urlscan.io logo urlscan.io
SecurityTrails logo

24newsoft.yourbestcontentsonweb.xyz Open in urlscan Pro
163.172.199.47  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://citiesclick.com/
Effective URL: https://24newsoft.yourbestcontentsonweb.xyz/?b9zd1=ZHZUb_a5ZGU8A82I7GqnKk_fTu4Yb_Z-UjT7Zv49UTAzb-5joUklxaNXHPkmfVXuDKP8n5AALMWY56JvjqeOvQ..&...
Submission: On March 13 via automatic, source certstream-suspicious
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 7 countries across 11 domains to perform 17 HTTP transactions. The main IP is 163.172.199.47, located in United Kingdom and belongs to AS12876, FR. The main domain is 24newsoft.yourbestcontentsonweb.xyz.
TLS certificate: Issued by Let's Encrypt Authority X3 on January 25th 2019. Valid for: 3 months.
This is the only time 24newsoft.yourbestcontentsonweb.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 159.69.42.212 24940 (HETZNER-AS)
1 2a00:1450:400... 15169 (GOOGLE)
1 144.76.0.242 24940 (HETZNER-AS)
1 94.130.185.237 24940 (HETZNER-AS)
2 94.130.186.231 24940 (HETZNER-AS)
1 2 188.42.162.193 35415 (WEBZILLA)
1 88.85.66.186 35415 (WEBZILLA)
1 188.42.160.69 35415 (WEBZILLA)
2 2 51.68.19.23 16276 (OVH)
1 1 51.158.25.238 12876 (AS12876)
1 163.172.199.47 12876 (AS12876)
7 2600:9000:200... 16509 (AMAZON-02)
17 10
1    159.69.42.212 (Jacksonville, United States)

ASN24940 (HETZNER-AS, DE)
PTR: static.212.42.69.159.clients.your-server.de
citiesclick.com
1    2a00:1450:4001:816::200e (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com
1    144.76.0.242 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.242.0.76.144.clients.your-server.de
track.tkbo.com
1    94.130.185.237 (Ukraine)

ASN24940 (HETZNER-AS, DE)
PTR: static.237.185.130.94.clients.your-server.de
track.tkbo.com
2    94.130.186.231 (Ukraine)

ASN24940 (HETZNER-AS, DE)
PTR: static.231.186.130.94.clients.your-server.de
track.traffic.club
2    188.42.162.193 (Luxembourg)

ASN35415 (WEBZILLA, NL)
bestadbid.com
1    88.85.66.186 (Netherlands)

ASN35415 (WEBZILLA, NL)
trecurlik.com
1    188.42.160.69 (Luxembourg)

ASN35415 (WEBZILLA, NL)
my.rtmark.net
2    51.68.19.23 (United Kingdom)

ASN16276 (OVH, FR)
PTR: ip23.ip-51-68-19.eu
adexc.net
1    51.158.25.238 (United Kingdom)

ASN12876 (AS12876, FR)
PTR: 51-158-25-238.rev.poneytelecom.eu
www.linktoconfigingsavevideo.icu
1    163.172.199.47 (United Kingdom)

ASN12876 (AS12876, FR)
PTR: 163-172-199-47.rev.poneytelecom.eu
24newsoft.yourbestcontentsonweb.xyz
7    2600:9000:200d:a000:1c:adf9:fc40:21 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
d25ngfp8ma2ho1.cloudfront.net
Domain Requested by
7 d25ngfp8ma2ho1.cloudfront.net 24newsoft.yourbestcontentsonweb.xyz
2 adexc.net 2 redirects
2 bestadbid.com 1 redirects track.traffic.club
2 track.traffic.club track.tkbo.com
track.traffic.club
2 track.tkbo.com citiesclick.com
track.tkbo.com
1 24newsoft.yourbestcontentsonweb.xyz bestadbid.com
1 www.linktoconfigingsavevideo.icu 1 redirects
1 my.rtmark.net bestadbid.com
1 trecurlik.com bestadbid.com
1 www.google-analytics.com citiesclick.com
1 citiesclick.com
17 11

This site contains no links.

Subject Issuer Validity Valid
citiesclick.com
Let's Encrypt Authority X3		 2019-03-13 -
2019-06-11		 3 months crt.sh
*.google-analytics.com
Google Internet Authority G3		 2019-03-01 -
2019-05-24		 3 months crt.sh
track.tkbo.com
Sectigo RSA Domain Validation Secure Server CA		 2019-02-27 -
2020-02-27		 a year crt.sh
traffic.club
GlobeSSL DV Certification Authority 2		 2019-01-07 -
2021-01-06		 2 years crt.sh
24newsoft.yourbestcontentsonweb.xyz
Let's Encrypt Authority X3		 2019-01-25 -
2019-04-25		 3 months crt.sh
*.cloudfront.net
DigiCert Global CA G2		 2018-10-08 -
2019-10-09		 a year crt.sh

This page contains 1 frames:

Primary Page: https://24newsoft.yourbestcontentsonweb.xyz/?b9zd1=ZHZUb_a5ZGU8A82I7GqnKk_fTu4Yb_Z-UjT7Zv49UTAzb-5joUklxaNXHPkmfVXuDKP8n5AALMWY56JvjqeOvQ..&cid=129634725512884224&sub=1407735&v_id=B7ZbOw0Raegx3lregXzKOakpXUlxxAvbklH1fxPCLdA.
Frame ID: 7EE62557DB87D6590B79386E53DA00FE
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://citiesclick.com/ Page URL
  2. http://track.tkbo.com/?mid=138&f=138&domain=citiesclick.com Page URL
  3. https://track.tkbo.com/go.php?mid=138&f=138&domain=citiesclick.com&ref= Page URL
  4. https://track.traffic.club/helper/forward.php?target=aHR0cDovL2Jlc3RhZGJpZC5jb20vYWZ1LnBocD96b25laWQ9MT... Page URL
  5. https://track.traffic.club/helper/forward.php Page URL
  6. http://bestadbid.com/afu.php?zoneid=1407735 Page URL
  7. http://bestadbid.com/?r=%2Fmb%2Fhan&pbk3=4f2aefb6ef00f021086d69fd09bc07746667811504115020951&empt... HTTP 302
    https://adexc.net/partner-lmudj/?ref_prm=0961&cid=129634725512884224&pub_sd=1407735&adprm=5&ad... HTTP 302
    https://adexc.net/partner-lmudj/process.php?ad_spv=7465&adprm=5&pub_sd=1407735&5&prod=9&ad_uni... HTTP 302
    https://www.linktoconfigingsavevideo.icu/rrr?b9zd1=U58fvaq6GMsxJYyG1QLXZ6h_gHWQ6BA4ywv1VD73ku0.&cid=12963472551288422... HTTP 302
    https://24newsoft.yourbestcontentsonweb.xyz/?b9zd1=ZHZUb_a5ZGU8A82I7GqnKk_fTu4Yb_Z-UjT7Zv49UTAzb-5joUklxaNXHPkmfVXuDKP8n... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /openresty(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • headers server /openresty(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • headers server /openresty(?:\/([\d.]+))?/i

Page Statistics

17
Requests

76 %
HTTPS

17 %
IPv6

11
Domains

11
Subdomains

10
IPs

7
Countries

118 kB
Transfer

151 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://citiesclick.com/ Page URL
  2. http://track.tkbo.com/?mid=138&f=138&domain=citiesclick.com Page URL
  3. https://track.tkbo.com/go.php?mid=138&f=138&domain=citiesclick.com&ref= Page URL
  4. https://track.traffic.club/helper/forward.php?target=aHR0cDovL2Jlc3RhZGJpZC5jb20vYWZ1LnBocD96b25laWQ9MTQwNzczNQ==&hash=5ad5f6186dc0a6c2e1c03c27c49d2545 Page URL
  5. https://track.traffic.club/helper/forward.php Page URL
  6. http://bestadbid.com/afu.php?zoneid=1407735 Page URL
  7. http://bestadbid.com/?r=%2Fmb%2Fhan&pbk3=4f2aefb6ef00f021086d69fd09bc07746667811504115020951&empty=0&uuid=30357b90-132f-4b56-8a3a-dca4006132aa&ad_scheme=1&rotation_type=25&ppucounter=0&first_visit=0&on_test=1&offer_views=0&ab_test=2999&adparams=bm9qcz0w&ip=374b1235a862bf574d813dfea74222be&zoneid=1407735&x=1600&y=1200&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=0&pl=http%3A%2F%2Fbestadbid.com%2Fafu.php%3Fzoneid%3D1365143%26var%3D1407735&drf=&np=0&pt=0&nb=1&ng=1&dm=undefined&cf=0&nw=1&hil=undefined&id=c4a8267c1841b05ec4f130b18646f96c&co=1&rf=0&hs=d01d492f13aec958676a3d4656a2a36c&ix=0&fs=0&sf_type=1&timeout=0 HTTP 302
    https://adexc.net/partner-lmudj/?ref_prm=0961&cid=129634725512884224&pub_sd=1407735&adprm=5&ad_spv=7465 HTTP 302
    https://adexc.net/partner-lmudj/process.php?ad_spv=7465&adprm=5&pub_sd=1407735&5&prod=9&ad_unit_id=6&creative_id=6&sid=7&t=1457603843840&rh=6&utm_source=8=referral&adserver=adsrv1&aff=0961&referal=129634725512884224 HTTP 302
    https://www.linktoconfigingsavevideo.icu/rrr?b9zd1=U58fvaq6GMsxJYyG1QLXZ6h_gHWQ6BA4ywv1VD73ku0.&cid=129634725512884224&sub=1407735 HTTP 302
    https://24newsoft.yourbestcontentsonweb.xyz/?b9zd1=ZHZUb_a5ZGU8A82I7GqnKk_fTu4Yb_Z-UjT7Zv49UTAzb-5joUklxaNXHPkmfVXuDKP8n5AALMWY56JvjqeOvQ..&cid=129634725512884224&sub=1407735&v_id=B7ZbOw0Raegx3lregXzKOakpXUlxxAvbklH1fxPCLdA. Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
citiesclick.com/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://citiesclick.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
159.69.42.212 Jacksonville, United States, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.212.42.69.159.clients.your-server.de
Software
openresty /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
citiesclick.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
server
openresty
date
Wed, 13 Mar 2019 09:54:03 GMT
content-type
text/html; charset=utf8
set-cookie
ndsp=eyJkb21haW5OYW1lIjoiY2l0aWVzY2xpY2suY29tIiwibWVtYmVyIjoiMTQiLCJ0ZW1wbGF0ZSI6InBjX3JlZ19tbmtyIiwidXNlckFnZW50IjoiTW96aWxsYVwvNS4wIChNYWNpbnRvc2g7IEludGVsIE1hYyBPUyBYIDEwXzEzXzUpIEFwcGxlV2ViS2l0XC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWVcLzY3LjAuMzM5Ni44NyBTYWZhcmlcLzUzNy4zNiIsInNlc3Npb24iOiI5NDNjOWVjMzBhOTQ2MDk2ODRhOGZlZGZhMzJmZmZmYyIsInRpbWVfaW5pdCI6MTU1MjQ3MDg0M30%3D; expires=Wed, 13-Mar-2019 22:59:59 GMT; Max-Age=47156; path=/
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-encoding
gzip
analytics.js
www.google-analytics.com/ 		43 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: citiesclick.com
URL: https://citiesclick.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:816::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://citiesclick.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 16 Jan 2019 20:01:45 GMT
server
Golfe2
age
429
date
Wed, 13 Mar 2019 09:46:54 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
17543
expires
Wed, 13 Mar 2019 11:46:54 GMT
/
track.tkbo.com/ 		737 B
749 B 		Document
General
Check archive.org
Download Go to
Full URL
http://track.tkbo.com/?mid=138&f=138&domain=citiesclick.com
Requested by
Host: citiesclick.com
URL: https://citiesclick.com/
Protocol
HTTP/1.1
Server
144.76.0.242 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.242.0.76.144.clients.your-server.de
Software
nginx / PHP/5.3.10-1ubuntu3.25
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
track.tkbo.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Server
nginx
Date
Wed, 13 Mar 2019 09:54:03 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
X-Powered-By
PHP/5.3.10-1ubuntu3.25
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
Content-Encoding
gzip
go.php
track.tkbo.com/ 		610 B
704 B 		Document
General
Check archive.org
Download Go to
Full URL
https://track.tkbo.com/go.php?mid=138&f=138&domain=citiesclick.com&ref=
Requested by
Host: track.tkbo.com
URL: http://track.tkbo.com/?mid=138&f=138&domain=citiesclick.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
94.130.185.237 , Ukraine, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.237.185.130.94.clients.your-server.de
Software
nginx /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
track.tkbo.com
:scheme
https
:path
/go.php?mid=138&f=138&domain=citiesclick.com&ref=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
http://track.tkbo.com/?mid=138&f=138&domain=citiesclick.com
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://track.tkbo.com/?mid=138&f=138&domain=citiesclick.com

Response headers

status
200
server
nginx
date
Wed, 13 Mar 2019 09:54:04 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
set-cookie
XID=li32o3p53hhpe3h1c19if2dg94; path=/
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-encoding
gzip
forward.php
track.traffic.club/helper/ 		129 B
367 B 		Document
General
Check archive.org
Download Go to
Full URL
https://track.traffic.club/helper/forward.php?target=aHR0cDovL2Jlc3RhZGJpZC5jb20vYWZ1LnBocD96b25laWQ9MTQwNzczNQ==&hash=5ad5f6186dc0a6c2e1c03c27c49d2545
Requested by
Host: track.tkbo.com
URL: https://track.tkbo.com/go.php?mid=138&f=138&domain=citiesclick.com&ref=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
94.130.186.231 , Ukraine, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.231.186.130.94.clients.your-server.de
Software
nginx /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
track.traffic.club
:scheme
https
:path
/helper/forward.php?target=aHR0cDovL2Jlc3RhZGJpZC5jb20vYWZ1LnBocD96b25laWQ9MTQwNzczNQ==&hash=5ad5f6186dc0a6c2e1c03c27c49d2545
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
https://track.tkbo.com/go.php?mid=138&f=138&domain=citiesclick.com&ref=
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://track.tkbo.com/go.php?mid=138&f=138&domain=citiesclick.com&ref=

Response headers

status
200
server
nginx
date
Wed, 13 Mar 2019 09:54:04 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
set-cookie
kkl6hi=aHR0cDovL2Jlc3RhZGJpZC5jb20vYWZ1LnBocD96b25laWQ9MTQwNzczNQ%3D%3D; expires=Wed, 13-Mar-2019 09:54:14 GMT; Max-Age=10
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-encoding
gzip
forward.php
track.traffic.club/helper/ 		153 B
396 B 		Document
General
Check archive.org
Download Go to
Full URL
https://track.traffic.club/helper/forward.php
Requested by
Host: track.traffic.club
URL: https://track.traffic.club/helper/forward.php?target=aHR0cDovL2Jlc3RhZGJpZC5jb20vYWZ1LnBocD96b25laWQ9MTQwNzczNQ==&hash=5ad5f6186dc0a6c2e1c03c27c49d2545
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
94.130.186.231 , Ukraine, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.231.186.130.94.clients.your-server.de
Software
nginx /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
track.traffic.club
:scheme
https
:path
/helper/forward.php
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
https://track.traffic.club/helper/forward.php?target=aHR0cDovL2Jlc3RhZGJpZC5jb20vYWZ1LnBocD96b25laWQ9MTQwNzczNQ==&hash=5ad5f6186dc0a6c2e1c03c27c49d2545
accept-encoding
gzip, deflate, br
cookie
kkl6hi=aHR0cDovL2Jlc3RhZGJpZC5jb20vYWZ1LnBocD96b25laWQ9MTQwNzczNQ%3D%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://track.traffic.club/helper/forward.php?target=aHR0cDovL2Jlc3RhZGJpZC5jb20vYWZ1LnBocD96b25laWQ9MTQwNzczNQ==&hash=5ad5f6186dc0a6c2e1c03c27c49d2545

Response headers

status
200
server
nginx
date
Wed, 13 Mar 2019 09:54:04 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
set-cookie
kkl6hi=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0 tc_rvs=1; expires=Wed, 13-Mar-2019 09:54:07 GMT; Max-Age=3
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-encoding
gzip
Cookie set afu.php
bestadbid.com/ 		12 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://bestadbid.com/afu.php?zoneid=1407735
Requested by
Host: track.traffic.club
URL: https://track.traffic.club/helper/forward.php
Protocol
HTTP/1.1
Server
188.42.162.193 , Luxembourg, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software
nginx /
Resource Hash
5fec405c8610a074c07a57f58be0acafd88da9c3d4fa5647f3d645a431fedaf9
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Host
bestadbid.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Server
nginx
Date
Wed, 13 Mar 2019 09:54:04 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Timing-Allow-Origin
* *
Pragma
no-cache
Cache-Control
private, max-age=0, no-cache
Expires
Mon, 26 Jul 1997 05:00:00 GMT
Set-Cookie
SeenToday=1; expires=Thu, 14-Mar-2019 09:54:04 GMT; Max-Age=86400; path=/ OAGEOaf824=16%7CDE%7CBE%7CBERLIN%7CBROADBAND%7CM247+LTD%7C%7C10383%7C1739%7C%3F%7C276006%7C%2B100; expires=Thu, 14-Mar-2019 09:54:04 GMT; Max-Age=86400; path=/ oaidts=1552470844; expires=Thu, 12-Mar-2020 09:54:04 GMT; Max-Age=31536000; path=/ OAID=08ee28ba6d5a5c9ce83be3f9b0ba2943; expires=Thu, 12-Mar-2020 09:54:04 GMT; Max-Age=31536000; path=/ OAID=08ee28ba6d5a5c9ce83be3f9b0ba2943; expires=Thu, 12-Mar-2020 09:54:04 GMT; Max-Age=31536000; path=/ exsdsf=1552470844 pbk3=4f2aefb6ef00f021086d69fd09bc07746667811504115020951; expires=Wed, 13-Mar-2019 10:04:04 GMT; Max-Age=600
X-FRAME-OPTIONS
DENY
P3P
CP="CUR ADM OUR NOR STA NID"
X-Used-AdExchange
1
Content-Encoding
gzip
Strict-Transport-Security
max-age=1
X-Content-Type-Options
nosniff
sc.php
trecurlik.com/ 		0
162 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://trecurlik.com/sc.php?zoneid=1407735&bannerid=2561808&OXLCA=1&clickid=129634724934070273
Requested by
Host: bestadbid.com
URL: http://bestadbid.com/afu.php?zoneid=1407735
Protocol
HTTP/1.1
Server
88.85.66.186 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://bestadbid.com/afu.php?zoneid=1407735
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 13 Mar 2019 09:54:05 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
Content-Type
text/plain; charset=utf-8
img.gif
my.rtmark.net/ 		43 B
366 B 		Other
General
Check archive.org
Download Go to
Full URL
http://my.rtmark.net/img.gif?f=merge&userId=08ee28ba6d5a5c9ce83be3f9b0ba2943
Requested by
Host: bestadbid.com
URL: http://bestadbid.com/afu.php?zoneid=1365143&var=1407735
Protocol
HTTP/1.1
Server
188.42.160.69 , Luxembourg, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
http://bestadbid.com/afu.php?zoneid=1365143&var=1407735
Origin
http://bestadbid.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Wed, 13 Mar 2019 09:54:05 GMT
X-Content-Type-Options
nosniff
Server
nginx
Strict-Transport-Security
max-age=1
Content-Type
image/gif
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
43
Primary Request Cookie set /
24newsoft.yourbestcontentsonweb.xyz/
Redirect Chain
  • http://bestadbid.com/?r=%2Fmb%2Fhan&pbk3=4f2aefb6ef00f021086d69fd09bc07746667811504115020951&empty=0&uuid=30357b90-132f-4b56-8a3a-dca4006132aa&ad_scheme=1&rotation_type=25&ppucounter=0&first_visit=...
  • https://adexc.net/partner-lmudj/?ref_prm=0961&cid=129634725512884224&pub_sd=1407735&adprm=5&ad_spv=7465
  • https://adexc.net/partner-lmudj/process.php?ad_spv=7465&adprm=5&pub_sd=1407735&5&prod=9&ad_unit_id=6&creative_id=6&sid=7&t=1457603843840&rh=6&utm_source=8=referral&adserver=adsrv1&aff=0961&referal=...
  • https://www.linktoconfigingsavevideo.icu/rrr?b9zd1=U58fvaq6GMsxJYyG1QLXZ6h_gHWQ6BA4ywv1VD73ku0.&cid=129634725512884224&sub=1407735
  • https://24newsoft.yourbestcontentsonweb.xyz/?b9zd1=ZHZUb_a5ZGU8A82I7GqnKk_fTu4Yb_Z-UjT7Zv49UTAzb-5joUklxaNXHPkmfVXuDKP8n5AALMWY56JvjqeOvQ..&cid=129634725512884224&sub=1407735&v_id=B7ZbOw0Raegx3lreg...
6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://24newsoft.yourbestcontentsonweb.xyz/?b9zd1=ZHZUb_a5ZGU8A82I7GqnKk_fTu4Yb_Z-UjT7Zv49UTAzb-5joUklxaNXHPkmfVXuDKP8n5AALMWY56JvjqeOvQ..&cid=129634725512884224&sub=1407735&v_id=B7ZbOw0Raegx3lregXzKOakpXUlxxAvbklH1fxPCLdA.
Requested by
Host: bestadbid.com
URL: http://bestadbid.com/afu.php?zoneid=1365143&var=1407735
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
163.172.199.47 , United Kingdom, ASN12876 (AS12876, FR),
Reverse DNS
163-172-199-47.rev.poneytelecom.eu
Software
nginx /
Resource Hash
36972f3fc5b47dd031ce17c3e02045917cef4b8ccda24febdaa90667d6998588

Request headers

Host
24newsoft.yourbestcontentsonweb.xyz
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
http://bestadbid.com/afu.php?zoneid=1365143&var=1407735
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://bestadbid.com/afu.php?zoneid=1365143&var=1407735

Response headers

Server
nginx
Date
Wed, 13 Mar 2019 09:54:06 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
channel=lep_macDE_jan2; expires=Wed, 13-Mar-2019 10:14:06 GMT; Max-Age=1200; path=/ dist_id=7436; expires=Wed, 13-Mar-2019 10:14:06 GMT; Max-Age=1200; path=/ lp_id=2272; expires=Wed, 13-Mar-2019 10:14:06 GMT; Max-Age=1200; path=/
Content-Encoding
gzip

Redirect headers

Server
nginx
Date
Wed, 13 Mar 2019 09:54:06 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Location
https://24newsoft.yourbestcontentsonweb.xyz/?b9zd1=ZHZUb_a5ZGU8A82I7GqnKk_fTu4Yb_Z-UjT7Zv49UTAzb-5joUklxaNXHPkmfVXuDKP8n5AALMWY56JvjqeOvQ..&cid=129634725512884224&sub=1407735&v_id=B7ZbOw0Raegx3lregXzKOakpXUlxxAvbklH1fxPCLdA.
mac4GERedt.png
d25ngfp8ma2ho1.cloudfront.net/lps/flash_mac/images/ 		53 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d25ngfp8ma2ho1.cloudfront.net/lps/flash_mac/images/mac4GERedt.png
Requested by
Host: 24newsoft.yourbestcontentsonweb.xyz
URL: https://24newsoft.yourbestcontentsonweb.xyz/?b9zd1=ZHZUb_a5ZGU8A82I7GqnKk_fTu4Yb_Z-UjT7Zv49UTAzb-5joUklxaNXHPkmfVXuDKP8n5AALMWY56JvjqeOvQ..&cid=129634725512884224&sub=1407735&v_id=B7ZbOw0Raegx3lregXzKOakpXUlxxAvbklH1fxPCLdA.
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:200d:a000:1c:adf9:fc40:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2817da2ae5e4f15a2ee4c44f41df8c5a3567c17803d5c0bc2d44a48b0d1bab9f

Request headers

Referer
https://24newsoft.yourbestcontentsonweb.xyz/?b9zd1=ZHZUb_a5ZGU8A82I7GqnKk_fTu4Yb_Z-UjT7Zv49UTAzb-5joUklxaNXHPkmfVXuDKP8n5AALMWY56JvjqeOvQ..&cid=129634725512884224&sub=1407735&v_id=B7ZbOw0Raegx3lregXzKOakpXUlxxAvbklH1fxPCLdA.
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 12 Mar 2019 19:55:53 GMT
via
1.1 029f15a661be82d29f31e88713b71d65.cloudfront.net (CloudFront)
last-modified
Mon, 27 Aug 2018 09:14:53 GMT
server
AmazonS3
age
95168
etag
"5fb7eef1c707c43de46fd881f45abe09"
x-cache
Hit from cloudfront
content-type
image/png
status
200
accept-ranges
bytes
content-length
53780
x-amz-cf-id
el0qtScmwhcyjAt1W6lNoQkBk0MIJZgsrwqPojlekv8V1mBOCGN9KA==
downloadgif.gif
d25ngfp8ma2ho1.cloudfront.net/lps/flash_mac/images/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d25ngfp8ma2ho1.cloudfront.net/lps/flash_mac/images/downloadgif.gif
Requested by
Host: 24newsoft.yourbestcontentsonweb.xyz
URL: https://24newsoft.yourbestcontentsonweb.xyz/?b9zd1=ZHZUb_a5ZGU8A82I7GqnKk_fTu4Yb_Z-UjT7Zv49UTAzb-5joUklxaNXHPkmfVXuDKP8n5AALMWY56JvjqeOvQ..&cid=129634725512884224&sub=1407735&v_id=B7ZbOw0Raegx3lregXzKOakpXUlxxAvbklH1fxPCLdA.
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:200d:a000:1c:adf9:fc40:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d714e144f5890b10e5bfb765e0ea6c31737ee11031131a0c306cc2645ef7ba81

Request headers

Referer
https://24newsoft.yourbestcontentsonweb.xyz/?b9zd1=ZHZUb_a5ZGU8A82I7GqnKk_fTu4Yb_Z-UjT7Zv49UTAzb-5joUklxaNXHPkmfVXuDKP8n5AALMWY56JvjqeOvQ..&cid=129634725512884224&sub=1407735&v_id=B7ZbOw0Raegx3lregXzKOakpXUlxxAvbklH1fxPCLdA.
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 12 Mar 2019 18:37:18 GMT
via
1.1 029f15a661be82d29f31e88713b71d65.cloudfront.net (CloudFront)
last-modified
Wed, 30 May 2018 18:09:22 GMT
server
AmazonS3
age
65588
etag
"71d508a5a418c2eab6ac59dab52e5f53"
x-cache
Hit from cloudfront
content-type
image/gif
status
200
accept-ranges
bytes
content-length
11787
x-amz-cf-id
hBN22Nww_MRN5fv3K3_CLNYEzcKWbLn1NNeASa9vlj7Ey7NttcEblA==
downloadactive.png
d25ngfp8ma2ho1.cloudfront.net/lps/flash_mac/images/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d25ngfp8ma2ho1.cloudfront.net/lps/flash_mac/images/downloadactive.png
Requested by
Host: 24newsoft.yourbestcontentsonweb.xyz
URL: https://24newsoft.yourbestcontentsonweb.xyz/?b9zd1=ZHZUb_a5ZGU8A82I7GqnKk_fTu4Yb_Z-UjT7Zv49UTAzb-5joUklxaNXHPkmfVXuDKP8n5AALMWY56JvjqeOvQ..&cid=129634725512884224&sub=1407735&v_id=B7ZbOw0Raegx3lregXzKOakpXUlxxAvbklH1fxPCLdA.
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:200d:a000:1c:adf9:fc40:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
85ca0e8a71da7cb9f6da2faad0b491818b83b721a03dd71a9e6c1fd23cc355fe

Request headers

Referer
https://24newsoft.yourbestcontentsonweb.xyz/?b9zd1=ZHZUb_a5ZGU8A82I7GqnKk_fTu4Yb_Z-UjT7Zv49UTAzb-5joUklxaNXHPkmfVXuDKP8n5AALMWY56JvjqeOvQ..&cid=129634725512884224&sub=1407735&v_id=B7ZbOw0Raegx3lregXzKOakpXUlxxAvbklH1fxPCLdA.
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 12 Mar 2019 17:11:32 GMT
via
1.1 029f15a661be82d29f31e88713b71d65.cloudfront.net (CloudFront)
last-modified
Wed, 30 May 2018 18:08:47 GMT
server
AmazonS3
age
60155
etag
"759894fc31058cbee5c154ddf8109da6"
x-cache
Hit from cloudfront
content-type
image/png
status
200
accept-ranges
bytes
content-length
4367
x-amz-cf-id
c5jyIHMacs_jiw_wWyDXYNVchgU2bmFueSbKu-PsCdMWfeJsPTw_rw==
ok.png
d25ngfp8ma2ho1.cloudfront.net/lps/flash_mac/images/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d25ngfp8ma2ho1.cloudfront.net/lps/flash_mac/images/ok.png
Requested by
Host: 24newsoft.yourbestcontentsonweb.xyz
URL: https://24newsoft.yourbestcontentsonweb.xyz/?b9zd1=ZHZUb_a5ZGU8A82I7GqnKk_fTu4Yb_Z-UjT7Zv49UTAzb-5joUklxaNXHPkmfVXuDKP8n5AALMWY56JvjqeOvQ..&cid=129634725512884224&sub=1407735&v_id=B7ZbOw0Raegx3lregXzKOakpXUlxxAvbklH1fxPCLdA.
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:200d:a000:1c:adf9:fc40:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
60bc686d0dbd4a721a5b96df034ac04067756297cf097ad6f4338b0e37c95af1

Request headers

Referer
https://24newsoft.yourbestcontentsonweb.xyz/?b9zd1=ZHZUb_a5ZGU8A82I7GqnKk_fTu4Yb_Z-UjT7Zv49UTAzb-5joUklxaNXHPkmfVXuDKP8n5AALMWY56JvjqeOvQ..&cid=129634725512884224&sub=1407735&v_id=B7ZbOw0Raegx3lregXzKOakpXUlxxAvbklH1fxPCLdA.
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 12 Mar 2019 18:37:18 GMT
via
1.1 029f15a661be82d29f31e88713b71d65.cloudfront.net (CloudFront)
last-modified
Wed, 30 May 2018 18:08:51 GMT
server
AmazonS3
age
79115
etag
"8735b3e852676168da0cb997fc397c4d"
x-cache
Hit from cloudfront
content-type
image/png
status
200
accept-ranges
bytes
content-length
3387
x-amz-cf-id
dGuWkhC8He4Ks9uhhYO26BzzV1RgPbuiA0RV4qLNecmp21yQ7BNk9g==
okactive.png
d25ngfp8ma2ho1.cloudfront.net/lps/flash_mac/images/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d25ngfp8ma2ho1.cloudfront.net/lps/flash_mac/images/okactive.png
Requested by
Host: 24newsoft.yourbestcontentsonweb.xyz
URL: https://24newsoft.yourbestcontentsonweb.xyz/?b9zd1=ZHZUb_a5ZGU8A82I7GqnKk_fTu4Yb_Z-UjT7Zv49UTAzb-5joUklxaNXHPkmfVXuDKP8n5AALMWY56JvjqeOvQ..&cid=129634725512884224&sub=1407735&v_id=B7ZbOw0Raegx3lregXzKOakpXUlxxAvbklH1fxPCLdA.
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:200d:a000:1c:adf9:fc40:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2755c2a109a7dc442afa20ab5ea319eca18f94a8ea7c05e2dddb6e1264501e23

Request headers

Referer
https://24newsoft.yourbestcontentsonweb.xyz/?b9zd1=ZHZUb_a5ZGU8A82I7GqnKk_fTu4Yb_Z-UjT7Zv49UTAzb-5joUklxaNXHPkmfVXuDKP8n5AALMWY56JvjqeOvQ..&cid=129634725512884224&sub=1407735&v_id=B7ZbOw0Raegx3lregXzKOakpXUlxxAvbklH1fxPCLdA.
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 12 Mar 2019 17:11:32 GMT
via
1.1 029f15a661be82d29f31e88713b71d65.cloudfront.net (CloudFront)
last-modified
Wed, 30 May 2018 18:11:39 GMT
server
AmazonS3
age
60155
etag
"2b9dd1759bf55999fc392c5dbb6bb6f7"
x-cache
Hit from cloudfront
content-type
image/png
status
200
accept-ranges
bytes
content-length
3437
x-amz-cf-id
B4GfV0tTu_T7y48aYLBXWch7avadFo7iPKh7Owc0VtgZA-lDUNSuLg==
okactive@2x.png
d25ngfp8ma2ho1.cloudfront.net/lps/flash_mac/images/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d25ngfp8ma2ho1.cloudfront.net/lps/flash_mac/images/okactive@2x.png
Requested by
Host: 24newsoft.yourbestcontentsonweb.xyz
URL: https://24newsoft.yourbestcontentsonweb.xyz/?b9zd1=ZHZUb_a5ZGU8A82I7GqnKk_fTu4Yb_Z-UjT7Zv49UTAzb-5joUklxaNXHPkmfVXuDKP8n5AALMWY56JvjqeOvQ..&cid=129634725512884224&sub=1407735&v_id=B7ZbOw0Raegx3lregXzKOakpXUlxxAvbklH1fxPCLdA.
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:200d:a000:1c:adf9:fc40:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a8b80ca1f74242b77cbf0ac6ec3e8076757aa54578434944a4e4df767c9cf6ad

Request headers

Referer
https://24newsoft.yourbestcontentsonweb.xyz/?b9zd1=ZHZUb_a5ZGU8A82I7GqnKk_fTu4Yb_Z-UjT7Zv49UTAzb-5joUklxaNXHPkmfVXuDKP8n5AALMWY56JvjqeOvQ..&cid=129634725512884224&sub=1407735&v_id=B7ZbOw0Raegx3lregXzKOakpXUlxxAvbklH1fxPCLdA.
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 12 Mar 2019 19:30:28 GMT
via
1.1 029f15a661be82d29f31e88713b71d65.cloudfront.net (CloudFront)
last-modified
Wed, 30 May 2018 18:11:11 GMT
server
AmazonS3
age
59826
etag
"370305f8f631cc0642d7bf0d8d7f51e2"
x-cache
Hit from cloudfront
content-type
image/png
status
200
accept-ranges
bytes
content-length
4484
x-amz-cf-id
DDqzcrdX1hS2LTLqPWxrU3jpRzUDLsah7Mur1t7dSi-6kfYfvcSr2A==
downloadactive@2x.png
d25ngfp8ma2ho1.cloudfront.net/lps/flash_mac/images/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d25ngfp8ma2ho1.cloudfront.net/lps/flash_mac/images/downloadactive@2x.png
Requested by
Host: 24newsoft.yourbestcontentsonweb.xyz
URL: https://24newsoft.yourbestcontentsonweb.xyz/?b9zd1=ZHZUb_a5ZGU8A82I7GqnKk_fTu4Yb_Z-UjT7Zv49UTAzb-5joUklxaNXHPkmfVXuDKP8n5AALMWY56JvjqeOvQ..&cid=129634725512884224&sub=1407735&v_id=B7ZbOw0Raegx3lregXzKOakpXUlxxAvbklH1fxPCLdA.
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:200d:a000:1c:adf9:fc40:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
911a71457c0146a07bd5d48ef8556f7a802c9feddf63d59750453ff76a443484

Request headers

Referer
https://24newsoft.yourbestcontentsonweb.xyz/?b9zd1=ZHZUb_a5ZGU8A82I7GqnKk_fTu4Yb_Z-UjT7Zv49UTAzb-5joUklxaNXHPkmfVXuDKP8n5AALMWY56JvjqeOvQ..&cid=129634725512884224&sub=1407735&v_id=B7ZbOw0Raegx3lregXzKOakpXUlxxAvbklH1fxPCLdA.
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 13 Mar 2019 09:13:24 GMT
via
1.1 029f15a661be82d29f31e88713b71d65.cloudfront.net (CloudFront)
last-modified
Wed, 30 May 2018 18:11:44 GMT
server
AmazonS3
age
36622
etag
"1cd55b247bf699786c644652ea0d1973"
x-cache
Hit from cloudfront
content-type
image/png
status
200
accept-ranges
bytes
content-length
6790
x-amz-cf-id
F1gxCfBNppnUeS_6ZiPAnyfmsG6QAh-B0uNsrHlNH6EwCnD9kRbQ3w==

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask function| onDownloadButtonClicked object| dlobj

3 Cookies

Domain/Path Name / Value
24newsoft.yourbestcontentsonweb.xyz/ Name: lp_id
Value: 2272
24newsoft.yourbestcontentsonweb.xyz/ Name: dist_id
Value: 7436
24newsoft.yourbestcontentsonweb.xyz/ Name: channel
Value: lep_macDE_jan2

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block