www.investisseurmalin.com Open in urlscan Pro
2606:4700::6810:ec2 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.academie3g.com/click.html?x=a62e&lc=cgH&mc=5&s=Yx1c&u=p&z=OVWpBGY&
Effective URL:
https://www.investisseurmalin.com/ba-auto-slo-vo
Submission: On November 06 via api (November 6th 2021, 4:26:59 am UTC) from BE — Scanned from DE

Summary HTTP 13 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 2 IPs in 3 countries across 3 domains to perform 13 HTTP transactions. The main IP is 2606:4700::6810:ec2, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.investisseurmalin.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 4th 2021. Valid for: a year.

This is the only time www.investisseurmalin.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	188.114.81.51 188.114.81.51	198881 (IMPLIX-PL-AS) (IMPLIX-PL-AS)
1 1	52.59.165.42 52.59.165.42	16509 (AMAZON-02) (AMAZON-02)
12	2606:4700::68... 2606:4700::6810:ec2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
13	2

1 188.114.81.51 (Poland) 1 redirects

ASN198881 (IMPLIX-PL-AS, PL)
PTR: mta-1.academie3g.com

www.academie3g.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.59.165.42 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: eu-ip-1.short.io

go.blackalgo.biz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2606:4700::6810:ec2 (United States)

ASN13335 (CLOUDFLARENET, US)

www.investisseurmalin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	investisseurmalin.com www.investisseurmalin.com	139 KB
1	blackalgo.biz 1 redirects go.blackalgo.biz	390 B
1	academie3g.com 1 redirects www.academie3g.com	600 B
13	3

	Domain	Requested by
12	www.investisseurmalin.com	www.investisseurmalin.com
1	go.blackalgo.biz	1 redirects
1	www.academie3g.com	1 redirects
13	3

This site contains links to these domains. Also see Links.

Domain
www.cloudflare.com

Subject Issuer	Validity	Valid
www.investisseurmalin.com Cloudflare Inc ECC CA-3	`2021-06-04` - `2022-06-03`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://www.investisseurmalin.com/ba-auto-slo-vo
Frame ID: 004A54686BA1E8CBA4E8D5A1016E1278
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Just a moment...

Page URL History Show full URLs

https://www.academie3g.com/click.html?x=a62e&lc=cgH&mc=5&s=Yx1c&u=p&z=OVWpBGY& HTTP 302
https://go.blackalgo.biz/3mois HTTP 302
https://www.investisseurmalin.com/ba-auto-slo-vo Page URL
https://www.investisseurmalin.com/ba-auto-slo-vo Page URL

Page Statistics

13
Requests

92 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

2
IPs

3
Countries

139 kB
Transfer

269 kB
Size

3
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.cloudflare.com/5xx-error-landing/
Title: Cloudflare

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.academie3g.com/click.html?x=a62e&lc=cgH&mc=5&s=Yx1c&u=p&z=OVWpBGY& HTTP 302
https://go.blackalgo.biz/3mois HTTP 302
https://www.investisseurmalin.com/ba-auto-slo-vo Page URL
https://www.investisseurmalin.com/ba-auto-slo-vo Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://www.academie3g.com/click.html?x=a62e&lc=cgH&mc=5&s=Yx1c&u=p&z=OVWpBGY& HTTP 302
https://go.blackalgo.biz/3mois HTTP 302
https://www.investisseurmalin.com/ba-auto-slo-vo

13 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

503

ba-auto-slo-vo Show response
www.investisseurmalin.com/
Redirect Chain

https://www.academie3g.com/click.html?x=a62e&lc=cgH&mc=5&s=Yx1c&u=p&z=OVWpBGY&
https://go.blackalgo.biz/3mois
https://www.investisseurmalin.com/ba-auto-slo-vo

10 KB
10 KB

66ms
28ms

Document
text/html

2606:4700::6810:ec2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.investisseurmalin.com/ba-auto-slo-vo

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:ec2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b021aa2dfb89bc6c0972a4327cb7558e09ed7a4cb1de8a11859b7e41c872e81e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Sat, 06 Nov 2021 04:26:54 GMT
content-type: text/html; charset=UTF-8
x-frame-options: SAMEORIGIN
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
server: cloudflare
cf-ray: 6a9b90fc68700e26-MXP

Redirect headers

x-ratelimit-limit: 50
x-ratelimit-remaining: 49
x-ratelimit-reset: 42
connection: close
content-type: text/html; charset=utf-8
x-powered-by: Short.io link shortener
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
location: https://www.investisseurmalin.com/ba-auto-slo-vo
content-length: 0
Date: Sat, 06 Nov 2021 04:26:54 GMT

GET
H2 200 v1 Show response
www.investisseurmalin.com/cdn-cgi/challenge-platform/h/b/orchestrate/jsch/ 37 KB
14 KB 58ms
57ms Script
text/javascript 2606:4700::6810:ec2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.investisseurmalin.com/cdn-cgi/challenge-platform/h/b/orchestrate/jsch/v1?ray=6a9b90fc68700e26
Requested by: Host: www.investisseurmalin.com
URL: https://www.investisseurmalin.com/ba-auto-slo-vo
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:ec2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5502778c68a604e63a26f64d5ad922a4bce4ad6b3f73ea6c86a531330fb134d8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.investisseurmalin.com/ba-auto-slo-vo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 04:26:54 GMT
content-encoding: br
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=0, must-revalidate
cf-ray: 6a9b90fcb88c0e26-MXP

GET
H2 200 transparent.gif
www.investisseurmalin.com/cdn-cgi/images/trace/jschal/js/ 42 B
101 B 19ms
19ms Image
image/gif 2606:4700::6810:ec2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.investisseurmalin.com/cdn-cgi/images/trace/jschal/js/transparent.gif?ray=6a9b90fc68700e26

Requested by

Host: www.investisseurmalin.com
URL: https://www.investisseurmalin.com/ba-auto-slo-vo

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:ec2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.investisseurmalin.com/ba-auto-slo-vo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 04:26:54 GMT
x-content-type-options: nosniff
last-modified: Fri, 05 Nov 2021 13:27:57 GMT
server: cloudflare
etag: "6185315d-2a"
x-frame-options: DENY
content-type: image/gif
cache-control: max-age=7200, public
accept-ranges: bytes
cf-ray: 6a9b90fcb88d0e26-MXP
vary: Accept-Encoding
content-length: 42
expires: Sat, 06 Nov 2021 06:26:54 GMT

GET
H2 200 transparent.gif
www.investisseurmalin.com/cdn-cgi/images/trace/jschal/nojs/ 42 B
220 B 18ms
18ms Image
image/gif 2606:4700::6810:ec2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.investisseurmalin.com/cdn-cgi/images/trace/jschal/nojs/transparent.gif?ray=6a9b90fc68700e26

Requested by

Host: www.investisseurmalin.com
URL: https://www.investisseurmalin.com/ba-auto-slo-vo

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:ec2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.investisseurmalin.com/ba-auto-slo-vo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 04:26:54 GMT
x-content-type-options: nosniff
last-modified: Fri, 05 Nov 2021 13:27:57 GMT
server: cloudflare
etag: "6185315d-2a"
x-frame-options: DENY
content-type: image/gif
cache-control: max-age=7200, public
accept-ranges: bytes
cf-ray: 6a9b90fcb88e0e26-MXP
vary: Accept-Encoding
content-length: 42
expires: Sat, 06 Nov 2021 06:26:54 GMT

POST
H2 200 15c49f09aa98504 Show response
www.investisseurmalin.com/cdn-cgi/challenge-platform/h/b/flow/ov1/0.5581371314006989:1636171656:557ee8589872a22e286d5a06a31f35a7e1ceaa4ab445c2461c505a66b6ed66d4/6a9b90fc68700e26/ 69 KB
40 KB 64ms
63ms XHR
text/plain 2606:4700::6810:ec2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.investisseurmalin.com/cdn-cgi/challenge-platform/h/b/flow/ov1/0.5581371314006989:1636171656:557ee8589872a22e286d5a06a31f35a7e1ceaa4ab445c2461c505a66b6ed66d4/6a9b90fc68700e26/15c49f09aa98504
Requested by: Host: www.investisseurmalin.com
URL: https://www.investisseurmalin.com/cdn-cgi/challenge-platform/h/b/orchestrate/jsch/v1?ray=6a9b90fc68700e26
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:ec2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: abe578c7c9115f37c8e0cfb696c9435d544de09f4b7d5dd02e6d9dd656882102

Request headers

Referer: https://www.investisseurmalin.com/ba-auto-slo-vo
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
CF-Challenge: 15c49f09aa98504
Content-type: application/x-www-form-urlencoded

Response headers

date: Sat, 06 Nov 2021 04:26:54 GMT
content-encoding: br
server: cloudflare
cf-ray: 6a9b90fd48cd0e26-MXP
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 200 15c49f09aa98504 Show response
www.investisseurmalin.com/cdn-cgi/challenge-platform/h/b/flow/ov1/0.5581371314006989:1636171656:557ee8589872a22e286d5a06a31f35a7e1ceaa4ab445c2461c505a66b6ed66d4/6a9b90fc68700e26/ 2 KB
2 KB 114ms
114ms XHR
text/plain 2606:4700::6810:ec2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.investisseurmalin.com/cdn-cgi/challenge-platform/h/b/flow/ov1/0.5581371314006989:1636171656:557ee8589872a22e286d5a06a31f35a7e1ceaa4ab445c2461c505a66b6ed66d4/6a9b90fc68700e26/15c49f09aa98504
Requested by: Host: www.investisseurmalin.com
URL: https://www.investisseurmalin.com/cdn-cgi/challenge-platform/h/b/orchestrate/jsch/v1?ray=6a9b90fc68700e26
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:ec2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6c71a7df0a16bf786f37e04841d930f0de61c8aa18ac36cc8e4c2b6a3b798a1f

Request headers

Referer: https://www.investisseurmalin.com/ba-auto-slo-vo
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
CF-Challenge: 15c49f09aa98504
Content-type: application/x-www-form-urlencoded

Response headers

date: Sat, 06 Nov 2021 04:26:55 GMT
content-encoding: br
server: cloudflare
cf_chl_out: wN094S0VaCd7UtV1cKPJluj+Bflns7TfILkh3+fFksWdRFv8Aq5Ex5GiqaVZPwbJZdRX/Hf+b8AQjcp1xz0QsQ==$OTX13TTza6MbkqMDPc8i7g==
vary: Accept-Encoding
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: text/plain;charset=UTF-8
cf_chl_out_s: PVIDahsbV6ZjPevg29YKKQP0TnUY1AvUClW9Z0VzMV6xMT4JcBGovnAQnr6WgpCFQ7p5Bd2IFmpUmc7dMAIGcHEcswDOnCeqLRgYIAuQbts=$zNSxGtLQ1BzDKNeF8FID5g==
cf-ray: 6a9b9100ea4f0e26-MXP

GET
H2 503 Primary Request ba-auto-slo-vo Show response
www.investisseurmalin.com/ 9 KB
10 KB 27ms
27ms Document
text/html 2606:4700::6810:ec2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.investisseurmalin.com/ba-auto-slo-vo

Requested by

Host: www.investisseurmalin.com
URL: https://www.investisseurmalin.com/ba-auto-slo-vo

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:ec2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4962ccbeaa89f132d9ff54f8a8ba7f5861034b2eba27a1f98b2be260e2e167dd

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.investisseurmalin.com/ba-auto-slo-vo

Response headers

date: Sat, 06 Nov 2021 04:26:57 GMT
content-type: text/html; charset=UTF-8
x-frame-options: SAMEORIGIN
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
server: cloudflare
cf-ray: 6a9b910fe9fe0e26-MXP

GET
H2 200 v1 Show response
www.investisseurmalin.com/cdn-cgi/challenge-platform/h/b/orchestrate/jsch/ 34 KB
12 KB 30ms
29ms Script
text/javascript 2606:4700::6810:ec2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.investisseurmalin.com/cdn-cgi/challenge-platform/h/b/orchestrate/jsch/v1?ray=6a9b910fe9fe0e26
Requested by: Host: www.investisseurmalin.com
URL: https://www.investisseurmalin.com/ba-auto-slo-vo
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:ec2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 513955bf37ae1a2a6a80b372eb81f6a2d243973bb4ca17bb92c57e4f279378c0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.investisseurmalin.com/ba-auto-slo-vo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 04:26:57 GMT
content-encoding: br
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=0, must-revalidate
cf-ray: 6a9b91102a1d0e26-MXP

GET
H2 200 transparent.gif
www.investisseurmalin.com/cdn-cgi/images/trace/jschal/js/ 42 B
124 B 19ms
19ms Image
image/gif 2606:4700::6810:ec2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.investisseurmalin.com/cdn-cgi/images/trace/jschal/js/transparent.gif?ray=6a9b910fe9fe0e26

Requested by

Host: www.investisseurmalin.com
URL: https://www.investisseurmalin.com/ba-auto-slo-vo

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:ec2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.investisseurmalin.com/ba-auto-slo-vo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 04:26:57 GMT
x-content-type-options: nosniff
last-modified: Fri, 05 Nov 2021 13:27:57 GMT
server: cloudflare
etag: "6185315d-2a"
x-frame-options: DENY
content-type: image/gif
cache-control: max-age=7200, public
accept-ranges: bytes
cf-ray: 6a9b91102a1e0e26-MXP
vary: Accept-Encoding
content-length: 42
expires: Sat, 06 Nov 2021 06:26:57 GMT

GET
H2 200 transparent.gif
www.investisseurmalin.com/cdn-cgi/images/trace/jschal/nojs/ 42 B
101 B 20ms
20ms Image
image/gif 2606:4700::6810:ec2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.investisseurmalin.com/cdn-cgi/images/trace/jschal/nojs/transparent.gif?ray=6a9b910fe9fe0e26

Requested by

Host: www.investisseurmalin.com
URL: https://www.investisseurmalin.com/ba-auto-slo-vo

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:ec2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.investisseurmalin.com/ba-auto-slo-vo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 04:26:57 GMT
x-content-type-options: nosniff
last-modified: Fri, 05 Nov 2021 13:27:57 GMT
server: cloudflare
etag: "6185315d-2a"
x-frame-options: DENY
content-type: image/gif
cache-control: max-age=7200, public
accept-ranges: bytes
cf-ray: 6a9b91102a200e26-MXP
vary: Accept-Encoding
content-length: 42
expires: Sat, 06 Nov 2021 06:26:57 GMT

POST
H2 200 557a9f648ab384f Show response
www.investisseurmalin.com/cdn-cgi/challenge-platform/h/b/flow/ov1/0.8830663836913728:1636171658:776076797644c77b02c379afc4f9ecdbfb776a31c313ddb34f44165e7f2816c1/6a9b910fe9fe0e26/ 104 KB
49 KB 65ms
65ms XHR
text/plain 2606:4700::6810:ec2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.investisseurmalin.com/cdn-cgi/challenge-platform/h/b/flow/ov1/0.8830663836913728:1636171658:776076797644c77b02c379afc4f9ecdbfb776a31c313ddb34f44165e7f2816c1/6a9b910fe9fe0e26/557a9f648ab384f
Requested by: Host: www.investisseurmalin.com
URL: https://www.investisseurmalin.com/cdn-cgi/challenge-platform/h/b/orchestrate/jsch/v1?ray=6a9b910fe9fe0e26
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:ec2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e803a97354aa69eb3826055d1d0ef1c2050379a34f66e371101fdde9aa40d841

Request headers

Referer: https://www.investisseurmalin.com/ba-auto-slo-vo
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
CF-Challenge: 557a9f648ab384f
Content-type: application/x-www-form-urlencoded

Response headers

date: Sat, 06 Nov 2021 04:26:58 GMT
content-encoding: br
server: cloudflare
cf-ray: 6a9b91108ade0e26-MXP
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
BLOB 200
OK f98fbe4d-10b7-479b-abfe-eb0154b17811
https://www.investisseurmalin.com/ 120 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.investisseurmalin.com/f98fbe4d-10b7-479b-abfe-eb0154b17811
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c609febe6499f4d3ca41a5a6266ea0f7f1f5641c8917d26a20261f3c7ae89185

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Length: 120
Content-Type: application/javascript

POST
H2 200 557a9f648ab384f Show response
www.investisseurmalin.com/cdn-cgi/challenge-platform/h/b/flow/ov1/0.8830663836913728:1636171658:776076797644c77b02c379afc4f9ecdbfb776a31c313ddb34f44165e7f2816c1/6a9b910fe9fe0e26/ 2 KB
2 KB 126ms
125ms XHR
text/plain 2606:4700::6810:ec2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.investisseurmalin.com/cdn-cgi/challenge-platform/h/b/flow/ov1/0.8830663836913728:1636171658:776076797644c77b02c379afc4f9ecdbfb776a31c313ddb34f44165e7f2816c1/6a9b910fe9fe0e26/557a9f648ab384f
Requested by: Host: www.investisseurmalin.com
URL: https://www.investisseurmalin.com/cdn-cgi/challenge-platform/h/b/orchestrate/jsch/v1?ray=6a9b910fe9fe0e26
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:ec2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9970e174d7d4677e578f8f1ad04e35d54c49d8e2b4d06404ecc536d2870a58d9

Request headers

Referer: https://www.investisseurmalin.com/ba-auto-slo-vo
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
CF-Challenge: 557a9f648ab384f
Content-type: application/x-www-form-urlencoded

Response headers

date: Sat, 06 Nov 2021 04:26:58 GMT
content-encoding: br
server: cloudflare
cf_chl_out: 8DXIBMjPXcRCsiCiE+k22ZfVZQj9Ai2bZ50LAcf9thM8a30c6ngJSh61sqPxzkwbV0eeq6wOGVcUTzyseuRYrg==$UjZh3AUtuDPRqVNFkgwIgQ==
vary: Accept-Encoding
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: text/plain;charset=UTF-8
cf_chl_out_s: Y9gKRTzHCYUJXWHu+TnRPVqOO5KODdyA73NR5xeqkR8L8VUOYWX70EQZrZ11+esikphq2I5Lhi/QtGtC8mIQcoBD6VS51S43m3Luaq5n7aQNJLucGJo6KJOU9YSb4h08VOEVIePgFgozprOn5HlvQDkoWQ/KxEgP3+oH9vU/KdUAy/beed9SRAcdKFVGcb4b6rDMpTl5FTqgobhXMCN+m6owRSffq9UbqTrImGy5cYJCblIxpdBvmi6amRqfYyOEb6LSiTs6y8lVrdVXuTMc1UFTw0LbykuOyGe0Wq+ANkSjR/oAm+Xy/8Z+SX48SBy/7a8k5lAM3Vd7CK2AY7AwYhk/rxD9fzXphZ1LgmHauKObRv/IbAMncA8hINNWZkGH$B2eJJAZaPBOEcSgmz/oDaw==
cf-ray: 6a9b9113ecdd0e26-MXP

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.www.investisseurmalin.com/	1970-01-19 22:29:34	Name: __cf_bm Value: wbC1ngqGtqava17Fh4wijbAVKLYKPdxtYFzX_mxohQw-1636172814-0-AT5xqBJBogOXclrjJ8q2HkN6wwRELqDUvSy+ZH+zCl4B5Y8xrU7DZ1NAwk2+Ykeo03Zl5+kD+ZemmaF+wiA3V4CwCmP5oDIZ+Qt53+CjFOrM
www.investisseurmalin.com/	1970-01-19 22:29:36	Name: cf_chl_rc_ni Value: 1
www.investisseurmalin.com/	1970-01-19 22:29:36	Name: cf_chl_prog Value: f13

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'interest-cohort'.
network	error	URL: https://www.investisseurmalin.com/ba-auto-slo-vo Message: Failed to load resource: the server responded with a status of 503 ()
deprecation	warning	(Line 4) Message: 'window.webkitStorageInfo' is deprecated. Please use 'navigator.webkitTemporaryStorage' or 'navigator.webkitPersistentStorage' instead.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'interest-cohort'.
network	error	URL: https://www.investisseurmalin.com/ba-auto-slo-vo Message: Failed to load resource: the server responded with a status of 503 ()
deprecation	warning	(Line 4) Message: 'window.webkitStorageInfo' is deprecated. Please use 'navigator.webkitTemporaryStorage' or 'navigator.webkitPersistentStorage' instead.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

go.blackalgo.biz
www.academie3g.com
www.investisseurmalin.com
188.114.81.51
2606:4700::6810:ec2
52.59.165.42
4962ccbeaa89f132d9ff54f8a8ba7f5861034b2eba27a1f98b2be260e2e167dd
513955bf37ae1a2a6a80b372eb81f6a2d243973bb4ca17bb92c57e4f279378c0
5502778c68a604e63a26f64d5ad922a4bce4ad6b3f73ea6c86a531330fb134d8
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
6c71a7df0a16bf786f37e04841d930f0de61c8aa18ac36cc8e4c2b6a3b798a1f
9970e174d7d4677e578f8f1ad04e35d54c49d8e2b4d06404ecc536d2870a58d9
abe578c7c9115f37c8e0cfb696c9435d544de09f4b7d5dd02e6d9dd656882102
b021aa2dfb89bc6c0972a4327cb7558e09ed7a4cb1de8a11859b7e41c872e81e
c609febe6499f4d3ca41a5a6266ea0f7f1f5641c8917d26a20261f3c7ae89185
e803a97354aa69eb3826055d1d0ef1c2050379a34f66e371101fdde9aa40d841
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

www.investisseurmalin.com Open in urlscan Pro 2606:4700::6810:ec2 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

13 Requests

92 %HTTPS

33 %IPv6

3 Domains

3 Subdomains

2 IPs

3 Countries

139 kBTransfer

269 kBSize

3 Cookies

1 Outgoing links

Page URL History

Redirected requests

13 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

3 Cookies

6 Console Messages

Security Headers

Indicators

www.investisseurmalin.com Open in urlscan Pro
2606:4700::6810:ec2 Public Scan

Screenshot
Live screenshot

Full Image

13
Requests

92 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

2
IPs

3
Countries

139 kB
Transfer

269 kB
Size

3
Cookies

13 HTTP transactions
2 data transactions