safeheavenbtc.com Open in urlscan Pro
185.61.154.55 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://31.210.110.184/73phn.yxgn?323lxd=o4a&1ml0b=p&3x=1&8tuzzs=1&lid=4yy&wSkkHS=Km#241999598163551
Effective URL:
https://safeheavenbtc.com/jort-kelder/?ci=71&ai=2958268&gi=56&MPC_1=2a0c1724-c2b2-11ea-9b25-611b27d79799&MPC_2=&so=https:/...
Submission: On July 10 via api (July 10th 2020, 1:35:24 pm UTC) from BE

Summary HTTP 53 Redirects Behaviour Indicators

Summary

This website contacted 6 IPs in 5 countries across 7 domains to perform 53 HTTP transactions. The main IP is 185.61.154.55, located in United Kingdom and belongs to NAMECHEAP-NET, US. The main domain is safeheavenbtc.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on March 22nd 2020. Valid for: a year.

This is the only time safeheavenbtc.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Investment Scam (Online) Lion's Den Scam (Online)

Domain & IP information

	IP Address	AS Autonomous System
1 1	31.210.110.184 31.210.110.184	197328 (INETLTD) (INETLTD)
1 1	51.222.35.112 51.222.35.112	16276 (OVH) (OVH)
1 2	51.83.230.47 51.83.230.47	16276 (OVH) (OVH)
1 1	157.52.193.101 157.52.193.101	46573 (LAYER-HOST) (LAYER-HOST)
1 2	179.61.143.118 179.61.143.118	61317 (ASDETUK h...) (ASDETUK http://www.heficed.com)
1 50	185.61.154.55 185.61.154.55	22612 (NAMECHEAP...) (NAMECHEAP-NET)
1	2606:4700:20:... 2606:4700:20::ac43:4824	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3031::681f:459e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
53	6

1 31.210.110.184 (Turkey) 1 redirects

ASN197328 (INETLTD, TR)

31.210.110.184	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.222.35.112 (France) 1 redirects

ASN16276 (OVH, FR)

gotomaxinfo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.83.230.47 (France) 1 redirects

ASN16276 (OVH, FR)

kollectorates.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 157.52.193.101 (Los Angeles, United States) 1 redirects

ASN46573 (LAYER-HOST, US)

m1o6.newestlinks.company	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 179.61.143.118 (Vienna, Austria) 1 redirects

ASN61317 (ASDETUK http://www.heficed.com, GB)

qtb8nh.y12z25y1w9.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

50 185.61.154.55 (United Kingdom) 1 redirects

ASN22612 (NAMECHEAP-NET, US)

safeheavenbtc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:4824 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.trackbox.guru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3031::681f:459e (United States)

ASN13335 (CLOUDFLARENET, US)

platform.best-traffic.club	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
50	safeheavenbtc.com 1 redirects safeheavenbtc.com	2 MB
2	y12z25y1w9.top 1 redirects qtb8nh.y12z25y1w9.top	13 KB
2	kollectorates.com 1 redirects kollectorates.com	1 KB
1	best-traffic.club platform.best-traffic.club	1 KB
1	trackbox.guru cdn.trackbox.guru	62 KB
1	newestlinks.company 1 redirects m1o6.newestlinks.company	518 B
1	gotomaxinfo.com 1 redirects gotomaxinfo.com	330 B
53	7

	Domain	Requested by
50	safeheavenbtc.com	1 redirects qtb8nh.y12z25y1w9.top safeheavenbtc.com
2	qtb8nh.y12z25y1w9.top	1 redirects kollectorates.com
2	kollectorates.com	1 redirects
1	platform.best-traffic.club	safeheavenbtc.com
1	cdn.trackbox.guru	safeheavenbtc.com
1	m1o6.newestlinks.company	1 redirects
1	gotomaxinfo.com	1 redirects
53	7

This site contains no links.

Subject Issuer	Validity	Valid
kollectorates.com Let's Encrypt Authority X3	`2020-06-29` - `2020-09-27`	3 months	crt.sh
y12z25y1w9.top Let's Encrypt Authority X3	`2020-06-09` - `2020-09-07`	3 months	crt.sh
safeheavenbtc.com Sectigo RSA Domain Validation Secure Server CA	`2020-03-22` - `2021-03-22`	a year	crt.sh
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2019-12-11` - `2020-10-09`	10 months	crt.sh

This page contains 1 frames:

Primary Page: https://safeheavenbtc.com/jort-kelder/?ci=71&ai=2958268&gi=56&MPC_1=2a0c1724-c2b2-11ea-9b25-611b27d79799&MPC_2=&so=https://topconversion.club/nl/btc-revolution&s2s2=2a0c1724-c2b2-11ea-9b25-611b27d79799
Frame ID: 3019C33D84877B8D22B60BF108E9602F
Requests: 61 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://31.210.110.184/73phn.yxgn?323lxd=o4a&1ml0b=p&3x=1&8tuzzs=1&lid=4yy&wSkkHS=Km HTTP 302
http://gotomaxinfo.com/r/a02ec277-65fc-4653-a69f-a35185dfac62//25_31.210.110.184_141_165.231.142.36... HTTP 302
https://kollectorates.com/r/29e028de-409a-4a78-8317-2efe4b5cb991//25_31.210.110.184_141_165.231.142.36... Page URL
https://kollectorates.com/r2/29e028de-409a-4a78-8317-2efe4b5cb991//25_31.210.110.184_141_165.231.142.3... HTTP 302
https://m1o6.newestlinks.company/?s1=49434db2-e6e6-40f4-9ac4-f8cb6a6ca0c4&s2=&kw= HTTP 302
https://qtb8nh.y12z25y1w9.top/?sov=450c6aee63d&hid=bnbbdrnjfjdfhn&&cntrl=00000&pid=10044&redid=75393&gsid=... Page URL
https://qtb8nh.y12z25y1w9.top/ROI1255advertorialNL.html?sov=450c6aee63d&cntrl=00000&pid=10044&redid=75393&... HTTP 302
https://safeheavenbtc.com/jort-kelder?ci=71&ai=2958268&gi=56&MPC_1=2a0c1724-c2b2-11ea-9b25-611b27d7979... HTTP 301
https://safeheavenbtc.com/jort-kelder/?ci=71&ai=2958268&gi=56&MPC_1=2a0c1724-c2b2-11ea-9b25-611b27d797... Page URL

Page Statistics

53
Requests

100 %
HTTPS

25 %
IPv6

7
Domains

7
Subdomains

6
IPs

5
Countries

2573 kB
Transfer

2986 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://31.210.110.184/73phn.yxgn?323lxd=o4a&1ml0b=p&3x=1&8tuzzs=1&lid=4yy&wSkkHS=Km HTTP 302
http://gotomaxinfo.com/r/a02ec277-65fc-4653-a69f-a35185dfac62//25_31.210.110.184_141_165.231.142.36/184926145_2733275_6442/ HTTP 302
https://kollectorates.com/r/29e028de-409a-4a78-8317-2efe4b5cb991//25_31.210.110.184_141_165.231.142.36/184926145_2733275_6442//?fctr=1 Page URL
https://kollectorates.com/r2/29e028de-409a-4a78-8317-2efe4b5cb991//25_31.210.110.184_141_165.231.142.36/184926145_2733275_6442/49434db2-e6e6-40f4-9ac4-f8cb6a6ca0c4/?fctr=1&fctr=1 HTTP 302
https://m1o6.newestlinks.company/?s1=49434db2-e6e6-40f4-9ac4-f8cb6a6ca0c4&s2=&kw= HTTP 302
https://qtb8nh.y12z25y1w9.top/?sov=450c6aee63d&hid=bnbbdrnjfjdfhn&&cntrl=00000&pid=10044&redid=75393&gsid=488&campaign_id=1228&p_id=10044&id=XNSX.49434db2%7C%7Ce6e6%7C%7C40f4%7C%7C9ac4%7C%7Cf8cb6a6ca0c4-r75393-t488&impid=274324ba-c2b2-11ea-86e7-cae258990218 Page URL
https://qtb8nh.y12z25y1w9.top/ROI1255advertorialNL.html?sov=450c6aee63d&cntrl=00000&pid=10044&redid=75393&gsid=488&campaign_id=1228&p_id=10044&id=XNSX.49434db2%7C%7Ce6e6%7C%7C40f4%7C%7C9ac4%7C%7Cf8cb6a6ca0c4-r75393-t488&impid=274324ba-c2b2-11ea-86e7-cae258990218&tov=685867 HTTP 302
https://safeheavenbtc.com/jort-kelder?ci=71&ai=2958268&gi=56&MPC_1=2a0c1724-c2b2-11ea-9b25-611b27d79799&MPC_2=&so=https://topconversion.club/nl/btc-revolution&s2s2=2a0c1724-c2b2-11ea-9b25-611b27d79799 HTTP 301
https://safeheavenbtc.com/jort-kelder/?ci=71&ai=2958268&gi=56&MPC_1=2a0c1724-c2b2-11ea-9b25-611b27d79799&MPC_2=&so=https://topconversion.club/nl/btc-revolution&s2s2=2a0c1724-c2b2-11ea-9b25-611b27d79799 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://31.210.110.184/73phn.yxgn?323lxd=o4a&1ml0b=p&3x=1&8tuzzs=1&lid=4yy&wSkkHS=Km HTTP 302
http://gotomaxinfo.com/r/a02ec277-65fc-4653-a69f-a35185dfac62//25_31.210.110.184_141_165.231.142.36/184926145_2733275_6442/ HTTP 302
https://kollectorates.com/r/29e028de-409a-4a78-8317-2efe4b5cb991//25_31.210.110.184_141_165.231.142.36/184926145_2733275_6442//?fctr=1

Request Chain 1

https://kollectorates.com/r2/29e028de-409a-4a78-8317-2efe4b5cb991//25_31.210.110.184_141_165.231.142.36/184926145_2733275_6442/49434db2-e6e6-40f4-9ac4-f8cb6a6ca0c4/?fctr=1&fctr=1 HTTP 302
https://m1o6.newestlinks.company/?s1=49434db2-e6e6-40f4-9ac4-f8cb6a6ca0c4&s2=&kw= HTTP 302
https://qtb8nh.y12z25y1w9.top/?sov=450c6aee63d&hid=bnbbdrnjfjdfhn&&cntrl=00000&pid=10044&redid=75393&gsid=488&campaign_id=1228&p_id=10044&id=XNSX.49434db2%7C%7Ce6e6%7C%7C40f4%7C%7C9ac4%7C%7Cf8cb6a6ca0c4-r75393-t488&impid=274324ba-c2b2-11ea-86e7-cae258990218

53 HTTP transactions
8 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	/ Show response kollectorates.com/r/29e028de-409a-4a78-8317-2efe4b5cb991//25_31.210.110.184_141_165.231.142.36/184926145_2733275_6442// Redirect Chain http://31.210.110.184/73phn.yxgn?323lxd=o4a&1ml0b=p&3x=1&8tuzzs=1&lid=4yy&wSkkHS=Km http://gotomaxinfo.com/r/a02ec277-65fc-4653-a69f-a35185dfac62//25_31.210.110.184_141_165.231.142.36/184926145_2733275_6442/ https://kollectorates.com/r/29e028de-409a-4a78-8317-2efe4b5cb991//25_31.210.110.184_141_165.231.142.36/184926145_2733275_6442//?fctr=1	748 B 900 B	400ms 101ms	Document text/html	51.83.230.47 OVH
General Check archive.org Show headers Download Go to Full URL https://kollectorates.com/r/29e028de-409a-4a78-8317-2efe4b5cb991//25_31.210.110.184_141_165.231.142.36/184926145_2733275_6442//?fctr=1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 51.83.230.47 , France, ASN16276 (OVH, FR), Reverse DNS Software nginx / Resource Hash `9697fbf492c5a9931527e1ac07ed013300a96513f14db76fda44ca751085bcf7` Request headers Host kollectorates.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site none Sec-Fetch-Mode navigate Sec-Fetch-User ?1 Sec-Fetch-Dest document Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Server nginx Date Fri, 10 Jul 2020 13:34:55 GMT Content-Type text/html Transfer-Encoding chunked Connection keep-alive set-cookie 8e4d8882-511a-4735-b38f-b657767e925e=49434db2-e6e6-40f4-9ac4-f8cb6a6ca0c4; Version=1; Expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; Domain=kollectorates.com; Path=/ 8e4d8882-511a-4735-b38f-b657767e925e-check=49434db2-e6e6-40f4-9ac4-f8cb6a6ca0c4; Version=1; Expires=Fri, 10-Jul-2020 13:44:55 GMT; Max-Age=600; Domain=kollectorates.com; Path=/ Cache-Control no-cache Expires Fri, 10 Jul 2020 13:34:55 GMT Content-Encoding gzip Redirect headers Server nginx Date Fri, 10 Jul 2020 13:34:55 GMT Content-Length 157 Connection keep-alive Location https://kollectorates.com/r/29e028de-409a-4a78-8317-2efe4b5cb991//25_31.210.110.184_141_165.231.142.36/184926145_2733275_6442//?fctr=1 Cache-Control no-cache Expires Fri, 10 Jul 2020 13:34:55 GMT
GET H/1.1	200 OK	Cookie set / Show response qtb8nh.y12z25y1w9.top/ Redirect Chain https://kollectorates.com/r2/29e028de-409a-4a78-8317-2efe4b5cb991//25_31.210.110.184_141_165.231.142.36/184926145_2733275_6442/49434db2-e6e6-40f4-9ac4-f8cb6a6ca0c4/?fctr=1&fctr=1 https://m1o6.newestlinks.company/?s1=49434db2-e6e6-40f4-9ac4-f8cb6a6ca0c4&s2=&kw= https://qtb8nh.y12z25y1w9.top/?sov=450c6aee63d&hid=bnbbdrnjfjdfhn&&cntrl=00000&pid=10044&redid=75393&gsid=488&campaign_id=1228&p_id=10044&id=XNSX.49434db2%7C%7Ce6e6%7C%7C40f4%7C%7C9ac4%7C%7Cf8cb6a6...	2 KB 10 KB	4567ms 256ms	Document text/html	179.61.143.118 ASDETUK http://ww...
General Check archive.org Show headers Download Go to Full URL https://qtb8nh.y12z25y1w9.top/?sov=450c6aee63d&hid=bnbbdrnjfjdfhn&&cntrl=00000&pid=10044&redid=75393&gsid=488&campaign_id=1228&p_id=10044&id=XNSX.49434db2%7C%7Ce6e6%7C%7C40f4%7C%7C9ac4%7C%7Cf8cb6a6ca0c4-r75393-t488&impid=274324ba-c2b2-11ea-86e7-cae258990218 Requested by Host: kollectorates.com URL: https://kollectorates.com/r/29e028de-409a-4a78-8317-2efe4b5cb991//25_31.210.110.184_141_165.231.142.36/184926145_2733275_6442//?fctr=1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 179.61.143.118 Vienna, Austria, ASN61317 (ASDETUK http://www.heficed.com, GB), Reverse DNS Software / Resource Hash `496e15f347772f9c2792a38e14c1c5524f17f5389b85fd4785471f3f9a590fad` Request headers Host qtb8nh.y12z25y1w9.top Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site cross-site Sec-Fetch-Mode navigate Sec-Fetch-Dest document Referer https://kollectorates.com/r/29e028de-409a-4a78-8317-2efe4b5cb991//25_31.210.110.184_141_165.231.142.36/184926145_2733275_6442//?fctr=1 Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://kollectorates.com/r/29e028de-409a-4a78-8317-2efe4b5cb991//25_31.210.110.184_141_165.231.142.36/184926145_2733275_6442//?fctr=1#241999598163551 Response headers Date Fri, 10 Jul 2020 13:35:05 GMT Content-Type text/html; charset=UTF-8 Transfer-Encoding chunked P3P CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" Set-Cookie ci_session=8bu2d7IHyCFE6CZ1rrrwmJuVXuhhiC1Of3F5UVSiOU2wkLbqNEMRTTGyViPNbM4BTwnvu2vKqjw1%2FCvd6L1j61u4cw9a1AKt%2BoCGujEMqtqzJ8GYpANlzktZpiQ2XTET%2BPHm3lQrGEY6FRzZrMCrLck51BAOWjGNRh%2Fy9TZ8V%2BVX6xTxCt%2FNfCeFvPZ6PfrRetwwzaXOWnTHV6pHAIn4NSlkvQWv%2B8iNSlfkhJcZ5Q2yOIHRkuEe4NFBF6tFadGzs8vhg7zrpzHTZ8NPRqi6OsqFaeJYoy%2BIqtoyOqGWIRKRcZsXceqpbK9ttB8ZDYDQ8azO0iGjGMklTMCc4bFBW0gyHWFfzVpZV9%2BPCo%2FxgdqECqmfyExrJqQd9Pn0qhkK2XM9asM%2F1a8EH0bHgrtIo937LyeCcalUqXoMX3ePMCyR18WMjnVd0p%2B0vAU8LKf2JBDVdjxyI2auUom8qSXXtw%3D%3D; expires=Sat, 11-Jul-2020 13:35:05 GMT; Max-Age=86400; path=/; domain=.qtb8nh.y12z25y1w9.top click_id_274324ba-c2b2-11ea-86e7-cae258990218=2a0c1724-c2b2-11ea-9b25-611b27d79799 id=XNSX.49434db2%7C%7Ce6e6%7C%7C40f4%7C%7C9ac4%7C%7Cf8cb6a6ca0c4-r75393-t488; expires=Sat, 11-Jul-2020 13:36:45 GMT; Max-Age=86500; path=/; domain=.qtb8nh.y12z25y1w9.top SITE_ID=450c6aee63d; expires=Sat, 11-Jul-2020 13:36:45 GMT; Max-Age=86500; path=/; domain=.qtb8nh.y12z25y1w9.top sov=450c6aee63d; expires=Sat, 11-Jul-2020 13:36:45 GMT; Max-Age=86500; path=/; domain=.qtb8nh.y12z25y1w9.top tov=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.qtb8nh.y12z25y1w9.top mov=noprelanders.mini; expires=Sat, 11-Jul-2020 13:36:45 GMT; Max-Age=86500; path=/; domain=.qtb8nh.y12z25y1w9.top redid=75393; expires=Sat, 11-Jul-2020 13:36:45 GMT; Max-Age=86500; path=/; domain=.qtb8nh.y12z25y1w9.top campaign_id=1228; expires=Sat, 11-Jul-2020 13:36:45 GMT; Max-Age=86500; path=/; domain=.qtb8nh.y12z25y1w9.top gsid=488; expires=Sat, 11-Jul-2020 13:36:45 GMT; Max-Age=86500; path=/; domain=.qtb8nh.y12z25y1w9.top pid=10044; expires=Sat, 11-Jul-2020 13:36:45 GMT; Max-Age=86500; path=/; domain=.qtb8nh.y12z25y1w9.top ref=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.qtb8nh.y12z25y1w9.top impid=274324ba-c2b2-11ea-86e7-cae258990218; expires=Sat, 11-Jul-2020 13:36:45 GMT; Max-Age=86500; path=/; domain=.qtb8nh.y12z25y1w9.top URI=sov%3D450c6aee63d%26hid%3Dbnbbdrnjfjdfhn%26%26cntrl%3D00000%26pid%3D10044%26redid%3D75393%26gsid%3D488%26campaign_id%3D1228%26p_id%3D10044%26id%3DXNSX.49434db2%257C%257Ce6e6%257C%257C40f4%257C%257C9ac4%257C%257Cf8cb6a6ca0c4-r75393-t488%26impid%3D274324ba-c2b2-11ea-86e7-cae258990218; expires=Sat, 11-Jul-2020 13:36:45 GMT; Max-Age=86500; path=/; domain=.qtb8nh.y12z25y1w9.top templateid=4379; expires=Sat, 11-Jul-2020 13:36:45 GMT; Max-Age=86500; path=/; domain=.qtb8nh.y12z25y1w9.top path=redirect; expires=Sat, 11-Jul-2020 13:36:45 GMT; Max-Age=86500; path=/; domain=.qtb8nh.y12z25y1w9.top version=685867; expires=Sat, 11-Jul-2020 13:36:45 GMT; Max-Age=86500; path=/; domain=.qtb8nh.y12z25y1w9.top tags[4379][expand_enable]=-1; expires=Sat, 11-Jul-2020 13:36:45 GMT; Max-Age=86500; path=/; domain=.qtb8nh.y12z25y1w9.top tags[4379][alert_enable]=0; expires=Sat, 11-Jul-2020 13:36:45 GMT; Max-Age=86500; path=/; domain=.qtb8nh.y12z25y1w9.top tags[4379][audio_enable]=0; expires=Sat, 11-Jul-2020 13:36:45 GMT; Max-Age=86500; path=/; domain=.qtb8nh.y12z25y1w9.top tags[4379][pop_enable]=0; expires=Sat, 11-Jul-2020 13:36:45 GMT; Max-Age=86500; path=/; domain=.qtb8nh.y12z25y1w9.top tags[685867][expand_enable]=-1; expires=Sat, 11-Jul-2020 13:36:45 GMT; Max-Age=86500; path=/; domain=.qtb8nh.y12z25y1w9.top tags[685867][alert_enable]=0; expires=Sat, 11-Jul-2020 13:36:45 GMT; Max-Age=86500; path=/; domain=.qtb8nh.y12z25y1w9.top tags[685867][audio_enable]=0; expires=Sat, 11-Jul-2020 13:36:45 GMT; Max-Age=86500; path=/; domain=.qtb8nh.y12z25y1w9.top tags[685867][pop_enable]=0; expires=Sat, 11-Jul-2020 13:36:45 GMT; Max-Age=86500; path=/; domain=.qtb8nh.y12z25y1w9.top content=685867; expires=Sat, 11-Jul-2020 13:36:45 GMT; Max-Age=86500; path=/; domain=.qtb8nh.y12z25y1w9.top token=0024cf1c78984d941b29de4a8cff4a15; expires=Sat, 11-Jul-2020 13:36:45 GMT; Max-Age=86500; path=/; domain=.qtb8nh.y12z25y1w9.top rpm=57; expires=Sat, 11-Jul-2020 13:36:45 GMT; Max-Age=86500; path=/; domain=.qtb8nh.y12z25y1w9.top log_450c6aee63d=1; expires=Sat, 11-Jul-2020 13:36:45 GMT; Max-Age=86500; path=/; domain=.qtb8nh.y12z25y1w9.top token=0024cf1c78984d941b29de4a8cff4a15; expires=Sat, 11-Jul-2020 13:36:45 GMT; Max-Age=86500; path=/; domain=.qtb8nh.y12z25y1w9.top rpm=57; expires=Sat, 11-Jul-2020 13:36:45 GMT; Max-Age=86500; path=/; domain=.qtb8nh.y12z25y1w9.top payload=6ecfea4ddf3d278cf4c9129078b754b7818a4df08dc76aa29581d9d014f615d176a5f070ff97a8fa11e158859a2aaaea5615873641bcd569f02800a6fdf663e69e1c899d2f569ea188dc824f9165c404f850b231f0f16748dac93deee5eeaf3ed44a5cad3f3bc1495a26e2699ed50bc8a571a1f44e0c1c5b36c409c0f00bfdb2cbc08bea4b2a5aaf01e46e4df0f681d7580b2d3dd6ddd5cc187a4ec7de4f934fa03657b572a21dad633d7d52fc99e6f340b5e7327a5309a5e06411cfc57c296c4babd9d6af1d79efffee599492dd72179058de98dbae919fb35024dbb39807d587523be06e6ec787b78eeea2f6142310eec2eab5075cf86f81a2f6c3de73f36e9b9cac46c94f4f903bdc388f12acfc211517b54499cb72884a46a34fde7016cd1ba3df24c5993f4559b2a72467231b1f3e5003f1a70f72e8a7acb185197d0c2caa20e5dc13af6e16af871f2aa5fe93fcb945a9fb14216e90995ec39aee14c2839089095c7af7109801504e46c1dfe3e386d0bd4cb4a147e0ba97c1c64d9dde9cb955ff33e78d3461daa1925a594ec6b7705b65afe4638f1bc3614db0ca1f87156002417d12860097b57b3e89089c2340b919dba2cfee17573918f51ef9ad4f2f6fdc31baf2d7883f80f873a5fc2f1894307650ff87ede2d1b06ad91b9f297a48be57a765d9d3655e523b83870d7592814fc0b6f57ccefd88d32901b0247e123c7688d7f41cb9b41ce0c263f035f146bad93f0b8679980a95c9fa2e3fa92cef5c68299ec835995492f7f9d31329d0c2017da122b2cdfc8fadbaf9cd405fc9abc81e64a7ab06cccf0adfee956890b8451da51ccc96df7a42e268ebd8af9b9d766f15494a816d788c829485bb1c4db920516e76a2a59501e15fd5fdfc07bebcd4eb74493aeb7c2b7c96be5d99d4738ad28f5946da58e0e3e333974a03dcdf9036976c16301a715920067274fa3713c5f812938f349c08590c50eca1b2f0c069829627b402a995a5571789c07b1a887ce06dde600d545e5f8d2503d550a2f92976ee44cc74403f985a3ef3316eccc824ca60063885ed2a27dbe0e2a77c21e7eccd19c07aefd098a2deeb3c64d016cd8398af026c6462c8146384a8ef4c312d1efec5a7c320d1aa9fc9ff316b7f96463ebe2b69fa2a5aaf53ab600587a5297e88fbe1cff0058e87067f246946b2b19804f14488f3c1362c3b57543a519f8fd6bea9166cb8abaeea9eb14fb33cd28927d4bf601f87977f1c9102c87e7387f8acac3edda1e88f53aabb53114c69080a669519640910d2294fcf4e0519bd0c7a29bf920f2e5e89299084ec1335f8a64cb13ecaf81baaa7722acd5c58733fa25a201af9eaf27919b3e7f3d08f6945c21316a4e96a46af51355dbe25f09cc4bea1817b65b3b9ae27867159ba1e86d858b6b6340ad51b23efe50212481d12ff0bb1a55454c8a94ee9490393611b89d9c3c47cfe70d4393bbedc22d605c5aa301d4b8b8e0b87883cdaa622d756f32b08d372355d1c327356a3cecdb42aed8f384f2b40b3a76e068cfd11d1b59066d566381a95117a699c20fa575f07bbbffe357f86f3148712427218068e96c3db6b7364f486450f458259c89ee6fa3c5be02c8c7ab6007abca1bec359e945f09dabc910f87759f37f5506ce2cc78adac611f1f1a3f93f4925942413eb0ae2c634cda086715c66b5b26bc28763f5cbeb292fd86efabed3c67119150c055a8fb5ddb317710cce9b36d7c13c76fe424cedcd9f6c3ad412badb9b1092a67b; expires=Sat, 11-Jul-2020 13:36:45 GMT; Max-Age=86500; path=/; domain=.qtb8nh.y12z25y1w9.top payloadIV=44faaeb87d9d4f5b055741b35cc07d6d; expires=Sat, 11-Jul-2020 13:36:45 GMT; Max-Age=86500; path=/; domain=.qtb8nh.y12z25y1w9.top init_ev=0; expires=Sat, 11-Jul-2020 13:36:45 GMT; Max-Age=86500; path=/; domain=.qtb8nh.y12z25y1w9.top id=XNSX.49434db2%7C%7Ce6e6%7C%7C40f4%7C%7C9ac4%7C%7Cf8cb6a6ca0c4-r75393-t488; expires=Sat, 11-Jul-2020 13:36:45 GMT; Max-Age=86500; path=/; domain=.qtb8nh.y12z25y1w9.top SITE_ID=450c6aee63d; expires=Sat, 11-Jul-2020 13:36:45 GMT; Max-Age=86500; path=/; domain=.qtb8nh.y12z25y1w9.top sov=450c6aee63d; expires=Sat, 11-Jul-2020 13:36:45 GMT; Max-Age=86500; path=/; domain=.qtb8nh.y12z25y1w9.top tov=685867; expires=Sat, 11-Jul-2020 13:36:45 GMT; Max-Age=86500; path=/; domain=.qtb8nh.y12z25y1w9.top mov=noprelanders.mini; expires=Sat, 11-Jul-2020 13:36:45 GMT; Max-Age=86500; path=/; domain=.qtb8nh.y12z25y1w9.top redid=75393; expires=Sat, 11-Jul-2020 13:36:45 GMT; Max-Age=86500; path=/; domain=.qtb8nh.y12z25y1w9.top campaign_id=1228; expires=Sat, 11-Jul-2020 13:36:45 GMT; Max-Age=86500; path=/; domain=.qtb8nh.y12z25y1w9.top gsid=488; expires=Sat, 11-Jul-2020 13:36:45 GMT; Max-Age=86500; path=/; domain=.qtb8nh.y12z25y1w9.top pid=10044; expires=Sat, 11-Jul-2020 13:36:45 GMT; Max-Age=86500; path=/; domain=.qtb8nh.y12z25y1w9.top ref=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.qtb8nh.y12z25y1w9.top impid=274324ba-c2b2-11ea-86e7-cae258990218; expires=Sat, 11-Jul-2020 13:36:45 GMT; Max-Age=86500; path=/; domain=.qtb8nh.y12z25y1w9.top tags[4379][iframe_enable]=0; expires=Sat, 11-Jul-2020 13:36:45 GMT; Max-Age=86500; path=/; domain=.qtb8nh.y12z25y1w9.top mini-backend=; Expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/ X-Source Mini X-Rot 685867 X-Sov 450c6aee63d Expires Mon, 01 Jan 2001 00:00:00 GMT Cache-Control no-cache Pragma no-cache Content-Encoding gzip Redirect headers Date Fri, 10 Jul 2020 13:35:00 GMT Content-Type text/html; charset=UTF-8 Transfer-Encoding chunked X-ImpID 274324ba-c2b2-11ea-86e7-cae258990218 Location https://qtb8nh.y12z25y1w9.top/?sov=450c6aee63d&hid=bnbbdrnjfjdfhn&&cntrl=00000&pid=10044&redid=75393&gsid=488&campaign_id=1228&p_id=10044&id=XNSX.49434db2%7C%7Ce6e6%7C%7C40f4%7C%7C9ac4%7C%7Cf8cb6a6ca0c4-r75393-t488&impid=274324ba-c2b2-11ea-86e7-cae258990218 Set-Cookie redir-backend=; Expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/
GET H2	200	Primary Request / Show response safeheavenbtc.com/jort-kelder/ Redirect Chain https://qtb8nh.y12z25y1w9.top/ROI1255advertorialNL.html?sov=450c6aee63d&cntrl=00000&pid=10044&redid=75393&gsid=488&campaign_id=1228&p_id=10044&id=XNSX.49434db2%7C%7Ce6e6%7C%7C40f4%7C%7C9ac4%7C%7Cf8... https://safeheavenbtc.com/jort-kelder?ci=71&ai=2958268&gi=56&MPC_1=2a0c1724-c2b2-11ea-9b25-611b27d79799&MPC_2=&so=https://topconversion.club/nl/btc-revolution&s2s2=2a0c1724-c2b2-11ea-9b25-611b27d79799 https://safeheavenbtc.com/jort-kelder/?ci=71&ai=2958268&gi=56&MPC_1=2a0c1724-c2b2-11ea-9b25-611b27d79799&MPC_2=&so=https://topconversion.club/nl/btc-revolution&s2s2=2a0c1724-c2b2-11ea-9b25-611b27d7...	102 KB 15 KB	108ms 108ms	Document text/html	185.61.154.55 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://safeheavenbtc.com/jort-kelder/?ci=71&ai=2958268&gi=56&MPC_1=2a0c1724-c2b2-11ea-9b25-611b27d79799&MPC_2=&so=https://topconversion.club/nl/btc-revolution&s2s2=2a0c1724-c2b2-11ea-9b25-611b27d79799 Requested by Host: qtb8nh.y12z25y1w9.top URL: https://qtb8nh.y12z25y1w9.top/?sov=450c6aee63d&hid=bnbbdrnjfjdfhn&&cntrl=00000&pid=10044&redid=75393&gsid=488&campaign_id=1228&p_id=10044&id=XNSX.49434db2%7C%7Ce6e6%7C%7C40f4%7C%7C9ac4%7C%7Cf8cb6a6ca0c4-r75393-t488&impid=274324ba-c2b2-11ea-86e7-cae258990218 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.61.154.55 , United Kingdom, ASN22612 (NAMECHEAP-NET, US), Reverse DNS Software Apache / Resource Hash `1fce13b9be8c2fd67007038bae6887e0c8c3bf9c5aabcfe22a0e892ef2725a75` Request headers :method GET :authority safeheavenbtc.com :scheme https :path /jort-kelder/?ci=71&ai=2958268&gi=56&MPC_1=2a0c1724-c2b2-11ea-9b25-611b27d79799&MPC_2=&so=https://topconversion.club/nl/btc-revolution&s2s2=2a0c1724-c2b2-11ea-9b25-611b27d79799 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest document referer https://qtb8nh.y12z25y1w9.top/?sov=450c6aee63d&hid=bnbbdrnjfjdfhn&&cntrl=00000&pid=10044&redid=75393&gsid=488&campaign_id=1228&p_id=10044&id=XNSX.49434db2%7C%7Ce6e6%7C%7C40f4%7C%7C9ac4%7C%7Cf8cb6a6ca0c4-r75393-t488&impid=274324ba-c2b2-11ea-86e7-cae258990218 accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://qtb8nh.y12z25y1w9.top/?sov=450c6aee63d&hid=bnbbdrnjfjdfhn&&cntrl=00000&pid=10044&redid=75393&gsid=488&campaign_id=1228&p_id=10044&id=XNSX.49434db2%7C%7Ce6e6%7C%7C40f4%7C%7C9ac4%7C%7Cf8cb6a6ca0c4-r75393-t488&impid=274324ba-c2b2-11ea-86e7-cae258990218 Response headers status 200 date Fri, 10 Jul 2020 13:35:06 GMT server Apache last-modified Sun, 31 May 2020 09:34:58 GMT accept-ranges bytes vary Accept-Encoding content-encoding gzip content-length 15053 content-type text/html Redirect headers status 301 date Fri, 10 Jul 2020 13:35:06 GMT server Apache location https://safeheavenbtc.com/jort-kelder/?ci=71&ai=2958268&gi=56&MPC_1=2a0c1724-c2b2-11ea-9b25-611b27d79799&MPC_2=&so=https://topconversion.club/nl/btc-revolution&s2s2=2a0c1724-c2b2-11ea-9b25-611b27d79799 content-length 433 content-type text/html; charset=iso-8859-1
GET H2	200	jquery.min.js Show response safeheavenbtc.com/jort-kelder/	85 KB 30 KB	108ms 107ms	Script application/javascript	185.61.154.55 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://safeheavenbtc.com/jort-kelder/jquery.min.js Requested by Host: safeheavenbtc.com URL: https://safeheavenbtc.com/jort-kelder/?ci=71&ai=2958268&gi=56&MPC_1=2a0c1724-c2b2-11ea-9b25-611b27d79799&MPC_2=&so=https://topconversion.club/nl/btc-revolution&s2s2=2a0c1724-c2b2-11ea-9b25-611b27d79799 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.61.154.55 , United Kingdom, ASN22612 (NAMECHEAP-NET, US), Reverse DNS Software Apache / Resource Hash `160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef` Request headers Referer https://safeheavenbtc.com/jort-kelder/?ci=71&ai=2958268&gi=56&MPC_1=2a0c1724-c2b2-11ea-9b25-611b27d79799&MPC_2=&so=https://topconversion.club/nl/btc-revolution&s2s2=2a0c1724-c2b2-11ea-9b25-611b27d79799 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 10 Jul 2020 13:35:06 GMT content-encoding gzip last-modified Wed, 27 May 2020 09:25:16 GMT server Apache vary Accept-Encoding content-type application/javascript status 200 accept-ranges bytes content-length 30307
GET H2	200	bootstrap.css safeheavenbtc.com/jort-kelder/	148 KB 21 KB	122ms 121ms	Stylesheet text/css	185.61.154.55 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://safeheavenbtc.com/jort-kelder/bootstrap.css Requested by Host: safeheavenbtc.com URL: https://safeheavenbtc.com/jort-kelder/?ci=71&ai=2958268&gi=56&MPC_1=2a0c1724-c2b2-11ea-9b25-611b27d79799&MPC_2=&so=https://topconversion.club/nl/btc-revolution&s2s2=2a0c1724-c2b2-11ea-9b25-611b27d79799 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.61.154.55 , United Kingdom, ASN22612 (NAMECHEAP-NET, US), Reverse DNS Software Apache / Resource Hash `27136be39109fe6e068dae618e286dfd3f6c7dae2b18417b79815bcf1e290d57` Request headers Referer https://safeheavenbtc.com/jort-kelder/?ci=71&ai=2958268&gi=56&MPC_1=2a0c1724-c2b2-11ea-9b25-611b27d79799&MPC_2=&so=https://topconversion.club/nl/btc-revolution&s2s2=2a0c1724-c2b2-11ea-9b25-611b27d79799 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 10 Jul 2020 13:35:06 GMT content-encoding gzip last-modified Wed, 27 May 2020 09:25:13 GMT server Apache vary Accept-Encoding content-type text/css status 200 accept-ranges bytes content-length 21547
GET H2	200	font-awesome.css safeheavenbtc.com/jort-kelder/	17 KB 4 KB	71ms 70ms	Stylesheet text/css	185.61.154.55 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://safeheavenbtc.com/jort-kelder/font-awesome.css Requested by Host: safeheavenbtc.com URL: https://safeheavenbtc.com/jort-kelder/?ci=71&ai=2958268&gi=56&MPC_1=2a0c1724-c2b2-11ea-9b25-611b27d79799&MPC_2=&so=https://topconversion.club/nl/btc-revolution&s2s2=2a0c1724-c2b2-11ea-9b25-611b27d79799 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.61.154.55 , United Kingdom, ASN22612 (NAMECHEAP-NET, US), Reverse DNS Software Apache / Resource Hash `c8a1916b926cd4b7d835be3541eae14be4fdf839357e701bd1e104378975e59e` Request headers Referer https://safeheavenbtc.com/jort-kelder/?ci=71&ai=2958268&gi=56&MPC_1=2a0c1724-c2b2-11ea-9b25-611b27d79799&MPC_2=&so=https://topconversion.club/nl/btc-revolution&s2s2=2a0c1724-c2b2-11ea-9b25-611b27d79799 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 10 Jul 2020 13:35:06 GMT content-encoding gzip last-modified Wed, 27 May 2020 09:25:15 GMT server Apache vary Accept-Encoding content-type text/css status 200 accept-ranges bytes content-length 4019
GET H2	200	style.css safeheavenbtc.com/jort-kelder/	8 KB 2 KB	72ms 71ms	Stylesheet text/css	185.61.154.55 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://safeheavenbtc.com/jort-kelder/style.css Requested by Host: safeheavenbtc.com URL: https://safeheavenbtc.com/jort-kelder/?ci=71&ai=2958268&gi=56&MPC_1=2a0c1724-c2b2-11ea-9b25-611b27d79799&MPC_2=&so=https://topconversion.club/nl/btc-revolution&s2s2=2a0c1724-c2b2-11ea-9b25-611b27d79799 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.61.154.55 , United Kingdom, ASN22612 (NAMECHEAP-NET, US), Reverse DNS Software Apache / Resource Hash `86bd3ab98e6ba47772e58504e8f17820c1c01078b6f1aabaeb4127dcd07e1504` Request headers Referer https://safeheavenbtc.com/jort-kelder/?ci=71&ai=2958268&gi=56&MPC_1=2a0c1724-c2b2-11ea-9b25-611b27d79799&MPC_2=&so=https://topconversion.club/nl/btc-revolution&s2s2=2a0c1724-c2b2-11ea-9b25-611b27d79799 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 10 Jul 2020 13:35:06 GMT content-encoding gzip last-modified Wed, 27 May 2020 09:25:16 GMT server Apache vary Accept-Encoding content-type text/css status 200 accept-ranges bytes content-length 1965
GET H2	200	trackbot-roikingdom-special.js Show response cdn.trackbox.guru/	197 KB 62 KB	100ms 35ms	Script application/javascript	2606:4700:20::ac43:4824 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.trackbox.guru/trackbot-roikingdom-special.js Requested by Host: safeheavenbtc.com URL: https://safeheavenbtc.com/jort-kelder/?ci=71&ai=2958268&gi=56&MPC_1=2a0c1724-c2b2-11ea-9b25-611b27d79799&MPC_2=&so=https://topconversion.club/nl/btc-revolution&s2s2=2a0c1724-c2b2-11ea-9b25-611b27d79799 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:4824 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `d40b6ddebc5934e7075616be81b1c10e011590cc0210766773d87d8d329d0ac3` Request headers Referer https://safeheavenbtc.com/jort-kelder/?ci=71&ai=2958268&gi=56&MPC_1=2a0c1724-c2b2-11ea-9b25-611b27d79799&MPC_2=&so=https://topconversion.club/nl/btc-revolution&s2s2=2a0c1724-c2b2-11ea-9b25-611b27d79799 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 10 Jul 2020 13:35:06 GMT content-encoding br cf-cache-status HIT age 6884 status 200 x-amz-request-id 0E6E182C68D3028E x-amz-id-2 8XkE4108AoitP4DyEuuOV56MwdQi4GynwuPHlW2a0hx4TV3KZfnBHUJ2H9ASZRfxXHVTBlR3gz4= last-modified Wed, 25 Mar 2020 11:20:44 GMT server cloudflare etag W/"45cb37bff8845d4fc76eb28dfe45771c" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript cache-control max-age=14400 cf-request-id 03da88e4720000bece83a71200000001 cf-ray 5b0aaa80be85bece-FRA
GET H2	200	NOS.png safeheavenbtc.com/jort-kelder/	20 KB 20 KB	74ms 74ms	Image image/png	185.61.154.55 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Show image Full URL https://safeheavenbtc.com/jort-kelder/NOS.png Requested by Host: safeheavenbtc.com URL: https://safeheavenbtc.com/jort-kelder/?ci=71&ai=2958268&gi=56&MPC_1=2a0c1724-c2b2-11ea-9b25-611b27d79799&MPC_2=&so=https://topconversion.club/nl/btc-revolution&s2s2=2a0c1724-c2b2-11ea-9b25-611b27d79799 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.61.154.55 , United Kingdom, ASN22612 (NAMECHEAP-NET, US), Reverse DNS Software Apache / Resource Hash `74e6c7fc462cdd9b8a6876368c1aafe1830a75af5bfa86329ee3ccafa8319214` Request headers Referer https://safeheavenbtc.com/jort-kelder/?ci=71&ai=2958268&gi=56&MPC_1=2a0c1724-c2b2-11ea-9b25-611b27d79799&MPC_2=&so=https://topconversion.club/nl/btc-revolution&s2s2=2a0c1724-c2b2-11ea-9b25-611b27d79799 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers status 200 date Fri, 10 Jul 2020 13:35:06 GMT last-modified Wed, 27 May 2020 09:25:15 GMT server Apache accept-ranges bytes content-length 20473 content-type image/png
GET H2	200	as-seen-on-image-NL.png safeheavenbtc.com/jort-kelder/	68 KB 68 KB	91ms 80ms	Image image/png	185.61.154.55 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Show image Full URL https://safeheavenbtc.com/jort-kelder/as-seen-on-image-NL.png Requested by Host: safeheavenbtc.com URL: https://safeheavenbtc.com/jort-kelder/?ci=71&ai=2958268&gi=56&MPC_1=2a0c1724-c2b2-11ea-9b25-611b27d79799&MPC_2=&so=https://topconversion.club/nl/btc-revolution&s2s2=2a0c1724-c2b2-11ea-9b25-611b27d79799 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.61.154.55 , United Kingdom, ASN22612 (NAMECHEAP-NET, US), Reverse DNS Software Apache / Resource Hash `e47374400288a7be95bdafe93df012387839c6ce349053c88a905f4e4b9a5158` Request headers Referer https://safeheavenbtc.com/jort-kelder/?ci=71&ai=2958268&gi=56&MPC_1=2a0c1724-c2b2-11ea-9b25-611b27d79799&MPC_2=&so=https://topconversion.club/nl/btc-revolution&s2s2=2a0c1724-c2b2-11ea-9b25-611b27d79799 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers status 200 date Fri, 10 Jul 2020 13:35:06 GMT last-modified Wed, 27 May 2020 09:25:12 GMT server Apache accept-ranges bytes content-length 69154 content-type image/png
GET H2	200	Duncan1.jpg safeheavenbtc.com/jort-kelder/	534 KB 534 KB	133ms 122ms	Image image/jpeg	185.61.154.55 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Show image Full URL https://safeheavenbtc.com/jort-kelder/Duncan1.jpg Requested by Host: safeheavenbtc.com URL: https://safeheavenbtc.com/jort-kelder/?ci=71&ai=2958268&gi=56&MPC_1=2a0c1724-c2b2-11ea-9b25-611b27d79799&MPC_2=&so=https://topconversion.club/nl/btc-revolution&s2s2=2a0c1724-c2b2-11ea-9b25-611b27d79799 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.61.154.55 , United Kingdom, ASN22612 (NAMECHEAP-NET, US), Reverse DNS Software Apache / Resource Hash `253573f46997713506a72b404386fb532fd220fd3e1b7c76950a798f2325b20b` Request headers Referer https://safeheavenbtc.com/jort-kelder/?ci=71&ai=2958268&gi=56&MPC_1=2a0c1724-c2b2-11ea-9b25-611b27d79799&MPC_2=&so=https://topconversion.club/nl/btc-revolution&s2s2=2a0c1724-c2b2-11ea-9b25-611b27d79799 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers status 200 date Fri, 10 Jul 2020 13:35:06 GMT last-modified Wed, 27 May 2020 09:25:15 GMT server Apache accept-ranges bytes content-length 546308 content-type image/jpeg
GET H2	200	Duncan2.jpg safeheavenbtc.com/jort-kelder/	288 KB 288 KB	252ms 241ms	Image image/jpeg	185.61.154.55 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Show image Full URL https://safeheavenbtc.com/jort-kelder/Duncan2.jpg Requested by Host: safeheavenbtc.com URL: https://safeheavenbtc.com/jort-kelder/?ci=71&ai=2958268&gi=56&MPC_1=2a0c1724-c2b2-11ea-9b25-611b27d79799&MPC_2=&so=https://topconversion.club/nl/btc-revolution&s2s2=2a0c1724-c2b2-11ea-9b25-611b27d79799 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.61.154.55 , United Kingdom, ASN22612 (NAMECHEAP-NET, US), Reverse DNS Software Apache / Resource Hash `1f52fc1cfd28c8d9189924b128c05950fe0ff193070596ddfd2aa888c207af54` Request headers Referer https://safeheavenbtc.com/jort-kelder/?ci=71&ai=2958268&gi=56&MPC_1=2a0c1724-c2b2-11ea-9b25-611b27d79799&MPC_2=&so=https://topconversion.club/nl/btc-revolution&s2s2=2a0c1724-c2b2-11ea-9b25-611b27d79799 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers status 200 date Fri, 10 Jul 2020 13:35:06 GMT last-modified Wed, 27 May 2020 09:25:14 GMT server Apache accept-ranges bytes content-length 294901 content-type image/jpeg
GET H2	200	Duncan3.jpg safeheavenbtc.com/jort-kelder/	132 KB 133 KB	227ms 217ms	Image image/jpeg	185.61.154.55 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Show image Full URL https://safeheavenbtc.com/jort-kelder/Duncan3.jpg Requested by Host: safeheavenbtc.com URL: https://safeheavenbtc.com/jort-kelder/?ci=71&ai=2958268&gi=56&MPC_1=2a0c1724-c2b2-11ea-9b25-611b27d79799&MPC_2=&so=https://topconversion.club/nl/btc-revolution&s2s2=2a0c1724-c2b2-11ea-9b25-611b27d79799 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.61.154.55 , United Kingdom, ASN22612 (NAMECHEAP-NET, US), Reverse DNS Software Apache / Resource Hash `4f6e50be254a165b58e3b70fc1fd50a59f48d1ca19456ae5a0416dcf9ed538ab` Request headers Referer https://safeheavenbtc.com/jort-kelder/?ci=71&ai=2958268&gi=56&MPC_1=2a0c1724-c2b2-11ea-9b25-611b27d79799&MPC_2=&so=https://topconversion.club/nl/btc-revolution&s2s2=2a0c1724-c2b2-11ea-9b25-611b27d79799 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers status 200 date Fri, 10 Jul 2020 13:35:06 GMT last-modified Wed, 27 May 2020 09:25:14 GMT server Apache accept-ranges bytes content-length 135629 content-type image/jpeg
GET H2	200	muskbranson.jpg safeheavenbtc.com/jort-kelder/	160 KB 160 KB	116ms 106ms	Image image/jpeg	185.61.154.55 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Show image Full URL https://safeheavenbtc.com/jort-kelder/muskbranson.jpg Requested by Host: safeheavenbtc.com URL: https://safeheavenbtc.com/jort-kelder/?ci=71&ai=2958268&gi=56&MPC_1=2a0c1724-c2b2-11ea-9b25-611b27d79799&MPC_2=&so=https://topconversion.club/nl/btc-revolution&s2s2=2a0c1724-c2b2-11ea-9b25-611b27d79799 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.61.154.55 , United Kingdom, ASN22612 (NAMECHEAP-NET, US), Reverse DNS Software Apache / Resource Hash `50b0010a63d5ede70e4e7c8e005892248e19117182e7634f89c956bbc23ac69b` Request headers Referer https://safeheavenbtc.com/jort-kelder/?ci=71&ai=2958268&gi=56&MPC_1=2a0c1724-c2b2-11ea-9b25-611b27d79799&MPC_2=&so=https://topconversion.club/nl/btc-revolution&s2s2=2a0c1724-c2b2-11ea-9b25-611b27d79799 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers status 200 date Fri, 10 Jul 2020 13:35:06 GMT last-modified Wed, 27 May 2020 09:25:17 GMT server Apache accept-ranges bytes content-length 163491 content-type image/jpeg
GET H2	200	dreamcar.jpg safeheavenbtc.com/jort-kelder/	160 KB 160 KB	320ms 310ms	Image image/jpeg	185.61.154.55 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Show image Full URL https://safeheavenbtc.com/jort-kelder/dreamcar.jpg Requested by Host: safeheavenbtc.com URL: https://safeheavenbtc.com/jort-kelder/?ci=71&ai=2958268&gi=56&MPC_1=2a0c1724-c2b2-11ea-9b25-611b27d79799&MPC_2=&so=https://topconversion.club/nl/btc-revolution&s2s2=2a0c1724-c2b2-11ea-9b25-611b27d79799 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.61.154.55 , United Kingdom, ASN22612 (NAMECHEAP-NET, US), Reverse DNS Software Apache / Resource Hash `a3525ffd53596d03588ff1bceb57b5571395e10dae94c39a9cb1db4dcaf3d31b` Request headers Referer https://safeheavenbtc.com/jort-kelder/?ci=71&ai=2958268&gi=56&MPC_1=2a0c1724-c2b2-11ea-9b25-611b27d79799&MPC_2=&so=https://topconversion.club/nl/btc-revolution&s2s2=2a0c1724-c2b2-11ea-9b25-611b27d79799 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers status 200 date Fri, 10 Jul 2020 13:35:06 GMT last-modified Wed, 27 May 2020 09:25:14 GMT server Apache accept-ranges bytes content-length 163566 content-type image/jpeg
GET H2	200	tisdale.jpg safeheavenbtc.com/jort-kelder/	271 KB 271 KB	166ms 156ms	Image image/jpeg	185.61.154.55 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Show image Full URL https://safeheavenbtc.com/jort-kelder/tisdale.jpg Requested by Host: safeheavenbtc.com URL: https://safeheavenbtc.com/jort-kelder/?ci=71&ai=2958268&gi=56&MPC_1=2a0c1724-c2b2-11ea-9b25-611b27d79799&MPC_2=&so=https://topconversion.club/nl/btc-revolution&s2s2=2a0c1724-c2b2-11ea-9b25-611b27d79799 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.61.154.55 , United Kingdom, ASN22612 (NAMECHEAP-NET, US), Reverse DNS Software Apache / Resource Hash `e8534f5335522037c03fe544db314033fe5f05d847c5356b8ebe7f3f79beb6f5` Request headers Referer https://safeheavenbtc.com/jort-kelder/?ci=71&ai=2958268&gi=56&MPC_1=2a0c1724-c2b2-11ea-9b25-611b27d79799&MPC_2=&so=https://topconversion.club/nl/btc-revolution&s2s2=2a0c1724-c2b2-11ea-9b25-611b27d79799 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers status 200 date Fri, 10 Jul 2020 13:35:06 GMT last-modified Wed, 27 May 2020 09:25:17 GMT server Apache accept-ranges bytes content-length 277048 content-type image/jpeg
GET H2	200	check.jpg safeheavenbtc.com/jort-kelder/	115 KB 115 KB	333ms 323ms	Image image/jpeg	185.61.154.55 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Show image Full URL https://safeheavenbtc.com/jort-kelder/check.jpg Requested by Host: safeheavenbtc.com URL: https://safeheavenbtc.com/jort-kelder/?ci=71&ai=2958268&gi=56&MPC_1=2a0c1724-c2b2-11ea-9b25-611b27d79799&MPC_2=&so=https://topconversion.club/nl/btc-revolution&s2s2=2a0c1724-c2b2-11ea-9b25-611b27d79799 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.61.154.55 , United Kingdom, ASN22612 (NAMECHEAP-NET, US), Reverse DNS Software Apache / Resource Hash `04e953f0ee53304b86f0e58680127bd0810c9b63f660f59566184481dd72b571` Request headers Referer https://safeheavenbtc.com/jort-kelder/?ci=71&ai=2958268&gi=56&MPC_1=2a0c1724-c2b2-11ea-9b25-611b27d79799&MPC_2=&so=https://topconversion.club/nl/btc-revolution&s2s2=2a0c1724-c2b2-11ea-9b25-611b27d79799 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers status 200 date Fri, 10 Jul 2020 13:35:06 GMT last-modified Wed, 27 May 2020 09:25:13 GMT server Apache accept-ranges bytes content-length 117604 content-type image/jpeg
GET H2	200	checkmark.png safeheavenbtc.com/jort-kelder/	341 B 453 B	331ms 322ms	Image image/png	185.61.154.55 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Show image Full URL https://safeheavenbtc.com/jort-kelder/checkmark.png Requested by Host: safeheavenbtc.com URL: https://safeheavenbtc.com/jort-kelder/?ci=71&ai=2958268&gi=56&MPC_1=2a0c1724-c2b2-11ea-9b25-611b27d79799&MPC_2=&so=https://topconversion.club/nl/btc-revolution&s2s2=2a0c1724-c2b2-11ea-9b25-611b27d79799 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.61.154.55 , United Kingdom, ASN22612 (NAMECHEAP-NET, US), Reverse DNS Software Apache / Resource Hash `e9d04e4fbd1f7c6a052cccf0588ed2c6ea41af104c59c70baaa10d8e0f5715a8` Request headers Referer https://safeheavenbtc.com/jort-kelder/?ci=71&ai=2958268&gi=56&MPC_1=2a0c1724-c2b2-11ea-9b25-611b27d79799&MPC_2=&so=https://topconversion.club/nl/btc-revolution&s2s2=2a0c1724-c2b2-11ea-9b25-611b27d79799 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers status 200 date Fri, 10 Jul 2020 13:35:06 GMT last-modified Wed, 27 May 2020 09:25:13 GMT server Apache accept-ranges bytes content-length 341 content-type image/png
GET H2	200	step1-NL.jpg safeheavenbtc.com/jort-kelder/	121 KB 121 KB	343ms 333ms	Image image/jpeg	185.61.154.55 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Show image Full URL https://safeheavenbtc.com/jort-kelder/step1-NL.jpg Requested by Host: safeheavenbtc.com URL: https://safeheavenbtc.com/jort-kelder/?ci=71&ai=2958268&gi=56&MPC_1=2a0c1724-c2b2-11ea-9b25-611b27d79799&MPC_2=&so=https://topconversion.club/nl/btc-revolution&s2s2=2a0c1724-c2b2-11ea-9b25-611b27d79799 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.61.154.55 , United Kingdom, ASN22612 (NAMECHEAP-NET, US), Reverse DNS Software Apache / Resource Hash `df610ef617b5fb01d2cfccc47752e96e3b30669a7712b4fa2d2bbb3500a61e0b` Request headers Referer https://safeheavenbtc.com/jort-kelder/?ci=71&ai=2958268&gi=56&MPC_1=2a0c1724-c2b2-11ea-9b25-611b27d79799&MPC_2=&so=https://topconversion.club/nl/btc-revolution&s2s2=2a0c1724-c2b2-11ea-9b25-611b27d79799 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers status 200 date Fri, 10 Jul 2020 13:35:06 GMT last-modified Wed, 27 May 2020 09:25:16 GMT server Apache accept-ranges bytes content-length 124171 content-type image/jpeg
GET H2	200	bittrader-step2.png safeheavenbtc.com/jort-kelder/	70 KB 70 KB	361ms 351ms	Image image/png	185.61.154.55 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Show image Full URL https://safeheavenbtc.com/jort-kelder/bittrader-step2.png Requested by Host: safeheavenbtc.com URL: https://safeheavenbtc.com/jort-kelder/?ci=71&ai=2958268&gi=56&MPC_1=2a0c1724-c2b2-11ea-9b25-611b27d79799&MPC_2=&so=https://topconversion.club/nl/btc-revolution&s2s2=2a0c1724-c2b2-11ea-9b25-611b27d79799 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.61.154.55 , United Kingdom, ASN22612 (NAMECHEAP-NET, US), Reverse DNS Software Apache / Resource Hash `e52805b60765c4c1729e510d1725b377586f4fc7e682f01bfd7f74189800556b` Request headers Referer https://safeheavenbtc.com/jort-kelder/?ci=71&ai=2958268&gi=56&MPC_1=2a0c1724-c2b2-11ea-9b25-611b27d79799&MPC_2=&so=https://topconversion.club/nl/btc-revolution&s2s2=2a0c1724-c2b2-11ea-9b25-611b27d79799 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers status 200 date Fri, 10 Jul 2020 13:35:06 GMT last-modified Wed, 27 May 2020 09:25:12 GMT server Apache accept-ranges bytes content-length 71927 content-type image/png
GET H2	200	bittrader-step3.png safeheavenbtc.com/jort-kelder/	19 KB 19 KB	342ms 332ms	Image image/png	185.61.154.55 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Show image Full URL https://safeheavenbtc.com/jort-kelder/bittrader-step3.png Requested by Host: safeheavenbtc.com URL: https://safeheavenbtc.com/jort-kelder/?ci=71&ai=2958268&gi=56&MPC_1=2a0c1724-c2b2-11ea-9b25-611b27d79799&MPC_2=&so=https://topconversion.club/nl/btc-revolution&s2s2=2a0c1724-c2b2-11ea-9b25-611b27d79799 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.61.154.55 , United Kingdom, ASN22612 (NAMECHEAP-NET, US), Reverse DNS Software Apache / Resource Hash `5b6db2d4eb75d626812cc91b4f6ec9a94b2545dccaeb06beba062c66499bf1c9` Request headers Referer https://safeheavenbtc.com/jort-kelder/?ci=71&ai=2958268&gi=56&MPC_1=2a0c1724-c2b2-11ea-9b25-611b27d79799&MPC_2=&so=https://topconversion.club/nl/btc-revolution&s2s2=2a0c1724-c2b2-11ea-9b25-611b27d79799 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers status 200 date Fri, 10 Jul 2020 13:35:06 GMT last-modified Wed, 27 May 2020 09:25:12 GMT server Apache accept-ranges bytes content-length 19137 content-type image/png
GET H2	200	files_au-f-1.jpg safeheavenbtc.com/jort-kelder/	2 KB 2 KB	369ms 360ms	Image image/jpeg	185.61.154.55 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Show image Full URL https://safeheavenbtc.com/jort-kelder/files_au-f-1.jpg Requested by Host: safeheavenbtc.com URL: https://safeheavenbtc.com/jort-kelder/?ci=71&ai=2958268&gi=56&MPC_1=2a0c1724-c2b2-11ea-9b25-611b27d79799&MPC_2=&so=https://topconversion.club/nl/btc-revolution&s2s2=2a0c1724-c2b2-11ea-9b25-611b27d79799 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.61.154.55 , United Kingdom, ASN22612 (NAMECHEAP-NET, US), Reverse DNS Software Apache / Resource Hash `6b014ca073b26a0961f3715afc118519c210a6cbb93c6540b75a8793924de4f6` Request headers Referer https://safeheavenbtc.com/jort-kelder/?ci=71&ai=2958268&gi=56&MPC_1=2a0c1724-c2b2-11ea-9b25-611b27d79799&MPC_2=&so=https://topconversion.club/nl/btc-revolution&s2s2=2a0c1724-c2b2-11ea-9b25-611b27d79799 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers status 200 date Fri, 10 Jul 2020 13:35:06 GMT last-modified Wed, 27 May 2020 09:25:15 GMT server Apache accept-ranges bytes content-length 2434 content-type image/jpeg
GET H2	200	files_au-f-2.jpg safeheavenbtc.com/jort-kelder/	2 KB 2 KB	337ms 328ms	Image image/jpeg	185.61.154.55 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Show image Full URL https://safeheavenbtc.com/jort-kelder/files_au-f-2.jpg Requested by Host: safeheavenbtc.com URL: https://safeheavenbtc.com/jort-kelder/?ci=71&ai=2958268&gi=56&MPC_1=2a0c1724-c2b2-11ea-9b25-611b27d79799&MPC_2=&so=https://topconversion.club/nl/btc-revolution&s2s2=2a0c1724-c2b2-11ea-9b25-611b27d79799 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.61.154.55 , United Kingdom, ASN22612 (NAMECHEAP-NET, US), Reverse DNS Software Apache / Resource Hash `c6565e0a5c5d1a1f53b973d242011d32a82dfc4f6fc34149557adc66e1c439db` Request headers Referer https://safeheavenbtc.com/jort-kelder/?ci=71&ai=2958268&gi=56&MPC_1=2a0c1724-c2b2-11ea-9b25-611b27d79799&MPC_2=&so=https://topconversion.club/nl/btc-revolution&s2s2=2a0c1724-c2b2-11ea-9b25-611b27d79799 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers status 200 date Fri, 10 Jul 2020 13:35:06 GMT last-modified Wed, 27 May 2020 09:25:15 GMT server Apache accept-ranges bytes content-length 2274 content-type image/jpeg
GET H2	200	files_au-f-3.jpg safeheavenbtc.com/jort-kelder/	2 KB 2 KB	336ms 328ms	Image image/jpeg	185.61.154.55 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Show image Full URL https://safeheavenbtc.com/jort-kelder/files_au-f-3.jpg Requested by Host: safeheavenbtc.com URL: https://safeheavenbtc.com/jort-kelder/?ci=71&ai=2958268&gi=56&MPC_1=2a0c1724-c2b2-11ea-9b25-611b27d79799&MPC_2=&so=https://topconversion.club/nl/btc-revolution&s2s2=2a0c1724-c2b2-11ea-9b25-611b27d79799 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.61.154.55 , United Kingdom, ASN22612 (NAMECHEAP-NET, US), Reverse DNS Software Apache / Resource Hash `934f328030a8568f6f28c9183844503ca265ee1fc54b90a2d50b3d3e6fd76641` Request headers Referer https://safeheavenbtc.com/jort-kelder/?ci=71&ai=2958268&gi=56&MPC_1=2a0c1724-c2b2-11ea-9b25-611b27d79799&MPC_2=&so=https://topconversion.club/nl/btc-revolution&s2s2=2a0c1724-c2b2-11ea-9b25-611b27d79799 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers status 200 date Fri, 10 Jul 2020 13:35:06 GMT last-modified Wed, 27 May 2020 09:25:15 GMT server Apache accept-ranges bytes content-length 2315 content-type image/jpeg
GET H2	200	files_au-f-4.jpg safeheavenbtc.com/jort-kelder/	2 KB 3 KB	335ms 327ms	Image image/jpeg	185.61.154.55 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Show image Full URL https://safeheavenbtc.com/jort-kelder/files_au-f-4.jpg Requested by Host: safeheavenbtc.com URL: https://safeheavenbtc.com/jort-kelder/?ci=71&ai=2958268&gi=56&MPC_1=2a0c1724-c2b2-11ea-9b25-611b27d79799&MPC_2=&so=https://topconversion.club/nl/btc-revolution&s2s2=2a0c1724-c2b2-11ea-9b25-611b27d79799 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.61.154.55 , United Kingdom, ASN22612 (NAMECHEAP-NET, US), Reverse DNS Software Apache / Resource Hash `e9d82b380a6386f492a11fe3641b286efea44b485ff1f39db0a6990da0f0bd81` Request headers Referer https://safeheavenbtc.com/jort-kelder/?ci=71&ai=2958268&gi=56&MPC_1=2a0c1724-c2b2-11ea-9b25-611b27d79799&MPC_2=&so=https://topconversion.club/nl/btc-revolution&s2s2=2a0c1724-c2b2-11ea-9b25-611b27d79799 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers status 200 date Fri, 10 Jul 2020 13:35:06 GMT last-modified Wed, 27 May 2020 09:25:15 GMT server Apache accept-ranges bytes content-length 2504 content-type image/jpeg
GET H2	200	files_earnings.gif safeheavenbtc.com/jort-kelder/	10 KB 11 KB	363ms 355ms	Image image/gif	185.61.154.55 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Show image Full URL https://safeheavenbtc.com/jort-kelder/files_earnings.gif Requested by Host: safeheavenbtc.com URL: https://safeheavenbtc.com/jort-kelder/?ci=71&ai=2958268&gi=56&MPC_1=2a0c1724-c2b2-11ea-9b25-611b27d79799&MPC_2=&so=https://topconversion.club/nl/btc-revolution&s2s2=2a0c1724-c2b2-11ea-9b25-611b27d79799 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.61.154.55 , United Kingdom, ASN22612 (NAMECHEAP-NET, US), Reverse DNS Software Apache / Resource Hash `73a33c88d90558bd4c9511c099f782b87af2faae53a36e9cbcae5fdedf277e21` Request headers Referer https://safeheavenbtc.com/jort-kelder/?ci=71&ai=2958268&gi=56&MPC_1=2a0c1724-c2b2-11ea-9b25-611b27d79799&MPC_2=&so=https://topconversion.club/nl/btc-revolution&s2s2=2a0c1724-c2b2-11ea-9b25-611b27d79799 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers status 200 date Fri, 10 Jul 2020 13:35:06 GMT last-modified Wed, 27 May 2020 09:25:15 GMT server Apache accept-ranges bytes content-length 10732 content-type image/gif
GET H2	200	files_au-f-5.jpg safeheavenbtc.com/jort-kelder/	2 KB 2 KB	339ms 330ms	Image image/jpeg	185.61.154.55 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Show image Full URL https://safeheavenbtc.com/jort-kelder/files_au-f-5.jpg Requested by Host: safeheavenbtc.com URL: https://safeheavenbtc.com/jort-kelder/?ci=71&ai=2958268&gi=56&MPC_1=2a0c1724-c2b2-11ea-9b25-611b27d79799&MPC_2=&so=https://topconversion.club/nl/btc-revolution&s2s2=2a0c1724-c2b2-11ea-9b25-611b27d79799 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.61.154.55 , United Kingdom, ASN22612 (NAMECHEAP-NET, US), Reverse DNS Software Apache / Resource Hash `2005d776f440c8bdf4895de6efe8eb86d8ffb9a25eb9ebeb35fde4545c2e305f` Request headers Referer https://safeheavenbtc.com/jort-kelder/?ci=71&ai=2958268&gi=56&MPC_1=2a0c1724-c2b2-11ea-9b25-611b27d79799&MPC_2=&so=https://topconversion.club/nl/btc-revolution&s2s2=2a0c1724-c2b2-11ea-9b25-611b27d79799 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers status 200 date Fri, 10 Jul 2020 13:35:06 GMT last-modified Wed, 27 May 2020 09:25:15 GMT server Apache accept-ranges bytes content-length 2359 content-type image/jpeg
GET H2	200	files_au-m-1.jpg safeheavenbtc.com/jort-kelder/	2 KB 2 KB	340ms 332ms	Image image/jpeg	185.61.154.55 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Show image Full URL https://safeheavenbtc.com/jort-kelder/files_au-m-1.jpg Requested by Host: safeheavenbtc.com URL: https://safeheavenbtc.com/jort-kelder/?ci=71&ai=2958268&gi=56&MPC_1=2a0c1724-c2b2-11ea-9b25-611b27d79799&MPC_2=&so=https://topconversion.club/nl/btc-revolution&s2s2=2a0c1724-c2b2-11ea-9b25-611b27d79799 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.61.154.55 , United Kingdom, ASN22612 (NAMECHEAP-NET, US), Reverse DNS Software Apache / Resource Hash `aa4e81d3622c8aaf55a1ea056d61b2a95cc7ef3026a2f8e146b615f26b4db19a` Request headers Referer https://safeheavenbtc.com/jort-kelder/?ci=71&ai=2958268&gi=56&MPC_1=2a0c1724-c2b2-11ea-9b25-611b27d79799&MPC_2=&so=https://topconversion.club/nl/btc-revolution&s2s2=2a0c1724-c2b2-11ea-9b25-611b27d79799 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers status 200 date Fri, 10 Jul 2020 13:35:06 GMT last-modified Wed, 27 May 2020 09:25:15 GMT server Apache accept-ranges bytes content-length 2156 content-type image/jpeg
GET H2	200	files_au-m-2.jpg safeheavenbtc.com/jort-kelder/	2 KB 2 KB	340ms 333ms	Image image/jpeg	185.61.154.55 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Show image Full URL https://safeheavenbtc.com/jort-kelder/files_au-m-2.jpg Requested by Host: safeheavenbtc.com URL: https://safeheavenbtc.com/jort-kelder/?ci=71&ai=2958268&gi=56&MPC_1=2a0c1724-c2b2-11ea-9b25-611b27d79799&MPC_2=&so=https://topconversion.club/nl/btc-revolution&s2s2=2a0c1724-c2b2-11ea-9b25-611b27d79799 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.61.154.55 , United Kingdom, ASN22612 (NAMECHEAP-NET, US), Reverse DNS Software Apache / Resource Hash `98bd4ba2651157e24c6c02f405e4c808b1555b113917c6a694fdcb0b35fd0cfe` Request headers Referer https://safeheavenbtc.com/jort-kelder/?ci=71&ai=2958268&gi=56&MPC_1=2a0c1724-c2b2-11ea-9b25-611b27d79799&MPC_2=&so=https://topconversion.club/nl/btc-revolution&s2s2=2a0c1724-c2b2-11ea-9b25-611b27d79799 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers status 200 date Fri, 10 Jul 2020 13:35:06 GMT last-modified Wed, 27 May 2020 09:25:15 GMT server Apache accept-ranges bytes content-length 2225 content-type image/jpeg
GET H2	200	files_au-f-6.jpg safeheavenbtc.com/jort-kelder/	2 KB 2 KB	334ms 326ms	Image image/jpeg	185.61.154.55 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Show image Full URL https://safeheavenbtc.com/jort-kelder/files_au-f-6.jpg Requested by Host: safeheavenbtc.com URL: https://safeheavenbtc.com/jort-kelder/?ci=71&ai=2958268&gi=56&MPC_1=2a0c1724-c2b2-11ea-9b25-611b27d79799&MPC_2=&so=https://topconversion.club/nl/btc-revolution&s2s2=2a0c1724-c2b2-11ea-9b25-611b27d79799 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.61.154.55 , United Kingdom, ASN22612 (NAMECHEAP-NET, US), Reverse DNS Software Apache / Resource Hash `df8633cb66d117686a19391925af8c42488c7fa4e60d65dbc36774d5d0425b22` Request headers Referer https://safeheavenbtc.com/jort-kelder/?ci=71&ai=2958268&gi=56&MPC_1=2a0c1724-c2b2-11ea-9b25-611b27d79799&MPC_2=&so=https://topconversion.club/nl/btc-revolution&s2s2=2a0c1724-c2b2-11ea-9b25-611b27d79799 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers status 200 date Fri, 10 Jul 2020 13:35:06 GMT last-modified Wed, 27 May 2020 09:25:15 GMT server Apache accept-ranges bytes content-length 2218 content-type image/jpeg
GET H2	200	files_au-f-7.jpg safeheavenbtc.com/jort-kelder/	2 KB 2 KB	333ms 325ms	Image image/jpeg	185.61.154.55 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Show image Full URL https://safeheavenbtc.com/jort-kelder/files_au-f-7.jpg Requested by Host: safeheavenbtc.com URL: https://safeheavenbtc.com/jort-kelder/?ci=71&ai=2958268&gi=56&MPC_1=2a0c1724-c2b2-11ea-9b25-611b27d79799&MPC_2=&so=https://topconversion.club/nl/btc-revolution&s2s2=2a0c1724-c2b2-11ea-9b25-611b27d79799 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.61.154.55 , United Kingdom, ASN22612 (NAMECHEAP-NET, US), Reverse DNS Software Apache / Resource Hash `f6ea097d50938f2d6067e83e7d8da04d3e7493576ae9bdfd92281fc7a7bc9765` Request headers Referer https://safeheavenbtc.com/jort-kelder/?ci=71&ai=2958268&gi=56&MPC_1=2a0c1724-c2b2-11ea-9b25-611b27d79799&MPC_2=&so=https://topconversion.club/nl/btc-revolution&s2s2=2a0c1724-c2b2-11ea-9b25-611b27d79799 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers status 200 date Fri, 10 Jul 2020 13:35:06 GMT last-modified Wed, 27 May 2020 09:25:15 GMT server Apache accept-ranges bytes content-length 2053 content-type image/jpeg
GET H2	200	files_au-f-9.jpg safeheavenbtc.com/jort-kelder/	2 KB 2 KB	338ms 331ms	Image image/jpeg	185.61.154.55 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Show image Full URL https://safeheavenbtc.com/jort-kelder/files_au-f-9.jpg Requested by Host: safeheavenbtc.com URL: https://safeheavenbtc.com/jort-kelder/?ci=71&ai=2958268&gi=56&MPC_1=2a0c1724-c2b2-11ea-9b25-611b27d79799&MPC_2=&so=https://topconversion.club/nl/btc-revolution&s2s2=2a0c1724-c2b2-11ea-9b25-611b27d79799 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.61.154.55 , United Kingdom, ASN22612 (NAMECHEAP-NET, US), Reverse DNS Software Apache / Resource Hash `6945a3e9a1904fe2dedffa67fc7ae76bcc59b46b115bb9229d7f185b6b7afecb` Request headers Referer https://safeheavenbtc.com/jort-kelder/?ci=71&ai=2958268&gi=56&MPC_1=2a0c1724-c2b2-11ea-9b25-611b27d79799&MPC_2=&so=https://topconversion.club/nl/btc-revolution&s2s2=2a0c1724-c2b2-11ea-9b25-611b27d79799 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers status 200 date Fri, 10 Jul 2020 13:35:06 GMT last-modified Wed, 27 May 2020 09:25:15 GMT server Apache accept-ranges bytes content-length 2353 content-type image/jpeg
GET H2	200	files_4.jpg safeheavenbtc.com/jort-kelder/	2 KB 2 KB	332ms 325ms	Image image/jpeg	185.61.154.55 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Show image Full URL https://safeheavenbtc.com/jort-kelder/files_4.jpg Requested by Host: safeheavenbtc.com URL: https://safeheavenbtc.com/jort-kelder/?ci=71&ai=2958268&gi=56&MPC_1=2a0c1724-c2b2-11ea-9b25-611b27d79799&MPC_2=&so=https://topconversion.club/nl/btc-revolution&s2s2=2a0c1724-c2b2-11ea-9b25-611b27d79799 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.61.154.55 , United Kingdom, ASN22612 (NAMECHEAP-NET, US), Reverse DNS Software Apache / Resource Hash `6555ce4eb5a9e1790d41a4faefda8707d57e07cf6622a01dcbb66165ad46d4cc` Request headers Referer https://safeheavenbtc.com/jort-kelder/?ci=71&ai=2958268&gi=56&MPC_1=2a0c1724-c2b2-11ea-9b25-611b27d79799&MPC_2=&so=https://topconversion.club/nl/btc-revolution&s2s2=2a0c1724-c2b2-11ea-9b25-611b27d79799 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers status 200 date Fri, 10 Jul 2020 13:35:06 GMT last-modified Wed, 27 May 2020 09:25:14 GMT server Apache accept-ranges bytes content-length 1908 content-type image/jpeg
GET H2	200	files_3.jpg safeheavenbtc.com/jort-kelder/	2 KB 2 KB	333ms 326ms	Image image/jpeg	185.61.154.55 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Show image Full URL https://safeheavenbtc.com/jort-kelder/files_3.jpg Requested by Host: safeheavenbtc.com URL: https://safeheavenbtc.com/jort-kelder/?ci=71&ai=2958268&gi=56&MPC_1=2a0c1724-c2b2-11ea-9b25-611b27d79799&MPC_2=&so=https://topconversion.club/nl/btc-revolution&s2s2=2a0c1724-c2b2-11ea-9b25-611b27d79799 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.61.154.55 , United Kingdom, ASN22612 (NAMECHEAP-NET, US), Reverse DNS Software Apache / Resource Hash `7ade842b1b59aafbac7004493efc3ea1520f2a4b4b2ef58926d1206fdf36d756` Request headers Referer https://safeheavenbtc.com/jort-kelder/?ci=71&ai=2958268&gi=56&MPC_1=2a0c1724-c2b2-11ea-9b25-611b27d79799&MPC_2=&so=https://topconversion.club/nl/btc-revolution&s2s2=2a0c1724-c2b2-11ea-9b25-611b27d79799 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers status 200 date Fri, 10 Jul 2020 13:35:06 GMT last-modified Wed, 27 May 2020 09:25:14 GMT server Apache accept-ranges bytes content-length 2064 content-type image/jpeg
GET H2	200	files_car-comment.jpg safeheavenbtc.com/jort-kelder/	8 KB 8 KB	338ms 332ms	Image image/jpeg	185.61.154.55 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Show image Full URL https://safeheavenbtc.com/jort-kelder/files_car-comment.jpg Requested by Host: safeheavenbtc.com URL: https://safeheavenbtc.com/jort-kelder/?ci=71&ai=2958268&gi=56&MPC_1=2a0c1724-c2b2-11ea-9b25-611b27d79799&MPC_2=&so=https://topconversion.club/nl/btc-revolution&s2s2=2a0c1724-c2b2-11ea-9b25-611b27d79799 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.61.154.55 , United Kingdom, ASN22612 (NAMECHEAP-NET, US), Reverse DNS Software Apache / Resource Hash `864a1b27b5346463852a3ea830625a6fe89b2c21e758c8f31e62214241e54065` Request headers Referer https://safeheavenbtc.com/jort-kelder/?ci=71&ai=2958268&gi=56&MPC_1=2a0c1724-c2b2-11ea-9b25-611b27d79799&MPC_2=&so=https://topconversion.club/nl/btc-revolution&s2s2=2a0c1724-c2b2-11ea-9b25-611b27d79799 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers status 200 date Fri, 10 Jul 2020 13:35:06 GMT last-modified Wed, 27 May 2020 09:25:15 GMT server Apache accept-ranges bytes content-length 8031 content-type image/jpeg
GET H2	200	files_187364_20501998_2048679844_q.jpg safeheavenbtc.com/jort-kelder/	2 KB 2 KB	336ms 330ms	Image image/jpeg	185.61.154.55 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Show image Full URL https://safeheavenbtc.com/jort-kelder/files_187364_20501998_2048679844_q.jpg Requested by Host: safeheavenbtc.com URL: https://safeheavenbtc.com/jort-kelder/?ci=71&ai=2958268&gi=56&MPC_1=2a0c1724-c2b2-11ea-9b25-611b27d79799&MPC_2=&so=https://topconversion.club/nl/btc-revolution&s2s2=2a0c1724-c2b2-11ea-9b25-611b27d79799 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.61.154.55 , United Kingdom, ASN22612 (NAMECHEAP-NET, US), Reverse DNS Software Apache / Resource Hash `12ea67b3ad26763667dcba49477be6ebe3cfdf0ce50469283f136df026a80e75` Request headers Referer https://safeheavenbtc.com/jort-kelder/?ci=71&ai=2958268&gi=56&MPC_1=2a0c1724-c2b2-11ea-9b25-611b27d79799&MPC_2=&so=https://topconversion.club/nl/btc-revolution&s2s2=2a0c1724-c2b2-11ea-9b25-611b27d79799 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers status 200 date Fri, 10 Jul 2020 13:35:06 GMT last-modified Wed, 27 May 2020 09:25:13 GMT server Apache accept-ranges bytes content-length 2289 content-type image/jpeg
GET H2	200	files_273549_7706291_1106946751_q.jpg safeheavenbtc.com/jort-kelder/	2 KB 2 KB	397ms 391ms	Image image/jpeg	185.61.154.55 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Show image Full URL https://safeheavenbtc.com/jort-kelder/files_273549_7706291_1106946751_q.jpg Requested by Host: safeheavenbtc.com URL: https://safeheavenbtc.com/jort-kelder/?ci=71&ai=2958268&gi=56&MPC_1=2a0c1724-c2b2-11ea-9b25-611b27d79799&MPC_2=&so=https://topconversion.club/nl/btc-revolution&s2s2=2a0c1724-c2b2-11ea-9b25-611b27d79799 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.61.154.55 , United Kingdom, ASN22612 (NAMECHEAP-NET, US), Reverse DNS Software Apache / Resource Hash `42de3c15f2f76bfcb849b10b509e06643c2ba6e4272c6d51c517f4dd6be937ab` Request headers Referer https://safeheavenbtc.com/jort-kelder/?ci=71&ai=2958268&gi=56&MPC_1=2a0c1724-c2b2-11ea-9b25-611b27d79799&MPC_2=&so=https://topconversion.club/nl/btc-revolution&s2s2=2a0c1724-c2b2-11ea-9b25-611b27d79799 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers status 200 date Fri, 10 Jul 2020 13:35:06 GMT last-modified Wed, 27 May 2020 09:25:14 GMT server Apache accept-ranges bytes content-length 2228 content-type image/jpeg
GET H2	200	files_370345_7008369_2025512953_q.jpg safeheavenbtc.com/jort-kelder/	2 KB 2 KB	362ms 355ms	Image image/jpeg	185.61.154.55 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Show image Full URL https://safeheavenbtc.com/jort-kelder/files_370345_7008369_2025512953_q.jpg Requested by Host: safeheavenbtc.com URL: https://safeheavenbtc.com/jort-kelder/?ci=71&ai=2958268&gi=56&MPC_1=2a0c1724-c2b2-11ea-9b25-611b27d79799&MPC_2=&so=https://topconversion.club/nl/btc-revolution&s2s2=2a0c1724-c2b2-11ea-9b25-611b27d79799 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.61.154.55 , United Kingdom, ASN22612 (NAMECHEAP-NET, US), Reverse DNS Software Apache / Resource Hash `db19a1a8adab47798a3c8f18a2c69e134199e839882aadb363fc5705011b5a1a` Request headers Referer https://safeheavenbtc.com/jort-kelder/?ci=71&ai=2958268&gi=56&MPC_1=2a0c1724-c2b2-11ea-9b25-611b27d79799&MPC_2=&so=https://topconversion.club/nl/btc-revolution&s2s2=2a0c1724-c2b2-11ea-9b25-611b27d79799 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers status 200 date Fri, 10 Jul 2020 13:35:06 GMT last-modified Wed, 27 May 2020 09:25:14 GMT server Apache accept-ranges bytes content-length 2103 content-type image/jpeg
GET H2	200	files_371925_1426200070_1825128294_q.jpg safeheavenbtc.com/jort-kelder/	2 KB 2 KB	392ms 386ms	Image image/jpeg	185.61.154.55 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Show image Full URL https://safeheavenbtc.com/jort-kelder/files_371925_1426200070_1825128294_q.jpg Requested by Host: safeheavenbtc.com URL: https://safeheavenbtc.com/jort-kelder/?ci=71&ai=2958268&gi=56&MPC_1=2a0c1724-c2b2-11ea-9b25-611b27d79799&MPC_2=&so=https://topconversion.club/nl/btc-revolution&s2s2=2a0c1724-c2b2-11ea-9b25-611b27d79799 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.61.154.55 , United Kingdom, ASN22612 (NAMECHEAP-NET, US), Reverse DNS Software Apache / Resource Hash `fc6eb089d47eb8644370bb833b7752e850e08d770396fc17255e395e5105b776` Request headers Referer https://safeheavenbtc.com/jort-kelder/?ci=71&ai=2958268&gi=56&MPC_1=2a0c1724-c2b2-11ea-9b25-611b27d79799&MPC_2=&so=https://topconversion.club/nl/btc-revolution&s2s2=2a0c1724-c2b2-11ea-9b25-611b27d79799 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers status 200 date Fri, 10 Jul 2020 13:35:06 GMT last-modified Wed, 27 May 2020 09:25:14 GMT server Apache accept-ranges bytes content-length 2062 content-type image/jpeg
GET H2	200	files_275712_1815883270_368899092_q.jpg safeheavenbtc.com/jort-kelder/	2 KB 2 KB	391ms 385ms	Image image/jpeg	185.61.154.55 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Show image Full URL https://safeheavenbtc.com/jort-kelder/files_275712_1815883270_368899092_q.jpg Requested by Host: safeheavenbtc.com URL: https://safeheavenbtc.com/jort-kelder/?ci=71&ai=2958268&gi=56&MPC_1=2a0c1724-c2b2-11ea-9b25-611b27d79799&MPC_2=&so=https://topconversion.club/nl/btc-revolution&s2s2=2a0c1724-c2b2-11ea-9b25-611b27d79799 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.61.154.55 , United Kingdom, ASN22612 (NAMECHEAP-NET, US), Reverse DNS Software Apache / Resource Hash `0761efb5a453f0539f4c8d09888b7d6f5162766f5709a07fd7038aeb9adbd5c0` Request headers Referer https://safeheavenbtc.com/jort-kelder/?ci=71&ai=2958268&gi=56&MPC_1=2a0c1724-c2b2-11ea-9b25-611b27d79799&MPC_2=&so=https://topconversion.club/nl/btc-revolution&s2s2=2a0c1724-c2b2-11ea-9b25-611b27d79799 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers status 200 date Fri, 10 Jul 2020 13:35:06 GMT last-modified Wed, 27 May 2020 09:25:14 GMT server Apache accept-ranges bytes content-length 2031 content-type image/jpeg
GET H2	200	files_371788_39603151_990746142_q.jpg safeheavenbtc.com/jort-kelder/	2 KB 2 KB	387ms 381ms	Image image/jpeg	185.61.154.55 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Show image Full URL https://safeheavenbtc.com/jort-kelder/files_371788_39603151_990746142_q.jpg Requested by Host: safeheavenbtc.com URL: https://safeheavenbtc.com/jort-kelder/?ci=71&ai=2958268&gi=56&MPC_1=2a0c1724-c2b2-11ea-9b25-611b27d79799&MPC_2=&so=https://topconversion.club/nl/btc-revolution&s2s2=2a0c1724-c2b2-11ea-9b25-611b27d79799 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.61.154.55 , United Kingdom, ASN22612 (NAMECHEAP-NET, US), Reverse DNS Software Apache / Resource Hash `f0bcf3e7e302eec1112dd96aeb91bd8d28a2924698cb6637198b12d8d9bd5d40` Request headers Referer https://safeheavenbtc.com/jort-kelder/?ci=71&ai=2958268&gi=56&MPC_1=2a0c1724-c2b2-11ea-9b25-611b27d79799&MPC_2=&so=https://topconversion.club/nl/btc-revolution&s2s2=2a0c1724-c2b2-11ea-9b25-611b27d79799 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers status 200 date Fri, 10 Jul 2020 13:35:06 GMT last-modified Wed, 27 May 2020 09:25:14 GMT server Apache accept-ranges bytes content-length 2166 content-type image/jpeg
GET H2	200	side1.png safeheavenbtc.com/jort-kelder/	34 KB 34 KB	367ms 361ms	Image image/png	185.61.154.55 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Show image Full URL https://safeheavenbtc.com/jort-kelder/side1.png Requested by Host: safeheavenbtc.com URL: https://safeheavenbtc.com/jort-kelder/?ci=71&ai=2958268&gi=56&MPC_1=2a0c1724-c2b2-11ea-9b25-611b27d79799&MPC_2=&so=https://topconversion.club/nl/btc-revolution&s2s2=2a0c1724-c2b2-11ea-9b25-611b27d79799 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.61.154.55 , United Kingdom, ASN22612 (NAMECHEAP-NET, US), Reverse DNS Software Apache / Resource Hash `5adbed9d75481c04641b70a78519079b1aa08150757ee14f7c84327356e73b1f` Request headers Referer https://safeheavenbtc.com/jort-kelder/?ci=71&ai=2958268&gi=56&MPC_1=2a0c1724-c2b2-11ea-9b25-611b27d79799&MPC_2=&so=https://topconversion.club/nl/btc-revolution&s2s2=2a0c1724-c2b2-11ea-9b25-611b27d79799 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers status 200 date Fri, 10 Jul 2020 13:35:06 GMT last-modified Wed, 27 May 2020 09:25:16 GMT server Apache accept-ranges bytes content-length 34888 content-type image/png
GET H2	200	side2.png safeheavenbtc.com/jort-kelder/	34 KB 34 KB	384ms 379ms	Image image/png	185.61.154.55 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Show image Full URL https://safeheavenbtc.com/jort-kelder/side2.png Requested by Host: safeheavenbtc.com URL: https://safeheavenbtc.com/jort-kelder/?ci=71&ai=2958268&gi=56&MPC_1=2a0c1724-c2b2-11ea-9b25-611b27d79799&MPC_2=&so=https://topconversion.club/nl/btc-revolution&s2s2=2a0c1724-c2b2-11ea-9b25-611b27d79799 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.61.154.55 , United Kingdom, ASN22612 (NAMECHEAP-NET, US), Reverse DNS Software Apache / Resource Hash `3dde975bef15653e64134deee5e1dd5220720f5ecb8fc26adc38f63b6cb57226` Request headers Referer https://safeheavenbtc.com/jort-kelder/?ci=71&ai=2958268&gi=56&MPC_1=2a0c1724-c2b2-11ea-9b25-611b27d79799&MPC_2=&so=https://topconversion.club/nl/btc-revolution&s2s2=2a0c1724-c2b2-11ea-9b25-611b27d79799 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers status 200 date Fri, 10 Jul 2020 13:35:06 GMT last-modified Wed, 27 May 2020 09:25:17 GMT server Apache accept-ranges bytes content-length 35141 content-type image/png
GET H2	200	side3.png safeheavenbtc.com/jort-kelder/	38 KB 38 KB	392ms 386ms	Image image/png	185.61.154.55 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Show image Full URL https://safeheavenbtc.com/jort-kelder/side3.png Requested by Host: safeheavenbtc.com URL: https://safeheavenbtc.com/jort-kelder/?ci=71&ai=2958268&gi=56&MPC_1=2a0c1724-c2b2-11ea-9b25-611b27d79799&MPC_2=&so=https://topconversion.club/nl/btc-revolution&s2s2=2a0c1724-c2b2-11ea-9b25-611b27d79799 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.61.154.55 , United Kingdom, ASN22612 (NAMECHEAP-NET, US), Reverse DNS Software Apache / Resource Hash `e5f99941f717ee56ec795c58e4c73d8f72d15494deb92d94894e2f0ea0f47b7e` Request headers Referer https://safeheavenbtc.com/jort-kelder/?ci=71&ai=2958268&gi=56&MPC_1=2a0c1724-c2b2-11ea-9b25-611b27d79799&MPC_2=&so=https://topconversion.club/nl/btc-revolution&s2s2=2a0c1724-c2b2-11ea-9b25-611b27d79799 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers status 200 date Fri, 10 Jul 2020 13:35:06 GMT last-modified Wed, 27 May 2020 09:25:16 GMT server Apache accept-ranges bytes content-length 38902 content-type image/png
GET H2	200	side4.png safeheavenbtc.com/jort-kelder/	25 KB 25 KB	364ms 358ms	Image image/png	185.61.154.55 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Show image Full URL https://safeheavenbtc.com/jort-kelder/side4.png Requested by Host: safeheavenbtc.com URL: https://safeheavenbtc.com/jort-kelder/?ci=71&ai=2958268&gi=56&MPC_1=2a0c1724-c2b2-11ea-9b25-611b27d79799&MPC_2=&so=https://topconversion.club/nl/btc-revolution&s2s2=2a0c1724-c2b2-11ea-9b25-611b27d79799 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.61.154.55 , United Kingdom, ASN22612 (NAMECHEAP-NET, US), Reverse DNS Software Apache / Resource Hash `1b7e0a2736aeb5f656f8b9cc2fda4b3eb2ea212d2f344dae9b7792136c9c5562` Request headers Referer https://safeheavenbtc.com/jort-kelder/?ci=71&ai=2958268&gi=56&MPC_1=2a0c1724-c2b2-11ea-9b25-611b27d79799&MPC_2=&so=https://topconversion.club/nl/btc-revolution&s2s2=2a0c1724-c2b2-11ea-9b25-611b27d79799 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers status 200 date Fri, 10 Jul 2020 13:35:06 GMT last-modified Wed, 27 May 2020 09:25:16 GMT server Apache accept-ranges bytes content-length 25718 content-type image/png
GET H2	200	side5.png safeheavenbtc.com/jort-kelder/	37 KB 37 KB	389ms 384ms	Image image/png	185.61.154.55 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Show image Full URL https://safeheavenbtc.com/jort-kelder/side5.png Requested by Host: safeheavenbtc.com URL: https://safeheavenbtc.com/jort-kelder/?ci=71&ai=2958268&gi=56&MPC_1=2a0c1724-c2b2-11ea-9b25-611b27d79799&MPC_2=&so=https://topconversion.club/nl/btc-revolution&s2s2=2a0c1724-c2b2-11ea-9b25-611b27d79799 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.61.154.55 , United Kingdom, ASN22612 (NAMECHEAP-NET, US), Reverse DNS Software Apache / Resource Hash `494a3efdafd5407a5a88d922f5a4a72d71ac2f3ad8f3f9fe607f8cf89314dfa1` Request headers Referer https://safeheavenbtc.com/jort-kelder/?ci=71&ai=2958268&gi=56&MPC_1=2a0c1724-c2b2-11ea-9b25-611b27d79799&MPC_2=&so=https://topconversion.club/nl/btc-revolution&s2s2=2a0c1724-c2b2-11ea-9b25-611b27d79799 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers status 200 date Fri, 10 Jul 2020 13:35:06 GMT last-modified Wed, 27 May 2020 09:25:16 GMT server Apache accept-ranges bytes content-length 37859 content-type image/png
GET H2	200	side6.png safeheavenbtc.com/jort-kelder/	34 KB 34 KB	387ms 382ms	Image image/png	185.61.154.55 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Show image Full URL https://safeheavenbtc.com/jort-kelder/side6.png Requested by Host: safeheavenbtc.com URL: https://safeheavenbtc.com/jort-kelder/?ci=71&ai=2958268&gi=56&MPC_1=2a0c1724-c2b2-11ea-9b25-611b27d79799&MPC_2=&so=https://topconversion.club/nl/btc-revolution&s2s2=2a0c1724-c2b2-11ea-9b25-611b27d79799 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.61.154.55 , United Kingdom, ASN22612 (NAMECHEAP-NET, US), Reverse DNS Software Apache / Resource Hash `54e408290bafacaad2eaf0b17ec04ecf29ae7333a69784730a1af7d749b3c4a9` Request headers Referer https://safeheavenbtc.com/jort-kelder/?ci=71&ai=2958268&gi=56&MPC_1=2a0c1724-c2b2-11ea-9b25-611b27d79799&MPC_2=&so=https://topconversion.club/nl/btc-revolution&s2s2=2a0c1724-c2b2-11ea-9b25-611b27d79799 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers status 200 date Fri, 10 Jul 2020 13:35:06 GMT last-modified Wed, 27 May 2020 09:25:16 GMT server Apache accept-ranges bytes content-length 34979 content-type image/png
GET H2	200	side7.png safeheavenbtc.com/jort-kelder/	30 KB 31 KB	394ms 389ms	Image image/png	185.61.154.55 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Show image Full URL https://safeheavenbtc.com/jort-kelder/side7.png Requested by Host: safeheavenbtc.com URL: https://safeheavenbtc.com/jort-kelder/?ci=71&ai=2958268&gi=56&MPC_1=2a0c1724-c2b2-11ea-9b25-611b27d79799&MPC_2=&so=https://topconversion.club/nl/btc-revolution&s2s2=2a0c1724-c2b2-11ea-9b25-611b27d79799 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.61.154.55 , United Kingdom, ASN22612 (NAMECHEAP-NET, US), Reverse DNS Software Apache / Resource Hash `b8ff47c69f9495e6ea65471b668c7d0145a9b2122aa780087cd59ca4ef8644b5` Request headers Referer https://safeheavenbtc.com/jort-kelder/?ci=71&ai=2958268&gi=56&MPC_1=2a0c1724-c2b2-11ea-9b25-611b27d79799&MPC_2=&so=https://topconversion.club/nl/btc-revolution&s2s2=2a0c1724-c2b2-11ea-9b25-611b27d79799 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers status 200 date Fri, 10 Jul 2020 13:35:06 GMT last-modified Wed, 27 May 2020 09:25:16 GMT server Apache accept-ranges bytes content-length 31140 content-type image/png
GET H2	200	bitcointrader-side-step1.png safeheavenbtc.com/jort-kelder/	41 KB 41 KB	392ms 387ms	Image image/png	185.61.154.55 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Show image Full URL https://safeheavenbtc.com/jort-kelder/bitcointrader-side-step1.png Requested by Host: safeheavenbtc.com URL: https://safeheavenbtc.com/jort-kelder/?ci=71&ai=2958268&gi=56&MPC_1=2a0c1724-c2b2-11ea-9b25-611b27d79799&MPC_2=&so=https://topconversion.club/nl/btc-revolution&s2s2=2a0c1724-c2b2-11ea-9b25-611b27d79799 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.61.154.55 , United Kingdom, ASN22612 (NAMECHEAP-NET, US), Reverse DNS Software Apache / Resource Hash `e559b7a5f5f7cdfbcf56f26a90d8e7db2013dd4b2778d378eeabac546f43695f` Request headers Referer https://safeheavenbtc.com/jort-kelder/?ci=71&ai=2958268&gi=56&MPC_1=2a0c1724-c2b2-11ea-9b25-611b27d79799&MPC_2=&so=https://topconversion.club/nl/btc-revolution&s2s2=2a0c1724-c2b2-11ea-9b25-611b27d79799 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers status 200 date Fri, 10 Jul 2020 13:35:06 GMT last-modified Wed, 27 May 2020 09:25:12 GMT server Apache accept-ranges bytes content-length 41867 content-type image/png
GET H2	200	bitcointrader-side-step2.png safeheavenbtc.com/jort-kelder/	71 KB 71 KB	361ms 356ms	Image image/png	185.61.154.55 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Show image Full URL https://safeheavenbtc.com/jort-kelder/bitcointrader-side-step2.png Requested by Host: safeheavenbtc.com URL: https://safeheavenbtc.com/jort-kelder/?ci=71&ai=2958268&gi=56&MPC_1=2a0c1724-c2b2-11ea-9b25-611b27d79799&MPC_2=&so=https://topconversion.club/nl/btc-revolution&s2s2=2a0c1724-c2b2-11ea-9b25-611b27d79799 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.61.154.55 , United Kingdom, ASN22612 (NAMECHEAP-NET, US), Reverse DNS Software Apache / Resource Hash `61e6f86f82b85099b0dbcfb2d8b206dd35c2610d568e4bd35e799a503e695fd2` Request headers Referer https://safeheavenbtc.com/jort-kelder/?ci=71&ai=2958268&gi=56&MPC_1=2a0c1724-c2b2-11ea-9b25-611b27d79799&MPC_2=&so=https://topconversion.club/nl/btc-revolution&s2s2=2a0c1724-c2b2-11ea-9b25-611b27d79799 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers status 200 date Fri, 10 Jul 2020 13:35:06 GMT last-modified Wed, 27 May 2020 09:25:13 GMT server Apache accept-ranges bytes content-length 72348 content-type image/png
GET H2	200	bitcointrader-side-step3.png safeheavenbtc.com/jort-kelder/	22 KB 22 KB	397ms 393ms	Image image/png	185.61.154.55 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Show image Full URL https://safeheavenbtc.com/jort-kelder/bitcointrader-side-step3.png Requested by Host: safeheavenbtc.com URL: https://safeheavenbtc.com/jort-kelder/?ci=71&ai=2958268&gi=56&MPC_1=2a0c1724-c2b2-11ea-9b25-611b27d79799&MPC_2=&so=https://topconversion.club/nl/btc-revolution&s2s2=2a0c1724-c2b2-11ea-9b25-611b27d79799 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.61.154.55 , United Kingdom, ASN22612 (NAMECHEAP-NET, US), Reverse DNS Software Apache / Resource Hash `44415f8c6602dfa29db63ec63370893a35033e08cb49eb805593a24d092f91c9` Request headers Referer https://safeheavenbtc.com/jort-kelder/?ci=71&ai=2958268&gi=56&MPC_1=2a0c1724-c2b2-11ea-9b25-611b27d79799&MPC_2=&so=https://topconversion.club/nl/btc-revolution&s2s2=2a0c1724-c2b2-11ea-9b25-611b27d79799 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers status 200 date Fri, 10 Jul 2020 13:35:06 GMT last-modified Wed, 27 May 2020 09:25:12 GMT server Apache accept-ranges bytes content-length 22215 content-type image/png
GET DATA	200 OK	truncated /	2 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `9d02d662da8a47fb5fb610b545007507b6017028043dbb63cd09ec897d3b9627` Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	715 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd` Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	178 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `3ee0806e69f2ae70a2267a58ac5fc5d52b5aa7aca6f3c0c08adad605fd8fbc16` Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	243 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `9d2d8043c302d3a9da9277374a53e2285c471d5dc8397885b4931b82771d5cae` Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	381 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `63271dcce1a2518271ecc2b0bdcc5afc9c5f0968a8635e0f97a4c9747309eb82` Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Content-Type image/svg+xml
GET H2	206	everydayprofit_euro.mp4 safeheavenbtc.com/jort-kelder/	40 KB 40 KB	225ms 225ms	Media video/mp4	185.61.154.55 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://safeheavenbtc.com/jort-kelder/everydayprofit_euro.mp4 Requested by Host: safeheavenbtc.com URL: https://safeheavenbtc.com/jort-kelder/?ci=71&ai=2958268&gi=56&MPC_1=2a0c1724-c2b2-11ea-9b25-611b27d79799&MPC_2=&so=https://topconversion.club/nl/btc-revolution&s2s2=2a0c1724-c2b2-11ea-9b25-611b27d79799 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.61.154.55 , United Kingdom, ASN22612 (NAMECHEAP-NET, US), Reverse DNS Software Apache / Resource Hash `03a65e2d7fc5ca74c9c9a6c8f6691ac0790fcc36c3c1d95b14f7cd5c3e45ff50` Request headers Referer https://safeheavenbtc.com/jort-kelder/?ci=71&ai=2958268&gi=56&MPC_1=2a0c1724-c2b2-11ea-9b25-611b27d79799&MPC_2=&so=https://topconversion.club/nl/btc-revolution&s2s2=2a0c1724-c2b2-11ea-9b25-611b27d79799 Accept-Encoding identity;q=1, ;q=0 User-Agent* Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Range bytes=0- Response headers date Fri, 10 Jul 2020 13:35:06 GMT last-modified Wed, 27 May 2020 09:25:14 GMT server Apache status 206 content-type video/mp4 Content-Range bytes 0-41257/41258 accept-ranges bytes Content-Length 41258
GET DATA	200 OK	truncated /	547 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366` Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	552 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945` Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	352 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `5f3592a8b8037ea064764a2815799612063c6722d314d1d66d3a9391c3c16d66` Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Content-Type image/svg+xml
POST H2	200	Poolbox Show response platform.best-traffic.club/forms/	92 B 1 KB	239ms 179ms	XHR application/json	2606:4700:3031::681f:459e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://platform.best-traffic.club/forms/Poolbox Requested by Host: safeheavenbtc.com URL: https://safeheavenbtc.com/jort-kelder/jquery.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::681f:459e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.4.0 Resource Hash `40c51a8a3de4302973bf2453e45bfb16c6ded4511cbc27422f4d83464163b8bb` Request headers Accept application/json, text/javascript, /; q=0.01 Referer https://safeheavenbtc.com/jort-kelder/?ci=71&ai=2958268&gi=56&MPC_1=2a0c1724-c2b2-11ea-9b25-611b27d79799&MPC_2=&so=https://topconversion.club/nl/btc-revolution&s2s2=2a0c1724-c2b2-11ea-9b25-611b27d79799 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers date Fri, 10 Jul 2020 13:35:07 GMT content-encoding br cf-cache-status DYNAMIC x-powered-by PHP/7.4.0 status 200 cf-request-id 03da88e6500000d6f19f3c4200000001 pragma no-cache server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/json access-control-allow-origin https://safeheavenbtc.com cache-control no-store, no-cache, must-revalidate access-control-allow-credentials true cf-ray 5b0aaa83beb5d6f1-FRA access-control-allow-headers Content-Type, Accept expires Thu, 19 Nov 1981 08:52:00 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Investment Scam (Online) Lion's Den Scam (Online)

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.trackbox.guru
gotomaxinfo.com
kollectorates.com
m1o6.newestlinks.company
platform.best-traffic.club
qtb8nh.y12z25y1w9.top
safeheavenbtc.com
157.52.193.101
179.61.143.118
185.61.154.55
2606:4700:20::ac43:4824
2606:4700:3031::681f:459e
31.210.110.184
51.222.35.112
51.83.230.47
03a65e2d7fc5ca74c9c9a6c8f6691ac0790fcc36c3c1d95b14f7cd5c3e45ff50
04e953f0ee53304b86f0e58680127bd0810c9b63f660f59566184481dd72b571
0761efb5a453f0539f4c8d09888b7d6f5162766f5709a07fd7038aeb9adbd5c0
12ea67b3ad26763667dcba49477be6ebe3cfdf0ce50469283f136df026a80e75
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
1b7e0a2736aeb5f656f8b9cc2fda4b3eb2ea212d2f344dae9b7792136c9c5562
1f52fc1cfd28c8d9189924b128c05950fe0ff193070596ddfd2aa888c207af54
1fce13b9be8c2fd67007038bae6887e0c8c3bf9c5aabcfe22a0e892ef2725a75
2005d776f440c8bdf4895de6efe8eb86d8ffb9a25eb9ebeb35fde4545c2e305f
253573f46997713506a72b404386fb532fd220fd3e1b7c76950a798f2325b20b
27136be39109fe6e068dae618e286dfd3f6c7dae2b18417b79815bcf1e290d57
3dde975bef15653e64134deee5e1dd5220720f5ecb8fc26adc38f63b6cb57226
3ee0806e69f2ae70a2267a58ac5fc5d52b5aa7aca6f3c0c08adad605fd8fbc16
40c51a8a3de4302973bf2453e45bfb16c6ded4511cbc27422f4d83464163b8bb
42de3c15f2f76bfcb849b10b509e06643c2ba6e4272c6d51c517f4dd6be937ab
44415f8c6602dfa29db63ec63370893a35033e08cb49eb805593a24d092f91c9
494a3efdafd5407a5a88d922f5a4a72d71ac2f3ad8f3f9fe607f8cf89314dfa1
496e15f347772f9c2792a38e14c1c5524f17f5389b85fd4785471f3f9a590fad
4f6e50be254a165b58e3b70fc1fd50a59f48d1ca19456ae5a0416dcf9ed538ab
50b0010a63d5ede70e4e7c8e005892248e19117182e7634f89c956bbc23ac69b
54e408290bafacaad2eaf0b17ec04ecf29ae7333a69784730a1af7d749b3c4a9
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd
5adbed9d75481c04641b70a78519079b1aa08150757ee14f7c84327356e73b1f
5b6db2d4eb75d626812cc91b4f6ec9a94b2545dccaeb06beba062c66499bf1c9
5f3592a8b8037ea064764a2815799612063c6722d314d1d66d3a9391c3c16d66
61e6f86f82b85099b0dbcfb2d8b206dd35c2610d568e4bd35e799a503e695fd2
62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945
63271dcce1a2518271ecc2b0bdcc5afc9c5f0968a8635e0f97a4c9747309eb82
6555ce4eb5a9e1790d41a4faefda8707d57e07cf6622a01dcbb66165ad46d4cc
6945a3e9a1904fe2dedffa67fc7ae76bcc59b46b115bb9229d7f185b6b7afecb
6b014ca073b26a0961f3715afc118519c210a6cbb93c6540b75a8793924de4f6
73a33c88d90558bd4c9511c099f782b87af2faae53a36e9cbcae5fdedf277e21
74e6c7fc462cdd9b8a6876368c1aafe1830a75af5bfa86329ee3ccafa8319214
7ade842b1b59aafbac7004493efc3ea1520f2a4b4b2ef58926d1206fdf36d756
864a1b27b5346463852a3ea830625a6fe89b2c21e758c8f31e62214241e54065
86bd3ab98e6ba47772e58504e8f17820c1c01078b6f1aabaeb4127dcd07e1504
934f328030a8568f6f28c9183844503ca265ee1fc54b90a2d50b3d3e6fd76641
9697fbf492c5a9931527e1ac07ed013300a96513f14db76fda44ca751085bcf7
98bd4ba2651157e24c6c02f405e4c808b1555b113917c6a694fdcb0b35fd0cfe
9d02d662da8a47fb5fb610b545007507b6017028043dbb63cd09ec897d3b9627
9d2d8043c302d3a9da9277374a53e2285c471d5dc8397885b4931b82771d5cae
a3525ffd53596d03588ff1bceb57b5571395e10dae94c39a9cb1db4dcaf3d31b
aa4e81d3622c8aaf55a1ea056d61b2a95cc7ef3026a2f8e146b615f26b4db19a
b8ff47c69f9495e6ea65471b668c7d0145a9b2122aa780087cd59ca4ef8644b5
c6565e0a5c5d1a1f53b973d242011d32a82dfc4f6fc34149557adc66e1c439db
c8a1916b926cd4b7d835be3541eae14be4fdf839357e701bd1e104378975e59e
d40b6ddebc5934e7075616be81b1c10e011590cc0210766773d87d8d329d0ac3
db19a1a8adab47798a3c8f18a2c69e134199e839882aadb363fc5705011b5a1a
df610ef617b5fb01d2cfccc47752e96e3b30669a7712b4fa2d2bbb3500a61e0b
df8633cb66d117686a19391925af8c42488c7fa4e60d65dbc36774d5d0425b22
e47374400288a7be95bdafe93df012387839c6ce349053c88a905f4e4b9a5158
e52805b60765c4c1729e510d1725b377586f4fc7e682f01bfd7f74189800556b
e559b7a5f5f7cdfbcf56f26a90d8e7db2013dd4b2778d378eeabac546f43695f
e5f99941f717ee56ec795c58e4c73d8f72d15494deb92d94894e2f0ea0f47b7e
e8534f5335522037c03fe544db314033fe5f05d847c5356b8ebe7f3f79beb6f5
e9d04e4fbd1f7c6a052cccf0588ed2c6ea41af104c59c70baaa10d8e0f5715a8
e9d82b380a6386f492a11fe3641b286efea44b485ff1f39db0a6990da0f0bd81
eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366
f0bcf3e7e302eec1112dd96aeb91bd8d28a2924698cb6637198b12d8d9bd5d40
f6ea097d50938f2d6067e83e7d8da04d3e7493576ae9bdfd92281fc7a7bc9765
fc6eb089d47eb8644370bb833b7752e850e08d770396fc17255e395e5105b776

safeheavenbtc.com Open in urlscan Pro 185.61.154.55 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

53 Requests

100 %HTTPS

25 %IPv6

7 Domains

7 Subdomains

6 IPs

5 Countries

2573 kBTransfer

2986 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

53 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 8 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

safeheavenbtc.com Open in urlscan Pro
185.61.154.55 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

53
Requests

100 %
HTTPS

25 %
IPv6

7
Domains

7
Subdomains

6
IPs

5
Countries

2573 kB
Transfer

2986 kB
Size

0
Cookies

53 HTTP transactions
8 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!