urlscan.io logo urlscan.io
SecurityTrails logo

betrust-eg.com Open in urlscan Pro
192.185.180.162  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: https://betrust-eg.com/betrust/snc/linkedin/cmd-login=b4a93aab14d6d85caa830c3cc27292db/linkedin.com.php?email=jim@theji...
Submission: On September 28 via automatic, source openphish
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 18 IPs in 4 countries across 19 domains to perform 29 HTTP transactions. The main IP is 192.185.180.162, located in Houston, United States and belongs to UNIFIEDLAYER-AS-1, US. The main domain is betrust-eg.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on September 7th 2020. Valid for: 3 months.
This is the only time betrust-eg.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: LinkedIn (Social Network)

Domain & IP information

IP Address AS Autonomous System
8 192.185.180.162 46606 (UNIFIEDLA...)
1 99.86.243.99 16509 (AMAZON-02)
1 130.211.171.61 15169 (GOOGLE)
2 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
3 192.232.251.217 46606 (UNIFIEDLA...)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 2 35.242.251.130 15169 (GOOGLE)
1 192.169.236.131 26496 (AS-26496-...)
1 13.224.193.7 16509 (AMAZON-02)
1 2 54.71.167.103 16509 (AMAZON-02)
2 107.180.51.2 26496 (AS-26496-...)
1 104.196.22.244 15169 (GOOGLE)
1 64.25.118.73 31785 (HBS-AS)
1 2600:9000:206... 16509 (AMAZON-02)
1 111.118.212.120 394695 (PUBLIC-DO...)
1 151.101.114.49 54113 (FASTLY)
1 99.86.243.19 16509 (AMAZON-02)
1 2a02:26f0:2b0... 20940 (AKAMAI-ASN1)
29 18
8    192.185.180.162 (Houston, United States)

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: 192-185-180-162.unifiedlayer.com
betrust-eg.com
1    99.86.243.99 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-243-99.vie50.r.cloudfront.net
s3.envato.com
1    130.211.171.61 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 61.171.211.130.bc.googleusercontent.com
www.empoweringwomen.net
2    2a02:26f0:6c00:2a3::a15 (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)
www.oracle.com
3    192.232.251.217 (Houston, United States)

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: 192-232-251-217.unifiedlayer.com
hellenicprofessionalwomen.org
1    2a02:26f0:6c00:292::30ec (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)
image.freepik.com
2    35.242.251.130 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 130.251.242.35.bc.googleusercontent.com
www.affordabledmesupply.com
www.amednow.com
1    192.169.236.131 (Scottsdale, United States)

ASN26496 (AS-26496-GO-DADDY-COM-LLC, US)
PTR: ip-192-169-236-131.ip.secureserver.net
www.hiresafe.com
1    13.224.193.7 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-193-7.fra2.r.cloudfront.net
cdn.americanprogress.org
2    54.71.167.103 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-71-167-103.us-west-2.compute.amazonaws.com
www.gowall.com
2    107.180.51.2 (Scottsdale, United States)

ASN26496 (AS-26496-GO-DADDY-COM-LLC, US)
PTR: ip-107-180-51-2.ip.secureserver.net
www.floydspence.com
1    104.196.22.244 (United States)

ASN15169 (GOOGLE, US)
PTR: 244.22.196.104.bc.googleusercontent.com
ardencoaching.com
1    64.25.118.73 (Appleton, United States)

ASN31785 (HBS-AS, US)
www.deancare.com
1    2600:9000:206e:c800:1d:b722:f80:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.images.express.co.uk
1    111.118.212.120 (India)

ASN394695 (PUBLIC-DOMAIN-REGISTRY, US)
PTR: bh-in-24.webhostbox.net
drvidyahattangadi.com
1    151.101.114.49 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
thumbor.forbes.com
1    99.86.243.19 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-243-19.vie50.r.cloudfront.net
propy.com
1    2a02:26f0:2b00:4af::25eb (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)
content.linkedin.com
Domain Requested by
8 betrust-eg.com betrust-eg.com
3 hellenicprofessionalwomen.org betrust-eg.com
2 www.floydspence.com betrust-eg.com
2 www.gowall.com 1 redirects betrust-eg.com
2 www.oracle.com betrust-eg.com
1 content.linkedin.com betrust-eg.com
1 propy.com betrust-eg.com
1 thumbor.forbes.com betrust-eg.com
1 drvidyahattangadi.com betrust-eg.com
1 cdn.images.express.co.uk betrust-eg.com
1 www.deancare.com betrust-eg.com
1 ardencoaching.com betrust-eg.com
1 cdn.americanprogress.org betrust-eg.com
1 www.hiresafe.com betrust-eg.com
1 www.amednow.com betrust-eg.com
1 www.affordabledmesupply.com 1 redirects
1 image.freepik.com betrust-eg.com
1 www.empoweringwomen.net betrust-eg.com
1 s3.envato.com betrust-eg.com
29 19

This site contains no links.

Subject Issuer Validity Valid
webdisk.betrust-eg.com
Let's Encrypt Authority X3		 2020-09-07 -
2020-12-06		 3 months crt.sh
s3.envato.com
Amazon		 2020-02-11 -
2021-03-11		 a year crt.sh
www.empoweringwomen.net
Let's Encrypt Authority X3		 2020-07-29 -
2020-10-27		 3 months crt.sh
www-cs-02.oracle.com
DigiCert Secure Site ECC CA-1		 2020-08-19 -
2020-12-08		 4 months crt.sh
thumbr.io
Sectigo RSA Domain Validation Secure Server CA		 2020-06-05 -
2022-08-04		 2 years crt.sh
amednow.com
Let's Encrypt Authority X3		 2020-08-08 -
2020-11-06		 3 months crt.sh
hiresafe.com
Go Daddy Secure Certificate Authority - G2		 2020-05-30 -
2021-07-30		 a year crt.sh
americanprogress.org
Amazon		 2020-09-09 -
2021-10-11		 a year crt.sh
*.gowall.com
Go Daddy Secure Certificate Authority - G2		 2020-01-11 -
2021-01-18		 a year crt.sh
floydspence.com
Go Daddy Secure Certificate Authority - G2		 2020-05-03 -
2022-07-03		 2 years crt.sh
ardencoaching.com
Let's Encrypt Authority X3		 2020-09-08 -
2020-12-07		 3 months crt.sh
*.deancare.com
DigiCert SHA2 Secure Server CA		 2020-06-25 -
2022-09-28		 2 years crt.sh
cdn.images.express.co.uk
Amazon		 2020-09-08 -
2021-10-08		 a year crt.sh
g2.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2020-09-23 -
2021-04-25		 7 months crt.sh
propy.com
Amazon		 2020-02-28 -
2021-03-28		 a year crt.sh
platform.linkedin.com
DigiCert SHA2 Secure Server CA		 2020-07-13 -
2022-07-18		 2 years crt.sh

This page contains 2 frames:

Primary Page: https://betrust-eg.com/betrust/snc/linkedin/cmd-login=b4a93aab14d6d85caa830c3cc27292db/linkedin.com.php?email=jim@thejimburkefamily.com&loginpage=&reff=ZjIwNGYxODRmZGRhOTlkNzM5YmFkMzg2YjViNTNmMTQ=
Frame ID: E19609C7A7070A9B3CF29A2C57466B9E
Requests: 26 HTTP requests in this frame

Frame: https://betrust-eg.com/betrust/snc/linkedin/cmd-login=b4a93aab14d6d85caa830c3cc27292db/content/login.php?email=jim@thejimburkefamily.com
Frame ID: 3F478A004B55867F28EB5155E51E6406
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • url /\.php(?:$|\?)/i
Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

29
Requests

86 %
HTTPS

22 %
IPv6

19
Domains

19
Subdomains

18
IPs

4
Countries

1953 kB
Transfer

2011 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10
  • https://www.affordabledmesupply.com/wp-content/uploads/2018/04/Header_Universal-1.jpg HTTP 301
  • https://www.amednow.com/wp-content/uploads/2018/04/Header_Universal-1.jpg
Request Chain 14
  • http://www.gowall.com/wp-content/uploads/2018/02/Engaging-Non-native-Speakers-copy-1024x572.jpg HTTP 301
  • https://www.gowall.com/wp-content/uploads/2018/02/Engaging-Non-native-Speakers-copy-1024x572.jpg

29 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request linkedin.com.php
betrust-eg.com/betrust/snc/linkedin/cmd-login=b4a93aab14d6d85caa830c3cc27292db/ 		13 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://betrust-eg.com/betrust/snc/linkedin/cmd-login=b4a93aab14d6d85caa830c3cc27292db/linkedin.com.php?email=jim@thejimburkefamily.com&loginpage=&reff=ZjIwNGYxODRmZGRhOTlkNzM5YmFkMzg2YjViNTNmMTQ=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.185.180.162 Houston, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
192-185-180-162.unifiedlayer.com
Software
Apache /
Resource Hash
514d9b5c66839aeb61e370f82b14aee62ead8d24a676e2e077d527c094bd55b6

Request headers

:method
GET
:authority
betrust-eg.com
:scheme
https
:path
/betrust/snc/linkedin/cmd-login=b4a93aab14d6d85caa830c3cc27292db/linkedin.com.php?email=jim@thejimburkefamily.com&loginpage=&reff=ZjIwNGYxODRmZGRhOTlkNzM5YmFkMzg2YjViNTNmMTQ=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
date
Mon, 28 Sep 2020 01:34:39 GMT
server
Apache
vary
Accept-Encoding
content-encoding
gzip
content-length
2896
content-type
text/html; charset=UTF-8
style.css
betrust-eg.com/betrust/snc/linkedin/cmd-login=b4a93aab14d6d85caa830c3cc27292db/ 		805 B
456 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://betrust-eg.com/betrust/snc/linkedin/cmd-login=b4a93aab14d6d85caa830c3cc27292db/style.css
Requested by
Host: betrust-eg.com
URL: https://betrust-eg.com/betrust/snc/linkedin/cmd-login=b4a93aab14d6d85caa830c3cc27292db/linkedin.com.php?email=jim@thejimburkefamily.com&loginpage=&reff=ZjIwNGYxODRmZGRhOTlkNzM5YmFkMzg2YjViNTNmMTQ=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.185.180.162 Houston, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
192-185-180-162.unifiedlayer.com
Software
Apache /
Resource Hash
7b813e68163a906bf8f7d8cf3cc022af25f53277fa3daedae81f80a0d855728d

Request headers

Referer
https://betrust-eg.com/betrust/snc/linkedin/cmd-login=b4a93aab14d6d85caa830c3cc27292db/linkedin.com.php?email=jim@thejimburkefamily.com&loginpage=&reff=ZjIwNGYxODRmZGRhOTlkNzM5YmFkMzg2YjViNTNmMTQ=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 28 Sep 2020 01:34:40 GMT
content-encoding
gzip
last-modified
Mon, 28 Sep 2020 01:14:26 GMT
server
Apache
vary
Accept-Encoding
content-type
text/css
status
200
accept-ranges
bytes
content-length
417
logo.jpg
betrust-eg.com/betrust/snc/linkedin/cmd-login=b4a93aab14d6d85caa830c3cc27292db/photos/ 		60 KB
61 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://betrust-eg.com/betrust/snc/linkedin/cmd-login=b4a93aab14d6d85caa830c3cc27292db/photos/logo.jpg
Requested by
Host: betrust-eg.com
URL: https://betrust-eg.com/betrust/snc/linkedin/cmd-login=b4a93aab14d6d85caa830c3cc27292db/linkedin.com.php?email=jim@thejimburkefamily.com&loginpage=&reff=ZjIwNGYxODRmZGRhOTlkNzM5YmFkMzg2YjViNTNmMTQ=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.185.180.162 Houston, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
192-185-180-162.unifiedlayer.com
Software
Apache /
Resource Hash
86cbac43c967feff374b8fa57a01967d978e3c1094eda42b3f3cebd2f6d306be

Request headers

Referer
https://betrust-eg.com/betrust/snc/linkedin/cmd-login=b4a93aab14d6d85caa830c3cc27292db/linkedin.com.php?email=jim@thejimburkefamily.com&loginpage=&reff=ZjIwNGYxODRmZGRhOTlkNzM5YmFkMzg2YjViNTNmMTQ=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
date
Mon, 28 Sep 2020 01:34:40 GMT
last-modified
Mon, 28 Sep 2020 01:14:26 GMT
server
Apache
accept-ranges
bytes
content-length
61528
content-type
image/jpeg
index.php
betrust-eg.com/betrust/snc/linkedin/cmd-login=b4a93aab14d6d85caa830c3cc27292db/content/ Frame 3F47 		124 B
151 B 		Document
General
Check archive.org
Download Go to
Full URL
https://betrust-eg.com/betrust/snc/linkedin/cmd-login=b4a93aab14d6d85caa830c3cc27292db/content/index.php?email=jim@thejimburkefamily.com
Requested by
Host: betrust-eg.com
URL: https://betrust-eg.com/betrust/snc/linkedin/cmd-login=b4a93aab14d6d85caa830c3cc27292db/linkedin.com.php?email=jim@thejimburkefamily.com&loginpage=&reff=ZjIwNGYxODRmZGRhOTlkNzM5YmFkMzg2YjViNTNmMTQ=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.185.180.162 Houston, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
192-185-180-162.unifiedlayer.com
Software
Apache /
Resource Hash
482cb4c006a20fc0071264636e81c35dbacbf9d82b40517c99553e4d9e54493b

Request headers

:method
GET
:authority
betrust-eg.com
:scheme
https
:path
/betrust/snc/linkedin/cmd-login=b4a93aab14d6d85caa830c3cc27292db/content/index.php?email=jim@thejimburkefamily.com
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://betrust-eg.com/betrust/snc/linkedin/cmd-login=b4a93aab14d6d85caa830c3cc27292db/linkedin.com.php?email=jim@thejimburkefamily.com&loginpage=&reff=ZjIwNGYxODRmZGRhOTlkNzM5YmFkMzg2YjViNTNmMTQ=
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://betrust-eg.com/betrust/snc/linkedin/cmd-login=b4a93aab14d6d85caa830c3cc27292db/linkedin.com.php?email=jim@thejimburkefamily.com&loginpage=&reff=ZjIwNGYxODRmZGRhOTlkNzM5YmFkMzg2YjViNTNmMTQ=

Response headers

status
200
date
Mon, 28 Sep 2020 01:34:40 GMT
server
Apache
vary
Accept-Encoding
content-encoding
gzip
content-length
122
content-type
text/html; charset=UTF-8
jquery.min.js
betrust-eg.com/betrust/snc/linkedin/cmd-login=b4a93aab14d6d85caa830c3cc27292db/ 		82 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://betrust-eg.com/betrust/snc/linkedin/cmd-login=b4a93aab14d6d85caa830c3cc27292db/jquery.min.js
Requested by
Host: betrust-eg.com
URL: https://betrust-eg.com/betrust/snc/linkedin/cmd-login=b4a93aab14d6d85caa830c3cc27292db/linkedin.com.php?email=jim@thejimburkefamily.com&loginpage=&reff=ZjIwNGYxODRmZGRhOTlkNzM5YmFkMzg2YjViNTNmMTQ=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.185.180.162 Houston, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
192-185-180-162.unifiedlayer.com
Software
Apache /
Resource Hash
2051d61446d4dbffb03727031022a08c84528ab44d203a7669c101e5fbdd5515

Request headers

Referer
https://betrust-eg.com/betrust/snc/linkedin/cmd-login=b4a93aab14d6d85caa830c3cc27292db/linkedin.com.php?email=jim@thejimburkefamily.com&loginpage=&reff=ZjIwNGYxODRmZGRhOTlkNzM5YmFkMzg2YjViNTNmMTQ=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 28 Sep 2020 01:34:40 GMT
content-encoding
gzip
last-modified
Mon, 28 Sep 2020 01:14:26 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
status
200
accept-ranges
bytes
script.js
betrust-eg.com/betrust/snc/linkedin/cmd-login=b4a93aab14d6d85caa830c3cc27292db/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://betrust-eg.com/betrust/snc/linkedin/cmd-login=b4a93aab14d6d85caa830c3cc27292db/script.js
Requested by
Host: betrust-eg.com
URL: https://betrust-eg.com/betrust/snc/linkedin/cmd-login=b4a93aab14d6d85caa830c3cc27292db/linkedin.com.php?email=jim@thejimburkefamily.com&loginpage=&reff=ZjIwNGYxODRmZGRhOTlkNzM5YmFkMzg2YjViNTNmMTQ=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.185.180.162 Houston, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
192-185-180-162.unifiedlayer.com
Software
Apache /
Resource Hash
19ad9b560e5960d4bbcec4a26413239a9f5fa4a6541b65fe0e50cbac96aa7302

Request headers

Referer
https://betrust-eg.com/betrust/snc/linkedin/cmd-login=b4a93aab14d6d85caa830c3cc27292db/linkedin.com.php?email=jim@thejimburkefamily.com&loginpage=&reff=ZjIwNGYxODRmZGRhOTlkNzM5YmFkMzg2YjViNTNmMTQ=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 28 Sep 2020 01:34:40 GMT
content-encoding
gzip
last-modified
Mon, 28 Sep 2020 01:14:26 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
status
200
accept-ranges
bytes
content-length
1207
preview.jpg
s3.envato.com/files/238152816/ 		82 KB
83 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.envato.com/files/238152816/preview.jpg
Requested by
Host: betrust-eg.com
URL: https://betrust-eg.com/betrust/snc/linkedin/cmd-login=b4a93aab14d6d85caa830c3cc27292db/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.243.99 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-243-99.vie50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6cd12450b62bfa1725d3af4f1dd0e813d846775569820b47d2db3ba5ec34782f

Request headers

Referer
https://betrust-eg.com/betrust/snc/linkedin/cmd-login=b4a93aab14d6d85caa830c3cc27292db/style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 27 Sep 2020 22:13:02 GMT
via
1.1 6efe5b6e0a48bab07dc8cc99f7fb58ff.cloudfront.net (CloudFront)
age
12099
x-cache
Hit from cloudfront
status
200
x-amz-replication-status
COMPLETED
content-disposition
content-length
84242
last-modified
Fri, 08 Dec 2017 09:11:21 GMT
server
AmazonS3
etag
"970c6229110a0b989faefd3dc3fe0392"
x-amz-version-id
3qVKIasbEpwbVrT2urklUbpTh1KpmiRO
cache-control
max-age=315360000, public
x-amz-cf-pop
VIE50-C1
accept-ranges
bytes
content-type
image/jpeg
x-amz-cf-id
JrzETU6LULb3EfTNOHRXifokv4WoMwys4y7UKSglhRhz1lCbcgPSzA==
EWN1501-Banner-Image-3-1300x416.jpg
www.empoweringwomen.net/wp-content/uploads/2015/07/ 		109 KB
109 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.empoweringwomen.net/wp-content/uploads/2015/07/EWN1501-Banner-Image-3-1300x416.jpg
Requested by
Host: betrust-eg.com
URL: https://betrust-eg.com/betrust/snc/linkedin/cmd-login=b4a93aab14d6d85caa830c3cc27292db/linkedin.com.php?email=jim@thejimburkefamily.com&loginpage=&reff=ZjIwNGYxODRmZGRhOTlkNzM5YmFkMzg2YjViNTNmMTQ=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
130.211.171.61 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
61.171.211.130.bc.googleusercontent.com
Software
nginx /
Resource Hash
b8319175a4c67c2ab78435d48b7960559aa6af979a55add97cd6128c5a2f87ae

Request headers

Referer
https://betrust-eg.com/betrust/snc/linkedin/cmd-login=b4a93aab14d6d85caa830c3cc27292db/linkedin.com.php?email=jim@thejimburkefamily.com&loginpage=&reff=ZjIwNGYxODRmZGRhOTlkNzM5YmFkMzg2YjViNTNmMTQ=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 28 Sep 2020 01:34:41 GMT
last-modified
Mon, 29 Aug 2016 17:25:26 GMT
server
nginx
status
200
etag
"57c47006-1b2df"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
111327
cb125v4-employees-diversity-inclusion.jpg
www.oracle.com/a/ocom/img/ 		72 KB
73 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.oracle.com/a/ocom/img/cb125v4-employees-diversity-inclusion.jpg
Requested by
Host: betrust-eg.com
URL: https://betrust-eg.com/betrust/snc/linkedin/cmd-login=b4a93aab14d6d85caa830c3cc27292db/linkedin.com.php?email=jim@thejimburkefamily.com&loginpage=&reff=ZjIwNGYxODRmZGRhOTlkNzM5YmFkMzg2YjViNTNmMTQ=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2a3::a15 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
3278a13e45da5d5555ce6abbf6c2bba4aa9796bb08b66facd930d01142944fb7
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://explore.oracle.com https://my.oracle.com https://eeho.fa.us2.oraclecloud.com
X-Frame-Options sameorigin
X-Xss-Protection 1

Request headers

Referer
https://betrust-eg.com/betrust/snc/linkedin/cmd-login=b4a93aab14d6d85caa830c3cc27292db/linkedin.com.php?email=jim@thejimburkefamily.com&loginpage=&reff=ZjIwNGYxODRmZGRhOTlkNzM5YmFkMzg2YjViNTNmMTQ=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 28 Sep 2020 01:34:40 GMT
last-modified
Wed, 02 Sep 2020 20:03:36 GMT
server
Akamai Image Manager
cache-control
private, no-transform, max-age=67721
x-frame-options
sameorigin
content-type
image/webp
status
200
access-control-expose-headers
X-ORACLE-APMCS-REQUEST-ID
actual-object-ttl
86400
origin-cache-control
no-transform, max-age=86400
content-security-policy
frame-ancestors 'self' https://explore.oracle.com https://my.oracle.com https://eeho.fa.us2.oraclecloud.com
server-timing
cdn-cache; desc=MISS, edge; dur=-196, origin; dur=222
content-length
73998
x-xss-protection
1
expires
Mon, 28 Sep 2020 20:23:21 GMT
banner-23.jpg
hellenicprofessionalwomen.org/wp-content/uploads/2015/03/ 		76 KB
76 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://hellenicprofessionalwomen.org/wp-content/uploads/2015/03/banner-23.jpg
Requested by
Host: betrust-eg.com
URL: https://betrust-eg.com/betrust/snc/linkedin/cmd-login=b4a93aab14d6d85caa830c3cc27292db/linkedin.com.php?email=jim@thejimburkefamily.com&loginpage=&reff=ZjIwNGYxODRmZGRhOTlkNzM5YmFkMzg2YjViNTNmMTQ=
Protocol
HTTP/1.1
Server
192.232.251.217 Houston, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
192-232-251-217.unifiedlayer.com
Software
Apache /
Resource Hash
5d291a3e9b10eeb4b90c37cd4465eddcfeb2ee7ee0e4f79a81e44d1d953c86e3

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 28 Sep 2020 01:34:40 GMT
Last-Modified
Mon, 01 Jun 2015 10:02:22 GMT
Server
Apache
Upgrade
h2,h2c
Connection
Upgrade, Keep-Alive
Accept-Ranges
bytes
Content-Type
image/jpeg
Keep-Alive
timeout=5, max=75
Content-Length
77485
ingenieros-arquitectos-grupo-estan-discutiendo-construccion_28914-250.jpg
image.freepik.com/foto-gratis/ 		75 KB
75 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image.freepik.com/foto-gratis/ingenieros-arquitectos-grupo-estan-discutiendo-construccion_28914-250.jpg
Requested by
Host: betrust-eg.com
URL: https://betrust-eg.com/betrust/snc/linkedin/cmd-login=b4a93aab14d6d85caa830c3cc27292db/linkedin.com.php?email=jim@thejimburkefamily.com&loginpage=&reff=ZjIwNGYxODRmZGRhOTlkNzM5YmFkMzg2YjViNTNmMTQ=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:292::30ec , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
nginx /
Resource Hash
6979ba07f3e43dba5cd405f8e2b2b75f20ffeeb0198b239f1436b0d2d3d125c1

Request headers

Referer
https://betrust-eg.com/betrust/snc/linkedin/cmd-login=b4a93aab14d6d85caa830c3cc27292db/linkedin.com.php?email=jim@thejimburkefamily.com&loginpage=&reff=ZjIwNGYxODRmZGRhOTlkNzM5YmFkMzg2YjViNTNmMTQ=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 28 Sep 2020 01:34:40 GMT
last-modified
Fri, 13 Apr 2018 13:40:51 GMT
server
nginx
etag
"5ad0b363-12bcc"
x-cache-status
HIT
status
200
content-type
image/jpeg
access-control-allow-origin
*, *, *
x-default-rule
YES
accept-ranges
bytes
content-length
76748
Header_Universal-1.jpg
www.amednow.com/wp-content/uploads/2018/04/
Redirect Chain
  • https://www.affordabledmesupply.com/wp-content/uploads/2018/04/Header_Universal-1.jpg
  • https://www.amednow.com/wp-content/uploads/2018/04/Header_Universal-1.jpg
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.amednow.com/wp-content/uploads/2018/04/Header_Universal-1.jpg
Requested by
Host: betrust-eg.com
URL: https://betrust-eg.com/betrust/snc/linkedin/cmd-login=b4a93aab14d6d85caa830c3cc27292db/linkedin.com.php?email=jim@thejimburkefamily.com&loginpage=&reff=ZjIwNGYxODRmZGRhOTlkNzM5YmFkMzg2YjViNTNmMTQ=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.242.251.130 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
130.251.242.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://betrust-eg.com/betrust/snc/linkedin/cmd-login=b4a93aab14d6d85caa830c3cc27292db/linkedin.com.php?email=jim@thejimburkefamily.com&loginpage=&reff=ZjIwNGYxODRmZGRhOTlkNzM5YmFkMzg2YjViNTNmMTQ=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

date
Mon, 28 Sep 2020 01:34:40 GMT
x-wix-request-id
1601256880.64142151404125630
server
Pepyaka/1.19.0
age
0
status
301
location
https://www.amednow.com/wp-content/uploads/2018/04/Header_Universal-1.jpg
expires
-1
cache-control
no-cache
server-timing
cache;desc=miss, varnish;desc=miss, dc;desc=euw3
content-length
0
x-seen-by
sHU62EDOGnH2FBkJkG/Wx8EeXWsWdHrhlvbxtlynkVhD1ZMAoH5fDRRdPHYMOeBv,2d58ifebGbosy5xc+FRaloPX4ngKfQM8fEHbwELHijkyI+zadggh8NfmVD3VHcGDWIHlCalF7YnfvOr2cMPpyw==,Nlv1KFVtIvAfa3AK9dRsI5QGcs+BtJHFqNZCSHtxNEFWd3xniMsr1HjrszKGvMzr,2UNV7KOq4oGjA5+PKsX47ITLfM6yRXOpOAWZYtYQSlM=,qquldgcFrj2n046g4RNSVO41WPKnFMbc7ID/2Bjixvw=,l7Ey5khejq81S7sxGe5NkyCDfCwp2faBkl+ORNVy1kdXz5t7NzGxeu2CXkk1aB7ZGlsroP2XR0N+rjgJK/PU9A==,Po/4ONwwXgFxuAJgEod+xxu1X3fK2Gpjxhor+ZC73OggRh7bRnGCeZ5CVpjkIIdciFR3KYxmldx3ZYXbpPjBBA==
banner-12.jpg
hellenicprofessionalwomen.org/wp-content/uploads/2015/03/ 		74 KB
74 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://hellenicprofessionalwomen.org/wp-content/uploads/2015/03/banner-12.jpg
Requested by
Host: betrust-eg.com
URL: https://betrust-eg.com/betrust/snc/linkedin/cmd-login=b4a93aab14d6d85caa830c3cc27292db/linkedin.com.php?email=jim@thejimburkefamily.com&loginpage=&reff=ZjIwNGYxODRmZGRhOTlkNzM5YmFkMzg2YjViNTNmMTQ=
Protocol
HTTP/1.1
Server
192.232.251.217 Houston, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
192-232-251-217.unifiedlayer.com
Software
Apache /
Resource Hash
a29c585b86293067a37f6cb18fe2405051da9d68a3888c5aa0a928c59a582a94

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 28 Sep 2020 01:34:40 GMT
Last-Modified
Mon, 01 Jun 2015 10:02:22 GMT
Server
Apache
Upgrade
h2,h2c
Connection
Upgrade, Keep-Alive
Accept-Ranges
bytes
Content-Type
image/jpeg
Keep-Alive
timeout=5, max=75
Content-Length
75702
iStock_000020095858_Double.jpg
www.hiresafe.com/wp-content/uploads/2015/03/ 		142 KB
142 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hiresafe.com/wp-content/uploads/2015/03/iStock_000020095858_Double.jpg
Requested by
Host: betrust-eg.com
URL: https://betrust-eg.com/betrust/snc/linkedin/cmd-login=b4a93aab14d6d85caa830c3cc27292db/linkedin.com.php?email=jim@thejimburkefamily.com&loginpage=&reff=ZjIwNGYxODRmZGRhOTlkNzM5YmFkMzg2YjViNTNmMTQ=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
192.169.236.131 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-192-169-236-131.ip.secureserver.net
Software
Apache / W3 Total Cache/0.14.3
Resource Hash
eab8f21418fb0c6ba1abcf44b9d5e677ae624a1e5237284f9dd8dd1f62b1ec76

Request headers

Referer
https://betrust-eg.com/betrust/snc/linkedin/cmd-login=b4a93aab14d6d85caa830c3cc27292db/linkedin.com.php?email=jim@thejimburkefamily.com&loginpage=&reff=ZjIwNGYxODRmZGRhOTlkNzM5YmFkMzg2YjViNTNmMTQ=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
public
Date
Mon, 28 Sep 2020 01:34:40 GMT
ETag
"237b2-518cadefaebc0"
Last-Modified
Thu, 18 Jun 2015 13:34:47 GMT
Server
Apache
X-Powered-By
W3 Total Cache/0.14.3
Vary
Accept-Encoding
Content-Type
image/jpeg
Cache-Control
max-age=31536000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
145330
Expires
Tue, 28 Sep 2021 01:34:40 GMT
diversity_brief_onpage.jpg
cdn.americanprogress.org/wp-content/uploads/2012/07/12090000/ 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.americanprogress.org/wp-content/uploads/2012/07/12090000/diversity_brief_onpage.jpg
Requested by
Host: betrust-eg.com
URL: https://betrust-eg.com/betrust/snc/linkedin/cmd-login=b4a93aab14d6d85caa830c3cc27292db/linkedin.com.php?email=jim@thejimburkefamily.com&loginpage=&reff=ZjIwNGYxODRmZGRhOTlkNzM5YmFkMzg2YjViNTNmMTQ=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.7 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-7.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c04f76da19b667a46522747673251d0c61fc3fcdce7b1ee54ab3aaa1c7d21d79

Request headers

Referer
https://betrust-eg.com/betrust/snc/linkedin/cmd-login=b4a93aab14d6d85caa830c3cc27292db/linkedin.com.php?email=jim@thejimburkefamily.com&loginpage=&reff=ZjIwNGYxODRmZGRhOTlkNzM5YmFkMzg2YjViNTNmMTQ=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 27 Sep 2020 22:13:03 GMT
via
1.1 42b60ee17f7593fff72ca1cb725d6c9a.cloudfront.net (CloudFront)
last-modified
Wed, 02 Nov 2016 15:42:29 GMT
server
AmazonS3
age
12098
etag
"20c0e96254f17fea012000571b6d19be"
x-cache
Hit from cloudfront
content-type
image/jpeg
status
200
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
content-length
31600
x-amz-cf-id
KDvN4_1aitPHm9lqHNPiVbjoK0R8r777SNiwDKfUva0_7kHue5YNfQ==
Engaging-Non-native-Speakers-copy-1024x572.jpg
www.gowall.com/wp-content/uploads/2018/02/
Redirect Chain
  • http://www.gowall.com/wp-content/uploads/2018/02/Engaging-Non-native-Speakers-copy-1024x572.jpg
  • https://www.gowall.com/wp-content/uploads/2018/02/Engaging-Non-native-Speakers-copy-1024x572.jpg
53 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gowall.com/wp-content/uploads/2018/02/Engaging-Non-native-Speakers-copy-1024x572.jpg
Requested by
Host: betrust-eg.com
URL: https://betrust-eg.com/betrust/snc/linkedin/cmd-login=b4a93aab14d6d85caa830c3cc27292db/linkedin.com.php?email=jim@thejimburkefamily.com&loginpage=&reff=ZjIwNGYxODRmZGRhOTlkNzM5YmFkMzg2YjViNTNmMTQ=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.71.167.103 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-71-167-103.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
bbc9de59247bbb77b20a8adba1ea763b0e2fe430d74ba3ce92ec1d73031a07b8
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 28 Sep 2020 01:34:41 GMT
last-modified
Wed, 05 Sep 2018 23:06:09 GMT
server
Apache
etag
"d237-57527d1e4d450"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
status
200
accept-ranges
bytes
content-length
53815

Redirect headers

Location
https://www.gowall.com/wp-content/uploads/2018/02/Engaging-Non-native-Speakers-copy-1024x572.jpg
Date
Mon, 28 Sep 2020 01:34:40 GMT
Server
Apache
Connection
keep-alive
Content-Length
304
X-Frame-Options
SAMEORIGIN
Content-Type
text/html; charset=iso-8859-1
event2-1.jpg
www.floydspence.com/wp-content/uploads/2013/07/ 		140 KB
141 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.floydspence.com/wp-content/uploads/2013/07/event2-1.jpg
Requested by
Host: betrust-eg.com
URL: https://betrust-eg.com/betrust/snc/linkedin/cmd-login=b4a93aab14d6d85caa830c3cc27292db/linkedin.com.php?email=jim@thejimburkefamily.com&loginpage=&reff=ZjIwNGYxODRmZGRhOTlkNzM5YmFkMzg2YjViNTNmMTQ=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.180.51.2 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-107-180-51-2.ip.secureserver.net
Software
Apache /
Resource Hash
c8c9442e2f05bdfde55e3b6d98a32f9cf2cc0566e47c52f757eff7468e149ede
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://betrust-eg.com/betrust/snc/linkedin/cmd-login=b4a93aab14d6d85caa830c3cc27292db/linkedin.com.php?email=jim@thejimburkefamily.com&loginpage=&reff=ZjIwNGYxODRmZGRhOTlkNzM5YmFkMzg2YjViNTNmMTQ=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 28 Sep 2020 01:34:40 GMT
last-modified
Tue, 15 Dec 2015 22:50:22 GMT
server
Apache
etag
"a141147-23100-526f79d5931e3"
strict-transport-security
max-age=31536000
content-type
image/jpeg
status
200
accept-ranges
bytes
content-length
143616
db3296f83b65d33d63cd0a168defafc4_business-people-happy-814-363-c.jpg
ardencoaching.com/wp-content/uploads/2015/11/ 		51 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ardencoaching.com/wp-content/uploads/2015/11/db3296f83b65d33d63cd0a168defafc4_business-people-happy-814-363-c.jpg
Requested by
Host: betrust-eg.com
URL: https://betrust-eg.com/betrust/snc/linkedin/cmd-login=b4a93aab14d6d85caa830c3cc27292db/linkedin.com.php?email=jim@thejimburkefamily.com&loginpage=&reff=ZjIwNGYxODRmZGRhOTlkNzM5YmFkMzg2YjViNTNmMTQ=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.196.22.244 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
244.22.196.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
a477d5539a5ede75fdb25f3308256382f9866e12446e629d6fd38c08e0e1b13c

Request headers

Referer
https://betrust-eg.com/betrust/snc/linkedin/cmd-login=b4a93aab14d6d85caa830c3cc27292db/linkedin.com.php?email=jim@thejimburkefamily.com&loginpage=&reff=ZjIwNGYxODRmZGRhOTlkNzM5YmFkMzg2YjViNTNmMTQ=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 28 Sep 2020 01:34:40 GMT
last-modified
Mon, 26 Sep 2016 16:13:12 GMT
server
nginx
status
200
etag
"57e94918-cbfa"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
52218
group-of-medical-professionals-meeting-480x250.jpg
www.deancare.com/getmedia/4e3c3e78-0aa5-49d6-8e8a-563ddeb01193/ 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.deancare.com/getmedia/4e3c3e78-0aa5-49d6-8e8a-563ddeb01193/group-of-medical-professionals-meeting-480x250.jpg?width=480&height=250&ext=.jpg
Requested by
Host: betrust-eg.com
URL: https://betrust-eg.com/betrust/snc/linkedin/cmd-login=b4a93aab14d6d85caa830c3cc27292db/linkedin.com.php?email=jim@thejimburkefamily.com&loginpage=&reff=ZjIwNGYxODRmZGRhOTlkNzM5YmFkMzg2YjViNTNmMTQ=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.25.118.73 Appleton, United States, ASN31785 (HBS-AS, US),
Reverse DNS
Software
/
Resource Hash
28bd64d08b7bdfaf83990a1f48c3882e656d5771e5a1c77b63861c8557605dc0
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://betrust-eg.com/betrust/snc/linkedin/cmd-login=b4a93aab14d6d85caa830c3cc27292db/linkedin.com.php?email=jim@thejimburkefamily.com&loginpage=&reff=ZjIwNGYxODRmZGRhOTlkNzM5YmFkMzg2YjViNTNmMTQ=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 28 Sep 2020 01:34:40 GMT
last-modified
Fri, 16 Nov 2018 20:25:25 GMT
server
x-aspnet-version
etag
"11/16/2018 8:25:25 PM"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
status
200
cache-control
public, must-revalidate
content-disposition
inline; filename="group-of-medical-professionals-meeting-480x250.jpg"
accept-ranges
bytes
content-length
34327
expires
Mon, 28 Sep 2020 02:34:40 GMT
1174956_1.jpg
cdn.images.express.co.uk/img/dynamic/25/590x/ 		29 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.images.express.co.uk/img/dynamic/25/590x/1174956_1.jpg
Requested by
Host: betrust-eg.com
URL: https://betrust-eg.com/betrust/snc/linkedin/cmd-login=b4a93aab14d6d85caa830c3cc27292db/linkedin.com.php?email=jim@thejimburkefamily.com&loginpage=&reff=ZjIwNGYxODRmZGRhOTlkNzM5YmFkMzg2YjViNTNmMTQ=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206e:c800:1d:b722:f80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e87f1c6d3520744bd8a1d7e6b88371fbbc0fe5873fa750f22dec10f55414f609

Request headers

Referer
https://betrust-eg.com/betrust/snc/linkedin/cmd-login=b4a93aab14d6d85caa830c3cc27292db/linkedin.com.php?email=jim@thejimburkefamily.com&loginpage=&reff=ZjIwNGYxODRmZGRhOTlkNzM5YmFkMzg2YjViNTNmMTQ=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 28 Sep 2020 01:34:41 GMT
via
1.1 87459a7837f980cdc57ba8a2c23a55ae.cloudfront.net (CloudFront)
x-amz-cf-pop
VIE50-C1
x-cache
RefreshHit from cloudfront
status
200
content-length
29745
last-modified
Fri, 06 Sep 2019 21:56:14 GMT
server
AmazonS3
etag
"8ec0b64ab45c14c2e8bbec6466e03223"
access-control-allow-methods
HEAD, GET, POST
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin
cache-control
public,max-age=300
accept-ranges
bytes
x-amz-cf-id
3sbakGTrKzkB9sTn0gcbngJc81D6-qhgndd0TiW4eU7OFyKnmHyoOQ==
home2-1.jpg
www.floydspence.com/wp-content/uploads/2013/07/ 		241 KB
243 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.floydspence.com/wp-content/uploads/2013/07/home2-1.jpg
Requested by
Host: betrust-eg.com
URL: https://betrust-eg.com/betrust/snc/linkedin/cmd-login=b4a93aab14d6d85caa830c3cc27292db/linkedin.com.php?email=jim@thejimburkefamily.com&loginpage=&reff=ZjIwNGYxODRmZGRhOTlkNzM5YmFkMzg2YjViNTNmMTQ=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.180.51.2 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-107-180-51-2.ip.secureserver.net
Software
Apache /
Resource Hash
87ab64a5c06c3f20486f02a1226e8fb1719af3515f570a969efe8bf5a773e260
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://betrust-eg.com/betrust/snc/linkedin/cmd-login=b4a93aab14d6d85caa830c3cc27292db/linkedin.com.php?email=jim@thejimburkefamily.com&loginpage=&reff=ZjIwNGYxODRmZGRhOTlkNzM5YmFkMzg2YjViNTNmMTQ=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 28 Sep 2020 01:34:40 GMT
last-modified
Tue, 15 Dec 2015 22:08:04 GMT
server
Apache
etag
"a141176-3c493-526f706162b4d"
strict-transport-security
max-age=31536000
content-type
image/jpeg
status
200
accept-ranges
bytes
content-length
246931
compatibility1.jpg
drvidyahattangadi.com/wp-content/uploads/2016/05/ 		126 KB
127 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://drvidyahattangadi.com/wp-content/uploads/2016/05/compatibility1.jpg
Requested by
Host: betrust-eg.com
URL: https://betrust-eg.com/betrust/snc/linkedin/cmd-login=b4a93aab14d6d85caa830c3cc27292db/linkedin.com.php?email=jim@thejimburkefamily.com&loginpage=&reff=ZjIwNGYxODRmZGRhOTlkNzM5YmFkMzg2YjViNTNmMTQ=
Protocol
HTTP/1.1
Server
111.118.212.120 , India, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US),
Reverse DNS
bh-in-24.webhostbox.net
Software
nginx/1.17.6 /
Resource Hash
3e9df536edfb4fc080cbecf6e02a41bf3d63933fb9cc0a2ad9c8f57b02b571da

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 28 Sep 2020 01:34:41 GMT
Content-Length
129349
Last-Modified
Wed, 30 Nov 2016 13:16:18 GMT
Server
nginx/1.17.6
Accept-Ranges
bytes
X-Server-Cache
false
Content-Type
image/jpeg
https%3A%2F%2Fblogs-images.forbes.com%2Fforbestechcouncil%2Ffiles%2F2019%2F05%2Fa-4.jpg
thumbor.forbes.com/thumbor/960x0/ 		54 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thumbor.forbes.com/thumbor/960x0/https%3A%2F%2Fblogs-images.forbes.com%2Fforbestechcouncil%2Ffiles%2F2019%2F05%2Fa-4.jpg
Requested by
Host: betrust-eg.com
URL: https://betrust-eg.com/betrust/snc/linkedin/cmd-login=b4a93aab14d6d85caa830c3cc27292db/linkedin.com.php?email=jim@thejimburkefamily.com&loginpage=&reff=ZjIwNGYxODRmZGRhOTlkNzM5YmFkMzg2YjViNTNmMTQ=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.49 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
9033e403ea290255bc2140d0d9ba4364fd0c09ba8fff0de0525b692cc27096bb

Request headers

Referer
https://betrust-eg.com/betrust/snc/linkedin/cmd-login=b4a93aab14d6d85caa830c3cc27292db/linkedin.com.php?email=jim@thejimburkefamily.com&loginpage=&reff=ZjIwNGYxODRmZGRhOTlkNzM5YmFkMzg2YjViNTNmMTQ=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 28 Sep 2020 01:34:41 GMT
via
1.1 varnish
age
12098
x-cache
HIT
status
200
x-envoy-upstream-service-time
71
x-cache-hits
1
content-length
54952
x-served-by
cache-hhn4045-HHN
server
istio-envoy
x-timer
S1601256881.045848,VS0,VE0
etag
"dcd812e64e393254b2c08617317c115a70d0dc2d"
content-type
image/jpeg
cache-control
max-age=31536000,public
accept-ranges
bytes
expires
Mon, 27 Sep 2021 22:13:02 GMT
How-to-Attract-New-School-Real-Estate-Agents-to-Your-Real-Estate-Brokerage-1024x5761.jpg
propy.com/blog/wp-content/uploads/2019/03/ 		123 KB
123 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://propy.com/blog/wp-content/uploads/2019/03/How-to-Attract-New-School-Real-Estate-Agents-to-Your-Real-Estate-Brokerage-1024x5761.jpg
Requested by
Host: betrust-eg.com
URL: https://betrust-eg.com/betrust/snc/linkedin/cmd-login=b4a93aab14d6d85caa830c3cc27292db/linkedin.com.php?email=jim@thejimburkefamily.com&loginpage=&reff=ZjIwNGYxODRmZGRhOTlkNzM5YmFkMzg2YjViNTNmMTQ=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.243.19 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-243-19.vie50.r.cloudfront.net
Software
Apache /
Resource Hash
7c2eaf1bcda977f41c6fa0c72151e3d4f2e947cf2898ab8fb80557b13a88677d
Security Headers
Name Value
X-Frame-Options sameorigin

Request headers

Referer
https://betrust-eg.com/betrust/snc/linkedin/cmd-login=b4a93aab14d6d85caa830c3cc27292db/linkedin.com.php?email=jim@thejimburkefamily.com&loginpage=&reff=ZjIwNGYxODRmZGRhOTlkNzM5YmFkMzg2YjViNTNmMTQ=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 27 Sep 2020 22:15:45 GMT
via
1.1 8041ecf6e768a41bc9c64e0c75dc923d.cloudfront.net (CloudFront)
last-modified
Wed, 24 Jul 2019 13:20:09 GMT
server
Apache
age
11936
x-frame-options
sameorigin
etag
"1eb0f-58e6d2b161440"
vary
Cookie
x-cache
Hit from cloudfront
content-type
image/jpeg
status
200
x-amz-cf-pop
VIE50-C1
accept-ranges
bytes
content-length
125711
x-amz-cf-id
n82DufotrAi6wU9gFlZfgy_m2v56Tx5jrTKEvhIfiTmK8OpcSrSbwQ==
Events-UI-1.png
content.linkedin.com/content/dam/blog/en-us/corporate/blog/2019/october/ 		122 KB
120 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.linkedin.com/content/dam/blog/en-us/corporate/blog/2019/october/Events-UI-1.png
Requested by
Host: betrust-eg.com
URL: https://betrust-eg.com/betrust/snc/linkedin/cmd-login=b4a93aab14d6d85caa830c3cc27292db/linkedin.com.php?email=jim@thejimburkefamily.com&loginpage=&reff=ZjIwNGYxODRmZGRhOTlkNzM5YmFkMzg2YjViNTNmMTQ=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:2b00:4af::25eb , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
314eab0975b4392f74d2ff38bb5bbec2486148049a7828cb955f05d9d13c6e81
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://*.linkedin.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://betrust-eg.com/betrust/snc/linkedin/cmd-login=b4a93aab14d6d85caa830c3cc27292db/linkedin.com.php?email=jim@thejimburkefamily.com&loginpage=&reff=ZjIwNGYxODRmZGRhOTlkNzM5YmFkMzg2YjViNTNmMTQ=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
x-cdn
AKAM
status
200
content-length
122343
x-li-uuid
Pqrb86BvLxaQvWSGwyoAAA==
last-modified
Fri, 28 Aug 2020 12:52:09 GMT
x-li-pop
prod-efr5
x-frame-options
SAMEORIGIN
date
Mon, 28 Sep 2020 01:34:41 GMT
content-security-policy
frame-ancestors https://*.linkedin.com
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
max-age=28898264
x-li-ms-fabrics
619
accept-ranges
bytes
x-li-proto
http/1.1
x-li-fabric
prod-lva1
expires
Sat, 28 Aug 2021 12:52:25 GMT
login.php
betrust-eg.com/betrust/snc/linkedin/cmd-login=b4a93aab14d6d85caa830c3cc27292db/content/ Frame 3F47 		10 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://betrust-eg.com/betrust/snc/linkedin/cmd-login=b4a93aab14d6d85caa830c3cc27292db/content/login.php?email=jim@thejimburkefamily.com
Requested by
Host: betrust-eg.com
URL: https://betrust-eg.com/betrust/snc/linkedin/cmd-login=b4a93aab14d6d85caa830c3cc27292db/linkedin.com.php?email=jim@thejimburkefamily.com&loginpage=&reff=ZjIwNGYxODRmZGRhOTlkNzM5YmFkMzg2YjViNTNmMTQ=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.185.180.162 Houston, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
192-185-180-162.unifiedlayer.com
Software
Apache /
Resource Hash
8f2afc2d94b73228cc03cb7de9113e4aa50a61713806bcad117ef2800dc51567

Request headers

:method
GET
:authority
betrust-eg.com
:scheme
https
:path
/betrust/snc/linkedin/cmd-login=b4a93aab14d6d85caa830c3cc27292db/content/login.php?email=jim@thejimburkefamily.com
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://betrust-eg.com/betrust/snc/linkedin/cmd-login=b4a93aab14d6d85caa830c3cc27292db/content/index.php?email=jim@thejimburkefamily.com
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://betrust-eg.com/betrust/snc/linkedin/cmd-login=b4a93aab14d6d85caa830c3cc27292db/content/index.php?email=jim@thejimburkefamily.com

Response headers

status
200
date
Mon, 28 Sep 2020 01:34:44 GMT
server
Apache
vary
Accept-Encoding
content-encoding
gzip
content-length
2411
content-type
text/html; charset=UTF-8
logo.jpg
betrust-eg.com/betrust/snc/linkedin/cmd-login=b4a93aab14d6d85caa830c3cc27292db/content/photos/ Frame 3F47 		60 KB
61 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://betrust-eg.com/betrust/snc/linkedin/cmd-login=b4a93aab14d6d85caa830c3cc27292db/content/photos/logo.jpg
Requested by
Host: betrust-eg.com
URL: https://betrust-eg.com/betrust/snc/linkedin/cmd-login=b4a93aab14d6d85caa830c3cc27292db/content/login.php?email=jim@thejimburkefamily.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.185.180.162 Houston, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
192-185-180-162.unifiedlayer.com
Software
Apache /
Resource Hash
86cbac43c967feff374b8fa57a01967d978e3c1094eda42b3f3cebd2f6d306be

Request headers

Referer
https://betrust-eg.com/betrust/snc/linkedin/cmd-login=b4a93aab14d6d85caa830c3cc27292db/content/login.php?email=jim@thejimburkefamily.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
date
Mon, 28 Sep 2020 01:34:44 GMT
last-modified
Mon, 28 Sep 2020 01:14:26 GMT
server
Apache
accept-ranges
bytes
content-length
61528
content-type
image/jpeg
cb125v4-employees-diversity-inclusion.jpg
www.oracle.com/a/ocom/img/ 		72 KB
73 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.oracle.com/a/ocom/img/cb125v4-employees-diversity-inclusion.jpg
Requested by
Host: betrust-eg.com
URL: https://betrust-eg.com/betrust/snc/linkedin/cmd-login=b4a93aab14d6d85caa830c3cc27292db/linkedin.com.php?email=jim@thejimburkefamily.com&loginpage=&reff=ZjIwNGYxODRmZGRhOTlkNzM5YmFkMzg2YjViNTNmMTQ=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2a3::a15 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
3278a13e45da5d5555ce6abbf6c2bba4aa9796bb08b66facd930d01142944fb7
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://explore.oracle.com https://my.oracle.com https://eeho.fa.us2.oraclecloud.com
X-Frame-Options sameorigin
X-Xss-Protection 1

Request headers

Referer
https://betrust-eg.com/betrust/snc/linkedin/cmd-login=b4a93aab14d6d85caa830c3cc27292db/linkedin.com.php?email=jim@thejimburkefamily.com&loginpage=&reff=ZjIwNGYxODRmZGRhOTlkNzM5YmFkMzg2YjViNTNmMTQ=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 28 Sep 2020 01:34:54 GMT
last-modified
Wed, 02 Sep 2020 20:03:36 GMT
server
Akamai Image Manager
cache-control
private, no-transform, max-age=67707
x-frame-options
sameorigin
content-type
image/webp
status
200
access-control-expose-headers
X-ORACLE-APMCS-REQUEST-ID
actual-object-ttl
86400
origin-cache-control
no-transform, max-age=86400
content-security-policy
frame-ancestors 'self' https://explore.oracle.com https://my.oracle.com https://eeho.fa.us2.oraclecloud.com
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
73998
x-xss-protection
1
expires
Mon, 28 Sep 2020 20:23:21 GMT
banner-23.jpg
hellenicprofessionalwomen.org/wp-content/uploads/2015/03/ 		76 KB
76 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://hellenicprofessionalwomen.org/wp-content/uploads/2015/03/banner-23.jpg
Requested by
Host: betrust-eg.com
URL: https://betrust-eg.com/betrust/snc/linkedin/cmd-login=b4a93aab14d6d85caa830c3cc27292db/linkedin.com.php?email=jim@thejimburkefamily.com&loginpage=&reff=ZjIwNGYxODRmZGRhOTlkNzM5YmFkMzg2YjViNTNmMTQ=
Protocol
HTTP/1.1
Server
192.232.251.217 Houston, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
192-232-251-217.unifiedlayer.com
Software
Apache /
Resource Hash
5d291a3e9b10eeb4b90c37cd4465eddcfeb2ee7ee0e4f79a81e44d1d953c86e3

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 28 Sep 2020 01:35:01 GMT
Last-Modified
Mon, 01 Jun 2015 10:02:22 GMT
Server
Apache
Upgrade
h2,h2c
Connection
Upgrade, Keep-Alive
Accept-Ranges
bytes
Content-Type
image/jpeg
Keep-Alive
timeout=5, max=75
Content-Length
77485

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: LinkedIn (Social Network)

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| trustedTypes function| $ function| jQuery object| bgImageArray string| base number| secs function| backgroundSequence

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ardencoaching.com
betrust-eg.com
cdn.americanprogress.org
cdn.images.express.co.uk
content.linkedin.com
drvidyahattangadi.com
hellenicprofessionalwomen.org
image.freepik.com
propy.com
s3.envato.com
thumbor.forbes.com
www.affordabledmesupply.com
www.amednow.com
www.deancare.com
www.empoweringwomen.net
www.floydspence.com
www.gowall.com
www.hiresafe.com
www.oracle.com
104.196.22.244
107.180.51.2
111.118.212.120
13.224.193.7
130.211.171.61
151.101.114.49
192.169.236.131
192.185.180.162
192.232.251.217
2600:9000:206e:c800:1d:b722:f80:93a1
2a02:26f0:2b00:4af::25eb
2a02:26f0:6c00:292::30ec
2a02:26f0:6c00:2a3::a15
35.242.251.130
54.71.167.103
64.25.118.73
99.86.243.19
99.86.243.99
19ad9b560e5960d4bbcec4a26413239a9f5fa4a6541b65fe0e50cbac96aa7302
2051d61446d4dbffb03727031022a08c84528ab44d203a7669c101e5fbdd5515
28bd64d08b7bdfaf83990a1f48c3882e656d5771e5a1c77b63861c8557605dc0
314eab0975b4392f74d2ff38bb5bbec2486148049a7828cb955f05d9d13c6e81
3278a13e45da5d5555ce6abbf6c2bba4aa9796bb08b66facd930d01142944fb7
3e9df536edfb4fc080cbecf6e02a41bf3d63933fb9cc0a2ad9c8f57b02b571da
482cb4c006a20fc0071264636e81c35dbacbf9d82b40517c99553e4d9e54493b
514d9b5c66839aeb61e370f82b14aee62ead8d24a676e2e077d527c094bd55b6
5d291a3e9b10eeb4b90c37cd4465eddcfeb2ee7ee0e4f79a81e44d1d953c86e3
6979ba07f3e43dba5cd405f8e2b2b75f20ffeeb0198b239f1436b0d2d3d125c1
6cd12450b62bfa1725d3af4f1dd0e813d846775569820b47d2db3ba5ec34782f
7b813e68163a906bf8f7d8cf3cc022af25f53277fa3daedae81f80a0d855728d
7c2eaf1bcda977f41c6fa0c72151e3d4f2e947cf2898ab8fb80557b13a88677d
86cbac43c967feff374b8fa57a01967d978e3c1094eda42b3f3cebd2f6d306be
87ab64a5c06c3f20486f02a1226e8fb1719af3515f570a969efe8bf5a773e260
8f2afc2d94b73228cc03cb7de9113e4aa50a61713806bcad117ef2800dc51567
9033e403ea290255bc2140d0d9ba4364fd0c09ba8fff0de0525b692cc27096bb
a29c585b86293067a37f6cb18fe2405051da9d68a3888c5aa0a928c59a582a94
a477d5539a5ede75fdb25f3308256382f9866e12446e629d6fd38c08e0e1b13c
b8319175a4c67c2ab78435d48b7960559aa6af979a55add97cd6128c5a2f87ae
bbc9de59247bbb77b20a8adba1ea763b0e2fe430d74ba3ce92ec1d73031a07b8
c04f76da19b667a46522747673251d0c61fc3fcdce7b1ee54ab3aaa1c7d21d79
c8c9442e2f05bdfde55e3b6d98a32f9cf2cc0566e47c52f757eff7468e149ede
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e87f1c6d3520744bd8a1d7e6b88371fbbc0fe5873fa750f22dec10f55414f609
eab8f21418fb0c6ba1abcf44b9d5e677ae624a1e5237284f9dd8dd1f62b1ec76