btzebra.com Open in urlscan Pro
104.248.143.199 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.kloshpro.com/js/db/b/db/d/9/dropbx.z/document.html
Effective URL:
https://btzebra.com/?utm_campaign=htrl77it55&click_id=78882701166&source=402905731&cost=0.0141
Submission: On February 28 via api (February 28th 2020, 11:07:29 am UTC) from IT

Summary HTTP 18 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 3 IPs in 3 countries across 4 domains to perform 18 HTTP transactions. The main IP is 104.248.143.199, located in Frankfurt am Main, Germany and belongs to DIGITALOCEAN-ASN, US. The main domain is btzebra.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on February 26th 2020. Valid for: 3 months.

This is the only time btzebra.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Lion's Den Scam (Online)

Domain & IP information

	IP Address	AS Autonomous System
1 3	74.206.232.234 74.206.232.234	27257 (WEBAIR-IN...) (WEBAIR-INTERNET)
1 2	5.79.68.236 5.79.68.236	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
2 2	173.192.101.24 173.192.101.24	36351 (SOFTLAYER) (SOFTLAYER)
15	104.248.143.199 104.248.143.199	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
18	3

3 74.206.232.234 (Garden City, United States) 1 redirects

ASN27257 (WEBAIR-INTERNET, US)

www.kloshpro.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
kloshpro.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 5.79.68.236 (Netherlands) 1 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

api.quotes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 173.192.101.24 (Dallas, United States) 2 redirects

ASN36351 (SOFTLAYER, US)
PTR: 18.65.c0ad.ip4.static.sl-reverse.com

infopicked.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
p185689.infopicked.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 104.248.143.199 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN, US)

btzebra.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	btzebra.com btzebra.com	576 KB
3	kloshpro.com 1 redirects www.kloshpro.com kloshpro.com	1 KB
2	infopicked.com 2 redirects infopicked.com p185689.infopicked.com	2 KB
2	quotes.com 1 redirects api.quotes.com	3 KB
18	4

	Domain	Requested by
15	btzebra.com	btzebra.com
2	api.quotes.com	1 redirects kloshpro.com
2	www.kloshpro.com	1 redirects
1	p185689.infopicked.com	1 redirects
1	infopicked.com	1 redirects
1	kloshpro.com	www.kloshpro.com
18	6

This site contains links to these domains. Also see Links.

Domain
kryptonized.co

Subject Issuer	Validity	Valid
btzebra.com Let's Encrypt Authority X3	`2020-02-26` - `2020-05-26`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://btzebra.com/?utm_campaign=htrl77it55&click_id=78882701166&source=402905731&cost=0.0141
Frame ID: CEC3725E9BCA64993E2B64D48AF309F7
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://www.kloshpro.com/js/db/b/db/d/9/dropbx.z/document.html HTTP 302
http://www.kloshpro.com/ Page URL
http://kloshpro.com/ Page URL
http://api.quotes.com/78ae96a0-5a1a-11ea-91dc-d6aae86242d8 Page URL
http://api.quotes.com/78ae96a0-5a1a-11ea-91dc-d6aae86242d8?hr=1 HTTP 302
http://infopicked.com/aS/feedclick?s=H6mN1vWY-SfyXDil0FvPzk8HIGvF0uyVXQaiCg3BLRuv734ZwHwWeJ1B-kb1v... HTTP 302
http://p185689.infopicked.com/adServe/domainClick?ai=aMan3QIeyCMLf-6bcXmvFjuIzAkw6D6X1b9i8lgz_Pn7i5g53FPyU... HTTP 302
https://btzebra.com/?utm_campaign=htrl77it55&click_id=78882701166&source=402905731&cost=0.0141 Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

18
Requests

83 %
HTTPS

0 %
IPv6

4
Domains

6
Subdomains

3
IPs

3
Countries

577 kB
Transfer

575 kB
Size

1
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: http://kryptonized.co/click/?origin=htrl77it55-41160-ded3a2b5-7758-4f75-b808-088eb4413a91
Title:

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.kloshpro.com/js/db/b/db/d/9/dropbx.z/document.html HTTP 302
http://www.kloshpro.com/ Page URL
http://kloshpro.com/ Page URL
http://api.quotes.com/78ae96a0-5a1a-11ea-91dc-d6aae86242d8 Page URL
http://api.quotes.com/78ae96a0-5a1a-11ea-91dc-d6aae86242d8?hr=1 HTTP 302
http://infopicked.com/aS/feedclick?s=H6mN1vWY-SfyXDil0FvPzk8HIGvF0uyVXQaiCg3BLRuv734ZwHwWeJ1B-kb1vwChg2RvEwrk2epbC7U30TJp2ZadnIox-xjqfkc4A3jiV6YSp9Dm0A7h07CyP0WpYsxEJnFYxcsUig_ZjafmTRh4cI6tz_CetwrE0xe-Xn7oJzieSg6UfkH-qKpkhgQvduCn6hXp1zQGwglS8DWUUfxPg_JfuXiHiYrWhx8B5E30tDy-hLU7V1FHhCECF0QDNiG1UpuboRaBMVg1GXCAk-XPZDpWBrhgYoYX33o3pUqEaV0HdctOXO4xI__70saFiJ0J2dOd3lJC3ooxt5eEFQUgPDCuEz0QqJScbuxqv2fPHbkLGzPbTSW1aeqH2zkj2W3ct7HIzwwHvR1lP6uOj4x45ICYyYX_M8rZoKYMHje651A-hW_NjDc31SWc7CR7nKW5fiWf3Gk62VCVUpHZKj4fbKgZwekRXEwur7r46X1KzEq5BE2Y99CqXv0ow2tUhsF8eLrr9XfwtsdbhvNNCrC0f6u0i3iH4sX-IegL0NVsN0jhHSqtq1n6tuSsrKjHEIrzHa30SJcaY8hVdRja6m8ukUbsjBS-L3dJkb6NFfnnO_GNLC6HMTOlQYKMghSvFwZXF8dKVFq5mIECKElY2cRiWnypNv0o2Os0bfWWr3cow9WGlvWNBBZxfnYbbm_hzaJaf6BQFVSQ6LEw6ifC2WtDbThuXI8HTS8aoXS6vzssKPXi0zJ8MWXFK-xkMEKbf4mCzOVoyX_ByVVU99cXbUJlmrPwCTUeRV7zEkUxs-qQVHuHHMZz7JcJpxy3tvSzo3xfpFHMHKs_KF50Bm54Q8lg-6ypSGdSR8xxc2kwSkgTwpBESTA3SAWNxFPG3V9qYNVZqqsEwiWcSGyni1PMfqT622Z4QlWBbwegr7-XehnNZkVwuNGwWtiWrrRPi7leMqrZ-BSz7obLZ_kJrYJKYISHUil_q3ke7_4gZJApOAnjs65wCkr1P_SrlMDKyEjztWwoa8YosRojfZkZqQq2QahyCkSFnazazurM82utUItX6xy2AG5Kuk_qL3Ok6-zis4v5JvKkVhjOt3at70-xBnRylXmPRoGdrpFU4MjBpOo8VKmpA6z1gsQlV5WPGjW6H-oSFi8W-afh2KikVVCVbad2Rglkij9v6Ygz_xd-RzvqCFOcPZTQBbNpbMU5YCQViaNoOdETuUh7qwrz03LhfNhPBg9AwdOsApinN24o3OC_F0ZGn-k2OfGv4bAVOWRKn9nK1s_6SN_9Bt4mSe6FKMq5X5lqUO9m3OLdcEGi8_Ap75fv_be6YXibX-Tk3vrPO2xjOlan7Z38Bo4bO7pWllwGdVGZXxgmhR3INz-QU0tQexivSoHKdo8xF-eCE2hpH3KNW9ZBPHMEK0Q440Q_UTaaxiQKSIXq3AQwrmIrP2lNhVXc1TJLY5jgsYGrivroMtcMcqnNvhGdhwxahSsPlvn6vuXaUOR19twE1uS4jI_UmXUkJa-UdhUGzVhEtT54cQtrhhRgl11k0YQUeZBwbSQFOjuIzAkw6D6XjCuXHMUBGHD8HwayaA9UwTgmdWZdwDd6lmHC0D4ZuQTQvcDyDEi15nfWetOMhs5povfCQujJb8gFOy9WleTlwAPdpPUEZZPCgGienO3rc409LaeQDRSxZ9TLmL765vlIiB0nbkd8lN7aduZ6qC1orzCLSYW6NtdsKB1rVEzWCCTYcyjg76kFPmvA7TyG61P2_OPVvUyPc7C7tkV56ifAAXYJv_8gqzrJjMW-Oo1IJMpkniA21lfVHB9jaOjcYFNtzF6iilVR1hABGwwfAA-lq9khE_5wyq3ukF-bO6QLXa4ycmYJ1br3hPmndUsH6K6wMTmsIFXOX0qBbPfU3X7DdfQtBsG4Bwqh6FkCk6NdRVGZOPsX9_Ni8jCqGSO_rxgIejcbokRI9CljEDzEiX2_R6HQjqtXrFIJYcV1H25CXKfX3u1i3ifmg2wDLFOrru-3kEp6YhdO_vEOzT4TF6IHn-aHrLZE3F_n HTTP 302
http://p185689.infopicked.com/adServe/domainClick?ai=aMan3QIeyCMLf-6bcXmvFjuIzAkw6D6X1b9i8lgz_Pn7i5g53FPyUc3EucKk-DXWeY7qMM2eG_A4_LIdNJBZPWTAzvlXfkbNYPbwW8hssrWkXeMeK_GPRChp2UMmv471Ssz0Z2FKhzWf_67TEPLWuJ01w1evEAPXAC6BWLN5eWuoLdHGY-WCpWlKBIRTLapNzUUlJYg0Z1cO0BDDmu3e2HpG0qugXm9oDsIA_Dg34OZqHoqI06uascAA30MxSHhK5_QF0N08LzquIE66RM5Im6hx55zOUV-j6rp8VaceF9etk1GQ4-V9tb062ean9GwshBCYTg6QF1aIyyWyitO4IkWjmJg91b-_L1ixgNPggkD9f_qAGvjzxfEd_i3-YtjcBFzEv2GpjvVcmXITB_r-qHUXj34qybWDAqM8rzIb-Pi5VPoQapVd8GzO00fgOqNiO4jMCTDoPpdlWYtRlLMC2-vaI8tzj08RkEp6YhdO_vEOzT4TF6IHnw70sCjuHHHR8RwtDLnkS-Psl8WHMGyl4ZW8qCABgX2l1QlvVKC08ytv0-cfxRgHaSCijZY_SNQadM5ECUeELJfkQmjZE96sjlSl4f_eCE4CxXVQ3LpKIUg9T6mdfWUL-xEhMtONcIITKwIFdkeLmyMofvF1o2CObmjL4gWo8MLxbgejlzf67IHJhBqnpFAYj4eBF8KjqKW4ljeeYDjgjCU&ui=H6mN1vWY-Sev-pH5wm3KqYBVNmK1S2tV-X_mKpnAKb29G1cWFXekq_5Ye6uoLDF7lmHC0D4ZuQTQvcDyDEi15nfWetOMhs5povfCQujJb8isxnXnkdRr2A&si=1&oref=4d4bf5a2b32cd6bb0f57d5cb4e2ae9c1&rb=iHg27Az6PqM&rr=0 HTTP 302
https://btzebra.com/?utm_campaign=htrl77it55&click_id=78882701166&source=402905731&cost=0.0141 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://www.kloshpro.com/js/db/b/db/d/9/dropbx.z/document.html HTTP 302
http://www.kloshpro.com/

18 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	/ Show response www.kloshpro.com/ Redirect Chain http://www.kloshpro.com/js/db/b/db/d/9/dropbx.z/document.html http://www.kloshpro.com/	638 B 622 B	93ms 93ms	Document text/html	74.206.232.234 WEBAIR-INTERNET
General Check archive.org Show headers Download Go to Full URL http://www.kloshpro.com/ Protocol HTTP/1.1 Server 74.206.232.234 Garden City, United States, ASN27257 (WEBAIR-INTERNET, US), Reverse DNS Software nginx / Resource Hash `aaa862bb6acbb0df32a6bf2e3bc917a97a2f5100ae7b97cb518185fc3adceb9b` Request headers Host www.kloshpro.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 Accept-Encoding gzip, deflate Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Server nginx Date Fri, 28 Feb 2020 11:07:12 GMT Content-Type text/html;charset=utf-8 Transfer-Encoding chunked Connection keep-alive Content-Encoding gzip Redirect headers Server nginx Date Fri, 28 Feb 2020 11:07:12 GMT Content-Type text/html Content-Length 154 Connection keep-alive Location http://www.kloshpro.com/
POST H/1.1	200 OK	Cookie set / Show response kloshpro.com/	213 B 594 B	670ms 659ms	Document text/html	74.206.232.234 WEBAIR-INTERNET
General Check archive.org Show headers Download Go to Full URL http://kloshpro.com/ Requested by Host: www.kloshpro.com URL: http://www.kloshpro.com/ Protocol HTTP/1.1 Server 74.206.232.234 Garden City, United States, ASN27257 (WEBAIR-INTERNET, US), Reverse DNS Software nginx / Resource Hash `088e3689490c5eadc85eab695a939f2659495a7056cf2dce33bb1c16b4592223` Request headers Host kloshpro.com Connection keep-alive Content-Length 12 Pragma no-cache Cache-Control no-cache Origin http://www.kloshpro.com Upgrade-Insecure-Requests 1 Content-Type application/x-www-form-urlencoded User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 Referer http://www.kloshpro.com/ Accept-Encoding gzip, deflate Accept-Language en-US Origin http://www.kloshpro.com Upgrade-Insecure-Requests 1 Content-Type application/x-www-form-urlencoded User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer http://www.kloshpro.com/ Response headers Server nginx Date Fri, 28 Feb 2020 11:07:13 GMT Content-Type text/html;charset=utf-8 Transfer-Encoding chunked Connection keep-alive Set-Cookie ipc=eyJ2ZXJzaW9uIjoxLCJzdWJJZCI6MywiZm9sZGVySWQiOjEsImZlZWRJZCI6MSwidHMiOjE1ODI4ODgwMzMsImhhc2giOiI5MzcyZDc0OSJ9;Expires=Fri, 28-Feb-2020 12:07:13 GMT;Max-Age=3600 Expires Thu, 01 Jan 1970 00:00:00 GMT Content-Encoding gzip
GET H/1.1	200 OK	78ae96a0-5a1a-11ea-91dc-d6aae86242d8 Show response api.quotes.com/	171 B 374 B	283ms 44ms	Document text/html	5.79.68.236 LEASEWEB-NL-AMS-0...
General Check archive.org Show headers Download Go to Full URL http://api.quotes.com/78ae96a0-5a1a-11ea-91dc-d6aae86242d8 Requested by Host: kloshpro.com URL: http://kloshpro.com/ Protocol HTTP/1.1 Server 5.79.68.236 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL), Reverse DNS Software nginx / Resource Hash `db094d0b36264f435b02007a3db1a859589a034a98cbfbfdc849085a7aee564f` Request headers Host api.quotes.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 Referer http://kloshpro.com/ Accept-Encoding gzip, deflate Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer http://kloshpro.com/ Response headers cache-control max-age=0, private, must-revalidate connection close content-length 171 content-type text/html; charset=utf-8 date Fri, 28 Feb 2020 11:07:12 GMT server nginx
GET H2	200	Primary Request / Show response btzebra.com/ Redirect Chain http://api.quotes.com/78ae96a0-5a1a-11ea-91dc-d6aae86242d8?hr=1 http://infopicked.com/aS/feedclick?s=H6mN1vWY-SfyXDil0FvPzk8HIGvF0uyVXQaiCg3BLRuv734ZwHwWeJ1B-kb1vwChg2RvEwrk2epbC7U30TJp2ZadnIox-xjqfkc4A3jiV6YSp9Dm0A7h07CyP0WpYsxEJnFYxcsUig_ZjafmTRh4cI6tz_CetwrE... http://p185689.infopicked.com/adServe/domainClick?ai=aMan3QIeyCMLf-6bcXmvFjuIzAkw6D6X1b9i8lgz_Pn7i5g53FPyUc3EucKk-DXWeY7qMM2eG_A4_LIdNJBZPWTAzvlXfkbNYPbwW8hssrWkXeMeK_GPRChp2UMmv471Ssz0Z2FKhzWf_67T... https://btzebra.com/?utm_campaign=htrl77it55&click_id=78882701166&source=402905731&cost=0.0141	22 KB 22 KB	71ms 27ms	Document text/html	104.248.143.199 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://btzebra.com/?utm_campaign=htrl77it55&click_id=78882701166&source=402905731&cost=0.0141 Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 104.248.143.199 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software / Resource Hash `bfb475a648149d7721b371a0365d38cc83ae81fe7185839ad640529123a6fca5` Request headers :method GET :authority btzebra.com :scheme https :path /?utm_campaign=htrl77it55&click_id=78882701166&source=402905731&cost=0.0141 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate referer http://api.quotes.com/78ae96a0-5a1a-11ea-91dc-d6aae86242d8 accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer http://api.quotes.com/78ae96a0-5a1a-11ea-91dc-d6aae86242d8 Response headers status 200 content-type text/html; charset=utf-8 set-cookie sess-bf6cda6249234b168fe086f3819402b4=MTU4Mjg4ODAzNHxKRkpaaTFTWkxfZ2lXT2E5aDVKYXZZcHoycDRwVHJObjlKdGVkb2tONXlITnVuOVVUeVpfTzNRPXwqoLPxJSk2khu6YnNYKGQFnMvr9bjT2jBmMH0s87rllA==; Max-Age=31536000; HttpOnly date Fri, 28 Feb 2020 11:07:14 GMT Redirect headers Server nginx Date Fri, 28 Feb 2020 11:07:14 GMT Content-Length 0 Connection keep-alive Keep-Alive timeout=5 Set-Cookie rhid=69032211037; Max-Age=15552000; Expires=Wed, 26-Aug-2020 11:07:14 GMT; Domain=infopicked.com; Path=/; SameSite=None; secure; loi=ad_909833_off_394192_aff_797_cid_185689-KLOSHPRO.COM_ts_1582888034; Max-Age=3600; Expires=Fri, 28-Feb-2020 12:07:14 GMT; Domain=infopicked.com; Path=/; SameSite=None; secure; Location https://btzebra.com/?utm_campaign=htrl77it55&click_id=78882701166&source=402905731&cost=0.0141
GET H2	200	styles.main.css btzebra.com/landers/23253/1575306288/assets/	13 KB 13 KB	9ms 9ms	Stylesheet text/css	104.248.143.199 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://btzebra.com/landers/23253/1575306288/assets/styles.main.css Requested by Host: btzebra.com URL: https://btzebra.com/?utm_campaign=htrl77it55&click_id=78882701166&source=402905731&cost=0.0141 Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 104.248.143.199 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software / Resource Hash `2e330e84f6c6a27b1a44645dcdc03989b78af0979f0dc0726d989c12b85c1151` Request headers Referer https://btzebra.com/?utm_campaign=htrl77it55&click_id=78882701166&source=402905731&cost=0.0141 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest style Response headers status 200 date Fri, 28 Feb 2020 11:07:14 GMT last-modified Thu, 27 Feb 2020 08:24:46 GMT accept-ranges bytes content-length 13557 content-type text/css; charset=utf-8
GET H2	200	fontawesome-all.css btzebra.com/landers/23253/1575306288/assets/	41 KB 41 KB	10ms 10ms	Stylesheet text/css	104.248.143.199 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://btzebra.com/landers/23253/1575306288/assets/fontawesome-all.css Requested by Host: btzebra.com URL: https://btzebra.com/?utm_campaign=htrl77it55&click_id=78882701166&source=402905731&cost=0.0141 Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 104.248.143.199 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software / Resource Hash `7636cdba38cb7563e0738aaf3db96700cc90fe56ed749f02f8fbe6d899a368db` Request headers Referer https://btzebra.com/?utm_campaign=htrl77it55&click_id=78882701166&source=402905731&cost=0.0141 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest style Response headers status 200 date Fri, 28 Feb 2020 11:07:14 GMT last-modified Thu, 27 Feb 2020 08:24:46 GMT accept-ranges bytes content-length 42165 content-type text/css; charset=utf-8
GET H2	200	35.bild.png btzebra.com/landers/23253/1575306288/assets/	656 B 715 B	12ms 11ms	Image image/png	104.248.143.199 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Show image Full URL https://btzebra.com/landers/23253/1575306288/assets/35.bild.png Requested by Host: btzebra.com URL: https://btzebra.com/?utm_campaign=htrl77it55&click_id=78882701166&source=402905731&cost=0.0141 Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 104.248.143.199 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software / Resource Hash `e867182fe5ddcea7ff1946dc2c3b3536e29800fcba3923743eba4fa6fed574a6` Request headers Referer https://btzebra.com/?utm_campaign=htrl77it55&click_id=78882701166&source=402905731&cost=0.0141 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers status 200 date Fri, 28 Feb 2020 11:07:14 GMT last-modified Thu, 27 Feb 2020 08:24:47 GMT accept-ranges bytes content-length 656 content-type image/png
GET H2	200	header-right.png btzebra.com/landers/23253/1575306288/assets/	11 KB 11 KB	16ms 15ms	Image image/png	104.248.143.199 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Show image Full URL https://btzebra.com/landers/23253/1575306288/assets/header-right.png Requested by Host: btzebra.com URL: https://btzebra.com/?utm_campaign=htrl77it55&click_id=78882701166&source=402905731&cost=0.0141 Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 104.248.143.199 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software / Resource Hash `ef6ee393aff7c71611325362eba18bcd5a68aeabaec1cce14e3fa431762fcfe3` Request headers Referer https://btzebra.com/?utm_campaign=htrl77it55&click_id=78882701166&source=402905731&cost=0.0141 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers status 200 date Fri, 28 Feb 2020 11:07:14 GMT last-modified Thu, 27 Feb 2020 08:24:47 GMT accept-ranges bytes content-length 11081 content-type image/png
GET H2	200	dagmar-woehrl-2.jpg btzebra.com/landers/23253/1575306288/assets/	71 KB 71 KB	16ms 15ms	Image image/jpeg	104.248.143.199 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Show image Full URL https://btzebra.com/landers/23253/1575306288/assets/dagmar-woehrl-2.jpg Requested by Host: btzebra.com URL: https://btzebra.com/?utm_campaign=htrl77it55&click_id=78882701166&source=402905731&cost=0.0141 Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 104.248.143.199 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software / Resource Hash `91b28fa5192e3f768bc2aafe73fc198bb3fbd89bc5498f6499dabb3a186eb0dd` Request headers Referer https://btzebra.com/?utm_campaign=htrl77it55&click_id=78882701166&source=402905731&cost=0.0141 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers status 200 date Fri, 28 Feb 2020 11:07:14 GMT last-modified Thu, 27 Feb 2020 08:24:47 GMT accept-ranges bytes content-length 72375 content-type image/jpeg
GET H2	200	lions2.jpg btzebra.com/landers/23253/1575306288/assets/	81 KB 81 KB	17ms 15ms	Image image/jpeg	104.248.143.199 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Show image Full URL https://btzebra.com/landers/23253/1575306288/assets/lions2.jpg Requested by Host: btzebra.com URL: https://btzebra.com/?utm_campaign=htrl77it55&click_id=78882701166&source=402905731&cost=0.0141 Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 104.248.143.199 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software / Resource Hash `e565953aec381fa6ceabf6eac50228115f507b1f245d3795f869945da64db4f6` Request headers Referer https://btzebra.com/?utm_campaign=htrl77it55&click_id=78882701166&source=402905731&cost=0.0141 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers status 200 date Fri, 28 Feb 2020 11:07:14 GMT last-modified Thu, 27 Feb 2020 08:24:47 GMT accept-ranges bytes content-length 83336 content-type image/jpeg
GET H2	200	1625827.jpg btzebra.com/landers/23253/1575306288/assets/	125 KB 125 KB	17ms 16ms	Image image/jpeg	104.248.143.199 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Show image Full URL https://btzebra.com/landers/23253/1575306288/assets/1625827.jpg Requested by Host: btzebra.com URL: https://btzebra.com/?utm_campaign=htrl77it55&click_id=78882701166&source=402905731&cost=0.0141 Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 104.248.143.199 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software / Resource Hash `b02bbb3c2421a9b6ed94aa01f3574e6a63c8c6860a2101ef5f0ab4e434db0852` Request headers Referer https://btzebra.com/?utm_campaign=htrl77it55&click_id=78882701166&source=402905731&cost=0.0141 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers status 200 date Fri, 28 Feb 2020 11:07:14 GMT last-modified Thu, 27 Feb 2020 08:24:48 GMT accept-ranges bytes content-length 127674 content-type image/jpeg
GET H2	200	ccccc.jpg btzebra.com/landers/23253/1575306288/assets/	138 KB 138 KB	17ms 16ms	Image image/jpeg	104.248.143.199 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Show image Full URL https://btzebra.com/landers/23253/1575306288/assets/ccccc.jpg Requested by Host: btzebra.com URL: https://btzebra.com/?utm_campaign=htrl77it55&click_id=78882701166&source=402905731&cost=0.0141 Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 104.248.143.199 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software / Resource Hash `4f51b53dba3c024c6ddb381aa17367a54be11c30b3a9411d9b0691aa3493882e` Request headers Referer https://btzebra.com/?utm_campaign=htrl77it55&click_id=78882701166&source=402905731&cost=0.0141 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers status 200 date Fri, 28 Feb 2020 11:07:14 GMT last-modified Thu, 27 Feb 2020 08:24:48 GMT accept-ranges bytes content-length 140925 content-type image/jpeg
GET H2	200	prof1.jpg btzebra.com/landers/23253/1575306288/assets/	2 KB 2 KB	17ms 16ms	Image image/jpeg	104.248.143.199 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Show image Full URL https://btzebra.com/landers/23253/1575306288/assets/prof1.jpg Requested by Host: btzebra.com URL: https://btzebra.com/?utm_campaign=htrl77it55&click_id=78882701166&source=402905731&cost=0.0141 Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 104.248.143.199 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software / Resource Hash `f6894acedc5915b51c9f1857f0da8ea062475edaff3b391b7cd7ffdf7115ad91` Request headers Referer https://btzebra.com/?utm_campaign=htrl77it55&click_id=78882701166&source=402905731&cost=0.0141 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers status 200 date Fri, 28 Feb 2020 11:07:14 GMT last-modified Thu, 27 Feb 2020 08:24:47 GMT accept-ranges bytes content-length 2197 content-type image/jpeg
GET H2	200	prof2.jpg btzebra.com/landers/23253/1575306288/assets/	3 KB 3 KB	30ms 29ms	Image image/jpeg	104.248.143.199 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Show image Full URL https://btzebra.com/landers/23253/1575306288/assets/prof2.jpg Requested by Host: btzebra.com URL: https://btzebra.com/?utm_campaign=htrl77it55&click_id=78882701166&source=402905731&cost=0.0141 Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 104.248.143.199 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software / Resource Hash `1707346b93ea4f91be70ba1d144c800813af2ef6d7bf2a9785665d2e9764b4c8` Request headers Referer https://btzebra.com/?utm_campaign=htrl77it55&click_id=78882701166&source=402905731&cost=0.0141 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers status 200 date Fri, 28 Feb 2020 11:07:14 GMT last-modified Thu, 27 Feb 2020 08:24:47 GMT accept-ranges bytes content-length 2833 content-type image/jpeg
GET H2	200	prof3.jpg btzebra.com/landers/23253/1575306288/assets/	2 KB 2 KB	33ms 32ms	Image image/jpeg	104.248.143.199 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Show image Full URL https://btzebra.com/landers/23253/1575306288/assets/prof3.jpg Requested by Host: btzebra.com URL: https://btzebra.com/?utm_campaign=htrl77it55&click_id=78882701166&source=402905731&cost=0.0141 Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 104.248.143.199 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software / Resource Hash `df99f7229bbfb0bdf5ed771fca5acc2fcbe96e41429bc2b2451f238c42d3f948` Request headers Referer https://btzebra.com/?utm_campaign=htrl77it55&click_id=78882701166&source=402905731&cost=0.0141 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers status 200 date Fri, 28 Feb 2020 11:07:14 GMT last-modified Thu, 27 Feb 2020 08:24:47 GMT accept-ranges bytes content-length 1977 content-type image/jpeg
GET H2	200	prof4.jpg btzebra.com/landers/23253/1575306288/assets/	2 KB 2 KB	30ms 30ms	Image image/jpeg	104.248.143.199 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Show image Full URL https://btzebra.com/landers/23253/1575306288/assets/prof4.jpg Requested by Host: btzebra.com URL: https://btzebra.com/?utm_campaign=htrl77it55&click_id=78882701166&source=402905731&cost=0.0141 Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 104.248.143.199 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software / Resource Hash `f5653349d4d9eade79c3484fc521672332ffba22afbf1022e80ecb56973814c4` Request headers Referer https://btzebra.com/?utm_campaign=htrl77it55&click_id=78882701166&source=402905731&cost=0.0141 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers status 200 date Fri, 28 Feb 2020 11:07:14 GMT last-modified Thu, 27 Feb 2020 08:24:47 GMT accept-ranges bytes content-length 2208 content-type image/jpeg
GET H2	200	prof5.jpg btzebra.com/landers/23253/1575306288/assets/	2 KB 2 KB	31ms 30ms	Image image/jpeg	104.248.143.199 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Show image Full URL https://btzebra.com/landers/23253/1575306288/assets/prof5.jpg Requested by Host: btzebra.com URL: https://btzebra.com/?utm_campaign=htrl77it55&click_id=78882701166&source=402905731&cost=0.0141 Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 104.248.143.199 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software / Resource Hash `5e4a39e9f9298e25b326bd92f08b9cca6b15f0d617677c8ef2a6a3c037a8a0a1` Request headers Referer https://btzebra.com/?utm_campaign=htrl77it55&click_id=78882701166&source=402905731&cost=0.0141 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers status 200 date Fri, 28 Feb 2020 11:07:14 GMT last-modified Thu, 27 Feb 2020 08:24:47 GMT accept-ranges bytes content-length 1597 content-type image/jpeg
GET H2	200	184dc9ab-6565-4fbf-a6a5-27cb70a870e3.jpg btzebra.com/landers/23253/1575306288/assets/	62 KB 62 KB	31ms 30ms	Image image/jpeg	104.248.143.199 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Show image Full URL https://btzebra.com/landers/23253/1575306288/assets/184dc9ab-6565-4fbf-a6a5-27cb70a870e3.jpg Requested by Host: btzebra.com URL: https://btzebra.com/?utm_campaign=htrl77it55&click_id=78882701166&source=402905731&cost=0.0141 Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 104.248.143.199 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software / Resource Hash `70d81524ff46cf40ab5b8dafa8597489819bed792aeffde58837e55b99013464` Request headers Referer https://btzebra.com/?utm_campaign=htrl77it55&click_id=78882701166&source=402905731&cost=0.0141 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers status 200 date Fri, 28 Feb 2020 11:07:14 GMT last-modified Thu, 27 Feb 2020 08:24:47 GMT accept-ranges bytes content-length 63131 content-type image/jpeg

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Lion's Den Scam (Online)

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			btzebra.com/	1970-01-19 16:27:04	Name: sess-bf6cda6249234b168fe086f3819402b4 Value: MTU4Mjg4ODAzNHxKRkpaaTFTWkxfZ2lXT2E5aDVKYXZZcHoycDRwVHJObjlKdGVkb2tONXlITnVuOVVUeVpfTzNRPXwqoLPxJSk2khu6YnNYKGQFnMvr9bjT2jBmMH0s87rllA==

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.quotes.com
btzebra.com
infopicked.com
kloshpro.com
p185689.infopicked.com
www.kloshpro.com
104.248.143.199
173.192.101.24
5.79.68.236
74.206.232.234
088e3689490c5eadc85eab695a939f2659495a7056cf2dce33bb1c16b4592223
1707346b93ea4f91be70ba1d144c800813af2ef6d7bf2a9785665d2e9764b4c8
2e330e84f6c6a27b1a44645dcdc03989b78af0979f0dc0726d989c12b85c1151
4f51b53dba3c024c6ddb381aa17367a54be11c30b3a9411d9b0691aa3493882e
5e4a39e9f9298e25b326bd92f08b9cca6b15f0d617677c8ef2a6a3c037a8a0a1
70d81524ff46cf40ab5b8dafa8597489819bed792aeffde58837e55b99013464
7636cdba38cb7563e0738aaf3db96700cc90fe56ed749f02f8fbe6d899a368db
91b28fa5192e3f768bc2aafe73fc198bb3fbd89bc5498f6499dabb3a186eb0dd
aaa862bb6acbb0df32a6bf2e3bc917a97a2f5100ae7b97cb518185fc3adceb9b
b02bbb3c2421a9b6ed94aa01f3574e6a63c8c6860a2101ef5f0ab4e434db0852
bfb475a648149d7721b371a0365d38cc83ae81fe7185839ad640529123a6fca5
db094d0b36264f435b02007a3db1a859589a034a98cbfbfdc849085a7aee564f
df99f7229bbfb0bdf5ed771fca5acc2fcbe96e41429bc2b2451f238c42d3f948
e565953aec381fa6ceabf6eac50228115f507b1f245d3795f869945da64db4f6
e867182fe5ddcea7ff1946dc2c3b3536e29800fcba3923743eba4fa6fed574a6
ef6ee393aff7c71611325362eba18bcd5a68aeabaec1cce14e3fa431762fcfe3
f5653349d4d9eade79c3484fc521672332ffba22afbf1022e80ecb56973814c4
f6894acedc5915b51c9f1857f0da8ea062475edaff3b391b7cd7ffdf7115ad91

btzebra.com Open in urlscan Pro 104.248.143.199 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

18 Requests

83 %HTTPS

0 %IPv6

4 Domains

6 Subdomains

3 IPs

3 Countries

577 kBTransfer

575 kBSize

1 Cookies

1 Outgoing links

Page URL History

Redirected requests

18 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

5 JavaScript Global Variables

1 Cookies

Indicators

btzebra.com Open in urlscan Pro
104.248.143.199 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

18
Requests

83 %
HTTPS

0 %
IPv6

4
Domains

6
Subdomains

3
IPs

3
Countries

577 kB
Transfer

575 kB
Size

1
Cookies

18 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!