popular.newsweblogs.com Open in urlscan Pro
2606:4700:3036::ac43:9dad  Malicious Activity! Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response popular.newsweblogs.com/de/low-kri/	27 KB 7 KB	273ms 61ms	Document text/html	2606:4700:3036::ac43:9dad CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://popular.newsweblogs.com/de/low-kri/?zoneid=283852&language=283852:8458&clickID=maeq6J1M-sY&campaignid=pushu-de-low-kri-pop-desk-win Protocol HTTP/1.1 Server 2606:4700:3036::ac43:9dad , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/5.4.45 Resource Hash baa84c80948553bab9a190404b2f337ab0a9a0178ec00c17e1bb5e53b7e4f132 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers CF-Cache-Status DYNAMIC CF-RAY 74e6227628bb6964-FRA Connection keep-alive Content-Encoding gzip Content-Type text/html; charset=UTF-8 Date Wed, 21 Sep 2022 22:11:05 GMT NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rnENFYv0KyOHfA515m8W5zAEZgjJxYbjqbR5nsp2plDO7uRfoEF03QSHjasnN5y6sIEs%2BjvsJuFyyXW0wtQhTMQiWi2nDKCseJQMw%2FrO9e6ywvfnHIZJX2%2BasbCapaR%2F2ZdHKr9lOvXS13irq4uKW9Goihcqmg%3D%3D"}],"group":"cf-nel","max_age":604800} Server cloudflare Transfer-Encoding chunked Vary Accept-Encoding X-Powered-By PHP/5.4.45 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H/1.1	200 OK	style.css popular.newsweblogs.com/de/low-kri/d_files/	13 KB 4 KB	14ms 14ms	Stylesheet text/css	2606:4700:3036::ac43:9dad CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://popular.newsweblogs.com/de/low-kri/d_files/style.css Requested by Host: popular.newsweblogs.com URL: http://popular.newsweblogs.com/de/low-kri/?zoneid=283852&language=283852:8458&clickID=maeq6J1M-sY&campaignid=pushu-de-low-kri-pop-desk-win Protocol HTTP/1.1 Server 2606:4700:3036::ac43:9dad , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ac82b39e64db16df0c9d59832a78d60ca919fb39f39e22c1dd63e70d960cffb2 Request headers accept-language de-DE,de;q=0.9 Referer http://popular.newsweblogs.com/de/low-kri/?zoneid=283852&language=283852:8458&clickID=maeq6J1M-sY&campaignid=pushu-de-low-kri-pop-desk-win User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers Date Wed, 21 Sep 2022 22:11:05 GMT Content-Encoding gzip CF-Cache-Status HIT NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Age 227464 Transfer-Encoding chunked Connection keep-alive alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 Last-Modified Tue, 06 Sep 2022 10:10:23 GMT Server cloudflare ETag W/"63171c8f-34c8" Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3TQSOxOkyh%2F2saLwyi%2FYcVahIy1CFFK%2F6q083%2FUOVZzrdsN3ZNywbEryVLKMlfu5POHIEEJ7uunbAKo%2F6%2FvbhoqF1XZBGlJMsMdgHQyJJ6g8%2BIUlyUmfLHhZ9InwICsM%2FE1D7OLpMNWZslQenLJ0oUO%2F44%2BvSw%3D%3D"}],"group":"cf-nel","max_age":604800} Content-Type text/css Cache-Control max-age=315360000 CF-RAY 74e6227699236964-FRA Expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	css2 fonts.googleapis.com/	4 KB 1 KB	189ms 71ms	Stylesheet text/css	2a00:1450:400d:80a::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap Requested by Host: popular.newsweblogs.com URL: http://popular.newsweblogs.com/de/low-kri/?zoneid=283852&language=283852:8458&clickID=maeq6J1M-sY&campaignid=pushu-de-low-kri-pop-desk-win Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400d:80a::200a , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer http://popular.newsweblogs.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Wed, 21 Sep 2022 21:04:26 GMT server ESF cross-origin-opener-policy same-origin-allow-popups date Wed, 21 Sep 2022 22:11:05 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Wed, 21 Sep 2022 22:11:05 GMT
GET H/1.1	200 OK	35.png popular.newsweblogs.com/de/low-kri/d_files/	656 B 1 KB	16ms 15ms	Image image/png	2606:4700:3036::ac43:9dad CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://popular.newsweblogs.com/de/low-kri/d_files/35.png Requested by Host: popular.newsweblogs.com URL: http://popular.newsweblogs.com/de/low-kri/?zoneid=283852&language=283852:8458&clickID=maeq6J1M-sY&campaignid=pushu-de-low-kri-pop-desk-win Protocol HTTP/1.1 Server 2606:4700:3036::ac43:9dad , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e867182fe5ddcea7ff1946dc2c3b3536e29800fcba3923743eba4fa6fed574a6 Request headers accept-language de-DE,de;q=0.9 Referer http://popular.newsweblogs.com/de/low-kri/?zoneid=283852&language=283852:8458&clickID=maeq6J1M-sY&campaignid=pushu-de-low-kri-pop-desk-win User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers Date Wed, 21 Sep 2022 22:11:05 GMT CF-Cache-Status HIT NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Age 227464 Connection keep-alive alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 Content-Length 656 Last-Modified Tue, 06 Sep 2022 10:10:19 GMT Server cloudflare ETag "63171c8b-290" Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b57XtGGIlHeHksDgU5zjYqdU%2B3XHMdQAJ3jTG34BDNepidS1meRYQLuuF2S%2BY5Ky63KJBiZAsE%2Fa3HblkLfTJZsd68UZAfgtER%2FWgDvnYdeQCAodzFowFJEXwceCDujLLqbkJYkK40pkJpT8TFUem6R%2B3djhEA%3D%3D"}],"group":"cf-nel","max_age":604800} Content-Type image/png Cache-Control max-age=315360000 Accept-Ranges bytes CF-RAY 74e62276b94b6964-FRA Expires Thu, 31 Dec 2037 23:55:55 GMT
GET H/1.1	200 OK	header-right.png popular.newsweblogs.com/de/low-kri/d_files/	8 KB 9 KB	13ms 13ms	Image image/png	2606:4700:3036::ac43:9dad CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://popular.newsweblogs.com/de/low-kri/d_files/header-right.png Requested by Host: popular.newsweblogs.com URL: http://popular.newsweblogs.com/de/low-kri/?zoneid=283852&language=283852:8458&clickID=maeq6J1M-sY&campaignid=pushu-de-low-kri-pop-desk-win Protocol HTTP/1.1 Server 2606:4700:3036::ac43:9dad , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7d36963228d9129e9c593f7fe1c707055836ae5d56da63bc414cccc93903aa67 Request headers accept-language de-DE,de;q=0.9 Referer http://popular.newsweblogs.com/de/low-kri/?zoneid=283852&language=283852:8458&clickID=maeq6J1M-sY&campaignid=pushu-de-low-kri-pop-desk-win User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers Date Wed, 21 Sep 2022 22:11:05 GMT CF-Cache-Status HIT NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Age 227464 Connection keep-alive alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 Content-Length 8150 Last-Modified Tue, 06 Sep 2022 10:10:20 GMT Server cloudflare ETag "63171c8c-1fd6" Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yfLdvj%2FSCVAguGAGFx%2Bmfggfm%2FgKAcLnCXO2aCPUBmUUyp5JMK2hwsvf57FFJgY6VN%2BL2S41xhk%2B6budqMj587M2ZP6fYjAbbSIrfmDYss3eLqsspAi8Wd%2BGr2jYEctetZLRCNX0cq7XvM9PaZ4Qtl%2B%2FHB5wEQ%3D%3D"}],"group":"cf-nel","max_age":604800} Content-Type image/png Cache-Control max-age=315360000 Accept-Ranges bytes CF-RAY 74e6227709bc6964-FRA Expires Thu, 31 Dec 2037 23:55:55 GMT
GET H/1.1	200 OK	hd-hero1.jpg popular.newsweblogs.com/de/low-kri/d_files/	102 KB 102 KB	13ms 13ms	Image image/jpeg	2606:4700:3036::ac43:9dad CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://popular.newsweblogs.com/de/low-kri/d_files/hd-hero1.jpg Requested by Host: popular.newsweblogs.com URL: http://popular.newsweblogs.com/de/low-kri/?zoneid=283852&language=283852:8458&clickID=maeq6J1M-sY&campaignid=pushu-de-low-kri-pop-desk-win Protocol HTTP/1.1 Server 2606:4700:3036::ac43:9dad , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 306e31925812ab93bfbeb73e8d0daa44d51e1bec968eecc61b6dedbfd850ae8b Request headers accept-language de-DE,de;q=0.9 Referer http://popular.newsweblogs.com/de/low-kri/?zoneid=283852&language=283852:8458&clickID=maeq6J1M-sY&campaignid=pushu-de-low-kri-pop-desk-win User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers Date Wed, 21 Sep 2022 22:11:05 GMT CF-Cache-Status HIT NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Age 227464 Connection keep-alive alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 Content-Length 103945 Last-Modified Tue, 06 Sep 2022 10:10:20 GMT Server cloudflare ETag "63171c8c-19609" Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HEhEX%2B2OttkNO%2B0hZJnJAHpaf5%2FzaTFPijGr1nz8Ul4Nl%2BN1IUpFWB5aUMHa%2BoPorLASHtdPW7rBwPDKxCgUYDYoZ7Myy6lV4jG0MWenQLMU%2BHQWzFt1plBgjuOd%2BP6lrCvq4xnDfRdsrO8TOXUkg%2BssGvJyEw%3D%3D"}],"group":"cf-nel","max_age":604800} Content-Type image/jpeg Cache-Control max-age=315360000 Accept-Ranges bytes CF-RAY 74e6227719e06964-FRA Expires Thu, 31 Dec 2037 23:55:55 GMT
GET H/1.1	200 OK	2018-03-28_12.jpg popular.newsweblogs.com/de/low-kri/d_files/	95 KB 95 KB	14ms 13ms	Image image/jpeg	2606:4700:3036::ac43:9dad CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://popular.newsweblogs.com/de/low-kri/d_files/2018-03-28_12.jpg Requested by Host: popular.newsweblogs.com URL: http://popular.newsweblogs.com/de/low-kri/?zoneid=283852&language=283852:8458&clickID=maeq6J1M-sY&campaignid=pushu-de-low-kri-pop-desk-win Protocol HTTP/1.1 Server 2606:4700:3036::ac43:9dad , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8fab48b024a84a388f0a93243c49d16f7ab792433c7c2946157e09ff7efb0f8b Request headers accept-language de-DE,de;q=0.9 Referer http://popular.newsweblogs.com/de/low-kri/?zoneid=283852&language=283852:8458&clickID=maeq6J1M-sY&campaignid=pushu-de-low-kri-pop-desk-win User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers Date Wed, 21 Sep 2022 22:11:05 GMT CF-Cache-Status HIT NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Age 227464 Connection keep-alive alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 Content-Length 96891 Last-Modified Tue, 06 Sep 2022 10:10:18 GMT Server cloudflare ETag "63171c8a-17a7b" Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GCoNW3wNJnB3q8uoN5PLCL7wWQfY6v%2Ff%2Bur8g8kHXGW8Cytu24vZGgRQKCVwd7QZAnYf3RGMOKRiIPUNB%2BZiATf9Azda%2BTrk1Dx93JIJwG2Er4gaPNbPQMJbNzzDyH%2BOYj7Ro00F1pQrU32n2rF2dkWWPiFO4A%3D%3D"}],"group":"cf-nel","max_age":604800} Content-Type image/jpeg Cache-Control max-age=315360000 Accept-Ranges bytes CF-RAY 74e622774a106964-FRA Expires Thu, 31 Dec 2037 23:55:55 GMT
GET H/1.1	200 OK	carsten-maschmeyer-und-judith-williams.jpg popular.newsweblogs.com/de/low-kri/d_files/	71 KB 72 KB	15ms 15ms	Image image/jpeg	2606:4700:3036::ac43:9dad CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://popular.newsweblogs.com/de/low-kri/d_files/carsten-maschmeyer-und-judith-williams.jpg Requested by Host: popular.newsweblogs.com URL: http://popular.newsweblogs.com/de/low-kri/?zoneid=283852&language=283852:8458&clickID=maeq6J1M-sY&campaignid=pushu-de-low-kri-pop-desk-win Protocol HTTP/1.1 Server 2606:4700:3036::ac43:9dad , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c155aa91c885690a76b7980782929e024d0a9c1c0eb718467f1984b190e91e39 Request headers accept-language de-DE,de;q=0.9 Referer http://popular.newsweblogs.com/de/low-kri/?zoneid=283852&language=283852:8458&clickID=maeq6J1M-sY&campaignid=pushu-de-low-kri-pop-desk-win User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers Date Wed, 21 Sep 2022 22:11:05 GMT CF-Cache-Status HIT NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Age 227464 Connection keep-alive alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 Content-Length 72905 Last-Modified Tue, 06 Sep 2022 10:10:20 GMT Server cloudflare ETag "63171c8c-11cc9" Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XCXZw7thyHutEHFHxPn96EGMgZ%2F5HEvNOgpAIOEKUuxOGFs8ZfVxheDIYgUjwOmHabXDExAivW%2FHXC5eDEz1Kz0acsPrUg6worYgupUGc8qLcDP6F3H6X0uS3YBDQsxAPykzJG0Mr%2BvfdHpnQEeHafpkjLGfxQ%3D%3D"}],"group":"cf-nel","max_age":604800} Content-Type image/jpeg Cache-Control max-age=315360000 Accept-Ranges bytes CF-RAY 74e622775a2a6964-FRA Expires Thu, 31 Dec 2037 23:55:55 GMT
GET H/1.1	200 OK	ccccc.jpg popular.newsweblogs.com/de/low-kri/d_files/	69 KB 69 KB	14ms 14ms	Image image/jpeg	2606:4700:3036::ac43:9dad CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://popular.newsweblogs.com/de/low-kri/d_files/ccccc.jpg Requested by Host: popular.newsweblogs.com URL: http://popular.newsweblogs.com/de/low-kri/?zoneid=283852&language=283852:8458&clickID=maeq6J1M-sY&campaignid=pushu-de-low-kri-pop-desk-win Protocol HTTP/1.1 Server 2606:4700:3036::ac43:9dad , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8ad622e64ffb8e38cb31e92afbbdadbf6db8291a0af96ee64c31ed53d6c00c5d Request headers accept-language de-DE,de;q=0.9 Referer http://popular.newsweblogs.com/de/low-kri/?zoneid=283852&language=283852:8458&clickID=maeq6J1M-sY&campaignid=pushu-de-low-kri-pop-desk-win User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers Date Wed, 21 Sep 2022 22:11:05 GMT CF-Cache-Status HIT NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Age 227464 Connection keep-alive alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 Content-Length 70283 Last-Modified Tue, 06 Sep 2022 10:10:23 GMT Server cloudflare ETag "63171c8f-1128b" Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zn%2Fvgp1yrNzEEw35XDz%2Bc9YTOTmHP88y6ypd18tKJ4H2AbvwTKi2hPiLp94jIXKOratxPlxQC7EclWqKAYHOB%2FIvUzUQnKkWXuqGlyxqEyKZ4ZqIT7lAl7Alj0k%2B5nbL9fxl9uE6P2hTHEEn36R8hJqxfIp2NQ%3D%3D"}],"group":"cf-nel","max_age":604800} Content-Type image/jpeg Cache-Control max-age=315360000 Accept-Ranges bytes CF-RAY 74e622777a4a6964-FRA Expires Thu, 31 Dec 2037 23:55:55 GMT
GET H/1.1	200 OK	prof1.jpg popular.newsweblogs.com/de/low-kri/d_files/	2 KB 3 KB	18ms 18ms	Image image/jpeg	2606:4700:3036::ac43:9dad CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://popular.newsweblogs.com/de/low-kri/d_files/prof1.jpg Requested by Host: popular.newsweblogs.com URL: http://popular.newsweblogs.com/de/low-kri/?zoneid=283852&language=283852:8458&clickID=maeq6J1M-sY&campaignid=pushu-de-low-kri-pop-desk-win Protocol HTTP/1.1 Server 2606:4700:3036::ac43:9dad , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f6894acedc5915b51c9f1857f0da8ea062475edaff3b391b7cd7ffdf7115ad91 Request headers accept-language de-DE,de;q=0.9 Referer http://popular.newsweblogs.com/de/low-kri/?zoneid=283852&language=283852:8458&clickID=maeq6J1M-sY&campaignid=pushu-de-low-kri-pop-desk-win User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers Date Wed, 21 Sep 2022 22:11:05 GMT CF-Cache-Status HIT NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Age 227464 Connection keep-alive alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 Content-Length 2197 Last-Modified Tue, 06 Sep 2022 10:10:21 GMT Server cloudflare ETag "63171c8d-895" Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ih11K36imrR0OVaF01IrrMYAPgbh6j7wTY13z%2FMW7aqWA0qgD1EA2GHI0lWVT0sWc1GkvEd2pbJxu0ATbDQoEpMlfhFSiho3IdA4BdzLlZcPDn5lztTigzVoTiJmjMvNtJrvWXlvsRgOhOuEGSDyFO68qwRDxA%3D%3D"}],"group":"cf-nel","max_age":604800} Content-Type image/jpeg Cache-Control max-age=315360000 Accept-Ranges bytes CF-RAY 74e622778a6e6964-FRA Expires Thu, 31 Dec 2037 23:55:55 GMT
GET H/1.1	200 OK	prof2.jpg popular.newsweblogs.com/de/low-kri/d_files/	3 KB 4 KB	13ms 13ms	Image image/jpeg	2606:4700:3036::ac43:9dad CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://popular.newsweblogs.com/de/low-kri/d_files/prof2.jpg Requested by Host: popular.newsweblogs.com URL: http://popular.newsweblogs.com/de/low-kri/?zoneid=283852&language=283852:8458&clickID=maeq6J1M-sY&campaignid=pushu-de-low-kri-pop-desk-win Protocol HTTP/1.1 Server 2606:4700:3036::ac43:9dad , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1707346b93ea4f91be70ba1d144c800813af2ef6d7bf2a9785665d2e9764b4c8 Request headers accept-language de-DE,de;q=0.9 Referer http://popular.newsweblogs.com/de/low-kri/?zoneid=283852&language=283852:8458&clickID=maeq6J1M-sY&campaignid=pushu-de-low-kri-pop-desk-win User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers Date Wed, 21 Sep 2022 22:11:05 GMT CF-Cache-Status HIT NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Age 182468 Connection keep-alive alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 Content-Length 2833 Last-Modified Tue, 06 Sep 2022 10:10:21 GMT Server cloudflare ETag "63171c8d-b11" Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BYaPpS9WrTBYmGQgQGKskJ4cyoUVP611DTmpPXwv3y%2B8N6XuUAzEo7IxTlUj9kveXqai3nbJkjSWNMbwPIn5iBIlp%2FQD721Xi8zOOkZmWIKK6qrs0snpZnPlqf3%2FLGGzYSA84X6mmL8mhFDWY%2Bl51sHOboqulA%3D%3D"}],"group":"cf-nel","max_age":604800} Content-Type image/jpeg Cache-Control max-age=315360000 Accept-Ranges bytes CF-RAY 74e62277aa816964-FRA Expires Thu, 31 Dec 2037 23:55:55 GMT
GET H/1.1	200 OK	prof3.jpg popular.newsweblogs.com/de/low-kri/d_files/	2 KB 3 KB	17ms 14ms	Image image/jpeg	2606:4700:3036::ac43:9dad CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://popular.newsweblogs.com/de/low-kri/d_files/prof3.jpg Requested by Host: popular.newsweblogs.com URL: http://popular.newsweblogs.com/de/low-kri/?zoneid=283852&language=283852:8458&clickID=maeq6J1M-sY&campaignid=pushu-de-low-kri-pop-desk-win Protocol HTTP/1.1 Server 2606:4700:3036::ac43:9dad , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash df99f7229bbfb0bdf5ed771fca5acc2fcbe96e41429bc2b2451f238c42d3f948 Request headers accept-language de-DE,de;q=0.9 Referer http://popular.newsweblogs.com/de/low-kri/?zoneid=283852&language=283852:8458&clickID=maeq6J1M-sY&campaignid=pushu-de-low-kri-pop-desk-win User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers Date Wed, 21 Sep 2022 22:11:05 GMT CF-Cache-Status HIT NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Age 227464 Connection keep-alive alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 Content-Length 1977 Last-Modified Tue, 06 Sep 2022 10:10:18 GMT Server cloudflare ETag "63171c8a-7b9" Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d%2FpiRO9fEThPIn5VDALwwudCw7UYi328XmooUT%2B%2B4XdRSqshVCX%2BGHBgAN2n%2FZyeCT0GVDE63i16iLS5bm%2B0Rw6B4TNLoc%2BzPCkh59trHPg%2FaPhRB%2BN7fF3k%2Bk9xZ5XwuFFeR20PvghxlAbUoAlcYSdq8%2B9lHw%3D%3D"}],"group":"cf-nel","max_age":604800} Content-Type image/jpeg Cache-Control max-age=315360000 Accept-Ranges bytes CF-RAY 74e62277ca976964-FRA Expires Thu, 31 Dec 2037 23:55:55 GMT
GET H/1.1	200 OK	prof4.jpg popular.newsweblogs.com/de/low-kri/d_files/	2 KB 3 KB	32ms 24ms	Image image/jpeg	2606:4700:3036::ac43:9dad CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://popular.newsweblogs.com/de/low-kri/d_files/prof4.jpg Requested by Host: popular.newsweblogs.com URL: http://popular.newsweblogs.com/de/low-kri/?zoneid=283852&language=283852:8458&clickID=maeq6J1M-sY&campaignid=pushu-de-low-kri-pop-desk-win Protocol HTTP/1.1 Server 2606:4700:3036::ac43:9dad , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f5653349d4d9eade79c3484fc521672332ffba22afbf1022e80ecb56973814c4 Request headers accept-language de-DE,de;q=0.9 Referer http://popular.newsweblogs.com/de/low-kri/?zoneid=283852&language=283852:8458&clickID=maeq6J1M-sY&campaignid=pushu-de-low-kri-pop-desk-win User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers Date Wed, 21 Sep 2022 22:11:05 GMT CF-Cache-Status HIT NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Age 285320 Connection keep-alive alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 Content-Length 2208 Last-Modified Tue, 06 Sep 2022 10:10:19 GMT Server cloudflare ETag "63171c8b-8a0" Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b3d6qnDkaLu4MafN8z%2FGkApfZGLq%2Bzw%2BN%2FpOxBCSOEPE3bJt2rb8kPvjm3vNz%2BGDDuRg06cD3Fsr4ko6jTs7X5YNs4ceWk%2FfM7s6jwa3MdbqejKkJJqOhFtIMe%2BPwoXeJ9HmN9x%2ByJrbvF0pYCDHYDz8EZ0xig%3D%3D"}],"group":"cf-nel","max_age":604800} Content-Type image/jpeg Cache-Control max-age=315360000 Accept-Ranges bytes CF-RAY 74e62277db18bb8b-FRA Expires Thu, 31 Dec 2037 23:55:55 GMT
GET H/1.1	200 OK	prof5.jpg popular.newsweblogs.com/de/low-kri/d_files/	2 KB 2 KB	44ms 37ms	Image image/jpeg	2606:4700:3036::ac43:9dad CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://popular.newsweblogs.com/de/low-kri/d_files/prof5.jpg Requested by Host: popular.newsweblogs.com URL: http://popular.newsweblogs.com/de/low-kri/?zoneid=283852&language=283852:8458&clickID=maeq6J1M-sY&campaignid=pushu-de-low-kri-pop-desk-win Protocol HTTP/1.1 Server 2606:4700:3036::ac43:9dad , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5e4a39e9f9298e25b326bd92f08b9cca6b15f0d617677c8ef2a6a3c037a8a0a1 Request headers accept-language de-DE,de;q=0.9 Referer http://popular.newsweblogs.com/de/low-kri/?zoneid=283852&language=283852:8458&clickID=maeq6J1M-sY&campaignid=pushu-de-low-kri-pop-desk-win User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers Date Wed, 21 Sep 2022 22:11:05 GMT CF-Cache-Status HIT NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Age 177830 Connection keep-alive alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 Content-Length 1597 Last-Modified Tue, 06 Sep 2022 10:10:21 GMT Server cloudflare ETag "63171c8d-63d" Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IF%2F%2BiESwkJqxWSSpha%2Bo7Mjx6aVe0a4kPHEVFaDu7DkJxq0KzDjPHNcuaLpNZj%2BEldpfkeJ2ODsqf3EZ%2FuNMNnGNY659My3XnoFiTEJlVroh3mZrwuE7U8TTBc2kpn%2FDr%2Bg7PjIynve2MA2cRLUdD8OJW%2F60Xw%3D%3D"}],"group":"cf-nel","max_age":604800} Content-Type image/jpeg Cache-Control max-age=315360000 Accept-Ranges bytes CF-RAY 74e62277dad092a1-FRA Expires Thu, 31 Dec 2037 23:55:55 GMT
GET H/1.1	200 OK	184dc9ab-6565-4fbf-a6a5-27cb70a870e3.jpg popular.newsweblogs.com/de/low-kri/d_files/	62 KB 62 KB	25ms 18ms	Image image/jpeg	2606:4700:3036::ac43:9dad CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://popular.newsweblogs.com/de/low-kri/d_files/184dc9ab-6565-4fbf-a6a5-27cb70a870e3.jpg Requested by Host: popular.newsweblogs.com URL: http://popular.newsweblogs.com/de/low-kri/?zoneid=283852&language=283852:8458&clickID=maeq6J1M-sY&campaignid=pushu-de-low-kri-pop-desk-win Protocol HTTP/1.1 Server 2606:4700:3036::ac43:9dad , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 70d81524ff46cf40ab5b8dafa8597489819bed792aeffde58837e55b99013464 Request headers accept-language de-DE,de;q=0.9 Referer http://popular.newsweblogs.com/de/low-kri/?zoneid=283852&language=283852:8458&clickID=maeq6J1M-sY&campaignid=pushu-de-low-kri-pop-desk-win User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers Date Wed, 21 Sep 2022 22:11:05 GMT CF-Cache-Status HIT NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Age 227463 Connection keep-alive alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 Content-Length 63131 Last-Modified Tue, 06 Sep 2022 10:10:18 GMT Server cloudflare ETag "63171c8a-f69b" Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0bc9KarYBR7w54ibwbN%2FTbJZmMf86WGuWm0jM9fet2D307b7XVI2N%2BwUz%2Fy5s8h9agDuZSZmMMk6juGD7zg1b5ictVwOuXj8NNN8GEd2bqPSozouUovLytmE%2BRkadXYBa2f%2FjTbuTi81RtVltIstRbh%2Bvbo38w%3D%3D"}],"group":"cf-nel","max_age":604800} Content-Type image/jpeg Cache-Control max-age=315360000 Accept-Ranges bytes CF-RAY 74e62277dcff6934-FRA Expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	font-awesome.min.css netdna.bootstrapcdn.com/font-awesome/4.7.0/css/	30 KB 7 KB	50ms 17ms	Stylesheet text/css	2606:4700::6812:acf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://netdna.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css Requested by Host: popular.newsweblogs.com URL: http://popular.newsweblogs.com/de/low-kri/d_files/style.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer http://popular.newsweblogs.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Wed, 21 Sep 2022 22:11:05 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT cdn-edgestorageid 723 age 20749058 cdn-cachedat 11/15/2021 21:49:00 cdn-pullzone 252412 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cdn-proxyver 1.0 timing-allow-origin * access-control-allow-origin * last-modified Mon, 25 Jan 2021 22:04:55 GMT server cloudflare cdn-requestpullcode 200 strict-transport-security max-age=31536000; includeSubDomains; preload content-type text/css; charset=utf-8 cdn-cache HIT vary Accept-Encoding cache-control public, max-age=31919000 cdn-uid b1941f61-b576-4f40-80de-5677acb38f74 cdn-requestid efedfd4527f4db56516f4fc728d19fc7 cf-ray 74e62276e9bb997b-FRA cdn-requestcountrycode DE cdn-status 200 cdn-requestpullsuccess True
GET H3	200	fontawesome-webfont.woff2 netdna.bootstrapcdn.com/font-awesome/4.7.0/fonts/	75 KB 76 KB	40ms 31ms	Font font/woff2	2606:4700::6812:acf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://netdna.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0 Requested by Host: netdna.bootstrapcdn.com URL: https://netdna.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://netdna.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css Origin http://popular.newsweblogs.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Wed, 21 Sep 2022 22:11:05 GMT x-content-type-options nosniff cf-cache-status MISS cdn-edgestorageid 752 access-control-allow-origin * cdn-proxyver 1.02 cdn-cachedat 08/17/2022 18:20:14 cdn-pullzone 252412 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 77160 timing-allow-origin * last-modified Mon, 25 Jan 2021 22:04:55 GMT server cloudflare cdn-requestpullcode 200 etag "af7ae505a9eed503f8b8e6982036873e" strict-transport-security max-age=31536000; includeSubDomains; preload content-type font/woff2 cdn-cache HIT vary Accept-Encoding cache-control public, max-age=31919000 cdn-uid b1941f61-b576-4f40-80de-5677acb38f74 cdn-requestid 3644a33340e80ae0171d2637fb5a52c8 accept-ranges bytes cf-ray 74e62277dff8694b-FRA cdn-requestcountrycode DE cdn-status 200 cdn-requestpullsuccess True

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Lion's Den Scam (Online)

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch object| navigation object| dayNames object| monthNames object| now

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
netdna.bootstrapcdn.com
popular.newsweblogs.com
2606:4700:3036::ac43:9dad
2606:4700::6812:acf
2a00:1450:400d:80a::200a
1707346b93ea4f91be70ba1d144c800813af2ef6d7bf2a9785665d2e9764b4c8
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
306e31925812ab93bfbeb73e8d0daa44d51e1bec968eecc61b6dedbfd850ae8b
5e4a39e9f9298e25b326bd92f08b9cca6b15f0d617677c8ef2a6a3c037a8a0a1
70d81524ff46cf40ab5b8dafa8597489819bed792aeffde58837e55b99013464
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7d36963228d9129e9c593f7fe1c707055836ae5d56da63bc414cccc93903aa67
8ad622e64ffb8e38cb31e92afbbdadbf6db8291a0af96ee64c31ed53d6c00c5d
8fab48b024a84a388f0a93243c49d16f7ab792433c7c2946157e09ff7efb0f8b
ac82b39e64db16df0c9d59832a78d60ca919fb39f39e22c1dd63e70d960cffb2
baa84c80948553bab9a190404b2f337ab0a9a0178ec00c17e1bb5e53b7e4f132
c155aa91c885690a76b7980782929e024d0a9c1c0eb718467f1984b190e91e39
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
df99f7229bbfb0bdf5ed771fca5acc2fcbe96e41429bc2b2451f238c42d3f948
e867182fe5ddcea7ff1946dc2c3b3536e29800fcba3923743eba4fa6fed574a6
f5653349d4d9eade79c3484fc521672332ffba22afbf1022e80ecb56973814c4
f6894acedc5915b51c9f1857f0da8ea062475edaff3b391b7cd7ffdf7115ad91