www.localnewsreviews.com Open in urlscan Pro
2606:4700:30::681c:a29 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://url.jmdev.ca/85f72
Effective URL:
https://www.localnewsreviews.com/btc/DEwfhd.html
Submission: On March 26 via manual (March 26th 2019, 9:47:24 am UTC) from FR

Summary HTTP 39 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 7 IPs in 7 countries across 14 domains to perform 39 HTTP transactions. The main IP is 2606:4700:30::681c:a29, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is www.localnewsreviews.com.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on November 1st 2018. Valid for: a year.

This is the only time www.localnewsreviews.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Lion's Den Scam (Online)

Domain & IP information

	IP Address	AS Autonomous System
1 1	159.203.29.218 159.203.29.218	14061 (DIGITALOC...) (DIGITALOCEAN-ASN - DigitalOcean)
1 1	190.2.131.55 190.2.131.55	49981 (WORLDSTREAM) (WORLDSTREAM)
1	91.134.235.42 91.134.235.42	16276 (OVH) (OVH)
1	94.237.86.133 94.237.86.133	202053 (UPCLOUD) (UPCLOUD)
1 1	94.237.85.176 94.237.85.176	202053 (UPCLOUD) (UPCLOUD)
2	31.170.100.125 31.170.100.125	201942 (SOLTIA) (SOLTIA)
1 3	62.212.87.141 62.212.87.141	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1 1	34.193.160.81 34.193.160.81	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
1 1	3.94.40.153 3.94.40.153	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
1 1	34.234.169.82 34.234.169.82	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
1 1	52.55.204.157 52.55.204.157	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
1 2	95.211.229.247 95.211.229.247	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
26	2606:4700:30:... 2606:4700:30::681c:a29	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
39	7

1 159.203.29.218 (Toronto, Canada) 1 redirects

ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US)
PTR: jmdev.ca

url.jmdev.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 190.2.131.55 (Willemstad, Curacao) 1 redirects

ASN49981 (WORLDSTREAM, NL)
PTR: cancomed.co.uk

cancomed.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.134.235.42 (France)

ASN16276 (OVH, FR)
PTR: ip42.ip-91-134-235.eu

armillagdns.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 94.237.86.133 (Finland)

ASN202053 (UPCLOUD, FI)
PTR: 94-237-86-133.de-fra1.upcloud.host

sau.simpleberg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 94.237.85.176 (Finland) 1 redirects

ASN202053 (UPCLOUD, FI)
PTR: 94-237-85-176.de-fra1.upcloud.host

sl.zbengi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 31.170.100.125 (None, )

ASN201942 (SOLTIA, ES)

mobi.mativers.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 62.212.87.141 (Netherlands) 1 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

misctraff.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.193.160.81 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-34-193-160-81.compute-1.amazonaws.com

typrg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.94.40.153 (Fairfield, United States) 1 redirects

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-3-94-40-153.compute-1.amazonaws.com

enjrg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.234.169.82 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-34-234-169-82.compute-1.amazonaws.com

svkrg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.55.204.157 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-55-204-157.compute-1.amazonaws.com

kg.peak-serving.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 95.211.229.247 (Netherlands) 1 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

rtb.exoclick.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 2606:4700:30::681c:a29 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

www.localnewsreviews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
26	localnewsreviews.com www.localnewsreviews.com	1 MB
3	misctraff.com 1 redirects misctraff.com	10 KB
2	exoclick.com 1 redirects rtb.exoclick.com	3 KB
2	mativers.com mobi.mativers.com	1 KB
1	peak-serving.com 1 redirects kg.peak-serving.com	912 B
1	svkrg.com 1 redirects svkrg.com	304 B
1	enjrg.com 1 redirects enjrg.com	455 B
1	typrg.com 1 redirects typrg.com	343 B
1	zbengi.com 1 redirects sl.zbengi.com	397 B
1	simpleberg.com sau.simpleberg.com	781 B
1	armillagdns.com armillagdns.com	480 B
1	cancomed.co.uk 1 redirects cancomed.co.uk	374 B
1	jmdev.ca 1 redirects url.jmdev.ca	1 KB
0	bestnews24.net Failed bestnews24.net Failed
39	14

	Domain	Requested by
26	www.localnewsreviews.com	rtb.exoclick.com www.localnewsreviews.com
3	misctraff.com	1 redirects mobi.mativers.com misctraff.com
2	rtb.exoclick.com	1 redirects misctraff.com
2	mobi.mativers.com	mobi.mativers.com
1	kg.peak-serving.com	1 redirects
1	svkrg.com	1 redirects
1	enjrg.com	1 redirects
1	typrg.com	1 redirects
1	sl.zbengi.com	1 redirects
1	sau.simpleberg.com	armillagdns.com
1	armillagdns.com
1	cancomed.co.uk	1 redirects
1	url.jmdev.ca	1 redirects
0	bestnews24.net Failed	www.localnewsreviews.com
39	14

This site contains links to these domains. Also see Links.

Domain
cachemoneytrk.com

Subject Issuer	Validity	Valid
armillagdns.com Sectigo RSA Domain Validation Secure Server CA	`2019-01-22` - `2020-01-22`	a year	crt.sh
sau.simpleberg.com Let's Encrypt Authority X3	`2019-03-05` - `2019-06-03`	3 months	crt.sh
ads.conscier.com Let's Encrypt Authority X3	`2019-03-13` - `2019-06-11`	3 months	crt.sh
trk.billysrv.com Let's Encrypt Authority X3	`2019-03-25` - `2019-06-23`	3 months	crt.sh
*.exoclick.com Go Daddy Secure Certificate Authority - G2	`2018-08-03` - `2019-10-02`	a year	crt.sh
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2018-11-01` - `2019-11-01`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://www.localnewsreviews.com/btc/DEwfhd.html
Frame ID: 8C26164051A9AC1DB3BC6DBA6ADC3544
Requests: 39 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://url.jmdev.ca/85f72 HTTP 302
http://cancomed.co.uk/r2822.php?1d=1o125c87d0f477281_0q8c.oJ3CM.A01fxrfk6fb0000111_kl944.fk6fbd3d3... HTTP 302
https://armillagdns.com/176138e7cb0e5f56000/oukkas_122ygje/_kl%7Cwwwwx%7Cfk6fb%7Co125c87d0f477281_0q... Page URL
https://sau.simpleberg.com/158rg203/019a/1aa0/20b1/3fa0/409a/4359338591274150/ww/?aff_sub=834948133&sub... Page URL
https://sl.zbengi.com/158rg203/019a/1aa0/20b1/3fa0/409a/4359338591274150/ww/?aff_sub=834948133&sub... HTTP 302
https://mobi.mativers.com/f6612a1d516725be822f3424f22fe64f/e3513143202a282b3c89436ac2877991/76321433-b... Page URL
https://misctraff.com/l/4502857aa004e86d2a?sub=M2019032609-ccbb80b838f8cc9f5a5c6b4b24d49c52&source... Page URL
https://misctraff.com/l/4502857aa004e86d2a?sub=M2019032609-ccbb80b838f8cc9f5a5c6b4b24d49c52&source... HTTP 302
https://misctraff.com/gw?sub=M2019032609-ccbb80b838f8cc9f5a5c6b4b24d49c52&source=4359338591274150&... Page URL
https://typrg.com/dep.php?pid=7642&subid=15465_4359338591274150&cid=bmconv_20190326104710_c415... HTTP 302
https://enjrg.com/dep.php?pid=7642&subid=15465_4359338591274150&cid=bmconv_20190326104710_c415... HTTP 302
https://svkrg.com/qj.php?rd=kg.peak-serving.com&ct=6&id=15535936311971880075987428&tid=7642&t=... HTTP 302
https://kg.peak-serving.com/?&version=1&id=15535936311971880075987428&tid=7642&ct=6&t=imp&ftype=qj&filte... HTTP 302
https://rtb.exoclick.com/cimp.php?data=TVRVMU16VTVNell6TVh4bFl6Vm1aalUxWmpZM01UYzVaV1kxT1RZMlptTTJNVF... Page URL
https://rtb.exoclick.com/cimp.php?data=TVRVMU16VTVNell6TVh4bFl6Vm1aalUxWmpZM01UYzVaV1kxT1RZMlptTTJNVF... HTTP 302
https://www.localnewsreviews.com/btc/DEwfhd.html Page URL

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+font-awesome(?:\.min)?\.css/i

Twitter Bootstrap () Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]+bootstrap(?:\.min)?\.css/i

Page Statistics

39
Requests

82 %
HTTPS

8 %
IPv6

14
Domains

14
Subdomains

7
IPs

7
Countries

1222 kB
Transfer

1408 kB
Size

0
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://cachemoneytrk.com/?a=685&c=11218&s1=ZBTCTOP4
Title: Nachrichten

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://url.jmdev.ca/85f72 HTTP 302
http://cancomed.co.uk/r2822.php?1d=1o125c87d0f477281_0q8c.oJ3CM.A01fxrfk6fb0000111_kl944.fk6fbd3d3d3gxYjZobjI40q5Nfe HTTP 302
https://armillagdns.com/176138e7cb0e5f56000/oukkas_122ygje/_kl%7Cwwwwx%7Cfk6fb%7Co125c87d0f477281_0q8c%7C1b6hn28%7C0%7C01fxrfk6fb%7CA Page URL
https://sau.simpleberg.com/158rg203/019a/1aa0/20b1/3fa0/409a/4359338591274150/ww/?aff_sub=834948133&sub_id1=690049&sub_id2=oukkas_122ygje Page URL
https://sl.zbengi.com/158rg203/019a/1aa0/20b1/3fa0/409a/4359338591274150/ww/?aff_sub=834948133&sub_id1=690049&sub_id2=oukkas_122ygje HTTP 302
https://mobi.mativers.com/f6612a1d516725be822f3424f22fe64f/e3513143202a282b3c89436ac2877991/76321433-bea8b666-51362b0b-76be-cfb5/?Subid=4359338591274150&externalid=5c99f51d-7f3bf6c9-58c0-1dc71549095b-2afb-b98e1acd908a Page URL
https://misctraff.com/l/4502857aa004e86d2a?sub=M2019032609-ccbb80b838f8cc9f5a5c6b4b24d49c52&source=4359338591274150 Page URL
https://misctraff.com/l/4502857aa004e86d2a?sub=M2019032609-ccbb80b838f8cc9f5a5c6b4b24d49c52&source=4359338591274150&code2=Y3RtATE1NTM1OTM2MzAxODIAc3JjAWlvAHZlcgExOQBwbHQBTGludXggeDg2XzY0AHRjaAEAaXcBMTYwMABpaAExMjAwAGF3ATE2MDAAYWgBMTIwMAB0egEwAGJ1aWQBAGNrZQExAG9ybnQBAHZuZAFHb29nbGUgSW5jLgBoc2ZjAXRydWUAZnJtAWZhbHNlAHVhAU1vemlsbGEvNS4wIChNYWNpbnRvc2g7IEludGVsIE1hYyBPUyBYIDEwXzEzXzUpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS82Ny4wLjMzOTYuODcgU2FmYXJpLzUzNy4zNgBhNDMBMDAwMDAwAGE0NAEwMABzZgEwMDAwAGZmATExMABjaGQBMABmbHYBZmFsc2UAY2htATExMQBsbmcBMTAwMABzdHJnATEwMTExMTAAb3NjcHUBAHByZHN1YgEyMDAzMDEwNwBldmxuATMzAHJlZgEAcmJjYwExMDI1MTE1MwBjbnRwAQB3bm0BAHdnbHYBMABjZGcBMDExMTExMTEwMDAxMTAwMDExMTExMTExMTExMTExMTEwMTExMTExMTExMTEwMTExMTExMTExMTExMTExMDEwMQB3dXQBAGtsbmcBZW4tVVMAcnR0ATAAbGFvAQBobHMBMA__ HTTP 302
https://misctraff.com/gw?sub=M2019032609-ccbb80b838f8cc9f5a5c6b4b24d49c52&source=4359338591274150&url=https%3A%2F%2Ftyprg.com%2Fdep.php%3Fpid%3D7642%26subid%3D15465_4359338591274150%26cid%3Dbmconv_20190326104710_c4158f3b_37ad_4fbd_8c27_5689b4ef2130%26ref%3DM2019032609-ccbb80b838f8cc9f5a5c6b4b24d49c52&vId=bmconv_20190326104710_c4158f3b_37ad_4fbd_8c27_5689b4ef2130&hash=4502857aa004e86d2a&ete=true Page URL
https://typrg.com/dep.php?pid=7642&subid=15465_4359338591274150&cid=bmconv_20190326104710_c4158f3b_37ad_4fbd_8c27_5689b4ef2130&ref=M2019032609-ccbb80b838f8cc9f5a5c6b4b24d49c52 HTTP 302
https://enjrg.com/dep.php?pid=7642&subid=15465_4359338591274150&cid=bmconv_20190326104710_c4158f3b_37ad_4fbd_8c27_5689b4ef2130&ref=M2019032609-ccbb80b838f8cc9f5a5c6b4b24d49c52 HTTP 302
https://svkrg.com/qj.php?rd=kg.peak-serving.com&ct=6&id=15535936311971880075987428&tid=7642&t=imp&end=1 HTTP 302
https://kg.peak-serving.com/?&version=1&id=15535936311971880075987428&tid=7642&ct=6&t=imp&ftype=qj&filter=1&trs=15535936319601009&end=1 HTTP 302
https://rtb.exoclick.com/cimp.php?data=TVRVMU16VTVNell6TVh4bFl6Vm1aalUxWmpZM01UYzVaV1kxT1RZMlptTTJNVFJpWXpVNU1XWm1OZz09fGh0dHBzOi8vd3d3LmxvY2FsbmV3c3Jldmlld3MuY29tL2J0Yy9ERXdmaGQuaHRtbHxodHRwc3wxODUuMTQyLjI2LjIwNXxERVV8NTJ8YWRleGNoYW5nZS03NDkwMjAuY29tfDE0NDcxOXw1MzAzNDB8NzQ5MDIwfDMxMjIwNTB8NTEzfDI4OTYzMzB8MjgwMjY0MjZ8MTZ8MnwwfDB8MzQxMjUwMjl8NzY0MnwxNi42OTI1NzV8ODB8VVNEfFVTRHwxfDF8MjJ8fDF8REVVfDE4NS4xNDIuMjYuMjA1fDYwfDR8MXx8MDgzNDllYjc4MmRlNWI3ZmQ0MjdkMjg4MGE0NDY3OTJ8MzNhYzgxMWFhOWJkMTY5MDcxZjEyY2E4MTk2ZWQzY2R8MXwwfDA0OTkucGVha2FkeC5jb218MHwwfDB8MC4wMXwxfDB8ZXhjaGFuZ2VfbGlua3xiZjQ4NmYzYWJhNGM0MzI2MzJiZGVkMGY5OWE3YmQ0MnwwfDB8MHwyOTA1MzMwfDB8MHwyOTI1NTMzfGhvc3Rpbmd8dnBufDF8MTQ0MHx8MHwwfDB8T0t8ZGM4Y2IyZWMxODI2M2VmNWE4OGMyMzFlZmE2YjVlZGI= Page URL
https://rtb.exoclick.com/cimp.php?data=TVRVMU16VTVNell6TVh4bFl6Vm1aalUxWmpZM01UYzVaV1kxT1RZMlptTTJNVFJpWXpVNU1XWm1OZz09fGh0dHBzOi8vd3d3LmxvY2FsbmV3c3Jldmlld3MuY29tL2J0Yy9ERXdmaGQuaHRtbHxodHRwc3wxODUuMTQyLjI2LjIwNXxERVV8NTJ8YWRleGNoYW5nZS03NDkwMjAuY29tfDE0NDcxOXw1MzAzNDB8NzQ5MDIwfDMxMjIwNTB8NTEzfDI4OTYzMzB8MjgwMjY0MjZ8MTZ8MnwwfDB8MzQxMjUwMjl8NzY0MnwxNi42OTI1NzV8ODB8VVNEfFVTRHwxfDF8MjJ8fDF8REVVfDE4NS4xNDIuMjYuMjA1fDYwfDR8MXx8MDgzNDllYjc4MmRlNWI3ZmQ0MjdkMjg4MGE0NDY3OTJ8MzNhYzgxMWFhOWJkMTY5MDcxZjEyY2E4MTk2ZWQzY2R8MXwwfDA0OTkucGVha2FkeC5jb218MHwwfDB8MC4wMXwxfDB8ZXhjaGFuZ2VfbGlua3xiZjQ4NmYzYWJhNGM0MzI2MzJiZGVkMGY5OWE3YmQ0MnwwfDB8MHwyOTA1MzMwfDB8MHwyOTI1NTMzfGhvc3Rpbmd8dnBufDF8MTQ0MHx8MHwwfDB8T0t8ZGM4Y2IyZWMxODI2M2VmNWE4OGMyMzFlZmE2YjVlZGI%3D&p=https%3A%2F%2Fmisctraff.com%2Fl%2F4502857aa004e86d2a%3Fsub%3DM2019032609-ccbb80b838f8cc9f5a5c6b4b24d49c52%26source%3D4359338591274150%26url%3Dhttps%253A%252F%252Ftyprg.com%252Fdep.php%253Fpid%253D7642%2526subid%253D15465_4359338591274150%2526cid%253Dbmconv_20190326104710_c4158f3b_37ad_4fbd_8c27_5689b4ef2130%2526ref%253DM2019032609-ccbb80b838f8cc9f5a5c6b4b24d49c52%26vId%3Dbmconv_20190326104710_c4158f3b_37ad_4fbd_8c27_5689b4ef2130%26hash%3D4502857aa004e86d2a%26ete%3Dtrue&tested=1&check=29dd64a6b1d02d044353a3d580ce40bb&screen_resolution=1600x1200&container_resolution=1600x1200&iframe=0 HTTP 302
https://www.localnewsreviews.com/btc/DEwfhd.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://url.jmdev.ca/85f72 HTTP 302
http://cancomed.co.uk/r2822.php?1d=1o125c87d0f477281_0q8c.oJ3CM.A01fxrfk6fb0000111_kl944.fk6fbd3d3d3gxYjZobjI40q5Nfe HTTP 302
https://armillagdns.com/176138e7cb0e5f56000/oukkas_122ygje/_kl%7Cwwwwx%7Cfk6fb%7Co125c87d0f477281_0q8c%7C1b6hn28%7C0%7C01fxrfk6fb%7CA

Request Chain 2

https://sl.zbengi.com/158rg203/019a/1aa0/20b1/3fa0/409a/4359338591274150/ww/?aff_sub=834948133&sub_id1=690049&sub_id2=oukkas_122ygje HTTP 302
https://mobi.mativers.com/f6612a1d516725be822f3424f22fe64f/e3513143202a282b3c89436ac2877991/76321433-bea8b666-51362b0b-76be-cfb5/?Subid=4359338591274150&externalid=5c99f51d-7f3bf6c9-58c0-1dc71549095b-2afb-b98e1acd908a

Request Chain 5

https://misctraff.com/l/4502857aa004e86d2a?sub=M2019032609-ccbb80b838f8cc9f5a5c6b4b24d49c52&source=4359338591274150&code2=Y3RtATE1NTM1OTM2MzAxODIAc3JjAWlvAHZlcgExOQBwbHQBTGludXggeDg2XzY0AHRjaAEAaXcBMTYwMABpaAExMjAwAGF3ATE2MDAAYWgBMTIwMAB0egEwAGJ1aWQBAGNrZQExAG9ybnQBAHZuZAFHb29nbGUgSW5jLgBoc2ZjAXRydWUAZnJtAWZhbHNlAHVhAU1vemlsbGEvNS4wIChNYWNpbnRvc2g7IEludGVsIE1hYyBPUyBYIDEwXzEzXzUpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS82Ny4wLjMzOTYuODcgU2FmYXJpLzUzNy4zNgBhNDMBMDAwMDAwAGE0NAEwMABzZgEwMDAwAGZmATExMABjaGQBMABmbHYBZmFsc2UAY2htATExMQBsbmcBMTAwMABzdHJnATEwMTExMTAAb3NjcHUBAHByZHN1YgEyMDAzMDEwNwBldmxuATMzAHJlZgEAcmJjYwExMDI1MTE1MwBjbnRwAQB3bm0BAHdnbHYBMABjZGcBMDExMTExMTEwMDAxMTAwMDExMTExMTExMTExMTExMTEwMTExMTExMTExMTEwMTExMTExMTExMTExMTExMDEwMQB3dXQBAGtsbmcBZW4tVVMAcnR0ATAAbGFvAQBobHMBMA__ HTTP 302
https://misctraff.com/gw?sub=M2019032609-ccbb80b838f8cc9f5a5c6b4b24d49c52&source=4359338591274150&url=https%3A%2F%2Ftyprg.com%2Fdep.php%3Fpid%3D7642%26subid%3D15465_4359338591274150%26cid%3Dbmconv_20190326104710_c4158f3b_37ad_4fbd_8c27_5689b4ef2130%26ref%3DM2019032609-ccbb80b838f8cc9f5a5c6b4b24d49c52&vId=bmconv_20190326104710_c4158f3b_37ad_4fbd_8c27_5689b4ef2130&hash=4502857aa004e86d2a&ete=true

Request Chain 6

https://typrg.com/dep.php?pid=7642&subid=15465_4359338591274150&cid=bmconv_20190326104710_c4158f3b_37ad_4fbd_8c27_5689b4ef2130&ref=M2019032609-ccbb80b838f8cc9f5a5c6b4b24d49c52 HTTP 302
https://enjrg.com/dep.php?pid=7642&subid=15465_4359338591274150&cid=bmconv_20190326104710_c4158f3b_37ad_4fbd_8c27_5689b4ef2130&ref=M2019032609-ccbb80b838f8cc9f5a5c6b4b24d49c52 HTTP 302
https://svkrg.com/qj.php?rd=kg.peak-serving.com&ct=6&id=15535936311971880075987428&tid=7642&t=imp&end=1 HTTP 302
https://kg.peak-serving.com/?&version=1&id=15535936311971880075987428&tid=7642&ct=6&t=imp&ftype=qj&filter=1&trs=15535936319601009&end=1 HTTP 302
https://rtb.exoclick.com/cimp.php?data=TVRVMU16VTVNell6TVh4bFl6Vm1aalUxWmpZM01UYzVaV1kxT1RZMlptTTJNVFJpWXpVNU1XWm1OZz09fGh0dHBzOi8vd3d3LmxvY2FsbmV3c3Jldmlld3MuY29tL2J0Yy9ERXdmaGQuaHRtbHxodHRwc3wxODUuMTQyLjI2LjIwNXxERVV8NTJ8YWRleGNoYW5nZS03NDkwMjAuY29tfDE0NDcxOXw1MzAzNDB8NzQ5MDIwfDMxMjIwNTB8NTEzfDI4OTYzMzB8MjgwMjY0MjZ8MTZ8MnwwfDB8MzQxMjUwMjl8NzY0MnwxNi42OTI1NzV8ODB8VVNEfFVTRHwxfDF8MjJ8fDF8REVVfDE4NS4xNDIuMjYuMjA1fDYwfDR8MXx8MDgzNDllYjc4MmRlNWI3ZmQ0MjdkMjg4MGE0NDY3OTJ8MzNhYzgxMWFhOWJkMTY5MDcxZjEyY2E4MTk2ZWQzY2R8MXwwfDA0OTkucGVha2FkeC5jb218MHwwfDB8MC4wMXwxfDB8ZXhjaGFuZ2VfbGlua3xiZjQ4NmYzYWJhNGM0MzI2MzJiZGVkMGY5OWE3YmQ0MnwwfDB8MHwyOTA1MzMwfDB8MHwyOTI1NTMzfGhvc3Rpbmd8dnBufDF8MTQ0MHx8MHwwfDB8T0t8ZGM4Y2IyZWMxODI2M2VmNWE4OGMyMzFlZmE2YjVlZGI=

39 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Cookie set _kl%7Cwwwwx%7Cfk6fb%7Co125c87d0f477281_0q8c%7C1b6hn28%7C0%7C01fxrfk6fb%7CA Show response armillagdns.com/176138e7cb0e5f56000/oukkas_122ygje/ Redirect Chain https://url.jmdev.ca/85f72 http://cancomed.co.uk/r2822.php?1d=1o125c87d0f477281_0q8c.oJ3CM.A01fxrfk6fb0000111_kl944.fk6fbd3d3d3gxYjZobjI40q5Nfe https://armillagdns.com/176138e7cb0e5f56000/oukkas_122ygje/_kl%7Cwwwwx%7Cfk6fb%7Co125c87d0f477281_0q8c%7C1b6hn28%7C0%7C01fxrfk6fb%7CA	200 B 480 B	924ms 284ms	Document text/html	91.134.235.42 OVH
General Check archive.org Show headers Download Go to Full URL https://armillagdns.com/176138e7cb0e5f56000/oukkas_122ygje/_kl%7Cwwwwx%7Cfk6fb%7Co125c87d0f477281_0q8c%7C1b6hn28%7C0%7C01fxrfk6fb%7CA Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 91.134.235.42 , France, ASN16276 (OVH, FR), Reverse DNS ip42.ip-91-134-235.eu Software Apache / Resource Hash `313e429a50c2935b26e09b33bf945fd10fe4786144978353c0c587a641468fad` Request headers Host armillagdns.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8 Accept-Encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Tue, 26 Mar 2019 09:47:08 GMT Server Apache Set-Cookie uid15295=834948133-20190326054708-f1654cc7cbcb73ac51360fb6543ecb2e-; expires=Thu, 25-Apr-2019 09:47:08 GMT; path=/ Content-Length 200 Connection close Content-Type text/html; charset=UTF-8 Redirect headers Date Tue, 26 Mar 2019 09:47:03 GMT Server X-Frame-Options SAMEORIGIN Location https://armillagdns.com/176138e7cb0e5f56000/oukkas_122ygje/_kl\|wwwwx\|fk6fb\|o125c87d0f477281_0q8c\|1b6hn28\|0\|01fxrfk6fb\|A X-XSS-Protection 1; mode=block X-Content-Type-Options nosniff Content-Length 0 Connection close Content-Type text/html; charset=UTF-8
GET H/1.1	200 OK	/ Show response sau.simpleberg.com/158rg203/019a/1aa0/20b1/3fa0/409a/4359338591274150/ww/	549 B 781 B	58ms 7ms	Document text/html	94.237.86.133 UPCLOUD
General Check archive.org Show headers Download Go to Full URL https://sau.simpleberg.com/158rg203/019a/1aa0/20b1/3fa0/409a/4359338591274150/ww/?aff_sub=834948133&sub_id1=690049&sub_id2=oukkas_122ygje Requested by Host: armillagdns.com URL: https://armillagdns.com/176138e7cb0e5f56000/oukkas_122ygje/_kl%7Cwwwwx%7Cfk6fb%7Co125c87d0f477281_0q8c%7C1b6hn28%7C0%7C01fxrfk6fb%7CA Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 94.237.86.133 , Finland, ASN202053 (UPCLOUD, FI), Reverse DNS 94-237-86-133.de-fra1.upcloud.host Software nginx/1.15.9 / Resource Hash `76c0c14ad057afcc497f96ff5e0d25661cab1ae78b04a23051ddaf58bd6d6b05` Request headers Host sau.simpleberg.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8 Referer https://armillagdns.com/176138e7cb0e5f56000/oukkas_122ygje/_kl%7Cwwwwx%7Cfk6fb%7Co125c87d0f477281_0q8c%7C1b6hn28%7C0%7C01fxrfk6fb%7CA Accept-Encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Referer https://armillagdns.com/176138e7cb0e5f56000/oukkas_122ygje/_kl%7Cwwwwx%7Cfk6fb%7Co125c87d0f477281_0q8c%7C1b6hn28%7C0%7C01fxrfk6fb%7CA Response headers Server nginx/1.15.9 Date Tue, 26 Mar 2019 09:47:09 GMT Content-Type text/html; charset=UTF-8 Transfer-Encoding chunked Connection close X-Robots-Tag noindex, nofollow, nosnippet, noarchive
GET H2	200	/ Show response mobi.mativers.com/f6612a1d516725be822f3424f22fe64f/e3513143202a282b3c89436ac2877991/76321433-bea8b666-51362b0b-76be-cfb5/ Redirect Chain https://sl.zbengi.com/158rg203/019a/1aa0/20b1/3fa0/409a/4359338591274150/ww/?aff_sub=834948133&sub_id1=690049&sub_id2=oukkas_122ygje https://mobi.mativers.com/f6612a1d516725be822f3424f22fe64f/e3513143202a282b3c89436ac2877991/76321433-bea8b666-51362b0b-76be-cfb5/?Subid=4359338591274150&externalid=5c99f51d-7f3bf6c9-58c0-1dc7154909...	946 B 720 B	409ms 142ms	Document text/html	31.170.100.125 SOLTIA
General Check archive.org Show headers Download Go to Full URL https://mobi.mativers.com/f6612a1d516725be822f3424f22fe64f/e3513143202a282b3c89436ac2877991/76321433-bea8b666-51362b0b-76be-cfb5/?Subid=4359338591274150&externalid=5c99f51d-7f3bf6c9-58c0-1dc71549095b-2afb-b98e1acd908a Protocol H2 Security TLS 1.3, , AES_256_GCM Server 31.170.100.125 -, , ASN201942 (SOLTIA, ES), Reverse DNS Software nginx / Resource Hash `82427378371044f8b121fddd89a635c855a6534407bd6fcfd039264f85dd9b67` Request headers :method GET :authority mobi.mativers.com :scheme https :path /f6612a1d516725be822f3424f22fe64f/e3513143202a282b3c89436ac2877991/76321433-bea8b666-51362b0b-76be-cfb5/?Subid=4359338591274150&externalid=5c99f51d-7f3bf6c9-58c0-1dc71549095b-2afb-b98e1acd908a pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8 referer https://sau.simpleberg.com/158rg203/019a/1aa0/20b1/3fa0/409a/4359338591274150/ww/?aff_sub=834948133&sub_id1=690049&sub_id2=oukkas_122ygje accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Referer https://sau.simpleberg.com/158rg203/019a/1aa0/20b1/3fa0/409a/4359338591274150/ww/?aff_sub=834948133&sub_id1=690049&sub_id2=oukkas_122ygje Response headers status 200 server nginx date Tue, 26 Mar 2019 09:47:09 GMT content-type text/html; charset=UTF-8 content-length 451 access-control-allow-origin * access-control-allow-headers Content-Type referrer-policy no-referrer cache-control no-cache, private content-encoding gzip x-device desktop accept-ranges bytes age 0 tp-cache MISS vary Accept-Encoding Redirect headers Server nginx/1.14.2 Date Tue, 26 Mar 2019 09:47:09 GMT Content-Type text/html; charset=UTF-8 Transfer-Encoding chunked Connection close Location https://mobi.mativers.com/f6612a1d516725be822f3424f22fe64f/e3513143202a282b3c89436ac2877991/76321433-bea8b666-51362b0b-76be-cfb5/?Subid=4359338591274150&externalid=5c99f51d-7f3bf6c9-58c0-1dc71549095b-2afb-b98e1acd908a
GET H/1.1	200 OK	offer.png mobi.mativers.com/	95 B 429 B	202ms 32ms	Image image/png	31.170.100.125 SOLTIA
General Check archive.org Show headers Download Go to Show image Full URL http://mobi.mativers.com/offer.png Requested by Host: mobi.mativers.com URL: https://mobi.mativers.com/f6612a1d516725be822f3424f22fe64f/e3513143202a282b3c89436ac2877991/76321433-bea8b666-51362b0b-76be-cfb5/?Subid=4359338591274150&externalid=5c99f51d-7f3bf6c9-58c0-1dc71549095b-2afb-b98e1acd908a Protocol HTTP/1.1 Server 31.170.100.125 -, , ASN201942 (SOLTIA, ES), Reverse DNS Software / Resource Hash `3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517` Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Tue, 26 Mar 2019 09:47:09 GMT TP-Cache HIT Last-Modified Mon, 18 Mar 2019 17:46:39 GMT Age 638733 ETag "5c8fd97f-5f" Content-Type image/png Cache-Control max-age=315360000 X-Device mobile Connection keep-alive Accept-Ranges bytes Content-Length 95 Expires Thu, 31 Dec 2037 23:55:55 GMT
GET H/1.1	200 OK	4502857aa004e86d2a Show response misctraff.com/l/	18 KB 8 KB	88ms 16ms	Document text/html	62.212.87.141 LEASEWEB-NL-AMS-0...
General Check archive.org Show headers Download Go to Full URL https://misctraff.com/l/4502857aa004e86d2a?sub=M2019032609-ccbb80b838f8cc9f5a5c6b4b24d49c52&source=4359338591274150 Requested by Host: mobi.mativers.com URL: https://mobi.mativers.com/f6612a1d516725be822f3424f22fe64f/e3513143202a282b3c89436ac2877991/76321433-bea8b666-51362b0b-76be-cfb5/?Subid=4359338591274150&externalid=5c99f51d-7f3bf6c9-58c0-1dc71549095b-2afb-b98e1acd908a Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 62.212.87.141 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL), Reverse DNS Software nginx / Resource Hash `b7806578c7b5de3f40d8e4696a84c3b0b4e686e0b7dea2e935af3df63404e523` Request headers Host misctraff.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8 Accept-Encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Server nginx Date Tue, 26 Mar 2019 09:47:10 GMT Content-Type text/html Last-Modified Tue, 23 Oct 2018 13:25:19 GMT Transfer-Encoding chunked ETag W/"5bcf213f-4688" Expires Thu, 31 Dec 2037 23:55:55 GMT Cache-Control max-age=315360000 Content-Encoding gzip
GET H/1.1	200 OK	gw Show response misctraff.com/ Redirect Chain https://misctraff.com/l/4502857aa004e86d2a?sub=M2019032609-ccbb80b838f8cc9f5a5c6b4b24d49c52&source=4359338591274150&code2=Y3RtATE1NTM1OTM2MzAxODIAc3JjAWlvAHZlcgExOQBwbHQBTGludXggeDg2XzY0AHRjaAEAaXc... https://misctraff.com/gw?sub=M2019032609-ccbb80b838f8cc9f5a5c6b4b24d49c52&source=4359338591274150&url=https%3A%2F%2Ftyprg.com%2Fdep.php%3Fpid%3D7642%26subid%3D15465_4359338591274150%26cid%3Dbmconv_...	1 KB 1 KB	14ms 13ms	Document text/html	62.212.87.141 LEASEWEB-NL-AMS-0...
General Check archive.org Show headers Download Go to Full URL https://misctraff.com/gw?sub=M2019032609-ccbb80b838f8cc9f5a5c6b4b24d49c52&source=4359338591274150&url=https%3A%2F%2Ftyprg.com%2Fdep.php%3Fpid%3D7642%26subid%3D15465_4359338591274150%26cid%3Dbmconv_20190326104710_c4158f3b_37ad_4fbd_8c27_5689b4ef2130%26ref%3DM2019032609-ccbb80b838f8cc9f5a5c6b4b24d49c52&vId=bmconv_20190326104710_c4158f3b_37ad_4fbd_8c27_5689b4ef2130&hash=4502857aa004e86d2a&ete=true Requested by Host: misctraff.com URL: https://misctraff.com/l/4502857aa004e86d2a?sub=M2019032609-ccbb80b838f8cc9f5a5c6b4b24d49c52&source=4359338591274150 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 62.212.87.141 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL), Reverse DNS Software nginx / Resource Hash `e13ed77dfeaa6337766a94370d26a84f27097e38ef8aeb897f3cdcb5a39e2b4b` Request headers Host misctraff.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8 Referer https://misctraff.com/l/4502857aa004e86d2a?sub=M2019032609-ccbb80b838f8cc9f5a5c6b4b24d49c52&source=4359338591274150 Accept-Encoding gzip, deflate, br Cookie BSESSID=trk1a682951-7c0b-4e9d-981e-e4de54d25827 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Referer https://misctraff.com/l/4502857aa004e86d2a?sub=M2019032609-ccbb80b838f8cc9f5a5c6b4b24d49c52&source=4359338591274150 Response headers Server nginx Date Tue, 26 Mar 2019 09:47:10 GMT Content-Type text/html Last-Modified Thu, 25 Oct 2018 14:31:56 GMT Transfer-Encoding chunked ETag W/"5bd1d3dc-589" Expires Thu, 31 Dec 2037 23:55:55 GMT Cache-Control max-age=315360000 Content-Encoding gzip Redirect headers Server nginx Date Tue, 26 Mar 2019 09:47:10 GMT Transfer-Encoding chunked Location //misctraff.com/gw?sub=M2019032609-ccbb80b838f8cc9f5a5c6b4b24d49c52&source=4359338591274150&url=https%3A%2F%2Ftyprg.com%2Fdep.php%3Fpid%3D7642%26subid%3D15465_4359338591274150%26cid%3Dbmconv_20190326104710_c4158f3b_37ad_4fbd_8c27_5689b4ef2130%26ref%3DM2019032609-ccbb80b838f8cc9f5a5c6b4b24d49c52&vId=bmconv_20190326104710_c4158f3b_37ad_4fbd_8c27_5689b4ef2130&hash=4502857aa004e86d2a&ete=true Cache-Control private, max-age=0, no-cache, no-store, must-revalidate Pragma no-cache Set-Cookie BSESSID=trk1a682951-7c0b-4e9d-981e-e4de54d25827; Max-Age=63072000; Expires=Thu, 25 Mar 2021 09:47:10 GMT; Path=/
GET H/1.1	200 OK	Cookie set cimp.php Show response rtb.exoclick.com/ Redirect Chain https://typrg.com/dep.php?pid=7642&subid=15465_4359338591274150&cid=bmconv_20190326104710_c4158f3b_37ad_4fbd_8c27_5689b4ef2130&ref=M2019032609-ccbb80b838f8cc9f5a5c6b4b24d49c52 https://enjrg.com/dep.php?pid=7642&subid=15465_4359338591274150&cid=bmconv_20190326104710_c4158f3b_37ad_4fbd_8c27_5689b4ef2130&ref=M2019032609-ccbb80b838f8cc9f5a5c6b4b24d49c52 https://svkrg.com/qj.php?rd=kg.peak-serving.com&ct=6&id=15535936311971880075987428&tid=7642&t=imp&end=1 https://kg.peak-serving.com/?&version=1&id=15535936311971880075987428&tid=7642&ct=6&t=imp&ftype=qj&filter=1&trs=15535936319601009&end=1 https://rtb.exoclick.com/cimp.php?data=TVRVMU16VTVNell6TVh4bFl6Vm1aalUxWmpZM01UYzVaV1kxT1RZMlptTTJNVFJpWXpVNU1XWm1OZz09fGh0dHBzOi8vd3d3LmxvY2FsbmV3c3Jldmlld3MuY29tL2J0Yy9ERXdmaGQuaHRtbHxodHRwc3wxOD...	5 KB 2 KB	65ms 14ms	Document text/html	95.211.229.247 LEASEWEB-NL-AMS-0...
General Check archive.org Show headers Download Go to Full URL https://rtb.exoclick.com/cimp.php?data=TVRVMU16VTVNell6TVh4bFl6Vm1aalUxWmpZM01UYzVaV1kxT1RZMlptTTJNVFJpWXpVNU1XWm1OZz09fGh0dHBzOi8vd3d3LmxvY2FsbmV3c3Jldmlld3MuY29tL2J0Yy9ERXdmaGQuaHRtbHxodHRwc3wxODUuMTQyLjI2LjIwNXxERVV8NTJ8YWRleGNoYW5nZS03NDkwMjAuY29tfDE0NDcxOXw1MzAzNDB8NzQ5MDIwfDMxMjIwNTB8NTEzfDI4OTYzMzB8MjgwMjY0MjZ8MTZ8MnwwfDB8MzQxMjUwMjl8NzY0MnwxNi42OTI1NzV8ODB8VVNEfFVTRHwxfDF8MjJ8fDF8REVVfDE4NS4xNDIuMjYuMjA1fDYwfDR8MXx8MDgzNDllYjc4MmRlNWI3ZmQ0MjdkMjg4MGE0NDY3OTJ8MzNhYzgxMWFhOWJkMTY5MDcxZjEyY2E4MTk2ZWQzY2R8MXwwfDA0OTkucGVha2FkeC5jb218MHwwfDB8MC4wMXwxfDB8ZXhjaGFuZ2VfbGlua3xiZjQ4NmYzYWJhNGM0MzI2MzJiZGVkMGY5OWE3YmQ0MnwwfDB8MHwyOTA1MzMwfDB8MHwyOTI1NTMzfGhvc3Rpbmd8dnBufDF8MTQ0MHx8MHwwfDB8T0t8ZGM4Y2IyZWMxODI2M2VmNWE4OGMyMzFlZmE2YjVlZGI= Requested by Host: misctraff.com URL: https://misctraff.com/l/4502857aa004e86d2a?sub=M2019032609-ccbb80b838f8cc9f5a5c6b4b24d49c52&source=4359338591274150&url=https%3A%2F%2Ftyprg.com%2Fdep.php%3Fpid%3D7642%26subid%3D15465_4359338591274150%26cid%3Dbmconv_20190326104710_c4158f3b_37ad_4fbd_8c27_5689b4ef2130%26ref%3DM2019032609-ccbb80b838f8cc9f5a5c6b4b24d49c52&vId=bmconv_20190326104710_c4158f3b_37ad_4fbd_8c27_5689b4ef2130&hash=4502857aa004e86d2a&ete=true Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 95.211.229.247 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL), Reverse DNS Software nginx / Resource Hash `d386af6e61753f7fd5d9c2a1623f265763dc23ca02d4cbf048eaa9e74420d63d` Request headers Host rtb.exoclick.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8 Referer https://misctraff.com/l/4502857aa004e86d2a?sub=M2019032609-ccbb80b838f8cc9f5a5c6b4b24d49c52&source=4359338591274150&url=https%3A%2F%2Ftyprg.com%2Fdep.php%3Fpid%3D7642%26subid%3D15465_4359338591274150%26cid%3Dbmconv_20190326104710_c4158f3b_37ad_4fbd_8c27_5689b4ef2130%26ref%3DM2019032609-ccbb80b838f8cc9f5a5c6b4b24d49c52&vId=bmconv_20190326104710_c4158f3b_37ad_4fbd_8c27_5689b4ef2130&hash=4502857aa004e86d2a&ete=true Accept-Encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Referer https://misctraff.com/l/4502857aa004e86d2a?sub=M2019032609-ccbb80b838f8cc9f5a5c6b4b24d49c52&source=4359338591274150&url=https%3A%2F%2Ftyprg.com%2Fdep.php%3Fpid%3D7642%26subid%3D15465_4359338591274150%26cid%3Dbmconv_20190326104710_c4158f3b_37ad_4fbd_8c27_5689b4ef2130%26ref%3DM2019032609-ccbb80b838f8cc9f5a5c6b4b24d49c52&vId=bmconv_20190326104710_c4158f3b_37ad_4fbd_8c27_5689b4ef2130&hash=4502857aa004e86d2a&ete=true Response headers Server nginx Date Tue, 26 Mar 2019 09:47:12 GMT Content-Type text/html; charset=UTF-8 Transfer-Encoding chunked Connection keep-alive Set-Cookie __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%225c99f52059b9e8.982048821933993913%22%3B%7D; expires=Thu, 25-Mar-2021 09:47:12 GMT; Max-Age=63072000; domain=exoclick.com Content-Encoding gzip Redirect headers Content-Type text/html; charset=UTF-8 Date Tue, 26 Mar 2019 09:47:12 GMT Location https://rtb.exoclick.com/cimp.php?data=TVRVMU16VTVNell6TVh4bFl6Vm1aalUxWmpZM01UYzVaV1kxT1RZMlptTTJNVFJpWXpVNU1XWm1OZz09fGh0dHBzOi8vd3d3LmxvY2FsbmV3c3Jldmlld3MuY29tL2J0Yy9ERXdmaGQuaHRtbHxodHRwc3wxODUuMTQyLjI2LjIwNXxERVV8NTJ8YWRleGNoYW5nZS03NDkwMjAuY29tfDE0NDcxOXw1MzAzNDB8NzQ5MDIwfDMxMjIwNTB8NTEzfDI4OTYzMzB8MjgwMjY0MjZ8MTZ8MnwwfDB8MzQxMjUwMjl8NzY0MnwxNi42OTI1NzV8ODB8VVNEfFVTRHwxfDF8MjJ8fDF8REVVfDE4NS4xNDIuMjYuMjA1fDYwfDR8MXx8MDgzNDllYjc4MmRlNWI3ZmQ0MjdkMjg4MGE0NDY3OTJ8MzNhYzgxMWFhOWJkMTY5MDcxZjEyY2E4MTk2ZWQzY2R8MXwwfDA0OTkucGVha2FkeC5jb218MHwwfDB8MC4wMXwxfDB8ZXhjaGFuZ2VfbGlua3xiZjQ4NmYzYWJhNGM0MzI2MzJiZGVkMGY5OWE3YmQ0MnwwfDB8MHwyOTA1MzMwfDB8MHwyOTI1NTMzfGhvc3Rpbmd8dnBufDF8MTQ0MHx8MHwwfDB8T0t8ZGM4Y2IyZWMxODI2M2VmNWE4OGMyMzFlZmE2YjVlZGI= Server nginx Content-Length 0 Connection keep-alive
GET H2	200	Primary Request DEwfhd.html Show response www.localnewsreviews.com/btc/ Redirect Chain https://rtb.exoclick.com/cimp.php?data=TVRVMU16VTVNell6TVh4bFl6Vm1aalUxWmpZM01UYzVaV1kxT1RZMlptTTJNVFJpWXpVNU1XWm1OZz09fGh0dHBzOi8vd3d3LmxvY2FsbmV3c3Jldmlld3MuY29tL2J0Yy9ERXdmaGQuaHRtbHxodHRwc3wxOD... https://www.localnewsreviews.com/btc/DEwfhd.html	24 KB 7 KB	493ms 445ms	Document text/html	2606:4700:30::681c:a29 Cloudflare
General Check archive.org Show headers Download Go to Full URL https://www.localnewsreviews.com/btc/DEwfhd.html Requested by Host: rtb.exoclick.com URL: https://rtb.exoclick.com/cimp.php?data=TVRVMU16VTVNell6TVh4bFl6Vm1aalUxWmpZM01UYzVaV1kxT1RZMlptTTJNVFJpWXpVNU1XWm1OZz09fGh0dHBzOi8vd3d3LmxvY2FsbmV3c3Jldmlld3MuY29tL2J0Yy9ERXdmaGQuaHRtbHxodHRwc3wxODUuMTQyLjI2LjIwNXxERVV8NTJ8YWRleGNoYW5nZS03NDkwMjAuY29tfDE0NDcxOXw1MzAzNDB8NzQ5MDIwfDMxMjIwNTB8NTEzfDI4OTYzMzB8MjgwMjY0MjZ8MTZ8MnwwfDB8MzQxMjUwMjl8NzY0MnwxNi42OTI1NzV8ODB8VVNEfFVTRHwxfDF8MjJ8fDF8REVVfDE4NS4xNDIuMjYuMjA1fDYwfDR8MXx8MDgzNDllYjc4MmRlNWI3ZmQ0MjdkMjg4MGE0NDY3OTJ8MzNhYzgxMWFhOWJkMTY5MDcxZjEyY2E4MTk2ZWQzY2R8MXwwfDA0OTkucGVha2FkeC5jb218MHwwfDB8MC4wMXwxfDB8ZXhjaGFuZ2VfbGlua3xiZjQ4NmYzYWJhNGM0MzI2MzJiZGVkMGY5OWE3YmQ0MnwwfDB8MHwyOTA1MzMwfDB8MHwyOTI1NTMzfGhvc3Rpbmd8dnBufDF8MTQ0MHx8MHwwfDB8T0t8ZGM4Y2IyZWMxODI2M2VmNWE4OGMyMzFlZmE2YjVlZGI= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:30::681c:a29 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash `0db50e12d22f02c40fbad0714ffb945c2de4a355fc9ec4990bb5f14af8895867` Request headers :method GET :authority www.localnewsreviews.com :scheme https :path /btc/DEwfhd.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8 referer https://rtb.exoclick.com/cimp.php?data=TVRVMU16VTVNell6TVh4bFl6Vm1aalUxWmpZM01UYzVaV1kxT1RZMlptTTJNVFJpWXpVNU1XWm1OZz09fGh0dHBzOi8vd3d3LmxvY2FsbmV3c3Jldmlld3MuY29tL2J0Yy9ERXdmaGQuaHRtbHxodHRwc3wxODUuMTQyLjI2LjIwNXxERVV8NTJ8YWRleGNoYW5nZS03NDkwMjAuY29tfDE0NDcxOXw1MzAzNDB8NzQ5MDIwfDMxMjIwNTB8NTEzfDI4OTYzMzB8MjgwMjY0MjZ8MTZ8MnwwfDB8MzQxMjUwMjl8NzY0MnwxNi42OTI1NzV8ODB8VVNEfFVTRHwxfDF8MjJ8fDF8REVVfDE4NS4xNDIuMjYuMjA1fDYwfDR8MXx8MDgzNDllYjc4MmRlNWI3ZmQ0MjdkMjg4MGE0NDY3OTJ8MzNhYzgxMWFhOWJkMTY5MDcxZjEyY2E4MTk2ZWQzY2R8MXwwfDA0OTkucGVha2FkeC5jb218MHwwfDB8MC4wMXwxfDB8ZXhjaGFuZ2VfbGlua3xiZjQ4NmYzYWJhNGM0MzI2MzJiZGVkMGY5OWE3YmQ0MnwwfDB8MHwyOTA1MzMwfDB8MHwyOTI1NTMzfGhvc3Rpbmd8dnBufDF8MTQ0MHx8MHwwfDB8T0t8ZGM4Y2IyZWMxODI2M2VmNWE4OGMyMzFlZmE2YjVlZGI= accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Referer https://rtb.exoclick.com/cimp.php?data=TVRVMU16VTVNell6TVh4bFl6Vm1aalUxWmpZM01UYzVaV1kxT1RZMlptTTJNVFJpWXpVNU1XWm1OZz09fGh0dHBzOi8vd3d3LmxvY2FsbmV3c3Jldmlld3MuY29tL2J0Yy9ERXdmaGQuaHRtbHxodHRwc3wxODUuMTQyLjI2LjIwNXxERVV8NTJ8YWRleGNoYW5nZS03NDkwMjAuY29tfDE0NDcxOXw1MzAzNDB8NzQ5MDIwfDMxMjIwNTB8NTEzfDI4OTYzMzB8MjgwMjY0MjZ8MTZ8MnwwfDB8MzQxMjUwMjl8NzY0MnwxNi42OTI1NzV8ODB8VVNEfFVTRHwxfDF8MjJ8fDF8REVVfDE4NS4xNDIuMjYuMjA1fDYwfDR8MXx8MDgzNDllYjc4MmRlNWI3ZmQ0MjdkMjg4MGE0NDY3OTJ8MzNhYzgxMWFhOWJkMTY5MDcxZjEyY2E4MTk2ZWQzY2R8MXwwfDA0OTkucGVha2FkeC5jb218MHwwfDB8MC4wMXwxfDB8ZXhjaGFuZ2VfbGlua3xiZjQ4NmYzYWJhNGM0MzI2MzJiZGVkMGY5OWE3YmQ0MnwwfDB8MHwyOTA1MzMwfDB8MHwyOTI1NTMzfGhvc3Rpbmd8dnBufDF8MTQ0MHx8MHwwfDB8T0t8ZGM4Y2IyZWMxODI2M2VmNWE4OGMyMzFlZmE2YjVlZGI= Response headers status 200 date Tue, 26 Mar 2019 09:47:12 GMT content-type text/html set-cookie __cfduid=d360dce9cf7130943183191ccf02db8a51553593632; expires=Wed, 25-Mar-20 09:47:12 GMT; path=/; domain=.localnewsreviews.com; HttpOnly last-modified Wed, 20 Mar 2019 04:22:16 GMT vary Accept-Encoding alt-svc quic=":443"; ma=2592000; v="35,39,43,44" x-turbo-charged-by LiteSpeed expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server cloudflare cf-ray 4bd833aafd90bec1-FRA content-encoding br Redirect headers Server nginx Date Tue, 26 Mar 2019 09:47:12 GMT Content-Type text/html; charset=UTF-8 Transfer-Encoding chunked Connection keep-alive Set-Cookie __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%225c99f52059b9e8.982048821933993913%22%3B%7D; expires=Thu, 25-Mar-2021 09:47:12 GMT; Max-Age=63072000; domain=exoclick.com cimp-registry=eyJkYzhjYjJlYzE4MjYzZWY1YTg4YzIzMWVmYTZiNWVkYiI6MTU1MzU5MzYzMn18YTQ4ODlmZDZkZGEzZGEzY2EwMTVkZmI1NTI5ZjgzNTU%3D; expires=Tue, 26-Mar-2019 10:48:02 GMT; Max-Age=3650; path=/; domain=syndication.exoclick.com impressions=x%9CK%B42%B4%AA%CE%B42%B2%B04366%B0N%B42%06q%0D%AC3%AD%0Ca%D8%D4%D4%D8%D4%D2%D8%CC%D8%08%C81%B2.%B62%B1R2411P%B2%AE%AD%05%00%FAG%0F%D3; expires=Wed, 27-Mar-2019 09:47:12 GMT; Max-Age=86400; path=/; domain=.exoclick.com tag-link=v3%7C185.142.26.205%7CDEU%7C3122050%7C28026426%7C0%7C%7C513%7C52%7C2%7C16%7C0%7C0%7C0%7C34125029%7C2905330%7C2925533%7C0%7C1%7C0%7C0%7C0%7C0%7C1%7C0%7C0%7C1%7C5c99f52059b9e8.982048821933993913%7C33ac811aa9bd169071f12ca8196ed3cd%7C7642%7C0499.peakadx.com%7C1600x1200%7C%7C0%7C0%7C0%7Cok; expires=Wed, 27-Mar-2019 09:47:12 GMT; Max-Age=86400; path=/; domain=.exoclick.com Location https://www.localnewsreviews.com/btc/DEwfhd.html
GET H2	200	ouibounce.css www.localnewsreviews.com/btc/btcde299_files/	4 KB 920 B	29ms 18ms	Stylesheet text/css	2606:4700:30::681c:a29 Cloudflare
General Check archive.org Show headers Download Go to Full URL https://www.localnewsreviews.com/btc/btcde299_files/ouibounce.css Requested by Host: www.localnewsreviews.com URL: https://www.localnewsreviews.com/btc/DEwfhd.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:30::681c:a29 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash `5782084e5ec96e23e26ff4f2220a53e896630f200b0dadcf012a7760901fe696` Request headers :path /btc/btcde299_files/ouibounce.css pragma no-cache cookie __cfduid=d360dce9cf7130943183191ccf02db8a51553593632 accept-encoding gzip, deflate, br user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 accept text/css,/;q=0.1 cache-control no-cache :authority www.localnewsreviews.com referer https://www.localnewsreviews.com/btc/DEwfhd.html :scheme https :method GET Referer https://www.localnewsreviews.com/btc/DEwfhd.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Tue, 26 Mar 2019 09:47:12 GMT content-encoding br cf-cache-status HIT last-modified Fri, 22 Feb 2019 14:42:04 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/css status 200 cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed cf-ray 4bd833ade9c2bec1-FRA alt-svc quic=":443"; ma=2592000; v="35,39,43,44" expires Tue, 02 Apr 2019 09:47:12 GMT
GET H2	200	bootstrap.css www.localnewsreviews.com/btc/btcde299_files/	154 KB 20 KB	26ms 18ms	Stylesheet text/css	2606:4700:30::681c:a29 Cloudflare
General Check archive.org Show headers Download Go to Full URL https://www.localnewsreviews.com/btc/btcde299_files/bootstrap.css Requested by Host: www.localnewsreviews.com URL: https://www.localnewsreviews.com/btc/DEwfhd.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:30::681c:a29 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash `86f3b6ded588e2832dd412d046715e3ce1c62b460468922de235833ae7a2eecd` Request headers :path /btc/btcde299_files/bootstrap.css pragma no-cache cookie __cfduid=d360dce9cf7130943183191ccf02db8a51553593632 accept-encoding gzip, deflate, br user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 accept text/css,/;q=0.1 cache-control no-cache :authority www.localnewsreviews.com referer https://www.localnewsreviews.com/btc/DEwfhd.html :scheme https :method GET Referer https://www.localnewsreviews.com/btc/DEwfhd.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Tue, 26 Mar 2019 09:47:12 GMT content-encoding br cf-cache-status HIT last-modified Fri, 22 Feb 2019 14:42:04 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/css status 200 cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed cf-ray 4bd833ade9c3bec1-FRA alt-svc quic=":443"; ma=2592000; v="35,39,43,44" expires Tue, 02 Apr 2019 09:47:12 GMT
GET H2	200	font-awesome.css www.localnewsreviews.com/btc/btcde299_files/	18 KB 4 KB	26ms 18ms	Stylesheet text/css	2606:4700:30::681c:a29 Cloudflare
General Check archive.org Show headers Download Go to Full URL https://www.localnewsreviews.com/btc/btcde299_files/font-awesome.css Requested by Host: www.localnewsreviews.com URL: https://www.localnewsreviews.com/btc/DEwfhd.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:30::681c:a29 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash `18dc545f0219ee9faae854e550ca8a992a800ce0a9b968ffddfd04627b2a1508` Request headers :path /btc/btcde299_files/font-awesome.css pragma no-cache cookie __cfduid=d360dce9cf7130943183191ccf02db8a51553593632 accept-encoding gzip, deflate, br user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 accept text/css,/;q=0.1 cache-control no-cache :authority www.localnewsreviews.com referer https://www.localnewsreviews.com/btc/DEwfhd.html :scheme https :method GET Referer https://www.localnewsreviews.com/btc/DEwfhd.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Tue, 26 Mar 2019 09:47:12 GMT content-encoding br cf-cache-status HIT last-modified Fri, 22 Feb 2019 14:42:04 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/css status 200 cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed cf-ray 4bd833ade9c4bec1-FRA alt-svc quic=":443"; ma=2592000; v="35,39,43,44" expires Tue, 02 Apr 2019 09:47:12 GMT
GET H2	200	style.css www.localnewsreviews.com/btc/btcde299_files/	9 KB 2 KB	26ms 19ms	Stylesheet text/css	2606:4700:30::681c:a29 Cloudflare
General Check archive.org Show headers Download Go to Full URL https://www.localnewsreviews.com/btc/btcde299_files/style.css Requested by Host: www.localnewsreviews.com URL: https://www.localnewsreviews.com/btc/DEwfhd.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:30::681c:a29 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash `f2a8ba6fa5e07e7984163dcfc0923328dfda7d121636590ab09866c388fa80f1` Request headers :path /btc/btcde299_files/style.css pragma no-cache cookie __cfduid=d360dce9cf7130943183191ccf02db8a51553593632 accept-encoding gzip, deflate, br user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 accept text/css,/;q=0.1 cache-control no-cache :authority www.localnewsreviews.com referer https://www.localnewsreviews.com/btc/DEwfhd.html :scheme https :method GET Referer https://www.localnewsreviews.com/btc/DEwfhd.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Tue, 26 Mar 2019 09:47:12 GMT content-encoding br cf-cache-status HIT last-modified Fri, 22 Feb 2019 14:42:04 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/css status 200 cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed cf-ray 4bd833ade9c5bec1-FRA alt-svc quic=":443"; ma=2592000; v="35,39,43,44" expires Tue, 02 Apr 2019 09:47:12 GMT
GET H2	200	mobile-logo3.jpg www.localnewsreviews.com/btc/btcde299_files/	14 KB 14 KB	26ms 19ms	Image image/jpeg	2606:4700:30::681c:a29 Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL https://www.localnewsreviews.com/btc/btcde299_files/mobile-logo3.jpg Requested by Host: www.localnewsreviews.com URL: https://www.localnewsreviews.com/btc/DEwfhd.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:30::681c:a29 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash `fe5ace5beacee2e7084a040e468951965174b3bfdf233bde1657f0c6cfbb9be4` Request headers :path /btc/btcde299_files/mobile-logo3.jpg pragma no-cache cookie __cfduid=d360dce9cf7130943183191ccf02db8a51553593632 accept-encoding gzip, deflate, br user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 accept image/webp,image/apng,image/,/;q=0.8 cache-control* no-cache :authority www.localnewsreviews.com referer https://www.localnewsreviews.com/btc/DEwfhd.html :scheme https :method GET Referer https://www.localnewsreviews.com/btc/DEwfhd.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Tue, 26 Mar 2019 09:47:12 GMT cf-cache-status HIT last-modified Tue, 19 Mar 2019 18:01:11 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/jpeg status 200 cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed accept-ranges bytes cf-ray 4bd833ade9c6bec1-FRA alt-svc quic=":443"; ma=2592000; v="35,39,43,44" content-length 14651 expires Tue, 02 Apr 2019 09:47:12 GMT
GET H2	200	asseenin.jpg www.localnewsreviews.com/btc/btcde299_files/	26 KB 26 KB	26ms 19ms	Image image/jpeg	2606:4700:30::681c:a29 Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL https://www.localnewsreviews.com/btc/btcde299_files/asseenin.jpg Requested by Host: www.localnewsreviews.com URL: https://www.localnewsreviews.com/btc/DEwfhd.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:30::681c:a29 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash `6b454fdf5113b68f29f2a028d744bf33fa1ba7f14e3ac4f72019de131af8a830` Request headers :path /btc/btcde299_files/asseenin.jpg pragma no-cache cookie __cfduid=d360dce9cf7130943183191ccf02db8a51553593632 accept-encoding gzip, deflate, br user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 accept image/webp,image/apng,image/,/;q=0.8 cache-control* no-cache :authority www.localnewsreviews.com referer https://www.localnewsreviews.com/btc/DEwfhd.html :scheme https :method GET Referer https://www.localnewsreviews.com/btc/DEwfhd.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Tue, 26 Mar 2019 09:47:12 GMT cf-cache-status HIT last-modified Fri, 22 Feb 2019 14:42:04 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/jpeg status 200 cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed accept-ranges bytes cf-ray 4bd833ade9c7bec1-FRA alt-svc quic=":443"; ma=2592000; v="35,39,43,44" content-length 26697 expires Tue, 02 Apr 2019 09:47:12 GMT
GET H2	200	lamb.jpg www.localnewsreviews.com/btc/DEwfh_files/	174 KB 174 KB	30ms 23ms	Image image/jpeg	2606:4700:30::681c:a29 Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL https://www.localnewsreviews.com/btc/DEwfh_files/lamb.jpg Requested by Host: www.localnewsreviews.com URL: https://www.localnewsreviews.com/btc/DEwfhd.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:30::681c:a29 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash `7ad8eb95d1a4bcead09b2830d6687d547e46323c7395866230077b70d24a878f` Request headers :path /btc/DEwfh_files/lamb.jpg pragma no-cache cookie __cfduid=d360dce9cf7130943183191ccf02db8a51553593632 accept-encoding gzip, deflate, br user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 accept image/webp,image/apng,image/,/;q=0.8 cache-control* no-cache :authority www.localnewsreviews.com referer https://www.localnewsreviews.com/btc/DEwfhd.html :scheme https :method GET Referer https://www.localnewsreviews.com/btc/DEwfhd.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Tue, 26 Mar 2019 09:47:12 GMT cf-cache-status HIT last-modified Thu, 07 Mar 2019 11:55:11 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/jpeg status 200 cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed accept-ranges bytes cf-ray 4bd833ade9c8bec1-FRA alt-svc quic=":443"; ma=2592000; v="35,39,43,44" content-length 177679 expires Tue, 02 Apr 2019 09:47:12 GMT
GET H2	200	2018-03-28%25252012_002-min.jpg www.localnewsreviews.com/btc/btcde299_files/	65 KB 65 KB	30ms 24ms	Image image/jpeg	2606:4700:30::681c:a29 Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL https://www.localnewsreviews.com/btc/btcde299_files/2018-03-28%25252012_002-min.jpg Requested by Host: www.localnewsreviews.com URL: https://www.localnewsreviews.com/btc/DEwfhd.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:30::681c:a29 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash `3236e8b1e416a9798314e699498a0900b4d51df2b4036532c620924c64e6c0d4` Request headers :path /btc/btcde299_files/2018-03-28%25252012_002-min.jpg pragma no-cache cookie __cfduid=d360dce9cf7130943183191ccf02db8a51553593632 accept-encoding gzip, deflate, br user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 accept image/webp,image/apng,image/,/;q=0.8 cache-control* no-cache :authority www.localnewsreviews.com referer https://www.localnewsreviews.com/btc/DEwfhd.html :scheme https :method GET Referer https://www.localnewsreviews.com/btc/DEwfhd.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Tue, 26 Mar 2019 09:47:12 GMT cf-cache-status HIT last-modified Fri, 22 Feb 2019 17:50:00 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/jpeg status 200 cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed accept-ranges bytes cf-ray 4bd833ade9c9bec1-FRA alt-svc quic=":443"; ma=2592000; v="35,39,43,44" content-length 66466 expires Tue, 02 Apr 2019 09:47:12 GMT
GET H2	200	2018-03-28%252012-min.jpg www.localnewsreviews.com/btc/btcde299_files/	85 KB 86 KB	31ms 25ms	Image image/jpeg	2606:4700:30::681c:a29 Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL https://www.localnewsreviews.com/btc/btcde299_files/2018-03-28%252012-min.jpg Requested by Host: www.localnewsreviews.com URL: https://www.localnewsreviews.com/btc/DEwfhd.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:30::681c:a29 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash `4bacc9a03fd7033ed2eb62cf2f82ca66aac34b7058f65d1935d37f2b23eec65e` Request headers :path /btc/btcde299_files/2018-03-28%252012-min.jpg pragma no-cache cookie __cfduid=d360dce9cf7130943183191ccf02db8a51553593632 accept-encoding gzip, deflate, br user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 accept image/webp,image/apng,image/,/;q=0.8 cache-control* no-cache :authority www.localnewsreviews.com referer https://www.localnewsreviews.com/btc/DEwfhd.html :scheme https :method GET Referer https://www.localnewsreviews.com/btc/DEwfhd.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Tue, 26 Mar 2019 09:47:12 GMT cf-cache-status HIT last-modified Fri, 22 Feb 2019 17:49:56 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/jpeg status 200 cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed accept-ranges bytes cf-ray 4bd833ade9cabec1-FRA alt-svc quic=":443"; ma=2592000; v="35,39,43,44" content-length 87517 expires Tue, 02 Apr 2019 09:47:12 GMT
GET H2	200	carsten-maschmeyer-und-judith-williams-min.jpg www.localnewsreviews.com/btc/btcde299_files/	71 KB 71 KB	32ms 26ms	Image image/jpeg	2606:4700:30::681c:a29 Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL https://www.localnewsreviews.com/btc/btcde299_files/carsten-maschmeyer-und-judith-williams-min.jpg Requested by Host: www.localnewsreviews.com URL: https://www.localnewsreviews.com/btc/DEwfhd.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:30::681c:a29 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash `f126567da92f02739a3ad0dfe266fdad3635b3e9ef129f4c513e2c3b575ff723` Request headers :path /btc/btcde299_files/carsten-maschmeyer-und-judith-williams-min.jpg pragma no-cache cookie __cfduid=d360dce9cf7130943183191ccf02db8a51553593632 accept-encoding gzip, deflate, br user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 accept image/webp,image/apng,image/,/;q=0.8 cache-control* no-cache :authority www.localnewsreviews.com referer https://www.localnewsreviews.com/btc/DEwfhd.html :scheme https :method GET Referer https://www.localnewsreviews.com/btc/DEwfhd.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Tue, 26 Mar 2019 09:47:12 GMT cf-cache-status HIT last-modified Fri, 22 Feb 2019 17:50:06 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/jpeg status 200 cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed accept-ranges bytes cf-ray 4bd833ade9cfbec1-FRA alt-svc quic=":443"; ma=2592000; v="35,39,43,44" content-length 72496 expires Tue, 02 Apr 2019 09:47:12 GMT
GET H2	200	ccccc-min.jpg www.localnewsreviews.com/btc/btcde299_files/	81 KB 81 KB	31ms 25ms	Image image/jpeg	2606:4700:30::681c:a29 Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL https://www.localnewsreviews.com/btc/btcde299_files/ccccc-min.jpg Requested by Host: www.localnewsreviews.com URL: https://www.localnewsreviews.com/btc/DEwfhd.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:30::681c:a29 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash `ce2231fa073bd51d7c7028ab57c431302e532045dc5b8dbf0f61cbfae0b29173` Request headers :path /btc/btcde299_files/ccccc-min.jpg pragma no-cache cookie __cfduid=d360dce9cf7130943183191ccf02db8a51553593632 accept-encoding gzip, deflate, br user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 accept image/webp,image/apng,image/,/;q=0.8 cache-control* no-cache :authority www.localnewsreviews.com referer https://www.localnewsreviews.com/btc/DEwfhd.html :scheme https :method GET Referer https://www.localnewsreviews.com/btc/DEwfhd.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Tue, 26 Mar 2019 09:47:12 GMT cf-cache-status HIT last-modified Fri, 22 Feb 2019 17:50:08 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/jpeg status 200 cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed accept-ranges bytes cf-ray 4bd833ade9d0bec1-FRA alt-svc quic=":443"; ma=2592000; v="35,39,43,44" content-length 82759 expires Tue, 02 Apr 2019 09:47:12 GMT
GET H2	200	1112018-03-28%252012-min.jpg www.localnewsreviews.com/btc/btcde299_files/	57 KB 57 KB	32ms 26ms	Image image/jpeg	2606:4700:30::681c:a29 Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL https://www.localnewsreviews.com/btc/btcde299_files/1112018-03-28%252012-min.jpg Requested by Host: www.localnewsreviews.com URL: https://www.localnewsreviews.com/btc/DEwfhd.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:30::681c:a29 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash `1230de73f31f9b4fb64040b169530d0fb0bc6c8fd7b13a07c0fb048679a4c963` Request headers :path /btc/btcde299_files/1112018-03-28%252012-min.jpg pragma no-cache cookie __cfduid=d360dce9cf7130943183191ccf02db8a51553593632 accept-encoding gzip, deflate, br user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 accept image/webp,image/apng,image/,/;q=0.8 cache-control* no-cache :authority www.localnewsreviews.com referer https://www.localnewsreviews.com/btc/DEwfhd.html :scheme https :method GET Referer https://www.localnewsreviews.com/btc/DEwfhd.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Tue, 26 Mar 2019 09:47:12 GMT cf-cache-status HIT last-modified Fri, 22 Feb 2019 17:50:02 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/jpeg status 200 cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed accept-ranges bytes cf-ray 4bd833ade9d1bec1-FRA alt-svc quic=":443"; ma=2592000; v="35,39,43,44" content-length 58449 expires Tue, 02 Apr 2019 09:47:12 GMT
GET H2	200	ddd2018-03-28%252012.jpg www.localnewsreviews.com/btc/btcde299_files/	46 KB 46 KB	30ms 24ms	Image image/jpeg	2606:4700:30::681c:a29 Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL https://www.localnewsreviews.com/btc/btcde299_files/ddd2018-03-28%252012.jpg Requested by Host: www.localnewsreviews.com URL: https://www.localnewsreviews.com/btc/DEwfhd.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:30::681c:a29 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash `68d900100a626ce8a6149344561ebe975bc0242fe5af81a08544b9ea92d7682d` Request headers :path /btc/btcde299_files/ddd2018-03-28%252012.jpg pragma no-cache cookie __cfduid=d360dce9cf7130943183191ccf02db8a51553593632 accept-encoding gzip, deflate, br user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 accept image/webp,image/apng,image/,/;q=0.8 cache-control* no-cache :authority www.localnewsreviews.com referer https://www.localnewsreviews.com/btc/DEwfhd.html :scheme https :method GET Referer https://www.localnewsreviews.com/btc/DEwfhd.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Tue, 26 Mar 2019 09:47:12 GMT cf-cache-status HIT last-modified Fri, 22 Feb 2019 14:42:04 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/jpeg status 200 cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed accept-ranges bytes cf-ray 4bd833ade9d2bec1-FRA alt-svc quic=":443"; ma=2592000; v="35,39,43,44" content-length 47390 expires Tue, 02 Apr 2019 09:47:12 GMT
GET H2	200	2jjjj018-03-28%252012.jpg www.localnewsreviews.com/btc/btcde299_files/	53 KB 53 KB	30ms 25ms	Image image/jpeg	2606:4700:30::681c:a29 Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL https://www.localnewsreviews.com/btc/btcde299_files/2jjjj018-03-28%252012.jpg Requested by Host: www.localnewsreviews.com URL: https://www.localnewsreviews.com/btc/DEwfhd.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:30::681c:a29 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash `efe345bc9012c7eb798ef6545d33371e7b3b25b2b2cb457d374dec3b94b39786` Request headers :path /btc/btcde299_files/2jjjj018-03-28%252012.jpg pragma no-cache cookie __cfduid=d360dce9cf7130943183191ccf02db8a51553593632 accept-encoding gzip, deflate, br user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 accept image/webp,image/apng,image/,/;q=0.8 cache-control* no-cache :authority www.localnewsreviews.com referer https://www.localnewsreviews.com/btc/DEwfhd.html :scheme https :method GET Referer https://www.localnewsreviews.com/btc/DEwfhd.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Tue, 26 Mar 2019 09:47:12 GMT cf-cache-status HIT last-modified Fri, 22 Feb 2019 14:42:04 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/jpeg status 200 cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed accept-ranges bytes cf-ray 4bd833ade9d4bec1-FRA alt-svc quic=":443"; ma=2592000; v="35,39,43,44" content-length 54345 expires Tue, 02 Apr 2019 09:47:12 GMT
GET H2	200	rrrr2018-03-28%252012-min.jpg www.localnewsreviews.com/btc/btcde299_files/	65 KB 65 KB	30ms 24ms	Image image/jpeg	2606:4700:30::681c:a29 Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL https://www.localnewsreviews.com/btc/btcde299_files/rrrr2018-03-28%252012-min.jpg Requested by Host: www.localnewsreviews.com URL: https://www.localnewsreviews.com/btc/DEwfhd.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:30::681c:a29 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash `ddc2d161fa9c485221f11ae8f71b453b760ada71fbc4d279a4ee462d171fc75f` Request headers :path /btc/btcde299_files/rrrr2018-03-28%252012-min.jpg pragma no-cache cookie __cfduid=d360dce9cf7130943183191ccf02db8a51553593632 accept-encoding gzip, deflate, br user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 accept image/webp,image/apng,image/,/;q=0.8 cache-control* no-cache :authority www.localnewsreviews.com referer https://www.localnewsreviews.com/btc/DEwfhd.html :scheme https :method GET Referer https://www.localnewsreviews.com/btc/DEwfhd.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Tue, 26 Mar 2019 09:47:12 GMT cf-cache-status HIT last-modified Fri, 22 Feb 2019 17:50:26 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/jpeg status 200 cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed accept-ranges bytes cf-ray 4bd833ade9d5bec1-FRA alt-svc quic=":443"; ma=2592000; v="35,39,43,44" content-length 66083 expires Tue, 02 Apr 2019 09:47:12 GMT
GET H2	200	side1.png www.localnewsreviews.com/btc/btcde299_files/	34 KB 34 KB	29ms 24ms	Image image/png	2606:4700:30::681c:a29 Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL https://www.localnewsreviews.com/btc/btcde299_files/side1.png Requested by Host: www.localnewsreviews.com URL: https://www.localnewsreviews.com/btc/DEwfhd.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:30::681c:a29 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash `5adbed9d75481c04641b70a78519079b1aa08150757ee14f7c84327356e73b1f` Request headers :path /btc/btcde299_files/side1.png pragma no-cache cookie __cfduid=d360dce9cf7130943183191ccf02db8a51553593632 accept-encoding gzip, deflate, br user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 accept image/webp,image/apng,image/,/;q=0.8 cache-control* no-cache :authority www.localnewsreviews.com referer https://www.localnewsreviews.com/btc/DEwfhd.html :scheme https :method GET Referer https://www.localnewsreviews.com/btc/DEwfhd.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Tue, 26 Mar 2019 09:47:12 GMT cf-cache-status HIT last-modified Fri, 22 Feb 2019 14:42:04 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/png status 200 cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed accept-ranges bytes cf-ray 4bd833ade9d7bec1-FRA alt-svc quic=":443"; ma=2592000; v="35,39,43,44" content-length 34888 expires Tue, 02 Apr 2019 09:47:12 GMT
GET H2	200	side2.png www.localnewsreviews.com/btc/btcde299_files/	34 KB 34 KB	29ms 26ms	Image image/png	2606:4700:30::681c:a29 Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL https://www.localnewsreviews.com/btc/btcde299_files/side2.png Requested by Host: www.localnewsreviews.com URL: https://www.localnewsreviews.com/btc/DEwfhd.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:30::681c:a29 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash `3dde975bef15653e64134deee5e1dd5220720f5ecb8fc26adc38f63b6cb57226` Request headers :path /btc/btcde299_files/side2.png pragma no-cache cookie __cfduid=d360dce9cf7130943183191ccf02db8a51553593632 accept-encoding gzip, deflate, br user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 accept image/webp,image/apng,image/,/;q=0.8 cache-control* no-cache :authority www.localnewsreviews.com referer https://www.localnewsreviews.com/btc/DEwfhd.html :scheme https :method GET Referer https://www.localnewsreviews.com/btc/DEwfhd.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Tue, 26 Mar 2019 09:47:12 GMT cf-cache-status HIT last-modified Fri, 22 Feb 2019 14:42:04 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/png status 200 cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed accept-ranges bytes cf-ray 4bd833ade9d8bec1-FRA alt-svc quic=":443"; ma=2592000; v="35,39,43,44" content-length 35141 expires Tue, 02 Apr 2019 09:47:12 GMT
GET H2	200	side3.png www.localnewsreviews.com/btc/btcde299_files/	38 KB 38 KB	39ms 36ms	Image image/png	2606:4700:30::681c:a29 Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL https://www.localnewsreviews.com/btc/btcde299_files/side3.png Requested by Host: www.localnewsreviews.com URL: https://www.localnewsreviews.com/btc/DEwfhd.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:30::681c:a29 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash `e5f99941f717ee56ec795c58e4c73d8f72d15494deb92d94894e2f0ea0f47b7e` Request headers :path /btc/btcde299_files/side3.png pragma no-cache cookie __cfduid=d360dce9cf7130943183191ccf02db8a51553593632 accept-encoding gzip, deflate, br user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 accept image/webp,image/apng,image/,/;q=0.8 cache-control* no-cache :authority www.localnewsreviews.com referer https://www.localnewsreviews.com/btc/DEwfhd.html :scheme https :method GET Referer https://www.localnewsreviews.com/btc/DEwfhd.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Tue, 26 Mar 2019 09:47:12 GMT cf-cache-status HIT last-modified Fri, 22 Feb 2019 14:42:04 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/png status 200 cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed accept-ranges bytes cf-ray 4bd833ade9d9bec1-FRA alt-svc quic=":443"; ma=2592000; v="35,39,43,44" content-length 38902 expires Tue, 02 Apr 2019 09:47:12 GMT
GET H2	200	side4.png www.localnewsreviews.com/btc/btcde299_files/	25 KB 25 KB	28ms 25ms	Image image/png	2606:4700:30::681c:a29 Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL https://www.localnewsreviews.com/btc/btcde299_files/side4.png Requested by Host: www.localnewsreviews.com URL: https://www.localnewsreviews.com/btc/DEwfhd.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:30::681c:a29 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash `1b7e0a2736aeb5f656f8b9cc2fda4b3eb2ea212d2f344dae9b7792136c9c5562` Request headers :path /btc/btcde299_files/side4.png pragma no-cache cookie __cfduid=d360dce9cf7130943183191ccf02db8a51553593632 accept-encoding gzip, deflate, br user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 accept image/webp,image/apng,image/,/;q=0.8 cache-control* no-cache :authority www.localnewsreviews.com referer https://www.localnewsreviews.com/btc/DEwfhd.html :scheme https :method GET Referer https://www.localnewsreviews.com/btc/DEwfhd.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Tue, 26 Mar 2019 09:47:12 GMT cf-cache-status HIT last-modified Fri, 22 Feb 2019 14:42:04 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/png status 200 cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed accept-ranges bytes cf-ray 4bd833ade9dabec1-FRA alt-svc quic=":443"; ma=2592000; v="35,39,43,44" content-length 25718 expires Tue, 02 Apr 2019 09:47:12 GMT
GET H2	200	side5.png www.localnewsreviews.com/btc/btcde299_files/	37 KB 37 KB	28ms 25ms	Image image/png	2606:4700:30::681c:a29 Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL https://www.localnewsreviews.com/btc/btcde299_files/side5.png Requested by Host: www.localnewsreviews.com URL: https://www.localnewsreviews.com/btc/DEwfhd.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:30::681c:a29 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash `494a3efdafd5407a5a88d922f5a4a72d71ac2f3ad8f3f9fe607f8cf89314dfa1` Request headers :path /btc/btcde299_files/side5.png pragma no-cache cookie __cfduid=d360dce9cf7130943183191ccf02db8a51553593632 accept-encoding gzip, deflate, br user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 accept image/webp,image/apng,image/,/;q=0.8 cache-control* no-cache :authority www.localnewsreviews.com referer https://www.localnewsreviews.com/btc/DEwfhd.html :scheme https :method GET Referer https://www.localnewsreviews.com/btc/DEwfhd.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Tue, 26 Mar 2019 09:47:12 GMT cf-cache-status HIT last-modified Fri, 22 Feb 2019 14:42:04 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/png status 200 cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed accept-ranges bytes cf-ray 4bd833ade9dcbec1-FRA alt-svc quic=":443"; ma=2592000; v="35,39,43,44" content-length 37859 expires Tue, 02 Apr 2019 09:47:12 GMT
GET H2	200	side6.png www.localnewsreviews.com/btc/btcde299_files/	34 KB 34 KB	28ms 25ms	Image image/png	2606:4700:30::681c:a29 Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL https://www.localnewsreviews.com/btc/btcde299_files/side6.png Requested by Host: www.localnewsreviews.com URL: https://www.localnewsreviews.com/btc/DEwfhd.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:30::681c:a29 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash `54e408290bafacaad2eaf0b17ec04ecf29ae7333a69784730a1af7d749b3c4a9` Request headers :path /btc/btcde299_files/side6.png pragma no-cache cookie __cfduid=d360dce9cf7130943183191ccf02db8a51553593632 accept-encoding gzip, deflate, br user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 accept image/webp,image/apng,image/,/;q=0.8 cache-control* no-cache :authority www.localnewsreviews.com referer https://www.localnewsreviews.com/btc/DEwfhd.html :scheme https :method GET Referer https://www.localnewsreviews.com/btc/DEwfhd.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Tue, 26 Mar 2019 09:47:12 GMT cf-cache-status HIT last-modified Fri, 22 Feb 2019 14:42:04 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/png status 200 cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed accept-ranges bytes cf-ray 4bd833ade9ddbec1-FRA alt-svc quic=":443"; ma=2592000; v="35,39,43,44" content-length 34979 expires Tue, 02 Apr 2019 09:47:12 GMT
GET H2	200	side7.png www.localnewsreviews.com/btc/btcde299_files/	30 KB 31 KB	38ms 36ms	Image image/png	2606:4700:30::681c:a29 Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL https://www.localnewsreviews.com/btc/btcde299_files/side7.png Requested by Host: www.localnewsreviews.com URL: https://www.localnewsreviews.com/btc/DEwfhd.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:30::681c:a29 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash `b8ff47c69f9495e6ea65471b668c7d0145a9b2122aa780087cd59ca4ef8644b5` Request headers :path /btc/btcde299_files/side7.png pragma no-cache cookie __cfduid=d360dce9cf7130943183191ccf02db8a51553593632 accept-encoding gzip, deflate, br user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 accept image/webp,image/apng,image/,/;q=0.8 cache-control* no-cache :authority www.localnewsreviews.com referer https://www.localnewsreviews.com/btc/DEwfhd.html :scheme https :method GET Referer https://www.localnewsreviews.com/btc/DEwfhd.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Tue, 26 Mar 2019 09:47:12 GMT cf-cache-status HIT last-modified Fri, 22 Feb 2019 14:42:04 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/png status 200 cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed accept-ranges bytes cf-ray 4bd833ade9debec1-FRA alt-svc quic=":443"; ma=2592000; v="35,39,43,44" content-length 31140 expires Tue, 02 Apr 2019 09:47:12 GMT
GET H2	200	checkmark.png www.localnewsreviews.com/btc/btcde299_files/	341 B 429 B	38ms 35ms	Image image/png	2606:4700:30::681c:a29 Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL https://www.localnewsreviews.com/btc/btcde299_files/checkmark.png Requested by Host: www.localnewsreviews.com URL: https://www.localnewsreviews.com/btc/DEwfhd.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:30::681c:a29 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash `e9d04e4fbd1f7c6a052cccf0588ed2c6ea41af104c59c70baaa10d8e0f5715a8` Request headers :path /btc/btcde299_files/checkmark.png pragma no-cache cookie __cfduid=d360dce9cf7130943183191ccf02db8a51553593632 accept-encoding gzip, deflate, br user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 accept image/webp,image/apng,image/,/;q=0.8 cache-control* no-cache :authority www.localnewsreviews.com referer https://www.localnewsreviews.com/btc/DEwfhd.html :scheme https :method GET Referer https://www.localnewsreviews.com/btc/DEwfhd.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Tue, 26 Mar 2019 09:47:12 GMT cf-cache-status HIT last-modified Fri, 22 Feb 2019 14:42:04 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/png status 200 cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed accept-ranges bytes cf-ray 4bd833ade9dfbec1-FRA alt-svc quic=":443"; ma=2592000; v="35,39,43,44" content-length 341 expires Tue, 02 Apr 2019 09:47:12 GMT
GET H2	200	profit1_1-min.jpg www.localnewsreviews.com/btc/btcde299_files/	67 KB 67 KB	28ms 26ms	Image image/jpeg	2606:4700:30::681c:a29 Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL https://www.localnewsreviews.com/btc/btcde299_files/profit1_1-min.jpg Requested by Host: www.localnewsreviews.com URL: https://www.localnewsreviews.com/btc/DEwfhd.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:30::681c:a29 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash `446594175cedf0d04a2a5906d1dc4f121dd15dc6143a8193c3c89b27c970ee18` Request headers :path /btc/btcde299_files/profit1_1-min.jpg pragma no-cache cookie __cfduid=d360dce9cf7130943183191ccf02db8a51553593632 accept-encoding gzip, deflate, br user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 accept image/webp,image/apng,image/,/;q=0.8 cache-control* no-cache :authority www.localnewsreviews.com referer https://www.localnewsreviews.com/btc/DEwfhd.html :scheme https :method GET Referer https://www.localnewsreviews.com/btc/DEwfhd.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Tue, 26 Mar 2019 09:47:12 GMT cf-cache-status HIT last-modified Fri, 22 Feb 2019 17:50:13 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/jpeg status 200 cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed accept-ranges bytes cf-ray 4bd833ade9e0bec1-FRA alt-svc quic=":443"; ma=2592000; v="35,39,43,44" content-length 68234 expires Tue, 02 Apr 2019 09:47:12 GMT
GET H2	200	profit1-min.jpg www.localnewsreviews.com/btc/btcde299_files/	136 KB 136 KB	28ms 25ms	Image image/jpeg	2606:4700:30::681c:a29 Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL https://www.localnewsreviews.com/btc/btcde299_files/profit1-min.jpg Requested by Host: www.localnewsreviews.com URL: https://www.localnewsreviews.com/btc/DEwfhd.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:30::681c:a29 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash `1d74317800bcbb017d8dfb1d80dee0bf5cab6e70e80b9eaa809efd7e257bfada` Request headers :path /btc/btcde299_files/profit1-min.jpg pragma no-cache cookie __cfduid=d360dce9cf7130943183191ccf02db8a51553593632 accept-encoding gzip, deflate, br user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 accept image/webp,image/apng,image/,/;q=0.8 cache-control* no-cache :authority www.localnewsreviews.com referer https://www.localnewsreviews.com/btc/DEwfhd.html :scheme https :method GET Referer https://www.localnewsreviews.com/btc/DEwfhd.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Tue, 26 Mar 2019 09:47:12 GMT cf-cache-status HIT last-modified Fri, 22 Feb 2019 17:50:16 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/jpeg status 200 cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed accept-ranges bytes cf-ray 4bd833ade9e1bec1-FRA alt-svc quic=":443"; ma=2592000; v="35,39,43,44" content-length 139525 expires Tue, 02 Apr 2019 09:47:12 GMT
GET		fontawesome-webfontba72ba72ba72-2.html bestnews24.net/geld/immg/	0 0

GET		fontawesome-webfontba72ba72ba72-3.html bestnews24.net/geld/immg/	0 0

GET		opensans-bold.html bestnews24.net/geld/immg/	0 0

GET		opensans-regular.html bestnews24.net/geld/immg/	0 0

GET		tahoma.html bestnews24.net/geld/immg/	0 0

GET		franklin-gothic-condensed.html bestnews24.net/geld/immg/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: bestnews24.net
URL: http://bestnews24.net/geld/immg/fontawesome-webfontba72ba72ba72-2.html?v=4.0.3

Domain: bestnews24.net
URL: http://bestnews24.net/geld/immg/fontawesome-webfontba72ba72ba72-3.html?v=4.0.3

Domain: bestnews24.net
URL: http://bestnews24.net/geld/immg/opensans-bold.html

Domain: bestnews24.net
URL: http://bestnews24.net/geld/immg/opensans-regular.html

Domain: bestnews24.net
URL: http://bestnews24.net/geld/immg/tahoma.html

Domain: bestnews24.net
URL: http://bestnews24.net/geld/immg/franklin-gothic-condensed.html

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Lion's Den Scam (Online)

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

armillagdns.com
bestnews24.net
cancomed.co.uk
enjrg.com
kg.peak-serving.com
misctraff.com
mobi.mativers.com
rtb.exoclick.com
sau.simpleberg.com
sl.zbengi.com
svkrg.com
typrg.com
url.jmdev.ca
www.localnewsreviews.com
bestnews24.net
159.203.29.218
190.2.131.55
2606:4700:30::681c:a29
3.94.40.153
31.170.100.125
34.193.160.81
34.234.169.82
52.55.204.157
62.212.87.141
91.134.235.42
94.237.85.176
94.237.86.133
95.211.229.247
0db50e12d22f02c40fbad0714ffb945c2de4a355fc9ec4990bb5f14af8895867
1230de73f31f9b4fb64040b169530d0fb0bc6c8fd7b13a07c0fb048679a4c963
18dc545f0219ee9faae854e550ca8a992a800ce0a9b968ffddfd04627b2a1508
1b7e0a2736aeb5f656f8b9cc2fda4b3eb2ea212d2f344dae9b7792136c9c5562
1d74317800bcbb017d8dfb1d80dee0bf5cab6e70e80b9eaa809efd7e257bfada
313e429a50c2935b26e09b33bf945fd10fe4786144978353c0c587a641468fad
3236e8b1e416a9798314e699498a0900b4d51df2b4036532c620924c64e6c0d4
3dde975bef15653e64134deee5e1dd5220720f5ecb8fc26adc38f63b6cb57226
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
446594175cedf0d04a2a5906d1dc4f121dd15dc6143a8193c3c89b27c970ee18
494a3efdafd5407a5a88d922f5a4a72d71ac2f3ad8f3f9fe607f8cf89314dfa1
4bacc9a03fd7033ed2eb62cf2f82ca66aac34b7058f65d1935d37f2b23eec65e
54e408290bafacaad2eaf0b17ec04ecf29ae7333a69784730a1af7d749b3c4a9
5782084e5ec96e23e26ff4f2220a53e896630f200b0dadcf012a7760901fe696
5adbed9d75481c04641b70a78519079b1aa08150757ee14f7c84327356e73b1f
68d900100a626ce8a6149344561ebe975bc0242fe5af81a08544b9ea92d7682d
6b454fdf5113b68f29f2a028d744bf33fa1ba7f14e3ac4f72019de131af8a830
76c0c14ad057afcc497f96ff5e0d25661cab1ae78b04a23051ddaf58bd6d6b05
7ad8eb95d1a4bcead09b2830d6687d547e46323c7395866230077b70d24a878f
82427378371044f8b121fddd89a635c855a6534407bd6fcfd039264f85dd9b67
86f3b6ded588e2832dd412d046715e3ce1c62b460468922de235833ae7a2eecd
b7806578c7b5de3f40d8e4696a84c3b0b4e686e0b7dea2e935af3df63404e523
b8ff47c69f9495e6ea65471b668c7d0145a9b2122aa780087cd59ca4ef8644b5
ce2231fa073bd51d7c7028ab57c431302e532045dc5b8dbf0f61cbfae0b29173
d386af6e61753f7fd5d9c2a1623f265763dc23ca02d4cbf048eaa9e74420d63d
ddc2d161fa9c485221f11ae8f71b453b760ada71fbc4d279a4ee462d171fc75f
e13ed77dfeaa6337766a94370d26a84f27097e38ef8aeb897f3cdcb5a39e2b4b
e5f99941f717ee56ec795c58e4c73d8f72d15494deb92d94894e2f0ea0f47b7e
e9d04e4fbd1f7c6a052cccf0588ed2c6ea41af104c59c70baaa10d8e0f5715a8
efe345bc9012c7eb798ef6545d33371e7b3b25b2b2cb457d374dec3b94b39786
f126567da92f02739a3ad0dfe266fdad3635b3e9ef129f4c513e2c3b575ff723
f2a8ba6fa5e07e7984163dcfc0923328dfda7d121636590ab09866c388fa80f1
fe5ace5beacee2e7084a040e468951965174b3bfdf233bde1657f0c6cfbb9be4

www.localnewsreviews.com Open in urlscan Pro 2606:4700:30::681c:a29 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

39 Requests

82 %HTTPS

8 %IPv6

14 Domains

14 Subdomains

7 IPs

7 Countries

1222 kBTransfer

1408 kBSize

0 Cookies

1 Outgoing links

Page URL History

Redirected requests

39 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.localnewsreviews.com Open in urlscan Pro
2606:4700:30::681c:a29 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

39
Requests

82 %
HTTPS

8 %
IPv6

14
Domains

14
Subdomains

7
IPs

7
Countries

1222 kB
Transfer

1408 kB
Size

0
Cookies

39 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!