th 2020. Valid for: 3 months.
This is the only time bitcoin-news.biz was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Lion's Den Scam (Online)

Domain & IP information

IP Address AS Autonomous System
1 1 46.166.182.110 43350 (NFORCE)
2 18.235.158.66 14618 (AMAZON-AES)
1 15 88.198.137.131 24940 (HETZNER-AS)
16 2
Apex Domain
Subdomains
Transfer
14 bitcoin-news.biz
bitcoin-news.biz
685 KB
2 rustina-ber.com
usd.rustina-ber.com
3 KB
1 host893.com
go.host893.com
424 B
1 catonegroup.com
www.catonegroup.com
454 B
16 4
Domain Requested by
14 bitcoin-news.biz usd.rustina-ber.com
bitcoin-news.biz
2 usd.rustina-ber.com usd.rustina-ber.com
1 go.host893.com 1 redirects
1 www.catonegroup.com 1 redirects
16 4

This site contains links to these domains. Also see Links.

Domain
go.host893.com
Subject Issuer Validity Valid
bitcoin-news.biz
Let's Encrypt Authority X3
2020-05-16 -
2020-08-14
3 months crt.sh

This page contains 1 frames:

Primary Page: https://bitcoin-news.biz/landers/de-m-015e8e7fadd1d74/index.html?lpkey=157890c66574072f70&uclick=irb7hexs&uclickhash=irb7hexs-irb7hexs-tl-17bl-46fe-fnfn-fnxs-454b12
Frame ID: 1706CD295F8E5DEFA207A4761DD924B6
Requests: 16 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://www.catonegroup.com/ HTTP 302
    http://usd.rustina-ber.com/zcvisitor/cde4de6c-a0b3-11ea-8ef7-1229d7649657?campaignid=4562f1b0-82e7-11ea... Page URL
  2. http://usd.rustina-ber.com/zcredirect?visitid=cde4de6c-a0b3-11ea-8ef7-1229d7649657&type=js&browserWidth... Page URL
  3. https://go.host893.com/click.php?key=a4asj5bjsyfdovxa5iku&cid=zrcde4de6ca0b311ea8ef71229d7649657c09... HTTP 302
    https://bitcoin-news.biz/landers/de-m-015e8e7fadd1d74/index.html?lpkey=157890c66574072f70&uclick=irb7... Page URL

Page Statistics

16
Requests

88 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

2
IPs

3
Countries

688 kB
Transfer

701 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.catonegroup.com/ HTTP 302
    http://usd.rustina-ber.com/zcvisitor/cde4de6c-a0b3-11ea-8ef7-1229d7649657?campaignid=4562f1b0-82e7-11ea-b2b8-0ac2bbf4ada7 Page URL
  2. http://usd.rustina-ber.com/zcredirect?visitid=cde4de6c-a0b3-11ea-8ef7-1229d7649657&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false Page URL
  3. https://go.host893.com/click.php?key=a4asj5bjsyfdovxa5iku&cid=zrcde4de6ca0b311ea8ef71229d7649657c09dd9696b4c4a798ea342dd4d86f2da047383728f47f15230&visit_cost=0.003900&target=victor-imp-YWBH03jl&campaign_id=1378477&geo=DE&keyword=catonegroup%2Ccatonegroup%2Ccatonegroup.com&source=badious-buzzard&match=&campaign_name=de&carrier=unknown&traffic_type=DOMAIN&visitor_type=NON-ADULT HTTP 302
    https://bitcoin-news.biz/landers/de-m-015e8e7fadd1d74/index.html?lpkey=157890c66574072f70&uclick=irb7hexs&uclickhash=irb7hexs-irb7hexs-tl-17bl-46fe-fnfn-fnxs-454b12 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://www.catonegroup.com/ HTTP 302
  • http://usd.rustina-ber.com/zcvisitor/cde4de6c-a0b3-11ea-8ef7-1229d7649657?campaignid=4562f1b0-82e7-11ea-b2b8-0ac2bbf4ada7

16 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
cde4de6c-a0b3-11ea-8ef7-1229d7649657
usd.rustina-ber.com/zcvisitor/
Redirect Chain
  • http://www.catonegroup.com/
  • http://usd.rustina-ber.com/zcvisitor/cde4de6c-a0b3-11ea-8ef7-1229d7649657?campaignid=4562f1b0-82e7-11ea-b2b8-0ac2bbf4ada7
1008 B
2 KB
Document
General
Full URL
http://usd.rustina-ber.com/zcvisitor/cde4de6c-a0b3-11ea-8ef7-1229d7649657?campaignid=4562f1b0-82e7-11ea-b2b8-0ac2bbf4ada7
Protocol
HTTP/1.1
Server
18.235.158.66 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-235-158-66.compute-1.amazonaws.com
Software
ZeroPark-Traffic /
Resource Hash
d629aa40bffd684c61f21d43e1d4bd394481553a5aa1727a5b6bde3d254359a4
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline'
X-Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline'

Request headers

Host
usd.rustina-ber.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 28 May 2020 07:21:10 GMT
Content-Type
text/html;charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Cache-Control
no-store, no-cache, pre-check=0, post-check=0
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP
default-src 'self'; script-src 'self' 'unsafe-inline'
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET,POST,OPTIONS
Access-Control-Allow-Headers
X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
Server
ZeroPark-Traffic

Redirect headers

cache-control
max-age=0, private, must-revalidate
connection
close
content-length
11
date
Thu, 28 May 2020 07:21:09 GMT
location
http://usd.rustina-ber.com/zcvisitor/cde4de6c-a0b3-11ea-8ef7-1229d7649657?campaignid=4562f1b0-82e7-11ea-b2b8-0ac2bbf4ada7
server
nginx
set-cookie
sid=cdd4c9d0-a0b3-11ea-947b-aea4a14aa398; path=/; domain=.catonegroup.com; expires=Tue, 15 Jun 2088 10:35:17 GMT; max-age=2147483647; HttpOnly
zcredirect
usd.rustina-ber.com/
938 B
2 KB
Document
General
Full URL
http://usd.rustina-ber.com/zcredirect?visitid=cde4de6c-a0b3-11ea-8ef7-1229d7649657&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false
Requested by
Host: usd.rustina-ber.com
URL: http://usd.rustina-ber.com/zcvisitor/cde4de6c-a0b3-11ea-8ef7-1229d7649657?campaignid=4562f1b0-82e7-11ea-b2b8-0ac2bbf4ada7
Protocol
HTTP/1.1
Server
18.235.158.66 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-235-158-66.compute-1.amazonaws.com
Software
ZeroPark-Traffic /
Resource Hash
7d9c41383245c2be60c3b5ad435ec69342a6fbb22b53486f6060201c452c2f8b
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline'
X-Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline'

Request headers

Host
usd.rustina-ber.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://usd.rustina-ber.com/zcvisitor/cde4de6c-a0b3-11ea-8ef7-1229d7649657?campaignid=4562f1b0-82e7-11ea-b2b8-0ac2bbf4ada7
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://usd.rustina-ber.com/zcvisitor/cde4de6c-a0b3-11ea-8ef7-1229d7649657?campaignid=4562f1b0-82e7-11ea-b2b8-0ac2bbf4ada7

Response headers

Date
Thu, 28 May 2020 07:21:10 GMT
Content-Type
text/html;charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Cache-Control
no-store, no-cache, pre-check=0, post-check=0
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP
default-src 'self'; script-src 'self' 'unsafe-inline'
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET,POST,OPTIONS
Access-Control-Allow-Headers
X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
redirected
JS
Server
ZeroPark-Traffic
Primary Request index.html
bitcoin-news.biz/landers/de-m-015e8e7fadd1d74/
Redirect Chain
  • https://go.host893.com/click.php?key=a4asj5bjsyfdovxa5iku&cid=zrcde4de6ca0b311ea8ef71229d7649657c09dd9696b4c4a798ea342dd4d86f2da047383728f47f15230&visit_cost=0.003900&target=victor-imp-YWBH03jl&cam...
  • https://bitcoin-news.biz/landers/de-m-015e8e7fadd1d74/index.html?lpkey=157890c66574072f70&uclick=irb7hexs&uclickhash=irb7hexs-irb7hexs-tl-17bl-46fe-fnfn-fnxs-454b12
24 KB
7 KB
Document
General
Full URL
https://bitcoin-news.biz/landers/de-m-015e8e7fadd1d74/index.html?lpkey=157890c66574072f70&uclick=irb7hexs&uclickhash=irb7hexs-irb7hexs-tl-17bl-46fe-fnfn-fnxs-454b12
Requested by
Host: usd.rustina-ber.com
URL: http://usd.rustina-ber.com/zcredirect?visitid=cde4de6c-a0b3-11ea-8ef7-1229d7649657&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
88.198.137.131 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.88-198-137-131.clients.your-server.de
Software
nginx/1.16.1 /
Resource Hash
015d9131adb2aa40672c5e67f779660b4d8d1111269d9f3e38ac4848b78f2f4f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
bitcoin-news.biz
:scheme
https
:path
/landers/de-m-015e8e7fadd1d74/index.html?lpkey=157890c66574072f70&uclick=irb7hexs&uclickhash=irb7hexs-irb7hexs-tl-17bl-46fe-fnfn-fnxs-454b12
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
http://usd.rustina-ber.com/zcredirect?visitid=cde4de6c-a0b3-11ea-8ef7-1229d7649657&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://usd.rustina-ber.com/zcredirect?visitid=cde4de6c-a0b3-11ea-8ef7-1229d7649657&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false

Response headers

status
200
server
nginx/1.16.1
date
Thu, 28 May 2020 07:21:11 GMT
content-type
text/html
last-modified
Thu, 16 Apr 2020 12:01:58 GMT
etag
W/"5e984936-617a"
strict-transport-security
max-age=31536000
content-encoding
gzip

Redirect headers

status
302
server
nginx/1.16.1
date
Thu, 28 May 2020 07:21:10 GMT
content-type
text/html; charset=UTF-8
location
https://bitcoin-news.biz/landers/de-m-015e8e7fadd1d74/index.html?lpkey=157890c66574072f70&uclick=irb7hexs&uclickhash=irb7hexs-irb7hexs-tl-17bl-46fe-fnfn-fnxs-454b12
set-cookie
uclick=irb7hexs; expires=Fri, 29-May-2020 07:21:10 GMT; Max-Age=86400; path=/; SameSite=None; Secure; uclickhash=irb7hexs-irb7hexs-tl-17bl-46fe-fnfn-fnxs-454b12; expires=Fri, 29-May-2020 07:21:10 GMT; Max-Age=86400; path=/; SameSite=None; Secure;
strict-transport-security
max-age=31536000
5e8e7fae6da7b.css
bitcoin-news.biz/landers/de-m-015e8e7fadd1d74/5e8e7fadd1d82/
53 KB
53 KB
Stylesheet
General
Full URL
https://bitcoin-news.biz/landers/de-m-015e8e7fadd1d74/5e8e7fadd1d82/5e8e7fae6da7b.css
Requested by
Host: bitcoin-news.biz
URL: https://bitcoin-news.biz/landers/de-m-015e8e7fadd1d74/index.html?lpkey=157890c66574072f70&uclick=irb7hexs&uclickhash=irb7hexs-irb7hexs-tl-17bl-46fe-fnfn-fnxs-454b12
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
88.198.137.131 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.88-198-137-131.clients.your-server.de
Software
nginx/1.16.1 /
Resource Hash
f4b15e7bfa30ef9ae5ad59f48fd71cdf7d2019e80f3a5b545a4e4123b5932ee1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://bitcoin-news.biz/landers/de-m-015e8e7fadd1d74/index.html?lpkey=157890c66574072f70&uclick=irb7hexs&uclickhash=irb7hexs-irb7hexs-tl-17bl-46fe-fnfn-fnxs-454b12
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 28 May 2020 07:21:11 GMT
last-modified
Thu, 09 Apr 2020 01:51:42 GMT
server
nginx/1.16.1
etag
"5e8e7fae-d3bc"
strict-transport-security
max-age=31536000
content-type
text/css
status
200
accept-ranges
bytes
content-length
54204
5e8e7fae6daae.css
bitcoin-news.biz/landers/de-m-015e8e7fadd1d74/5e8e7fadd1d82/
13 KB
13 KB
Stylesheet
General
Full URL
https://bitcoin-news.biz/landers/de-m-015e8e7fadd1d74/5e8e7fadd1d82/5e8e7fae6daae.css
Requested by
Host: bitcoin-news.biz
URL: https://bitcoin-news.biz/landers/de-m-015e8e7fadd1d74/index.html?lpkey=157890c66574072f70&uclick=irb7hexs&uclickhash=irb7hexs-irb7hexs-tl-17bl-46fe-fnfn-fnxs-454b12
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
88.198.137.131 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.88-198-137-131.clients.your-server.de
Software
nginx/1.16.1 /
Resource Hash
2e330e84f6c6a27b1a44645dcdc03989b78af0979f0dc0726d989c12b85c1151
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://bitcoin-news.biz/landers/de-m-015e8e7fadd1d74/index.html?lpkey=157890c66574072f70&uclick=irb7hexs&uclickhash=irb7hexs-irb7hexs-tl-17bl-46fe-fnfn-fnxs-454b12
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 28 May 2020 07:21:11 GMT
last-modified
Thu, 09 Apr 2020 01:51:42 GMT
server
nginx/1.16.1
etag
"5e8e7fae-34f5"
strict-transport-security
max-age=31536000
content-type
text/css
status
200
accept-ranges
bytes
content-length
13557
5e8e7fae6dae1.css
bitcoin-news.biz/landers/de-m-015e8e7fadd1d74/5e8e7fadd1d82/
41 KB
41 KB
Stylesheet
General
Full URL
https://bitcoin-news.biz/landers/de-m-015e8e7fadd1d74/5e8e7fadd1d82/5e8e7fae6dae1.css
Requested by
Host: bitcoin-news.biz
URL: https://bitcoin-news.biz/landers/de-m-015e8e7fadd1d74/index.html?lpkey=157890c66574072f70&uclick=irb7hexs&uclickhash=irb7hexs-irb7hexs-tl-17bl-46fe-fnfn-fnxs-454b12
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
88.198.137.131 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.88-198-137-131.clients.your-server.de
Software
nginx/1.16.1 /
Resource Hash
7636cdba38cb7563e0738aaf3db96700cc90fe56ed749f02f8fbe6d899a368db
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://bitcoin-news.biz/landers/de-m-015e8e7fadd1d74/index.html?lpkey=157890c66574072f70&uclick=irb7hexs&uclickhash=irb7hexs-irb7hexs-tl-17bl-46fe-fnfn-fnxs-454b12
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 28 May 2020 07:21:11 GMT
last-modified
Thu, 09 Apr 2020 01:51:42 GMT
server
nginx/1.16.1
etag
"5e8e7fae-a4b5"
strict-transport-security
max-age=31536000
content-type
text/css
status
200
accept-ranges
bytes
content-length
42165
5e8e7fae6d65e.jpg
bitcoin-news.biz/landers/de-m-015e8e7fadd1d74/5e8e7fadd1d82/
190 KB
190 KB
Image
General
Full URL
https://bitcoin-news.biz/landers/de-m-015e8e7fadd1d74/5e8e7fadd1d82/5e8e7fae6d65e.jpg
Requested by
Host: bitcoin-news.biz
URL: https://bitcoin-news.biz/landers/de-m-015e8e7fadd1d74/index.html?lpkey=157890c66574072f70&uclick=irb7hexs&uclickhash=irb7hexs-irb7hexs-tl-17bl-46fe-fnfn-fnxs-454b12
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
88.198.137.131 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.88-198-137-131.clients.your-server.de
Software
nginx/1.16.1 /
Resource Hash
3a0d5cfe7d11bb678b4c4b1a5c008d8aa2403d75ced742a67a84edbba9ed14de
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://bitcoin-news.biz/landers/de-m-015e8e7fadd1d74/index.html?lpkey=157890c66574072f70&uclick=irb7hexs&uclickhash=irb7hexs-irb7hexs-tl-17bl-46fe-fnfn-fnxs-454b12
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 28 May 2020 07:21:11 GMT
last-modified
Thu, 09 Apr 2020 01:51:43 GMT
server
nginx/1.16.1
etag
"5e8e7faf-2f882"
strict-transport-security
max-age=31536000
content-type
image/jpeg
status
200
accept-ranges
bytes
content-length
194690
5e8e7fae6d734.jpg
bitcoin-news.biz/landers/de-m-015e8e7fadd1d74/5e8e7fadd1d82/
101 KB
102 KB
Image
General
Full URL
https://bitcoin-news.biz/landers/de-m-015e8e7fadd1d74/5e8e7fadd1d82/5e8e7fae6d734.jpg
Requested by
Host: bitcoin-news.biz
URL: https://bitcoin-news.biz/landers/de-m-015e8e7fadd1d74/index.html?lpkey=157890c66574072f70&uclick=irb7hexs&uclickhash=irb7hexs-irb7hexs-tl-17bl-46fe-fnfn-fnxs-454b12
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
88.198.137.131 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.88-198-137-131.clients.your-server.de
Software
nginx/1.16.1 /
Resource Hash
18e96c905de9246b36ef6d4d265396d27dd88d08547911c180ec7041d799ed93
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://bitcoin-news.biz/landers/de-m-015e8e7fadd1d74/index.html?lpkey=157890c66574072f70&uclick=irb7hexs&uclickhash=irb7hexs-irb7hexs-tl-17bl-46fe-fnfn-fnxs-454b12
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 28 May 2020 07:21:11 GMT
last-modified
Thu, 09 Apr 2020 01:51:43 GMT
server
nginx/1.16.1
etag
"5e8e7faf-1952d"
strict-transport-security
max-age=31536000
content-type
image/jpeg
status
200
accept-ranges
bytes
content-length
103725
5e8e7fae6d80b.jpg
bitcoin-news.biz/landers/de-m-015e8e7fadd1d74/5e8e7fadd1d82/
98 KB
98 KB
Image
General
Full URL
https://bitcoin-news.biz/landers/de-m-015e8e7fadd1d74/5e8e7fadd1d82/5e8e7fae6d80b.jpg
Requested by
Host: bitcoin-news.biz
URL: https://bitcoin-news.biz/landers/de-m-015e8e7fadd1d74/index.html?lpkey=157890c66574072f70&uclick=irb7hexs&uclickhash=irb7hexs-irb7hexs-tl-17bl-46fe-fnfn-fnxs-454b12
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
88.198.137.131 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.88-198-137-131.clients.your-server.de
Software
nginx/1.16.1 /
Resource Hash
14d2c1864ee350fffad328e8ffda4efc9e2bc72cbdc899b0d0f4ad154af727a6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://bitcoin-news.biz/landers/de-m-015e8e7fadd1d74/index.html?lpkey=157890c66574072f70&uclick=irb7hexs&uclickhash=irb7hexs-irb7hexs-tl-17bl-46fe-fnfn-fnxs-454b12
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 28 May 2020 07:21:11 GMT
last-modified
Thu, 09 Apr 2020 01:51:43 GMT
server
nginx/1.16.1
etag
"5e8e7faf-18898"
strict-transport-security
max-age=31536000
content-type
image/jpeg
status
200
accept-ranges
bytes
content-length
100504
5e8e7fae6d84b.jpg
bitcoin-news.biz/landers/de-m-015e8e7fadd1d74/5e8e7fadd1d82/
2 KB
2 KB
Image
General
Full URL
https://bitcoin-news.biz/landers/de-m-015e8e7fadd1d74/5e8e7fadd1d82/5e8e7fae6d84b.jpg
Requested by
Host: bitcoin-news.biz
URL: https://bitcoin-news.biz/landers/de-m-015e8e7fadd1d74/index.html?lpkey=157890c66574072f70&uclick=irb7hexs&uclickhash=irb7hexs-irb7hexs-tl-17bl-46fe-fnfn-fnxs-454b12
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
88.198.137.131 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.88-198-137-131.clients.your-server.de
Software
nginx/1.16.1 /
Resource Hash
f6894acedc5915b51c9f1857f0da8ea062475edaff3b391b7cd7ffdf7115ad91
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://bitcoin-news.biz/landers/de-m-015e8e7fadd1d74/index.html?lpkey=157890c66574072f70&uclick=irb7hexs&uclickhash=irb7hexs-irb7hexs-tl-17bl-46fe-fnfn-fnxs-454b12
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 28 May 2020 07:21:11 GMT
last-modified
Thu, 09 Apr 2020 01:51:43 GMT
server
nginx/1.16.1
etag
"5e8e7faf-895"
strict-transport-security
max-age=31536000
content-type
image/jpeg
status
200
accept-ranges
bytes
content-length
2197
5e8e7fae6d889.jpg
bitcoin-news.biz/landers/de-m-015e8e7fadd1d74/5e8e7fadd1d82/
3 KB
3 KB
Image
General
Full URL
https://bitcoin-news.biz/landers/de-m-015e8e7fadd1d74/5e8e7fadd1d82/5e8e7fae6d889.jpg
Requested by
Host: bitcoin-news.biz
URL: https://bitcoin-news.biz/landers/de-m-015e8e7fadd1d74/index.html?lpkey=157890c66574072f70&uclick=irb7hexs&uclickhash=irb7hexs-irb7hexs-tl-17bl-46fe-fnfn-fnxs-454b12
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
88.198.137.131 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.88-198-137-131.clients.your-server.de
Software
nginx/1.16.1 /
Resource Hash
1707346b93ea4f91be70ba1d144c800813af2ef6d7bf2a9785665d2e9764b4c8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://bitcoin-news.biz/landers/de-m-015e8e7fadd1d74/index.html?lpkey=157890c66574072f70&uclick=irb7hexs&uclickhash=irb7hexs-irb7hexs-tl-17bl-46fe-fnfn-fnxs-454b12
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 28 May 2020 07:21:11 GMT
last-modified
Thu, 09 Apr 2020 01:51:43 GMT
server
nginx/1.16.1
etag
"5e8e7faf-b11"
strict-transport-security
max-age=31536000
content-type
image/jpeg
status
200
accept-ranges
bytes
content-length
2833
5e8e7fae6d8fa.jpg
bitcoin-news.biz/landers/de-m-015e8e7fadd1d74/5e8e7fadd1d82/
2 KB
2 KB
Image
General
Full URL
https://bitcoin-news.biz/landers/de-m-015e8e7fadd1d74/5e8e7fadd1d82/5e8e7fae6d8fa.jpg
Requested by
Host: bitcoin-news.biz
URL: https://bitcoin-news.biz/landers/de-m-015e8e7fadd1d74/index.html?lpkey=157890c66574072f70&uclick=irb7hexs&uclickhash=irb7hexs-irb7hexs-tl-17bl-46fe-fnfn-fnxs-454b12
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
88.198.137.131 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.88-198-137-131.clients.your-server.de
Software
nginx/1.16.1 /
Resource Hash
df99f7229bbfb0bdf5ed771fca5acc2fcbe96e41429bc2b2451f238c42d3f948
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://bitcoin-news.biz/landers/de-m-015e8e7fadd1d74/index.html?lpkey=157890c66574072f70&uclick=irb7hexs&uclickhash=irb7hexs-irb7hexs-tl-17bl-46fe-fnfn-fnxs-454b12
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 28 May 2020 07:21:11 GMT
last-modified
Thu, 09 Apr 2020 01:51:43 GMT
server
nginx/1.16.1
etag
"5e8e7faf-7b9"
strict-transport-security
max-age=31536000
content-type
image/jpeg
status
200
accept-ranges
bytes
content-length
1977
5e8e7fae6d931.jpg
bitcoin-news.biz/landers/de-m-015e8e7fadd1d74/5e8e7fadd1d82/
2 KB
2 KB
Image
General
Full URL
https://bitcoin-news.biz/landers/de-m-015e8e7fadd1d74/5e8e7fadd1d82/5e8e7fae6d931.jpg
Requested by
Host: bitcoin-news.biz
URL: https://bitcoin-news.biz/landers/de-m-015e8e7fadd1d74/index.html?lpkey=157890c66574072f70&uclick=irb7hexs&uclickhash=irb7hexs-irb7hexs-tl-17bl-46fe-fnfn-fnxs-454b12
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
88.198.137.131 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.88-198-137-131.clients.your-server.de
Software
nginx/1.16.1 /
Resource Hash
f5653349d4d9eade79c3484fc521672332ffba22afbf1022e80ecb56973814c4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://bitcoin-news.biz/landers/de-m-015e8e7fadd1d74/index.html?lpkey=157890c66574072f70&uclick=irb7hexs&uclickhash=irb7hexs-irb7hexs-tl-17bl-46fe-fnfn-fnxs-454b12
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 28 May 2020 07:21:11 GMT
last-modified
Thu, 09 Apr 2020 01:51:43 GMT
server
nginx/1.16.1
etag
"5e8e7faf-8a0"
strict-transport-security
max-age=31536000
content-type
image/jpeg
status
200
accept-ranges
bytes
content-length
2208
5e8e7fae6d9ae.jpg
bitcoin-news.biz/landers/de-m-015e8e7fadd1d74/5e8e7fadd1d82/
2 KB
2 KB
Image
General
Full URL
https://bitcoin-news.biz/landers/de-m-015e8e7fadd1d74/5e8e7fadd1d82/5e8e7fae6d9ae.jpg
Requested by
Host: bitcoin-news.biz
URL: https://bitcoin-news.biz/landers/de-m-015e8e7fadd1d74/index.html?lpkey=157890c66574072f70&uclick=irb7hexs&uclickhash=irb7hexs-irb7hexs-tl-17bl-46fe-fnfn-fnxs-454b12
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
88.198.137.131 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.88-198-137-131.clients.your-server.de
Software
nginx/1.16.1 /
Resource Hash
5e4a39e9f9298e25b326bd92f08b9cca6b15f0d617677c8ef2a6a3c037a8a0a1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://bitcoin-news.biz/landers/de-m-015e8e7fadd1d74/index.html?lpkey=157890c66574072f70&uclick=irb7hexs&uclickhash=irb7hexs-irb7hexs-tl-17bl-46fe-fnfn-fnxs-454b12
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 28 May 2020 07:21:11 GMT
last-modified
Thu, 09 Apr 2020 01:51:43 GMT
server
nginx/1.16.1
etag
"5e8e7faf-63d"
strict-transport-security
max-age=31536000
content-type
image/jpeg
status
200
accept-ranges
bytes
content-length
1597
5e8e7fae6da42.js
bitcoin-news.biz/landers/de-m-015e8e7fadd1d74/5e8e7fadd1d82/
95 KB
95 KB
Script
General
Full URL
https://bitcoin-news.biz/landers/de-m-015e8e7fadd1d74/5e8e7fadd1d82/5e8e7fae6da42.js
Requested by
Host: bitcoin-news.biz
URL: https://bitcoin-news.biz/landers/de-m-015e8e7fadd1d74/index.html?lpkey=157890c66574072f70&uclick=irb7hexs&uclickhash=irb7hexs-irb7hexs-tl-17bl-46fe-fnfn-fnxs-454b12
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
88.198.137.131 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.88-198-137-131.clients.your-server.de
Software
nginx/1.16.1 /
Resource Hash
fc48d1d80ece71a79a7b39877f4104d49d3da6c3665cf6dc203000fb7df4447e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://bitcoin-news.biz/landers/de-m-015e8e7fadd1d74/index.html?lpkey=157890c66574072f70&uclick=irb7hexs&uclickhash=irb7hexs-irb7hexs-tl-17bl-46fe-fnfn-fnxs-454b12
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 28 May 2020 07:21:11 GMT
last-modified
Thu, 09 Apr 2020 01:51:43 GMT
server
nginx/1.16.1
etag
"5e8e7faf-17ba0"
strict-transport-security
max-age=31536000
content-type
application/javascript
status
200
accept-ranges
bytes
content-length
97184
5e8e7fae7d097.woff2
bitcoin-news.biz/landers/de-m-015e8e7fadd1d74/5e8e7fadd1d82/
73 KB
73 KB
Font
General
Full URL
https://bitcoin-news.biz/landers/de-m-015e8e7fadd1d74/5e8e7fadd1d82/5e8e7fae7d097.woff2
Requested by
Host: bitcoin-news.biz
URL: https://bitcoin-news.biz/landers/de-m-015e8e7fadd1d74/index.html?lpkey=157890c66574072f70&uclick=irb7hexs&uclickhash=irb7hexs-irb7hexs-tl-17bl-46fe-fnfn-fnxs-454b12
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
88.198.137.131 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.88-198-137-131.clients.your-server.de
Software
nginx/1.16.1 /
Resource Hash
4f9ee3d8f6e621642979e6a8f7e75c57cb9da34918cc08a38abfe178dbae1dd2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://bitcoin-news.biz/landers/de-m-015e8e7fadd1d74/5e8e7fadd1d82/5e8e7fae6da7b.css
Origin
https://bitcoin-news.biz

Response headers

date
Thu, 28 May 2020 07:21:11 GMT
last-modified
Thu, 09 Apr 2020 01:51:43 GMT
server
nginx/1.16.1
etag
"5e8e7faf-1226c"
strict-transport-security
max-age=31536000
content-type
font/woff2
status
200
accept-ranges
bytes
content-length
74348

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Lion's Den Scam (Online)

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| getURLParameter object| dayNames object| monthNames object| now undefined| $ function| jQuery

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline'
X-Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline'