www.freebtc.mgarticles.com Open in urlscan Pro
172.96.186.208 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://www.freebtc.mgarticles.com/page2.html
Submission: On September 03 via manual (September 3rd 2018, 1:14:29 am UTC) from JP

Summary HTTP 24 Redirects Links 12 Behaviour Indicators

Summary

This website contacted 15 IPs in 5 countries across 18 domains to perform 24 HTTP transactions. The main IP is 172.96.186.208, located in Fergus, Canada and belongs to DATAGRAM - Datagram, Inc., US. The main domain is www.freebtc.mgarticles.com.

This is the only time www.freebtc.mgarticles.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	172.96.186.208 172.96.186.208	26163 (DATAGRAM) (DATAGRAM - Datagram)
2	2400:cb00:204... 2400:cb00:2048:1::6818:67f3	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	85.10.200.158 85.10.200.158	24940 (HETZNER-AS) (HETZNER-AS)
3 6	195.8.215.136 195.8.215.136	41690 (DAILYMOTI...) (DAILYMOTION For peering related business)
3 3	18.213.217.51 18.213.217.51	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
2 2	2400:cb00:204... 2400:cb00:2048:1::6812:3d19	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
3 3	205.147.93.132 205.147.93.132	393676 (ZENEDGE) (ZENEDGE - Oracle Corporation)
3	69.16.175.42 69.16.175.42	20446 (HIGHWINDS3) (HIGHWINDS3 - Highwinds Network Group)
3	52.23.189.119 52.23.189.119	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
1 1	2400:cb00:204... 2400:cb00:2048:1::6812:3c19	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1 2	173.239.53.16 173.239.53.16	36057 (WEBAIR-IN...) (WEBAIR-INTERNET-MTL - Webair Internet Development Company Inc.)
1	23.235.244.225 23.235.244.225	20454 (SSASN2) (SSASN2 - SECURED SERVERS LLC)
1	95.211.170.103 95.211.170.103	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1 2	173.239.53.17 173.239.53.17	36057 (WEBAIR-IN...) (WEBAIR-INTERNET-MTL - Webair Internet Development Company Inc.)
1	2400:cb00:204... 2400:cb00:2048:1::ac40:a007	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1 1	108.59.13.17 108.59.13.17	30633 (LEASEWEB-...) (LEASEWEB-USA-WDC-01 - Leaseweb USA)
2	174.137.133.16 174.137.133.16	27257 (WEBAIR-IN...) (WEBAIR-INTERNET - Webair Internet Development Company Inc.)
1	108.59.10.139 108.59.10.139	30633 (LEASEWEB-...) (LEASEWEB-USA-WDC-01 - Leaseweb USA)
1	173.239.53.21 173.239.53.21	27257 (WEBAIR-IN...) (WEBAIR-INTERNET - Webair Internet Development Company Inc.)
1	172.104.29.90 172.104.29.90	63949 (LINODE-AP...) (LINODE-AP Linode)
24	15

2 172.96.186.208 (Fergus, Canada)

ASN26163 (DATAGRAM - Datagram, Inc., US)
PTR: 172.96.186.208-static.reverse.arandomserver.com

www.freebtc.mgarticles.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2400:cb00:2048:1::6818:67f3 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

widget.supercounters.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.10.200.158 (Mörfelden-walldorf, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: 85-10-200-158.clients.your-server.de

ad.a-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 195.8.215.136 (France) 3 redirects

ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR)
PTR: www.dailymotion.com

www.dailymotion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.213.217.51 (Cambridge, United States) 3 redirects

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-18-213-217-51.compute-1.amazonaws.com

gleaminist.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2400:cb00:2048:1::6812:3d19 (United States) 2 redirects

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

track.reacheffect.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 205.147.93.132 (North Miami Beach, United States) 3 redirects

ASN393676 (ZENEDGE - Oracle Corporation, US)

becanium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 69.16.175.42 (Phoenix, United States)

ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)
PTR: hwcdn.net

cdn.signyoga.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.23.189.119 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-23-189-119.compute-1.amazonaws.com

witalfieldt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2400:cb00:2048:1::6812:3c19 (United States) 1 redirects

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

track.reacheffect.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 173.239.53.16 (Garden City, United States) 1 redirects

ASN36057 (WEBAIR-INTERNET-MTL - Webair Internet Development Company Inc., US)

xml.admeridian.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
xml.mediaconvers.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.235.244.225 (Tempe, United States)

ASN20454 (SSASN2 - SECURED SERVERS LLC, US)

prpops.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.211.170.103 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

xml.ppc.buzz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 173.239.53.17 (Garden City, United States) 1 redirects

ASN36057 (WEBAIR-INTERNET-MTL - Webair Internet Development Company Inc., US)

xml.adxfactory.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2400:cb00:2048:1::ac40:a007 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

mediacpm.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.59.13.17 (United States) 1 redirects

ASN30633 (LEASEWEB-USA-WDC-01 - Leaseweb USA, Inc., US)

q.adxfactory.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 174.137.133.16 (Garden City, United States)

ASN27257 (WEBAIR-INTERNET - Webair Internet Development Company Inc., US)

xml.infinity-info.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
xml.topdealad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.59.10.139 (United States)

ASN30633 (LEASEWEB-USA-WDC-01 - Leaseweb USA, Inc., US)

xmlapp.infinity-info.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.239.53.21 (Garden City, United States)

ASN27257 (WEBAIR-INTERNET - Webair Internet Development Company Inc., US)

xml.mobipromote.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.104.29.90 (Absecon, United States)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li1848-90.members.linode.com

www.supercounters.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	dailymotion.com 3 redirects www.dailymotion.com	2 KB
3	adxfactory.com 2 redirects xml.adxfactory.com q.adxfactory.com	279 B
3	witalfieldt.com witalfieldt.com
3	signyoga.com cdn.signyoga.com
3	becanium.com 3 redirects becanium.com	1 KB
3	reacheffect.com 3 redirects track.reacheffect.com	2 KB
3	gleaminist.info 3 redirects gleaminist.info	1 KB
3	supercounters.com widget.supercounters.com www.supercounters.com	73 KB
2	infinity-info.com xml.infinity-info.com xmlapp.infinity-info.com
2	mgarticles.com www.freebtc.mgarticles.com	68 KB
1	mobipromote.com xml.mobipromote.com
1	topdealad.com xml.topdealad.com
1	mediacpm.pl mediacpm.pl
1	ppc.buzz xml.ppc.buzz
1	prpops.com prpops.com
1	mediaconvers.com 1 redirects xml.mediaconvers.com	108 B
1	admeridian.com xml.admeridian.com
1	a-ads.com ad.a-ads.com
24	18

	Domain	Requested by
6	www.dailymotion.com	3 redirects www.freebtc.mgarticles.com
3	witalfieldt.com	www.freebtc.mgarticles.com
3	cdn.signyoga.com	www.freebtc.mgarticles.com
3	becanium.com	3 redirects
3	track.reacheffect.com	3 redirects
3	gleaminist.info	3 redirects
2	xml.adxfactory.com	1 redirects www.freebtc.mgarticles.com
2	widget.supercounters.com	www.freebtc.mgarticles.com
2	www.freebtc.mgarticles.com	www.freebtc.mgarticles.com
1	www.supercounters.com	widget.supercounters.com
1	xml.mobipromote.com	www.freebtc.mgarticles.com
1	xmlapp.infinity-info.com	www.freebtc.mgarticles.com
1	xml.topdealad.com	www.freebtc.mgarticles.com
1	xml.infinity-info.com	www.freebtc.mgarticles.com
1	q.adxfactory.com	1 redirects
1	mediacpm.pl	www.freebtc.mgarticles.com
1	xml.ppc.buzz	www.freebtc.mgarticles.com
1	prpops.com	www.freebtc.mgarticles.com
1	xml.mediaconvers.com	1 redirects
1	xml.admeridian.com	www.freebtc.mgarticles.com
1	ad.a-ads.com	www.freebtc.mgarticles.com
24	21

This site contains links to these domains. Also see Links.

Domain
lmgtfy.com
image.prntscr.com
bitcoin.org
coinpot.co
bit.ly
coinut.com

Subject Issuer	Validity	Valid
*.dailymotion.com DigiCert SHA2 High Assurance Server CA	`2018-02-19` - `2018-10-06`	8 months	crt.sh
witalfieldt.com Amazon	`2018-07-30` - `2019-08-30`	a year	crt.sh

This page contains 20 frames:

Primary Page: http://www.freebtc.mgarticles.com/page2.html
Frame ID: 04E50DB26D9B14E426ED663E2BD5B33B
Requests: 5 HTTP requests in this frame

Frame: http://ad.a-ads.com/976927?size=300x250
Frame ID: 1DC2075EB3FCF26CBCEF6CACC67E1DA2
Requests: 1 HTTP requests in this frame

Frame: https://www.dailymotion.com/embed/video/x6iirtk&autoplay=1&mute=1
Frame ID: 760CC3D9CCF2E206BC8D008AA6AE5F27
Requests: 1 HTTP requests in this frame

Frame: https://www.dailymotion.com/embed/video/x6jmm1z&autoplay=1&mute=1
Frame ID: A2602451CF3158A37FD21E65BA22FB69
Requests: 1 HTTP requests in this frame

Frame: https://www.dailymotion.com/embed/video/x6n6rxu&autoplay=1&mute=1
Frame ID: 34B68B324455DF5684C18A92E4202548
Requests: 1 HTTP requests in this frame

Frame: http://cdn.signyoga.com/?cid=90454936-0db9-4164-ada3-5262c7cdfa98
Frame ID: D6AD34C02D45AB7C93651BA0B238ACEF
Requests: 1 HTTP requests in this frame

Frame: https://witalfieldt.com/redirect?tid=715431&ref=freebtc.mgarticles.com
Frame ID: 4666BF02DB52BF50CABA15D89B56CF56
Requests: 1 HTTP requests in this frame

Frame: http://cdn.signyoga.com/?cid=90454936-0db9-4164-ada3-5262c7cdfa98
Frame ID: D7EF6AF4D0DFF3209891BDBD46A87B42
Requests: 1 HTTP requests in this frame

Frame: https://witalfieldt.com/redirect?tid=715431&ref=freebtc.mgarticles.com
Frame ID: 624111F586ABEBDBEAB9CD8C391F5120
Requests: 1 HTTP requests in this frame

Frame: http://cdn.signyoga.com/?cid=90454936-0db9-4164-ada3-5262c7cdfa98
Frame ID: BB04894C09C67C55AB8A905F6B472608
Requests: 1 HTTP requests in this frame

Frame: https://witalfieldt.com/redirect?tid=715431&ref=freebtc.mgarticles.com
Frame ID: B3D29F2D2EEFF57BD61E42CAF3DDB779
Requests: 1 HTTP requests in this frame

Frame: http://xml.admeridian.com/redirect?feed=135077&auth=0uWQdO&query=%7Bquery%7D
Frame ID: 60E03C648E0D2C01831FC9849C748A5C
Requests: 1 HTTP requests in this frame

Frame: http://prpops.com/p/p8co/direct
Frame ID: B94182790B5B92C6071DF76720472455
Requests: 1 HTTP requests in this frame

Frame: http://xml.ppc.buzz/search?id=1443&token=fc575c042ccdfcbd99543f30a6bb3f0d&sid=POP&keywords=random&format=pop
Frame ID: 5FFDD7A8CC4B537FA673C238FAED1339
Requests: 1 HTTP requests in this frame

Frame: http://mediacpm.pl/v.php?user=10182
Frame ID: 08417F0DCA8CCF0DEDB185DC3D6284C1
Requests: 1 HTTP requests in this frame

Frame: http://xml.adxfactory.com/redirect?feed=132619&auth=bqWbdL&query={query}
Frame ID: E4EDD2ED25CFADE99A6D9B6BED0E8E30
Requests: 1 HTTP requests in this frame

Frame: http://xml.infinity-info.com/redirect?feed=137001&auth=a50ZMO&query={query}
Frame ID: B2B3B0E8C497281DB91482AADD575FD0
Requests: 1 HTTP requests in this frame

Frame: http://xml.topdealad.com/redirect?feed=137145&auth=w092PI
Frame ID: CF3184C5BED3F1248E40BD1B1DEA88B9
Requests: 1 HTTP requests in this frame

Frame: http://xmlapp.infinity-info.com/r?fid=27HEOpU9o9&subid=12345&kw=aloha
Frame ID: 8896C05A3472BECE5D21C48A1A29CD6E
Requests: 1 HTTP requests in this frame

Frame: http://xml.mobipromote.com/redirect?feed=138004&auth=unk0ts
Frame ID: 3AC761C39C1632C9E295EF55D689EF8E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

LiteSpeed (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /^LiteSpeed$/i

Page Statistics

24
Requests

25 %
HTTPS

20 %
IPv6

18
Domains

21
Subdomains

15
IPs

5
Countries

141 kB
Transfer

154 kB
Size

5
Cookies

12 Outgoing links

These are links going to different origins than the main page.

URL: http://lmgtfy.com/?q=bitcoin+price
Title: Click Here

Search URL Search Domain Scan URL

URL: https://image.prntscr.com/image/uAos7LgcR7mQmmHVbeMiGQ.png
Title: https://image.prntscr.com/image/uAos7LgcR7mQmmHVbeMiGQ.png

Search URL Search Domain Scan URL

URL: https://bitcoin.org/bitcoin.pdf
Title: Click Here

Search URL Search Domain Scan URL

URL: https://coinpot.co/
Title: https://coinpot.co

Search URL Search Domain Scan URL

URL: http://bit.ly/2nC12nE
Title: http://bit.ly/2nC12nE

Search URL Search Domain Scan URL

URL: http://bit.ly/2se5bnt
Title: http://bit.ly/2se5bnt

Search URL Search Domain Scan URL

URL: http://bit.ly/2nPwdw5
Title: http://bit.ly/2nPwdw5

Search URL Search Domain Scan URL

URL: http://bit.ly/2IPYzyV
Title: http://bit.ly/2IPYzyV

Search URL Search Domain Scan URL

URL: http://bit.ly/2GHeNKx
Title: http://bit.ly/2GHeNKx

Search URL Search Domain Scan URL

URL: http://bit.ly/2FFY9JY
Title: http://bit.ly/2FFY9JY

Search URL Search Domain Scan URL

URL: http://bit.ly/2ECcc3Y
Title: http://bit.ly/2ECcc3Y

Search URL Search Domain Scan URL

URL: https://coinut.com/?r=GkTLL
Title: HERE

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3

http://www.dailymotion.com/embed/video/x6iirtk&autoplay=1&mute=1 HTTP 301
https://www.dailymotion.com/embed/video/x6iirtk&autoplay=1&mute=1

Request Chain 4

http://www.dailymotion.com/embed/video/x6jmm1z&autoplay=1&mute=1 HTTP 301
https://www.dailymotion.com/embed/video/x6jmm1z&autoplay=1&mute=1

Request Chain 5

http://www.dailymotion.com/embed/video/x6n6rxu&autoplay=1&mute=1 HTTP 301
https://www.dailymotion.com/embed/video/x6n6rxu&autoplay=1&mute=1

Request Chain 6

https://gleaminist.info/redirect?tid=720063&ref=freebtc.mgarticles.com HTTP 302
http://track.reacheffect.com/click/1/c3c351f4-0c23-4464-afce-ca30ac8d3879 HTTP 302
http://becanium.com/portent/netbios/acl/1-17514-6689d435681699c17fff3297db0c60c1?tvu=MS_WW HTTP 302
http://cdn.signyoga.com/?cid=90454936-0db9-4164-ada3-5262c7cdfa98

Request Chain 8

https://gleaminist.info/redirect?tid=720063&ref=freebtc.mgarticles.com HTTP 302
http://track.reacheffect.com/click/1/c3c351f4-0c23-4464-afce-ca30ac8d3879 HTTP 302
http://becanium.com/portent/netbios/acl/1-17514-6689d435681699c17fff3297db0c60c1?tvu=MS_WW HTTP 302
http://cdn.signyoga.com/?cid=90454936-0db9-4164-ada3-5262c7cdfa98

Request Chain 10

https://gleaminist.info/redirect?tid=720063&ref=freebtc.mgarticles.com HTTP 302
http://track.reacheffect.com/click/1/c3c351f4-0c23-4464-afce-ca30ac8d3879 HTTP 302
http://becanium.com/portent/netbios/acl/1-17514-6689d435681699c17fff3297db0c60c1?tvu=MS_WW HTTP 302
http://cdn.signyoga.com/?cid=90454936-0db9-4164-ada3-5262c7cdfa98

Request Chain 13

http://xml.mediaconvers.com/redirect?feed=135519&auth=gUTlfC HTTP 302
http://prpops.com/p/p8co/direct

Request Chain 15

http://xml.adxfactory.com/redirect?feed=135520&auth=myyqWb&query={query} HTTP 302
http://mediacpm.pl/v.php?user=10182

Request Chain 16

http://q.adxfactory.com/r?fid=awCNrDUxb8&subid=12345&kw=aloha HTTP 302
http://xml.adxfactory.com/redirect?feed=132619&auth=bqWbdL&query={query}

24 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request page2.html Show response
www.freebtc.mgarticles.com/ 11 KB
3 KB 173ms
86ms Document
text/html 172.96.186.208
Datagram

General

Check archive.org

Show headers Download Go to

Full URL: http://www.freebtc.mgarticles.com/page2.html
Protocol: HTTP/1.1
Server: 172.96.186.208 Fergus, Canada, ASN26163 (DATAGRAM - Datagram, Inc., US),
Reverse DNS: 172.96.186.208-static.reverse.arandomserver.com
Software: LiteSpeed /
Resource Hash: 220dadad37520e55292e7f543a88820e56ce2977050b581b00b49fc27470369c

Request headers

Host: www.freebtc.mgarticles.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: 04E50DB26D9B14E426ED663E2BD5B33B

Response headers

Last-Modified: Thu, 30 Aug 2018 12:24:54 GMT
Content-Type: text/html
Content-Length: 2989
Content-Encoding: gzip
Vary: Accept-Encoding
Date: Mon, 03 Sep 2018 01:14:15 GMT
Accept-Ranges: bytes
Server: LiteSpeed
Connection: close

GET
H/1.1 200
OK btc.png
www.freebtc.mgarticles.com/ 65 KB
65 KB 172ms
85ms Image
image/png 172.96.186.208
Datagram

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.freebtc.mgarticles.com/btc.png
Requested by: Host: www.freebtc.mgarticles.com
URL: http://www.freebtc.mgarticles.com/page2.html
Protocol: HTTP/1.1
Server: 172.96.186.208 Fergus, Canada, ASN26163 (DATAGRAM - Datagram, Inc., US),
Reverse DNS: 172.96.186.208-static.reverse.arandomserver.com
Software: LiteSpeed /
Resource Hash: 1bd655fcd6842e460e37230e49fb6a93cb41f76522f28448e8f1dc61f950c908

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.freebtc.mgarticles.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://www.freebtc.mgarticles.com/page2.html
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.freebtc.mgarticles.com/page2.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 03 Sep 2018 01:14:16 GMT
Last-Modified: Wed, 14 Feb 2018 09:07:00 GMT
Server: LiteSpeed
Content-Type: image/png
Cache-Control: public, max-age=604800
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 66101
Expires: Mon, 10 Sep 2018 01:14:16 GMT

GET
H/1.1 200
OK vt.js Show response
widget.supercounters.com/ssl/ 10 KB
4 KB 69ms
9ms Script
application/javascript 2400:cb00:2048:1::6818:67f3
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://widget.supercounters.com/ssl/vt.js
Requested by: Host: www.freebtc.mgarticles.com
URL: http://www.freebtc.mgarticles.com/page2.html
Protocol: HTTP/1.1
Server: 2400:cb00:2048:1::6818:67f3 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6c04d0b4f8fcbcea9a691d4a2ad3ebdd9f3ff1a477cc46ccb706cc87945bea66

Request headers

Referer: http://www.freebtc.mgarticles.com/page2.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 03 Sep 2018 01:14:15 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Last-Modified: Wed, 12 Jul 2017 08:42:14 GMT
Server: cloudflare
ETag: W/"5965e0e6-2774"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 45445bc9c5302714-FRA
Expires: Mon, 03 Sep 2018 05:14:15 GMT

GET
H/1.1 200
OK 976927
ad.a-ads.com/ Frame 1DC2 0
0 51ms
14ms Document
text/html 85.10.200.158
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://ad.a-ads.com/976927?size=300x250

Requested by

Host: www.freebtc.mgarticles.com
URL: http://www.freebtc.mgarticles.com/page2.html

Protocol

HTTP/1.1

Server

85.10.200.158 Mörfelden-walldorf, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

85-10-200-158.clients.your-server.de

Software

nginx/1.10.3 / Phusion Passenger

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: ad.a-ads.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://www.freebtc.mgarticles.com/page2.html
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: 04E50DB26D9B14E426ED663E2BD5B33B
Referer: http://www.freebtc.mgarticles.com/page2.html

Response headers

Server: nginx/1.10.3
Date: Mon, 03 Sep 2018 01:14:15 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding Accept-Encoding
Status: 200 OK
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Powered-By: Phusion Passenger
Content-Encoding: gzip

GET
H/1.1

200
OK

Cookie set x6iirtk&autoplay=1&mute=1
www.dailymotion.com/embed/video/ Frame 760C
Redirect Chain

http://www.dailymotion.com/embed/video/x6iirtk&autoplay=1&mute=1
https://www.dailymotion.com/embed/video/x6iirtk&autoplay=1&mute=1

0
0

245ms
193ms

Document
text/html

195.8.215.136
DAILYMOTION For p...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dailymotion.com/embed/video/x6iirtk&autoplay=1&mute=1

Requested by

Host: www.freebtc.mgarticles.com
URL: http://www.freebtc.mgarticles.com/page2.html

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_GCM

Server

195.8.215.136 , France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),

Reverse DNS

www.dailymotion.com

Software

DMS/1.0.42 /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=3600; includeSubDomains

Request headers

Host: www.dailymotion.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://www.freebtc.mgarticles.com/page2.html
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: 04E50DB26D9B14E426ED663E2BD5B33B
Referer: http://www.freebtc.mgarticles.com/page2.html

Response headers

Content-Security-Policy-Report-Only: default-src https: blob: wss: data: android-webview-video-poster: android-webview: chrome-extension: safari-extension: 'unsafe-eval' 'unsafe-inline'; report-uri https://www.dailymotion.com/content_security_policy_report_uri
Server: DMS/1.0.42
X-DM-BackNode: web-634.adm.dc3.dailymotion.com:80
Vary: X-DM-SSL,Accept-Encoding
Cache-Control: no-cache, no-store
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Content-Security-Policy: upgrade-insecure-requests
Access-Control-Expose-Headers: X-DM-BackNode-Response-Time
Strict-Transport-Security: max-age=3600; includeSubDomains
Date: Mon, 03 Sep 2018 01:14:16 GMT
Keep-Alive: timeout=60, max=5000
X-DM-LB-IP: 195.8.215.136
X-DM-LB-Name: lb-07
X-DM-BackNode-Response-Time: 177
Connection: Keep-Alive
Set-Cookie: ts=534898; expires=Thu, 03-Oct-2019 01:14:16 GMT; Max-Age=34128000; path=/; domain=.dailymotion.com clsu=1; expires=Thu, 03-Oct-2019 01:14:16 GMT; Max-Age=34128000; path=/ dmvk=5b8c8ae82d9d8; path=/; domain=.dailymotion.com ts=784753; expires=Tue, 03 Sep 2019 01:14:16 GMT; Max-Age=31536000; path=/; domain=.dailymotion.com v1st=42E54CB1BA43E173A8A21FEAB572C661; expires=Tue, 03 Sep 2019 01:14:16 GMT; max-age=31536000; path=/; domain=.dailymotion.com
X-Protected-By: Sqreen
X-Dm-Page: de.embed.embed_player
Content-Length: 19478

Redirect headers

Server: DMS/1.0.42
X-DM-BackNode: web-290.adm.dc3.dailymotion.com:80
Vary: X-DM-SSL
Content-Type: text/html; charset=UTF-8
Access-Control-Expose-Headers: X-DM-BackNode-Response-Time
Date: Mon, 03 Sep 2018 01:14:15 GMT
Location: https://www.dailymotion.com/embed/video/x6iirtk&autoplay=1&mute=1
Keep-Alive: timeout=60, max=4998
X-DM-LB-IP: 195.8.215.136
X-DM-LB-Name: lb-07
X-DM-BackNode-Response-Time: 94
Connection: Keep-Alive
Set-Cookie: ts=532895; expires=Tue, 03 Sep 2019 01:14:15 GMT; Max-Age=31536000; path=/; domain=.dailymotion.com v1st=6499B1407189BDD7A1BE984B875479FE; expires=Tue, 03 Sep 2019 01:14:16 GMT; max-age=31536000; path=/; domain=.dailymotion.com
X-Protected-By: Sqreen
Content-Length: 0

GET
H/1.1

200
OK

Cookie set x6jmm1z&autoplay=1&mute=1
www.dailymotion.com/embed/video/ Frame A260
Redirect Chain

http://www.dailymotion.com/embed/video/x6jmm1z&autoplay=1&mute=1
https://www.dailymotion.com/embed/video/x6jmm1z&autoplay=1&mute=1

0
0

173ms
116ms

Document
text/html

195.8.215.136
DAILYMOTION For p...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dailymotion.com/embed/video/x6jmm1z&autoplay=1&mute=1

Requested by

Host: www.freebtc.mgarticles.com
URL: http://www.freebtc.mgarticles.com/page2.html

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_GCM

Server

195.8.215.136 , France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),

Reverse DNS

www.dailymotion.com

Software

DMS/1.0.42 /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=3600; includeSubDomains

Request headers

Host: www.dailymotion.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://www.freebtc.mgarticles.com/page2.html
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: 04E50DB26D9B14E426ED663E2BD5B33B
Referer: http://www.freebtc.mgarticles.com/page2.html

Response headers

Content-Security-Policy-Report-Only: default-src https: blob: wss: data: android-webview-video-poster: android-webview: chrome-extension: safari-extension: 'unsafe-eval' 'unsafe-inline'; report-uri https://www.dailymotion.com/content_security_policy_report_uri
Server: DMS/1.0.42
X-DM-BackNode: web-350.adm.dc3.dailymotion.com:80
Vary: X-DM-SSL,Accept-Encoding
Cache-Control: no-cache, no-store
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Content-Security-Policy: upgrade-insecure-requests
Access-Control-Expose-Headers: X-DM-BackNode-Response-Time
Strict-Transport-Security: max-age=3600; includeSubDomains
Date: Mon, 03 Sep 2018 01:14:16 GMT
Keep-Alive: timeout=60, max=4999
X-DM-LB-IP: 195.8.215.136
X-DM-LB-Name: lb-09
X-DM-BackNode-Response-Time: 100
Connection: Keep-Alive
Set-Cookie: ts=608881; expires=Thu, 03-Oct-2019 01:14:16 GMT; Max-Age=34128000; path=/; domain=.dailymotion.com clsu=1; expires=Thu, 03-Oct-2019 01:14:16 GMT; Max-Age=34128000; path=/ dmvk=5b8c8ae81e8c1; path=/; domain=.dailymotion.com ts=878235; expires=Tue, 03 Sep 2019 01:14:16 GMT; Max-Age=31536000; path=/; domain=.dailymotion.com v1st=17D36FD7C180E648ADED6E6D5F5CDEC9; expires=Tue, 03 Sep 2019 01:14:16 GMT; max-age=31536000; path=/; domain=.dailymotion.com
X-Protected-By: Sqreen
X-Dm-Page: de.embed.embed_player
Content-Length: 19417

Redirect headers

Server: DMS/1.0.42
X-DM-BackNode: web-416.adm.dc3.dailymotion.com:80
Vary: X-DM-SSL
Content-Type: text/html; charset=UTF-8
Access-Control-Expose-Headers: X-DM-BackNode-Response-Time
Date: Mon, 03 Sep 2018 01:14:15 GMT
Location: https://www.dailymotion.com/embed/video/x6jmm1z&autoplay=1&mute=1
Keep-Alive: timeout=60, max=5000
X-DM-LB-IP: 195.8.215.136
X-DM-LB-Name: lb-10
X-DM-BackNode-Response-Time: 89
Connection: Keep-Alive
Set-Cookie: ts=584670; expires=Tue, 03 Sep 2019 01:14:15 GMT; Max-Age=31536000; path=/; domain=.dailymotion.com v1st=768F6267628CF5BDAB73C0C2E64623F9; expires=Tue, 03 Sep 2019 01:14:15 GMT; max-age=31536000; path=/; domain=.dailymotion.com
X-Protected-By: Sqreen
Content-Length: 0

GET
H/1.1

200
OK

Cookie set x6n6rxu&autoplay=1&mute=1
www.dailymotion.com/embed/video/ Frame 34B6
Redirect Chain

http://www.dailymotion.com/embed/video/x6n6rxu&autoplay=1&mute=1
https://www.dailymotion.com/embed/video/x6n6rxu&autoplay=1&mute=1

0
0

230ms
174ms

Document
text/html

195.8.215.136
DAILYMOTION For p...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dailymotion.com/embed/video/x6n6rxu&autoplay=1&mute=1

Requested by

Host: www.freebtc.mgarticles.com
URL: http://www.freebtc.mgarticles.com/page2.html

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_GCM

Server

195.8.215.136 , France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),

Reverse DNS

www.dailymotion.com

Software

DMS/1.0.42 /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=3600; includeSubDomains

Request headers

Host: www.dailymotion.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://www.freebtc.mgarticles.com/page2.html
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: 04E50DB26D9B14E426ED663E2BD5B33B
Referer: http://www.freebtc.mgarticles.com/page2.html

Response headers

Content-Security-Policy-Report-Only: default-src https: blob: wss: data: android-webview-video-poster: android-webview: chrome-extension: safari-extension: 'unsafe-eval' 'unsafe-inline'; report-uri https://www.dailymotion.com/content_security_policy_report_uri
Server: DMS/1.0.42
X-DM-BackNode: web-613.adm.dc3.dailymotion.com:80
Vary: X-DM-SSL,Accept-Encoding
Cache-Control: no-cache, no-store
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Content-Security-Policy: upgrade-insecure-requests
Access-Control-Expose-Headers: X-DM-BackNode-Response-Time
Strict-Transport-Security: max-age=3600; includeSubDomains
Date: Mon, 03 Sep 2018 01:14:16 GMT
Keep-Alive: timeout=60, max=4992
X-DM-LB-IP: 195.8.215.136
X-DM-LB-Name: lb-08
X-DM-BackNode-Response-Time: 157
Connection: Keep-Alive
Set-Cookie: ts=317698; expires=Thu, 03-Oct-2019 01:14:16 GMT; Max-Age=34128000; path=/; domain=.dailymotion.com clsu=1; expires=Thu, 03-Oct-2019 01:14:16 GMT; Max-Age=34128000; path=/ dmvk=5b8c8ae82b224; path=/; domain=.dailymotion.com ts=154789; expires=Tue, 03 Sep 2019 01:14:16 GMT; Max-Age=31536000; path=/; domain=.dailymotion.com v1st=A6A408AE6FDF5B705E887EF87B39F624; expires=Tue, 03 Sep 2019 01:14:16 GMT; max-age=31536000; path=/; domain=.dailymotion.com
X-Protected-By: Sqreen
X-Dm-Page: de.embed.embed_player
Content-Length: 19590

Redirect headers

Server: DMS/1.0.42
X-DM-BackNode: web-538.adm.dc3.dailymotion.com:80
Vary: X-DM-SSL
Content-Type: text/html; charset=UTF-8
Access-Control-Expose-Headers: X-DM-BackNode-Response-Time
Date: Mon, 03 Sep 2018 01:14:15 GMT
Location: https://www.dailymotion.com/embed/video/x6n6rxu&autoplay=1&mute=1
Keep-Alive: timeout=60, max=4990
X-DM-LB-IP: 195.8.215.136
X-DM-LB-Name: lb-08
X-DM-BackNode-Response-Time: 88
Connection: Keep-Alive
Set-Cookie: ts=644647; expires=Tue, 03 Sep 2019 01:14:15 GMT; Max-Age=31536000; path=/; domain=.dailymotion.com v1st=205C2B03D53C6A3038B7DEE6DCE4AD15; expires=Tue, 03 Sep 2019 01:14:15 GMT; max-age=31536000; path=/; domain=.dailymotion.com
X-Protected-By: Sqreen
Content-Length: 0

GET
H/1.1

200
OK

/
cdn.signyoga.com/ Frame D6AD
Redirect Chain

https://gleaminist.info/redirect?tid=720063&ref=freebtc.mgarticles.com
http://track.reacheffect.com/click/1/c3c351f4-0c23-4464-afce-ca30ac8d3879
http://becanium.com/portent/netbios/acl/1-17514-6689d435681699c17fff3297db0c60c1?tvu=MS_WW
http://cdn.signyoga.com/?cid=90454936-0db9-4164-ada3-5262c7cdfa98

0
0

36ms
7ms

Document
text/html

69.16.175.42
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.signyoga.com/?cid=90454936-0db9-4164-ada3-5262c7cdfa98
Requested by: Host: www.freebtc.mgarticles.com
URL: http://www.freebtc.mgarticles.com/page2.html
Protocol: HTTP/1.1
Server: 69.16.175.42 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS: hwcdn.net
Software: /
Resource Hash

Request headers

Host: cdn.signyoga.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://www.freebtc.mgarticles.com/page2.html
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: 04E50DB26D9B14E426ED663E2BD5B33B
Referer: http://www.freebtc.mgarticles.com/page2.html

Response headers

Date: Mon, 03 Sep 2018 01:14:16 GMT
Connection: Keep-Alive
Accept-Ranges: bytes
Cache-Control: no-cache
Content-Encoding: gzip
Content-Length: 4434
Content-Type: text/html
X-HW: 1535937256.dop001.fr8.t,1535937256.cds046.fr8.c

Redirect headers

Date: Mon, 03 Sep 2018 01:14:16 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Location: http://cdn.signyoga.com/?cid=90454936-0db9-4164-ada3-5262c7cdfa98
Set-Cookie: SERVERID=sfc4; path=/
X-Zen-Fury: 3d985e749287b5853c544be451a7cbde2dc20bec
Server: ZENEDGE
X-Cache-Status: NOTCACHED

GET
H2 204 redirect
witalfieldt.com/ Frame 4666 0
0 384ms
110ms Document
text/plain 52.23.189.119
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://witalfieldt.com/redirect?tid=715431&ref=freebtc.mgarticles.com
Requested by: Host: www.freebtc.mgarticles.com
URL: http://www.freebtc.mgarticles.com/page2.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.23.189.119 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-23-189-119.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

:method: GET
:authority: witalfieldt.com
:scheme: https
:path: /redirect?tid=715431&ref=freebtc.mgarticles.com
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: http://www.freebtc.mgarticles.com/page2.html
accept-encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: 04E50DB26D9B14E426ED663E2BD5B33B
Referer: http://www.freebtc.mgarticles.com/page2.html

Response headers

status: 204
date: Mon, 03 Sep 2018 01:14:16 GMT
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: csu=869a7977-1d52-429d-838a-fff6594646f5 fv=rjkHqjUHqHs8qSEFqjr8pjr6rTk7vdw=; Expires=Tue, 03 Sep 2019 01:14:16 GMT; Max-Age=31536000; Domain=.witalfieldt.com; Path=/; Version=1

GET
H/1.1

200
OK

/
cdn.signyoga.com/ Frame D7EF
Redirect Chain

https://gleaminist.info/redirect?tid=720063&ref=freebtc.mgarticles.com
http://track.reacheffect.com/click/1/c3c351f4-0c23-4464-afce-ca30ac8d3879
http://becanium.com/portent/netbios/acl/1-17514-6689d435681699c17fff3297db0c60c1?tvu=MS_WW
http://cdn.signyoga.com/?cid=90454936-0db9-4164-ada3-5262c7cdfa98

0
0

6ms
6ms

Document
text/html

69.16.175.42
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.signyoga.com/?cid=90454936-0db9-4164-ada3-5262c7cdfa98
Requested by: Host: www.freebtc.mgarticles.com
URL: http://www.freebtc.mgarticles.com/page2.html
Protocol: HTTP/1.1
Server: 69.16.175.42 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS: hwcdn.net
Software: /
Resource Hash

Request headers

Host: cdn.signyoga.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://www.freebtc.mgarticles.com/page2.html
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: 04E50DB26D9B14E426ED663E2BD5B33B
Referer: http://www.freebtc.mgarticles.com/page2.html

Response headers

Date: Mon, 03 Sep 2018 01:14:16 GMT
Connection: Keep-Alive
Accept-Ranges: bytes
Cache-Control: no-cache
Content-Encoding: gzip
Content-Length: 4434
Content-Type: text/html
X-HW: 1535937256.dop001.fr8.t,1535937256.cds046.fr8.c

Redirect headers

Date: Mon, 03 Sep 2018 01:14:16 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Location: http://cdn.signyoga.com/?cid=90454936-0db9-4164-ada3-5262c7cdfa98
X-Zen-Fury: 3d985e749287b5853c544be451a7cbde2dc20bec
Server: ZENEDGE
X-Cache-Status: NOTCACHED

GET
H2 204 redirect
witalfieldt.com/ Frame 6241 0
0 446ms
218ms Document
text/plain 52.23.189.119
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://witalfieldt.com/redirect?tid=715431&ref=freebtc.mgarticles.com
Requested by: Host: www.freebtc.mgarticles.com
URL: http://www.freebtc.mgarticles.com/page2.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.23.189.119 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-23-189-119.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

:method: GET
:authority: witalfieldt.com
:scheme: https
:path: /redirect?tid=715431&ref=freebtc.mgarticles.com
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: http://www.freebtc.mgarticles.com/page2.html
accept-encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: 04E50DB26D9B14E426ED663E2BD5B33B
Referer: http://www.freebtc.mgarticles.com/page2.html

Response headers

status: 204
date: Mon, 03 Sep 2018 01:14:16 GMT
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: csu=05d79eb4-c247-48f8-8a41-cf63f952d4d8 fv=rjkHqjUHqHs8qSEFqjr8pjr6rTk7vdw=; Expires=Tue, 03 Sep 2019 01:14:16 GMT; Max-Age=31536000; Domain=.witalfieldt.com; Path=/; Version=1

GET
H/1.1

200
OK

/
cdn.signyoga.com/ Frame BB04
Redirect Chain

https://gleaminist.info/redirect?tid=720063&ref=freebtc.mgarticles.com
http://track.reacheffect.com/click/1/c3c351f4-0c23-4464-afce-ca30ac8d3879
http://becanium.com/portent/netbios/acl/1-17514-6689d435681699c17fff3297db0c60c1?tvu=MS_WW
http://cdn.signyoga.com/?cid=90454936-0db9-4164-ada3-5262c7cdfa98

0
0

8ms
6ms

Document
text/html

69.16.175.42
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.signyoga.com/?cid=90454936-0db9-4164-ada3-5262c7cdfa98
Requested by: Host: www.freebtc.mgarticles.com
URL: http://www.freebtc.mgarticles.com/page2.html
Protocol: HTTP/1.1
Server: 69.16.175.42 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS: hwcdn.net
Software: /
Resource Hash

Request headers

Host: cdn.signyoga.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://www.freebtc.mgarticles.com/page2.html
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: 04E50DB26D9B14E426ED663E2BD5B33B
Referer: http://www.freebtc.mgarticles.com/page2.html

Response headers

Date: Mon, 03 Sep 2018 01:14:16 GMT
Connection: Keep-Alive
Accept-Ranges: bytes
Cache-Control: no-cache
Content-Encoding: gzip
Content-Length: 4434
Content-Type: text/html
X-HW: 1535937256.dop001.fr8.t,1535937256.cds046.fr8.c

Redirect headers

Date: Mon, 03 Sep 2018 01:14:16 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Location: http://cdn.signyoga.com/?cid=90454936-0db9-4164-ada3-5262c7cdfa98
X-Zen-Fury: 3d985e749287b5853c544be451a7cbde2dc20bec
Server: ZENEDGE
X-Cache-Status: NOTCACHED

GET
H2 204 redirect
witalfieldt.com/ Frame B3D2 0
0 494ms
270ms Document
text/plain 52.23.189.119
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://witalfieldt.com/redirect?tid=715431&ref=freebtc.mgarticles.com
Requested by: Host: www.freebtc.mgarticles.com
URL: http://www.freebtc.mgarticles.com/page2.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.23.189.119 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-23-189-119.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

:method: GET
:authority: witalfieldt.com
:scheme: https
:path: /redirect?tid=715431&ref=freebtc.mgarticles.com
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: http://www.freebtc.mgarticles.com/page2.html
accept-encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: 04E50DB26D9B14E426ED663E2BD5B33B
Referer: http://www.freebtc.mgarticles.com/page2.html

Response headers

status: 204
date: Mon, 03 Sep 2018 01:14:16 GMT
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: csu=cb2e1d1c-31af-4f36-98c9-e66822fe6068 fv=rjkHqjUHqHs8qSEFqjr8pjr6rTk7vdw=; Expires=Tue, 03 Sep 2019 01:14:16 GMT; Max-Age=31536000; Domain=.witalfieldt.com; Path=/; Version=1

GET
H/1.1 200
OK redirect
xml.admeridian.com/ Frame 60E0 0
0 191ms
87ms Document
text/plain 173.239.53.16
Webair Internet D...

General

Check archive.org

Show headers Download Go to

Full URL: http://xml.admeridian.com/redirect?feed=135077&auth=0uWQdO&query=%7Bquery%7D
Requested by: Host: www.freebtc.mgarticles.com
URL: http://www.freebtc.mgarticles.com/page2.html
Protocol: HTTP/1.1
Server: 173.239.53.16 Garden City, United States, ASN36057 (WEBAIR-INTERNET-MTL - Webair Internet Development Company Inc., US),
Reverse DNS
Software: /
Resource Hash

Request headers

Host: xml.admeridian.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://www.freebtc.mgarticles.com/page2.html
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: 04E50DB26D9B14E426ED663E2BD5B33B
Referer: http://www.freebtc.mgarticles.com/page2.html

Response headers

Cache-Control: no-store
Pragma: no-cache
Age: 0
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

Cookie set direct
prpops.com/p/p8co/ Frame B941
Redirect Chain

http://xml.mediaconvers.com/redirect?feed=135519&auth=gUTlfC
http://prpops.com/p/p8co/direct

0
0

318ms
162ms

Document
text/html

23.235.244.225
SECURED SERVERS LLC

General

Check archive.org

Show headers Download Go to

Full URL: http://prpops.com/p/p8co/direct
Requested by: Host: www.freebtc.mgarticles.com
URL: http://www.freebtc.mgarticles.com/page2.html
Protocol: HTTP/1.1
Server: 23.235.244.225 Tempe, United States, ASN20454 (SSASN2 - SECURED SERVERS LLC, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Host: prpops.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://www.freebtc.mgarticles.com/page2.html
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: 04E50DB26D9B14E426ED663E2BD5B33B
Referer: http://www.freebtc.mgarticles.com/page2.html

Response headers

Server: nginx
Date: Mon, 03 Sep 2018 01:14:16 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: woa1quur7O=ebe708a21697f51438f24ed1f77367b0aa551b0d70fb8beae228812b0938585338562239f7d0ffc2c4bbf26db2a06ad408d1c38d0912f3096e6f9c9ad23bc3c3; expires=Sat, 02-Mar-2019 01:14:16 GMT; Max-Age=15552000 biscuit_suus99w8=a915ecc0951e048e2c15623fbfe662a6a9122c8f02c3f0f6e8e85a2be5008fd1; expires=Mon, 03-Sep-2018 01:15:16 GMT; Max-Age=60
Cache-Control: no-cache, must-revalidate, no-transform
Expires: Tue, 31 Dec 2013 23:59:59 GMT
Access-Control-Allow-Origin: *
Content-Encoding: gzip

Redirect headers

Location: http://prpops.com/p/p8co/direct
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK search
xml.ppc.buzz/ Frame 5FFD 0
0 31ms
15ms Document
text/plain 95.211.170.103
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: http://xml.ppc.buzz/search?id=1443&token=fc575c042ccdfcbd99543f30a6bb3f0d&sid=POP&keywords=random&format=pop
Requested by: Host: www.freebtc.mgarticles.com
URL: http://www.freebtc.mgarticles.com/page2.html
Protocol: HTTP/1.1
Server: 95.211.170.103 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Host: xml.ppc.buzz
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://www.freebtc.mgarticles.com/page2.html
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: 04E50DB26D9B14E426ED663E2BD5B33B
Referer: http://www.freebtc.mgarticles.com/page2.html

Response headers

Server: nginx
Date: Mon, 03 Sep 2018 01:14:16 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 0
Connection: keep-alive

GET
H/1.1

200
OK

Cookie set v.php
mediacpm.pl/ Frame 0841
Redirect Chain

http://xml.adxfactory.com/redirect?feed=135520&auth=myyqWb&query={query}
http://mediacpm.pl/v.php?user=10182

0
0

131ms
124ms

Document
text/html

2400:cb00:2048:1::ac40:a007
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://mediacpm.pl/v.php?user=10182
Requested by: Host: www.freebtc.mgarticles.com
URL: http://www.freebtc.mgarticles.com/page2.html
Protocol: HTTP/1.1
Server: 2400:cb00:2048:1::ac40:a007 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / PHP/5.6.36
Resource Hash

Request headers

Host: mediacpm.pl
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://www.freebtc.mgarticles.com/page2.html
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: 04E50DB26D9B14E426ED663E2BD5B33B
Referer: http://www.freebtc.mgarticles.com/page2.html

Response headers

Date: Mon, 03 Sep 2018 01:14:16 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __cfduid=d9f41729e4e1949874ff57be2143d23dd1535937256; expires=Tue, 03-Sep-19 01:14:16 GMT; path=/; domain=.mediacpm.pl; HttpOnly
Vary: Accept-Encoding
X-Powered-By: PHP/5.6.36
Server: cloudflare
CF-RAY: 45445bcb5253272c-FRA
Content-Encoding: gzip

Redirect headers

Location: http://mediacpm.pl/v.php?user=10182
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

redirect
xml.adxfactory.com/ Frame E4ED
Redirect Chain

http://q.adxfactory.com/r?fid=awCNrDUxb8&subid=12345&kw=aloha
http://xml.adxfactory.com/redirect?feed=132619&auth=bqWbdL&query={query}

0
0

85ms
85ms

Document
text/plain

173.239.53.17
Webair Internet D...

General

Check archive.org

Show headers Download Go to

Full URL: http://xml.adxfactory.com/redirect?feed=132619&auth=bqWbdL&query={query}
Requested by: Host: www.freebtc.mgarticles.com
URL: http://www.freebtc.mgarticles.com/page2.html
Protocol: HTTP/1.1
Server: 173.239.53.17 Garden City, United States, ASN36057 (WEBAIR-INTERNET-MTL - Webair Internet Development Company Inc., US),
Reverse DNS
Software: /
Resource Hash

Request headers

Host: xml.adxfactory.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://www.freebtc.mgarticles.com/page2.html
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: 04E50DB26D9B14E426ED663E2BD5B33B
Referer: http://www.freebtc.mgarticles.com/page2.html

Response headers

Cache-Control: no-store
Pragma: no-cache
Age: 0
Connection: keep-alive
Content-Length: 0

Redirect headers

Date: Mon, 03 Sep 2018 01:14:16 GMT
Connection: close
location: http://xml.adxfactory.com/redirect?feed=132619&auth=bqWbdL&query={query}

GET
H/1.1 200
OK redirect
xml.infinity-info.com/ Frame B2B3 0
0 192ms
89ms Document
text/plain 174.137.133.16
Webair Internet D...

General

Check archive.org

Show headers Download Go to

Full URL: http://xml.infinity-info.com/redirect?feed=137001&auth=a50ZMO&query={query}
Requested by: Host: www.freebtc.mgarticles.com
URL: http://www.freebtc.mgarticles.com/page2.html
Protocol: HTTP/1.1
Server: 174.137.133.16 Garden City, United States, ASN27257 (WEBAIR-INTERNET - Webair Internet Development Company Inc., US),
Reverse DNS
Software: /
Resource Hash

Request headers

Host: xml.infinity-info.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://www.freebtc.mgarticles.com/page2.html
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: 04E50DB26D9B14E426ED663E2BD5B33B
Referer: http://www.freebtc.mgarticles.com/page2.html

Response headers

Cache-Control: no-store
Pragma: no-cache
Age: 0
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK redirect
xml.topdealad.com/ Frame CF31 0
0 209ms
107ms Document
text/plain 174.137.133.16
Webair Internet D...

General

Check archive.org

Show headers Download Go to

Full URL: http://xml.topdealad.com/redirect?feed=137145&auth=w092PI
Requested by: Host: www.freebtc.mgarticles.com
URL: http://www.freebtc.mgarticles.com/page2.html
Protocol: HTTP/1.1
Server: 174.137.133.16 Garden City, United States, ASN27257 (WEBAIR-INTERNET - Webair Internet Development Company Inc., US),
Reverse DNS
Software: /
Resource Hash

Request headers

Host: xml.topdealad.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://www.freebtc.mgarticles.com/page2.html
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: 04E50DB26D9B14E426ED663E2BD5B33B
Referer: http://www.freebtc.mgarticles.com/page2.html

Response headers

Cache-Control: no-store
Pragma: no-cache
Age: 0
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK r
xmlapp.infinity-info.com/ Frame 8896 0
0 946ms
847ms Document
text/html 108.59.10.139
Leaseweb USA

General

Check archive.org

Show headers Download Go to

Full URL: http://xmlapp.infinity-info.com/r?fid=27HEOpU9o9&subid=12345&kw=aloha
Requested by: Host: www.freebtc.mgarticles.com
URL: http://www.freebtc.mgarticles.com/page2.html
Protocol: HTTP/1.1
Server: 108.59.10.139 , United States, ASN30633 (LEASEWEB-USA-WDC-01 - Leaseweb USA, Inc., US),
Reverse DNS
Software: /
Resource Hash

Request headers

Host: xmlapp.infinity-info.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://www.freebtc.mgarticles.com/page2.html
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: 04E50DB26D9B14E426ED663E2BD5B33B
Referer: http://www.freebtc.mgarticles.com/page2.html

Response headers

Date: Mon, 03 Sep 2018 01:14:16 GMT
Connection: close
transfer-encoding: chunked

GET
H/1.1 200
OK redirect
xml.mobipromote.com/ Frame 3AC7 0
0 186ms
87ms Document
text/plain 173.239.53.21
Webair Internet D...

General

Check archive.org

Show headers Download Go to

Full URL: http://xml.mobipromote.com/redirect?feed=138004&auth=unk0ts
Requested by: Host: www.freebtc.mgarticles.com
URL: http://www.freebtc.mgarticles.com/page2.html
Protocol: HTTP/1.1
Server: 173.239.53.21 Garden City, United States, ASN27257 (WEBAIR-INTERNET - Webair Internet Development Company Inc., US),
Reverse DNS
Software: /
Resource Hash

Request headers

Host: xml.mobipromote.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://www.freebtc.mgarticles.com/page2.html
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: 04E50DB26D9B14E426ED663E2BD5B33B
Referer: http://www.freebtc.mgarticles.com/page2.html

Response headers

Cache-Control: no-store
Pragma: no-cache
Age: 0
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK fc.php Show response
www.supercounters.com/ 2 KB
579 B 204ms
98ms Script
application/x-javascript 172.104.29.90
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: http://www.supercounters.com/fc.php?id=1479695&v=1&w=3&nv=10&ua=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_13_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F67.0.3396.87%20Safari%2F537.36&ref=&url=http%3A%2F%2Fwww.freebtc.mgarticles.com%2Fpage2.html&title=Get%20Free%20Bitcoin%2C%20Bitcoin%20Cash%2C%20Dogecoin%2C%20Litecoin%2C%20Dash&sw=1600&sh=1200&rand=38
Requested by: Host: widget.supercounters.com
URL: http://widget.supercounters.com/ssl/vt.js
Protocol: HTTP/1.1
Server: 172.104.29.90 Absecon, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: li1848-90.members.linode.com
Software: nginx/1.12.2 / PHP/7.2.0
Resource Hash: 39543249fa1a94426317af3f1bc47ab619f6a65eed368926866e606c31f9ba08

Request headers

Referer: http://www.freebtc.mgarticles.com/page2.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 03 Sep 2018 01:14:16 GMT
Content-Encoding: gzip
Server: nginx/1.12.2
Connection: keep-alive
X-Powered-By: PHP/7.2.0
Transfer-Encoding: chunked
Content-Type: application/x-javascript

GET
H/1.1 200
OK flagsprites.png
widget.supercounters.com/images/ 68 KB
68 KB 9ms
8ms Image
image/png 2400:cb00:2048:1::6818:67f3
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://widget.supercounters.com/images/flagsprites.png
Requested by: Host: www.freebtc.mgarticles.com
URL: http://www.freebtc.mgarticles.com/page2.html
Protocol: HTTP/1.1
Server: 2400:cb00:2048:1::6818:67f3 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: f5f7b1faf32c396ab4a0a1548547f6c7ff8037d1a7fb7d0ad633a3cbe2c0efe4

Request headers

Referer: http://www.freebtc.mgarticles.com/page2.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 03 Sep 2018 01:14:16 GMT
CF-Cache-Status: HIT
Last-Modified: Tue, 11 Apr 2017 07:31:00 GMT
Server: cloudflare
ETag: "58ec8634-10f18"
Vary: Accept-Encoding
Content-Type: image/png
Cache-Control: public, max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 45445bcc55682714-FRA
Content-Length: 69400
Expires: Mon, 03 Sep 2018 05:14:16 GMT

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.dailymotion.com/	1970-01-19 03:24:33	Name: damd Value: GIN4BcxA-2aVCTU8Uw1yb05X2tarAQXBMXGcBYvwOAn0rzo7_j3uGKIDf9vbrYpah5n8rbsaUZyYlMoLSj0qyjkmEGpYds8VIB-gsPRzV8cqqGyslggL3vOXc9GTVbigik9tEZAr6UTnIQRcm49ERrYFwECUCkuBBqAB__4wG3Rcj4mXh9jTtwOFgj24wQSN
.dailymotion.com/	1970-01-19 03:24:33	Name: v1st Value: 146707CE69569CA2F0CF1EFD1589A64B
.dailymotion.com/	1970-01-19 03:24:33	Name: ts Value: 486185
www.dailymotion.com/	1970-01-18 18:39:33	Name: client_token Value: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJhaWQiOiJmMWEzNjJkMjg4YzFiOTgwOTljNyIsInJvbCI6ImNhbi1tYW5hZ2UtdXNlci1hbmFseXRpY3MgY2FuLXJlYWQtbXktdmlkZW8tc3RyZWFtcyBjYW4tZG93bmxvYWQtbXktdmlkZW9zIGFjdC1hcyBhbGxzY29wZXMgYWNjb3VudC1jcmVhdG9yIGNhbi1yZWFkLWFwcGxpY2F0aW9ucyIsInNjbyI6Im1hbmFnZV9zdWJzY3JpcHRpb25zIG1hbmFnZV92aWRlb3MgdXNlcmluZm8iLCJsdG8iOiJhR3dDVlF0Y1ZFUUJRUk1QR1ZwYVR4WmREUUFGIiwiYWluIjoxLCJhZGciOjEsImV4cCI6MTUzNTk3MzI1OSwiZG12IjoiMSIsImF0cCI6ImJyb3dzZXIiLCJhZGEiOiJ3d3cuZGFpbHltb3Rpb24uY29tIiwiY2FkIjoyLCJjeHAiOjIsImNhdSI6Miwia2lkIjoiQUY4NDlERDczQTU4NjNDRDdEOTdEMEJBQjA3MjI0M0IifQ.xy08sCJszQY2QWglJiJm9-VDJVCTuD1CDZiHRygYlQY
www.dailymotion.com/	1970-01-19 04:07:45	Name: clsu Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.a-ads.com
becanium.com
cdn.signyoga.com
gleaminist.info
mediacpm.pl
prpops.com
q.adxfactory.com
track.reacheffect.com
widget.supercounters.com
witalfieldt.com
www.dailymotion.com
www.freebtc.mgarticles.com
www.supercounters.com
xml.admeridian.com
xml.adxfactory.com
xml.infinity-info.com
xml.mediaconvers.com
xml.mobipromote.com
xml.ppc.buzz
xml.topdealad.com
xmlapp.infinity-info.com
108.59.10.139
108.59.13.17
172.104.29.90
172.96.186.208
173.239.53.16
173.239.53.17
173.239.53.21
174.137.133.16
18.213.217.51
195.8.215.136
205.147.93.132
23.235.244.225
2400:cb00:2048:1::6812:3c19
2400:cb00:2048:1::6812:3d19
2400:cb00:2048:1::6818:67f3
2400:cb00:2048:1::ac40:a007
52.23.189.119
69.16.175.42
85.10.200.158
95.211.170.103
1bd655fcd6842e460e37230e49fb6a93cb41f76522f28448e8f1dc61f950c908
220dadad37520e55292e7f543a88820e56ce2977050b581b00b49fc27470369c
39543249fa1a94426317af3f1bc47ab619f6a65eed368926866e606c31f9ba08
6c04d0b4f8fcbcea9a691d4a2ad3ebdd9f3ff1a477cc46ccb706cc87945bea66
f5f7b1faf32c396ab4a0a1548547f6c7ff8037d1a7fb7d0ad633a3cbe2c0efe4

www.freebtc.mgarticles.com Open in urlscan Pro 172.96.186.208 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

24 Requests

25 %HTTPS

20 %IPv6

18 Domains

21 Subdomains

15 IPs

5 Countries

141 kBTransfer

154 kBSize

5 Cookies

12 Outgoing links

Redirected requests

24 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

5 Cookies

www.freebtc.mgarticles.com Open in urlscan Pro
172.96.186.208 Public Scan

Screenshot
Live screenshot

Full Image

24
Requests

25 %
HTTPS

20 %
IPv6

18
Domains

21
Subdomains

15
IPs

5
Countries

141 kB
Transfer

154 kB
Size

5
Cookies

24 HTTP transactions
0 data transactions