www.localnewsreviews.com Open in urlscan Pro
2606:4700:30::681c:b29  Malicious Activity! Public Scan

Submitted URL: https://1d616818f69.traffic-c.com/?p=6074&media_type=mainstream&click_id=18032140_1d_2_106c_54730e_1148_176_5c9338cc_5d72b7a4_0_0_...
Effective URL: https://www.localnewsreviews.com/btc/DEwfhd.html
Submission: On March 21 via manual from RO

Summary

This website contacted 6 IPs in 3 countries across 9 domains to perform 38 HTTP transactions. The main IP is 2606:4700:30::681c:b29, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is www.localnewsreviews.com.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on November 1st 2018. Valid for: a year.
This is the only time www.localnewsreviews.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Lion's Den Scam (Online)

Domain & IP information

IP Address AS Autonomous System
1 52.215.113.202 16509 (AMAZON-02)
1 3 62.212.87.142 60781 (LEASEWEB-...)
1 1 34.193.160.81 14618 (AMAZON-AES)
1 1 52.206.38.50 14618 (AMAZON-AES)
2 3.209.27.50 14618 (AMAZON-AES)
1 1 52.206.107.84 14618 (AMAZON-AES)
1 2 95.211.229.247 60781 (LEASEWEB-...)
26 2606:4700:30:... 13335 (CLOUDFLAR...)
38 6
Apex Domain
Subdomains
Transfer
26 localnewsreviews.com
www.localnewsreviews.com
1 MB
3 maketraff.com
maketraff.com
10 KB
2 exoclick.com
rtb.exoclick.com
3 KB
2 svkrg.com
svkrg.com
3 KB
1 peakperformsrv.com
xhnmaq.peakperformsrv.com
900 B
1 enjrg.com
enjrg.com
462 B
1 typrg.com
typrg.com
326 B
1 traffic-c.com
1d616818f69.traffic-c.com
1 KB
0 bestnews24.net Failed
bestnews24.net Failed
38 9
Domain Requested by
26 www.localnewsreviews.com rtb.exoclick.com
www.localnewsreviews.com
3 maketraff.com 1 redirects maketraff.com
2 rtb.exoclick.com 1 redirects svkrg.com
2 svkrg.com maketraff.com
svkrg.com
1 xhnmaq.peakperformsrv.com 1 redirects
1 enjrg.com 1 redirects
1 typrg.com 1 redirects
1 1d616818f69.traffic-c.com
0 bestnews24.net Failed www.localnewsreviews.com
38 9

This site contains links to these domains. Also see Links.

Domain
cachemoneytrk.com
Subject Issuer Validity Valid
traffic-c.com
Let's Encrypt Authority X3
2019-02-15 -
2019-05-16
3 months crt.sh
trk.billysrv.com
Let's Encrypt Authority X3
2019-03-04 -
2019-06-02
3 months crt.sh
svkrg.com
Sectigo RSA Domain Validation Secure Server CA
2019-01-21 -
2020-01-21
a year crt.sh
*.exoclick.com
Go Daddy Secure Certificate Authority - G2
2018-08-03 -
2019-10-02
a year crt.sh
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2
2018-11-01 -
2019-11-01
a year crt.sh

This page contains 1 frames:

Primary Page: https://www.localnewsreviews.com/btc/DEwfhd.html
Frame ID: 030AD0003185B7ADC0325C811E78BC35
Requests: 38 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. https://1d616818f69.traffic-c.com/?p=6074&media_type=mainstream&click_id=18032140_1d_2_106c_54730e_1148_176_5c... Page URL
  2. https://maketraff.com/l/196906009217f69164ac?sub=5i78vua1t5ouaeqyqqgg88cso,13418100,5,6074&source=... Page URL
  3. https://maketraff.com/l/196906009217f69164ac?sub=5i78vua1t5ouaeqyqqgg88cso,13418100,5,6074&source=... HTTP 302
    https://maketraff.com/gw?sub=5i78vua1t5ouaeqyqqgg88cso%2C13418100%2C5%2C6074&source=6074&url=https... Page URL
  4. https://typrg.com/dep.php?pid=7642&subid=855_6074&cid=bmconv_20190321180518_39fa90c7_188a_496c... HTTP 302
    https://enjrg.com/dep.php?pid=7642&subid=855_6074&cid=bmconv_20190321180518_39fa90c7_188a_496c... HTTP 302
    https://svkrg.com/fep.php?rd=xhnmaq.peakperformsrv.com&ct=6&id=15531879194443506174720824&tid=... Page URL
  5. https://xhnmaq.peakperformsrv.com/?&version=1&v=2&id=15531879194443506174720824&tid=7642&ct=6&t=imp&ftype=js&f... HTTP 302
    https://rtb.exoclick.com/cimp.php?data=TVRVMU16RTROemt4T1h4aVpHTTBOREEzWVdOa09XVTRZV0U1WVdVMU56QmlZMk... Page URL
  6. https://rtb.exoclick.com/cimp.php?data=TVRVMU16RTROemt4T1h4aVpHTTBOREEzWVdOa09XVTRZV0U1WVdVMU56QmlZMk... HTTP 302
    https://www.localnewsreviews.com/btc/DEwfhd.html Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+font-awesome(?:\.min)?\.css/i

Overall confidence: 100%
Detected patterns
  • html /<link[^>]+?href="[^"]+bootstrap(?:\.min)?\.css/i

Page Statistics

38
Requests

84 %
HTTPS

13 %
IPv6

9
Domains

9
Subdomains

6
IPs

3
Countries

1224 kB
Transfer

1415 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://1d616818f69.traffic-c.com/?p=6074&media_type=mainstream&click_id=18032140_1d_2_106c_54730e_1148_176_5c9338cc_5d72b7a4_0_0_0_64_64_0_2_2&sub_id=106c Page URL
  2. https://maketraff.com/l/196906009217f69164ac?sub=5i78vua1t5ouaeqyqqgg88cso,13418100,5,6074&source=6074&ctrack=1553187917.4021584995 Page URL
  3. https://maketraff.com/l/196906009217f69164ac?sub=5i78vua1t5ouaeqyqqgg88cso,13418100,5,6074&source=6074&ctrack=1553187917.4021584995&code2=Y3RtATE1NTMxODc5MTgwNTUAc3JjAWlvAHZlcgExOQBwbHQBTGludXggeDg2XzY0AHRjaAEAaXcBMTYwMABpaAExMjAwAGF3ATE2MDAAYWgBMTIwMAB0egEwAGJ1aWQBAGNrZQExAG9ybnQBAHZuZAFHb29nbGUgSW5jLgBoc2ZjAWZhbHNlAGZybQFmYWxzZQB1YQFNb3ppbGxhLzUuMCAoTWFjaW50b3NoOyBJbnRlbCBNYWMgT1MgWCAxMF8xM181KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvNjcuMC4zMzk2Ljg3IFNhZmFyaS81MzcuMzYAYTQzATAwMDAwMABhNDQBMDAAc2YBMDAwMABmZgExMTAAY2hkATAAZmx2AWZhbHNlAGNobQExMTEAbG5nATEwMDAAc3RyZwExMDExMTEwAG9zY3B1AQBwcmRzdWIBMjAwMzAxMDcAZXZsbgEzMwByZWYBaHR0cHM6Ly8xZDYxNjgxOGY2OS50cmFmZmljLWMuY29tLz9wPTYwNzQmbWVkaWFfdHlwZT1tYWluc3RyZWFtJmNsaWNrX2lkPTE4MDMyMTQwXzFkXzJfMTA2Y181NDczMGVfMTE0OF8xNzZfNWM5MzM4Y2NfNWQ3MmI3YTRfMF8wXzBfNjRfNjRfMF8yXzImc3ViX2lkPTEwNmMAcmJjYwExMDI1MTE1MwBjbnRwAQB3bm0BAHdnbHYBMABjZGcBMDExMTExMTEwMDAxMTAwMDExMTExMTExMTExMTExMTEwMTExMTExMTExMTEwMTExMTExMTExMTExMTExMDEwMQB3dXQBAGtsbmcBZW4tVVMAcnR0ATAAbGFvAQBobHMBMA__ HTTP 302
    https://maketraff.com/gw?sub=5i78vua1t5ouaeqyqqgg88cso%2C13418100%2C5%2C6074&source=6074&url=https%3A%2F%2Ftyprg.com%2Fdep.php%3Fpid%3D7642%26subid%3D855_6074%26cid%3Dbmconv_20190321180518_39fa90c7_188a_496c_b2aa_446d2548c94f%26ref%3D5i78vua1t5ouaeqyqqgg88cso%2C13418100%2C5%2C6074&vId=bmconv_20190321180518_39fa90c7_188a_496c_b2aa_446d2548c94f&hash=196906009217f69164ac&ete=true Page URL
  4. https://typrg.com/dep.php?pid=7642&subid=855_6074&cid=bmconv_20190321180518_39fa90c7_188a_496c_b2aa_446d2548c94f&ref=5i78vua1t5ouaeqyqqgg88cso,13418100,5,6074 HTTP 302
    https://enjrg.com/dep.php?pid=7642&subid=855_6074&cid=bmconv_20190321180518_39fa90c7_188a_496c_b2aa_446d2548c94f&ref=5i78vua1t5ouaeqyqqgg88cso,13418100,5,6074 HTTP 302
    https://svkrg.com/fep.php?rd=xhnmaq.peakperformsrv.com&ct=6&id=15531879194443506174720824&tid=7642&t=imp&end=1 Page URL
  5. https://xhnmaq.peakperformsrv.com/?&version=1&v=2&id=15531879194443506174720824&tid=7642&ct=6&t=imp&ftype=js&filter=1&nf=14&nf2=15&trs=15531879191068597&end=1&fwidth=1600&fheight=1200&fiframe=false&fiframesandbox=undefined&rfp= HTTP 302
    https://rtb.exoclick.com/cimp.php?data=TVRVMU16RTROemt4T1h4aVpHTTBOREEzWVdOa09XVTRZV0U1WVdVMU56QmlZMkkxTW1abE1tSmhNQT09fGh0dHBzOi8vd3d3LmxvY2FsbmV3c3Jldmlld3MuY29tL2J0Yy9ERXdmaGQuaHRtbHxodHRwc3w4My45Ny4yMy40M3xERVV8NTJ8YWRleGNoYW5nZS03NzI0MTYuY29tfDE0NDcxOXw1MzAzNDB8NzcyNDE2fDMyNjgwMjR8NTEzfDI4OTYzMzB8MjgwMjY0MjZ8MTZ8MnwwfDB8MTU1NDd8NzY0MnwxNi40MDk2NXw4MHxVU0R8VVNEfDF8MXwyMnx8MXxERVV8ODMuOTcuMjMuNDN8NjB8NHwxfHwxNDY2OWIxMTA1NDNjYWRhODcwOWJkNjU2Y2Y0NTQxZXxmYjFiMzE1MGYwNDg4MDM3NGQyNTIyYTI3NjgxMjMzZnwxfDB8ODMyOS5wZWFrYWR4LmNvbXwwfDB8MHwwLjAxfDF8MHxleGNoYW5nZV9saW5rfGJmNDg2ZjNhYmE0YzQzMjYzMmJkZWQwZjk5YTdiZDQyfDB8MHwwfDI5NTAxNTd8MHwwfDI5NTAxNTl8aG9zdGluZ3x2cG58MXwxNDQwfHwwfDB8MHxPS3wwOTlhNWYwOWI3YmM2Mzk4MmY3ZDc2MTg2NWNkNDYyMQ== Page URL
  6. https://rtb.exoclick.com/cimp.php?data=TVRVMU16RTROemt4T1h4aVpHTTBOREEzWVdOa09XVTRZV0U1WVdVMU56QmlZMkkxTW1abE1tSmhNQT09fGh0dHBzOi8vd3d3LmxvY2FsbmV3c3Jldmlld3MuY29tL2J0Yy9ERXdmaGQuaHRtbHxodHRwc3w4My45Ny4yMy40M3xERVV8NTJ8YWRleGNoYW5nZS03NzI0MTYuY29tfDE0NDcxOXw1MzAzNDB8NzcyNDE2fDMyNjgwMjR8NTEzfDI4OTYzMzB8MjgwMjY0MjZ8MTZ8MnwwfDB8MTU1NDd8NzY0MnwxNi40MDk2NXw4MHxVU0R8VVNEfDF8MXwyMnx8MXxERVV8ODMuOTcuMjMuNDN8NjB8NHwxfHwxNDY2OWIxMTA1NDNjYWRhODcwOWJkNjU2Y2Y0NTQxZXxmYjFiMzE1MGYwNDg4MDM3NGQyNTIyYTI3NjgxMjMzZnwxfDB8ODMyOS5wZWFrYWR4LmNvbXwwfDB8MHwwLjAxfDF8MHxleGNoYW5nZV9saW5rfGJmNDg2ZjNhYmE0YzQzMjYzMmJkZWQwZjk5YTdiZDQyfDB8MHwwfDI5NTAxNTd8MHwwfDI5NTAxNTl8aG9zdGluZ3x2cG58MXwxNDQwfHwwfDB8MHxPS3wwOTlhNWYwOWI3YmM2Mzk4MmY3ZDc2MTg2NWNkNDYyMQ%3D%3D&p=https%3A%2F%2Fsvkrg.com%2Ffep.php%3Frd%3Dxhnmaq.peakperformsrv.com%26ct%3D6%26id%3D15531879194443506174720824%26tid%3D7642%26t%3Dimp%26end%3D1&tested=1&check=afc0436e8f02f515ec8f51cf054fa92d&screen_resolution=1600x1200&container_resolution=1600x1200&iframe=0 HTTP 302
    https://www.localnewsreviews.com/btc/DEwfhd.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2
  • https://maketraff.com/l/196906009217f69164ac?sub=5i78vua1t5ouaeqyqqgg88cso,13418100,5,6074&source=6074&ctrack=1553187917.4021584995&code2=Y3RtATE1NTMxODc5MTgwNTUAc3JjAWlvAHZlcgExOQBwbHQBTGludXggeDg2XzY0AHRjaAEAaXcBMTYwMABpaAExMjAwAGF3ATE2MDAAYWgBMTIwMAB0egEwAGJ1aWQBAGNrZQExAG9ybnQBAHZuZAFHb29nbGUgSW5jLgBoc2ZjAWZhbHNlAGZybQFmYWxzZQB1YQFNb3ppbGxhLzUuMCAoTWFjaW50b3NoOyBJbnRlbCBNYWMgT1MgWCAxMF8xM181KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvNjcuMC4zMzk2Ljg3IFNhZmFyaS81MzcuMzYAYTQzATAwMDAwMABhNDQBMDAAc2YBMDAwMABmZgExMTAAY2hkATAAZmx2AWZhbHNlAGNobQExMTEAbG5nATEwMDAAc3RyZwExMDExMTEwAG9zY3B1AQBwcmRzdWIBMjAwMzAxMDcAZXZsbgEzMwByZWYBaHR0cHM6Ly8xZDYxNjgxOGY2OS50cmFmZmljLWMuY29tLz9wPTYwNzQmbWVkaWFfdHlwZT1tYWluc3RyZWFtJmNsaWNrX2lkPTE4MDMyMTQwXzFkXzJfMTA2Y181NDczMGVfMTE0OF8xNzZfNWM5MzM4Y2NfNWQ3MmI3YTRfMF8wXzBfNjRfNjRfMF8yXzImc3ViX2lkPTEwNmMAcmJjYwExMDI1MTE1MwBjbnRwAQB3bm0BAHdnbHYBMABjZGcBMDExMTExMTEwMDAxMTAwMDExMTExMTExMTExMTExMTEwMTExMTExMTExMTEwMTExMTExMTExMTExMTExMDEwMQB3dXQBAGtsbmcBZW4tVVMAcnR0ATAAbGFvAQBobHMBMA__ HTTP 302
  • https://maketraff.com/gw?sub=5i78vua1t5ouaeqyqqgg88cso%2C13418100%2C5%2C6074&source=6074&url=https%3A%2F%2Ftyprg.com%2Fdep.php%3Fpid%3D7642%26subid%3D855_6074%26cid%3Dbmconv_20190321180518_39fa90c7_188a_496c_b2aa_446d2548c94f%26ref%3D5i78vua1t5ouaeqyqqgg88cso%2C13418100%2C5%2C6074&vId=bmconv_20190321180518_39fa90c7_188a_496c_b2aa_446d2548c94f&hash=196906009217f69164ac&ete=true
Request Chain 3
  • https://typrg.com/dep.php?pid=7642&subid=855_6074&cid=bmconv_20190321180518_39fa90c7_188a_496c_b2aa_446d2548c94f&ref=5i78vua1t5ouaeqyqqgg88cso,13418100,5,6074 HTTP 302
  • https://enjrg.com/dep.php?pid=7642&subid=855_6074&cid=bmconv_20190321180518_39fa90c7_188a_496c_b2aa_446d2548c94f&ref=5i78vua1t5ouaeqyqqgg88cso,13418100,5,6074 HTTP 302
  • https://svkrg.com/fep.php?rd=xhnmaq.peakperformsrv.com&ct=6&id=15531879194443506174720824&tid=7642&t=imp&end=1
Request Chain 5
  • https://xhnmaq.peakperformsrv.com/?&version=1&v=2&id=15531879194443506174720824&tid=7642&ct=6&t=imp&ftype=js&filter=1&nf=14&nf2=15&trs=15531879191068597&end=1&fwidth=1600&fheight=1200&fiframe=false&fiframesandbox=undefined&rfp= HTTP 302
  • https://rtb.exoclick.com/cimp.php?data=TVRVMU16RTROemt4T1h4aVpHTTBOREEzWVdOa09XVTRZV0U1WVdVMU56QmlZMkkxTW1abE1tSmhNQT09fGh0dHBzOi8vd3d3LmxvY2FsbmV3c3Jldmlld3MuY29tL2J0Yy9ERXdmaGQuaHRtbHxodHRwc3w4My45Ny4yMy40M3xERVV8NTJ8YWRleGNoYW5nZS03NzI0MTYuY29tfDE0NDcxOXw1MzAzNDB8NzcyNDE2fDMyNjgwMjR8NTEzfDI4OTYzMzB8MjgwMjY0MjZ8MTZ8MnwwfDB8MTU1NDd8NzY0MnwxNi40MDk2NXw4MHxVU0R8VVNEfDF8MXwyMnx8MXxERVV8ODMuOTcuMjMuNDN8NjB8NHwxfHwxNDY2OWIxMTA1NDNjYWRhODcwOWJkNjU2Y2Y0NTQxZXxmYjFiMzE1MGYwNDg4MDM3NGQyNTIyYTI3NjgxMjMzZnwxfDB8ODMyOS5wZWFrYWR4LmNvbXwwfDB8MHwwLjAxfDF8MHxleGNoYW5nZV9saW5rfGJmNDg2ZjNhYmE0YzQzMjYzMmJkZWQwZjk5YTdiZDQyfDB8MHwwfDI5NTAxNTd8MHwwfDI5NTAxNTl8aG9zdGluZ3x2cG58MXwxNDQwfHwwfDB8MHxPS3wwOTlhNWYwOWI3YmM2Mzk4MmY3ZDc2MTg2NWNkNDYyMQ==

38 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
/
1d616818f69.traffic-c.com/
964 B
1 KB
Document
General
Full URL
https://1d616818f69.traffic-c.com/?p=6074&media_type=mainstream&click_id=18032140_1d_2_106c_54730e_1148_176_5c9338cc_5d72b7a4_0_0_0_64_64_0_2_2&sub_id=106c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.215.113.202 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-215-113-202.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
84218aaea4b1305589535d180785655ed4deccf863ffd8aa9e5a0c6ddbcc9bb0

Request headers

:method
GET
:authority
1d616818f69.traffic-c.com
:scheme
https
:path
/?p=6074&media_type=mainstream&click_id=18032140_1d_2_106c_54730e_1148_176_5c9338cc_5d72b7a4_0_0_0_64_64_0_2_2&sub_id=106c
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
date
Thu, 21 Mar 2019 17:05:17 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
set-cookie
traffic-back=ok; expires=Thu, 21-Mar-2019 17:05:47 GMT; Max-Age=30; path=/; domain=.traffic-c.com t-uuid=5i78vua1y3f0djcdj14e880ok; expires=Wed, 21-Mar-2029 17:05:17 GMT; Max-Age=315619200; path=/; domain=.traffic-c.com traffic-visited-offers=31829%7C1553187917%7C31829%7Cunspecified; expires=Fri, 22-Mar-2019 17:05:17 GMT; Max-Age=86400; path=/; domain=.traffic-c.com rts-trck=1; expires=Thu, 21-Mar-2019 17:15:17 GMT; Max-Age=600; path=/; domain=1d616818f69.traffic-c.com
last-modified
Thu, 21 Mar 2019 17:05:17 GMT
expires
Thu, 21 Mar 2019 17:05:17 GMT
cache-control
no-store, no-cache, must-revalidate post-check=0, pre-check=0
pragma
no-cache
x-robots-tag
noindex, nofollow
content-encoding
gzip
196906009217f69164ac
maketraff.com/l/
18 KB
8 KB
Document
General
Full URL
https://maketraff.com/l/196906009217f69164ac?sub=5i78vua1t5ouaeqyqqgg88cso,13418100,5,6074&source=6074&ctrack=1553187917.4021584995
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
62.212.87.142 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
b7806578c7b5de3f40d8e4696a84c3b0b4e686e0b7dea2e935af3df63404e523

Request headers

Host
maketraff.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
https://1d616818f69.traffic-c.com/?p=6074&media_type=mainstream&click_id=18032140_1d_2_106c_54730e_1148_176_5c9338cc_5d72b7a4_0_0_0_64_64_0_2_2&sub_id=106c
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://1d616818f69.traffic-c.com/?p=6074&media_type=mainstream&click_id=18032140_1d_2_106c_54730e_1148_176_5c9338cc_5d72b7a4_0_0_0_64_64_0_2_2&sub_id=106c

Response headers

Server
nginx
Date
Thu, 21 Mar 2019 17:05:17 GMT
Content-Type
text/html
Last-Modified
Tue, 23 Oct 2018 13:01:45 GMT
Transfer-Encoding
chunked
ETag
W/"5bcf1bb9-4688"
Expires
Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control
max-age=315360000
Content-Encoding
gzip
gw
maketraff.com/
Redirect Chain
  • https://maketraff.com/l/196906009217f69164ac?sub=5i78vua1t5ouaeqyqqgg88cso,13418100,5,6074&source=6074&ctrack=1553187917.4021584995&code2=Y3RtATE1NTMxODc5MTgwNTUAc3JjAWlvAHZlcgExOQBwbHQBTGludXggeDg...
  • https://maketraff.com/gw?sub=5i78vua1t5ouaeqyqqgg88cso%2C13418100%2C5%2C6074&source=6074&url=https%3A%2F%2Ftyprg.com%2Fdep.php%3Fpid%3D7642%26subid%3D855_6074%26cid%3Dbmconv_20190321180518_39fa90c7...
1 KB
1 KB
Document
General
Full URL
https://maketraff.com/gw?sub=5i78vua1t5ouaeqyqqgg88cso%2C13418100%2C5%2C6074&source=6074&url=https%3A%2F%2Ftyprg.com%2Fdep.php%3Fpid%3D7642%26subid%3D855_6074%26cid%3Dbmconv_20190321180518_39fa90c7_188a_496c_b2aa_446d2548c94f%26ref%3D5i78vua1t5ouaeqyqqgg88cso%2C13418100%2C5%2C6074&vId=bmconv_20190321180518_39fa90c7_188a_496c_b2aa_446d2548c94f&hash=196906009217f69164ac&ete=true
Requested by
Host: maketraff.com
URL: https://maketraff.com/l/196906009217f69164ac?sub=5i78vua1t5ouaeqyqqgg88cso,13418100,5,6074&source=6074&ctrack=1553187917.4021584995
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
62.212.87.142 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Host
maketraff.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
https://maketraff.com/l/196906009217f69164ac?sub=5i78vua1t5ouaeqyqqgg88cso,13418100,5,6074&source=6074&ctrack=1553187917.4021584995
Accept-Encoding
gzip, deflate, br
Cookie
BSESSID=trk4022b40d-6bb7-4e54-a7c9-764d5441d784
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://maketraff.com/l/196906009217f69164ac?sub=5i78vua1t5ouaeqyqqgg88cso,13418100,5,6074&source=6074&ctrack=1553187917.4021584995

Response headers

Server
nginx
Date
Thu, 21 Mar 2019 17:05:18 GMT
Content-Type
text/html
Last-Modified
Thu, 25 Oct 2018 14:31:56 GMT
Transfer-Encoding
chunked
ETag
W/"5bd1d3dc-589"
Expires
Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control
max-age=315360000
Content-Encoding
gzip

Redirect headers

Server
nginx
Date
Thu, 21 Mar 2019 17:05:18 GMT
Transfer-Encoding
chunked
Location
//maketraff.com/gw?sub=5i78vua1t5ouaeqyqqgg88cso%2C13418100%2C5%2C6074&source=6074&url=https%3A%2F%2Ftyprg.com%2Fdep.php%3Fpid%3D7642%26subid%3D855_6074%26cid%3Dbmconv_20190321180518_39fa90c7_188a_496c_b2aa_446d2548c94f%26ref%3D5i78vua1t5ouaeqyqqgg88cso%2C13418100%2C5%2C6074&vId=bmconv_20190321180518_39fa90c7_188a_496c_b2aa_446d2548c94f&hash=196906009217f69164ac&ete=true
Cache-Control
private, max-age=0, no-cache, no-store, must-revalidate
Pragma
no-cache
Set-Cookie
BSESSID=trk4022b40d-6bb7-4e54-a7c9-764d5441d784; Max-Age=63072000; Expires=Sat, 20 Mar 2021 17:05:18 GMT; Path=/
fep.php
svkrg.com/
Redirect Chain
  • https://typrg.com/dep.php?pid=7642&subid=855_6074&cid=bmconv_20190321180518_39fa90c7_188a_496c_b2aa_446d2548c94f&ref=5i78vua1t5ouaeqyqqgg88cso,13418100,5,6074
  • https://enjrg.com/dep.php?pid=7642&subid=855_6074&cid=bmconv_20190321180518_39fa90c7_188a_496c_b2aa_446d2548c94f&ref=5i78vua1t5ouaeqyqqgg88cso,13418100,5,6074
  • https://svkrg.com/fep.php?rd=xhnmaq.peakperformsrv.com&ct=6&id=15531879194443506174720824&tid=7642&t=imp&end=1
8 KB
3 KB
Document
General
Full URL
https://svkrg.com/fep.php?rd=xhnmaq.peakperformsrv.com&ct=6&id=15531879194443506174720824&tid=7642&t=imp&end=1
Requested by
Host: maketraff.com
URL: https://maketraff.com/l/196906009217f69164ac?sub=5i78vua1t5ouaeqyqqgg88cso%2C13418100%2C5%2C6074&source=6074&url=https%3A%2F%2Ftyprg.com%2Fdep.php%3Fpid%3D7642%26subid%3D855_6074%26cid%3Dbmconv_20190321180518_39fa90c7_188a_496c_b2aa_446d2548c94f%26ref%3D5i78vua1t5ouaeqyqqgg88cso%2C13418100%2C5%2C6074&vId=bmconv_20190321180518_39fa90c7_188a_496c_b2aa_446d2548c94f&hash=196906009217f69164ac&ete=true
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.209.27.50 Fairfield, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-3-209-27-50.compute-1.amazonaws.com
Software
nginx /
Resource Hash
975e2ea42ee8599a3b10f089f4091c8de111ed0d7c854c23045661c0912556e7

Request headers

Host
svkrg.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
https://maketraff.com/l/196906009217f69164ac?sub=5i78vua1t5ouaeqyqqgg88cso%2C13418100%2C5%2C6074&source=6074&url=https%3A%2F%2Ftyprg.com%2Fdep.php%3Fpid%3D7642%26subid%3D855_6074%26cid%3Dbmconv_20190321180518_39fa90c7_188a_496c_b2aa_446d2548c94f%26ref%3D5i78vua1t5ouaeqyqqgg88cso%2C13418100%2C5%2C6074&vId=bmconv_20190321180518_39fa90c7_188a_496c_b2aa_446d2548c94f&hash=196906009217f69164ac&ete=true
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://maketraff.com/l/196906009217f69164ac?sub=5i78vua1t5ouaeqyqqgg88cso%2C13418100%2C5%2C6074&source=6074&url=https%3A%2F%2Ftyprg.com%2Fdep.php%3Fpid%3D7642%26subid%3D855_6074%26cid%3Dbmconv_20190321180518_39fa90c7_188a_496c_b2aa_446d2548c94f%26ref%3D5i78vua1t5ouaeqyqqgg88cso%2C13418100%2C5%2C6074&vId=bmconv_20190321180518_39fa90c7_188a_496c_b2aa_446d2548c94f&hash=196906009217f69164ac&ete=true

Response headers

Cache-Control
no-store, no-cache, must-revalidate
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Thu, 21 Mar 2019 17:05:19 GMT
Expires
Sat, 26 Jul 1997 05:00:00 GMT
Server
nginx
Content-Length
2934
Connection
keep-alive

Redirect headers

Cache-Control
no-cache, must-revalidate
Content-Type
text/html; charset=UTF-8
Date
Thu, 21 Mar 2019 17:05:19 GMT
Expires
Sat, 26 Jul 1997 05:00:00 GMT
Location
https://svkrg.com/fep.php?rd=xhnmaq.peakperformsrv.com&ct=6&id=15531879194443506174720824&tid=7642&t=imp&end=1
Server
nginx
Set-Cookie
uuid=15531879192840376945212483; expires=Sat, 20-Apr-2019 17:05:19 GMT; Max-Age=2592000
Content-Length
0
Connection
keep-alive
li.php
svkrg.com/
0
199 B
XHR
General
Full URL
https://svkrg.com/li.php
Requested by
Host: svkrg.com
URL: https://svkrg.com/fep.php?rd=xhnmaq.peakperformsrv.com&ct=6&id=15531879194443506174720824&tid=7642&t=imp&end=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.209.27.50 Fairfield, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-3-209-27-50.compute-1.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Pragma
no-cache
Origin
https://svkrg.com
Accept-Encoding
gzip, deflate, br
Host
svkrg.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
application/json
Accept
*/*
Cache-Control
no-cache
Referer
https://svkrg.com/fep.php?rd=xhnmaq.peakperformsrv.com&ct=6&id=15531879194443506174720824&tid=7642&t=imp&end=1
Connection
keep-alive
Content-Length
50
Referer
https://svkrg.com/fep.php?rd=xhnmaq.peakperformsrv.com&ct=6&id=15531879194443506174720824&tid=7642&t=imp&end=1
Origin
https://svkrg.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
application/json

Response headers

Date
Thu, 21 Mar 2019 17:05:20 GMT
Content-Encoding
gzip
Server
nginx
Connection
keep-alive
Content-Length
20
Content-Type
text/html; charset=UTF-8
Cookie set cimp.php
rtb.exoclick.com/
Redirect Chain
  • https://xhnmaq.peakperformsrv.com/?&version=1&v=2&id=15531879194443506174720824&tid=7642&ct=6&t=imp&ftype=js&filter=1&nf=14&nf2=15&trs=15531879191068597&end=1&fwidth=1600&fheight=1200&fiframe=false...
  • https://rtb.exoclick.com/cimp.php?data=TVRVMU16RTROemt4T1h4aVpHTTBOREEzWVdOa09XVTRZV0U1WVdVMU56QmlZMkkxTW1abE1tSmhNQT09fGh0dHBzOi8vd3d3LmxvY2FsbmV3c3Jldmlld3MuY29tL2J0Yy9ERXdmaGQuaHRtbHxodHRwc3w4My...
4 KB
1 KB
Document
General
Full URL
https://rtb.exoclick.com/cimp.php?data=TVRVMU16RTROemt4T1h4aVpHTTBOREEzWVdOa09XVTRZV0U1WVdVMU56QmlZMkkxTW1abE1tSmhNQT09fGh0dHBzOi8vd3d3LmxvY2FsbmV3c3Jldmlld3MuY29tL2J0Yy9ERXdmaGQuaHRtbHxodHRwc3w4My45Ny4yMy40M3xERVV8NTJ8YWRleGNoYW5nZS03NzI0MTYuY29tfDE0NDcxOXw1MzAzNDB8NzcyNDE2fDMyNjgwMjR8NTEzfDI4OTYzMzB8MjgwMjY0MjZ8MTZ8MnwwfDB8MTU1NDd8NzY0MnwxNi40MDk2NXw4MHxVU0R8VVNEfDF8MXwyMnx8MXxERVV8ODMuOTcuMjMuNDN8NjB8NHwxfHwxNDY2OWIxMTA1NDNjYWRhODcwOWJkNjU2Y2Y0NTQxZXxmYjFiMzE1MGYwNDg4MDM3NGQyNTIyYTI3NjgxMjMzZnwxfDB8ODMyOS5wZWFrYWR4LmNvbXwwfDB8MHwwLjAxfDF8MHxleGNoYW5nZV9saW5rfGJmNDg2ZjNhYmE0YzQzMjYzMmJkZWQwZjk5YTdiZDQyfDB8MHwwfDI5NTAxNTd8MHwwfDI5NTAxNTl8aG9zdGluZ3x2cG58MXwxNDQwfHwwfDB8MHxPS3wwOTlhNWYwOWI3YmM2Mzk4MmY3ZDc2MTg2NWNkNDYyMQ==
Requested by
Host: svkrg.com
URL: https://svkrg.com/fep.php?rd=xhnmaq.peakperformsrv.com&ct=6&id=15531879194443506174720824&tid=7642&t=imp&end=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.211.229.247 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
a0033d1fb19786542fd62432f412fac83f4c40a95da3a0e24d8223cf3489f15c

Request headers

Host
rtb.exoclick.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
https://svkrg.com/fep.php?rd=xhnmaq.peakperformsrv.com&ct=6&id=15531879194443506174720824&tid=7642&t=imp&end=1
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://svkrg.com/fep.php?rd=xhnmaq.peakperformsrv.com&ct=6&id=15531879194443506174720824&tid=7642&t=imp&end=1

Response headers

Server
nginx
Date
Thu, 21 Mar 2019 17:05:21 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
__uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%225c93c45106b535.021794933289142726%22%3B%7D; expires=Sat, 20-Mar-2021 17:05:21 GMT; Max-Age=63072000; domain=exoclick.com
Content-Encoding
gzip

Redirect headers

Content-Type
text/html; charset=UTF-8
Date
Thu, 21 Mar 2019 17:05:20 GMT
Location
https://rtb.exoclick.com/cimp.php?data=TVRVMU16RTROemt4T1h4aVpHTTBOREEzWVdOa09XVTRZV0U1WVdVMU56QmlZMkkxTW1abE1tSmhNQT09fGh0dHBzOi8vd3d3LmxvY2FsbmV3c3Jldmlld3MuY29tL2J0Yy9ERXdmaGQuaHRtbHxodHRwc3w4My45Ny4yMy40M3xERVV8NTJ8YWRleGNoYW5nZS03NzI0MTYuY29tfDE0NDcxOXw1MzAzNDB8NzcyNDE2fDMyNjgwMjR8NTEzfDI4OTYzMzB8MjgwMjY0MjZ8MTZ8MnwwfDB8MTU1NDd8NzY0MnwxNi40MDk2NXw4MHxVU0R8VVNEfDF8MXwyMnx8MXxERVV8ODMuOTcuMjMuNDN8NjB8NHwxfHwxNDY2OWIxMTA1NDNjYWRhODcwOWJkNjU2Y2Y0NTQxZXxmYjFiMzE1MGYwNDg4MDM3NGQyNTIyYTI3NjgxMjMzZnwxfDB8ODMyOS5wZWFrYWR4LmNvbXwwfDB8MHwwLjAxfDF8MHxleGNoYW5nZV9saW5rfGJmNDg2ZjNhYmE0YzQzMjYzMmJkZWQwZjk5YTdiZDQyfDB8MHwwfDI5NTAxNTd8MHwwfDI5NTAxNTl8aG9zdGluZ3x2cG58MXwxNDQwfHwwfDB8MHxPS3wwOTlhNWYwOWI3YmM2Mzk4MmY3ZDc2MTg2NWNkNDYyMQ==
Server
nginx
Content-Length
0
Connection
keep-alive
Primary Request DEwfhd.html
www.localnewsreviews.com/btc/
Redirect Chain
  • https://rtb.exoclick.com/cimp.php?data=TVRVMU16RTROemt4T1h4aVpHTTBOREEzWVdOa09XVTRZV0U1WVdVMU56QmlZMkkxTW1abE1tSmhNQT09fGh0dHBzOi8vd3d3LmxvY2FsbmV3c3Jldmlld3MuY29tL2J0Yy9ERXdmaGQuaHRtbHxodHRwc3w4My...
  • https://www.localnewsreviews.com/btc/DEwfhd.html
24 KB
7 KB
Document
General
Full URL
https://www.localnewsreviews.com/btc/DEwfhd.html
Requested by
Host: rtb.exoclick.com
URL: https://rtb.exoclick.com/cimp.php?data=TVRVMU16RTROemt4T1h4aVpHTTBOREEzWVdOa09XVTRZV0U1WVdVMU56QmlZMkkxTW1abE1tSmhNQT09fGh0dHBzOi8vd3d3LmxvY2FsbmV3c3Jldmlld3MuY29tL2J0Yy9ERXdmaGQuaHRtbHxodHRwc3w4My45Ny4yMy40M3xERVV8NTJ8YWRleGNoYW5nZS03NzI0MTYuY29tfDE0NDcxOXw1MzAzNDB8NzcyNDE2fDMyNjgwMjR8NTEzfDI4OTYzMzB8MjgwMjY0MjZ8MTZ8MnwwfDB8MTU1NDd8NzY0MnwxNi40MDk2NXw4MHxVU0R8VVNEfDF8MXwyMnx8MXxERVV8ODMuOTcuMjMuNDN8NjB8NHwxfHwxNDY2OWIxMTA1NDNjYWRhODcwOWJkNjU2Y2Y0NTQxZXxmYjFiMzE1MGYwNDg4MDM3NGQyNTIyYTI3NjgxMjMzZnwxfDB8ODMyOS5wZWFrYWR4LmNvbXwwfDB8MHwwLjAxfDF8MHxleGNoYW5nZV9saW5rfGJmNDg2ZjNhYmE0YzQzMjYzMmJkZWQwZjk5YTdiZDQyfDB8MHwwfDI5NTAxNTd8MHwwfDI5NTAxNTl8aG9zdGluZ3x2cG58MXwxNDQwfHwwfDB8MHxPS3wwOTlhNWYwOWI3YmM2Mzk4MmY3ZDc2MTg2NWNkNDYyMQ==
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681c:b29 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
0db50e12d22f02c40fbad0714ffb945c2de4a355fc9ec4990bb5f14af8895867

Request headers

:method
GET
:authority
www.localnewsreviews.com
:scheme
https
:path
/btc/DEwfhd.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
https://rtb.exoclick.com/cimp.php?data=TVRVMU16RTROemt4T1h4aVpHTTBOREEzWVdOa09XVTRZV0U1WVdVMU56QmlZMkkxTW1abE1tSmhNQT09fGh0dHBzOi8vd3d3LmxvY2FsbmV3c3Jldmlld3MuY29tL2J0Yy9ERXdmaGQuaHRtbHxodHRwc3w4My45Ny4yMy40M3xERVV8NTJ8YWRleGNoYW5nZS03NzI0MTYuY29tfDE0NDcxOXw1MzAzNDB8NzcyNDE2fDMyNjgwMjR8NTEzfDI4OTYzMzB8MjgwMjY0MjZ8MTZ8MnwwfDB8MTU1NDd8NzY0MnwxNi40MDk2NXw4MHxVU0R8VVNEfDF8MXwyMnx8MXxERVV8ODMuOTcuMjMuNDN8NjB8NHwxfHwxNDY2OWIxMTA1NDNjYWRhODcwOWJkNjU2Y2Y0NTQxZXxmYjFiMzE1MGYwNDg4MDM3NGQyNTIyYTI3NjgxMjMzZnwxfDB8ODMyOS5wZWFrYWR4LmNvbXwwfDB8MHwwLjAxfDF8MHxleGNoYW5nZV9saW5rfGJmNDg2ZjNhYmE0YzQzMjYzMmJkZWQwZjk5YTdiZDQyfDB8MHwwfDI5NTAxNTd8MHwwfDI5NTAxNTl8aG9zdGluZ3x2cG58MXwxNDQwfHwwfDB8MHxPS3wwOTlhNWYwOWI3YmM2Mzk4MmY3ZDc2MTg2NWNkNDYyMQ==
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://rtb.exoclick.com/cimp.php?data=TVRVMU16RTROemt4T1h4aVpHTTBOREEzWVdOa09XVTRZV0U1WVdVMU56QmlZMkkxTW1abE1tSmhNQT09fGh0dHBzOi8vd3d3LmxvY2FsbmV3c3Jldmlld3MuY29tL2J0Yy9ERXdmaGQuaHRtbHxodHRwc3w4My45Ny4yMy40M3xERVV8NTJ8YWRleGNoYW5nZS03NzI0MTYuY29tfDE0NDcxOXw1MzAzNDB8NzcyNDE2fDMyNjgwMjR8NTEzfDI4OTYzMzB8MjgwMjY0MjZ8MTZ8MnwwfDB8MTU1NDd8NzY0MnwxNi40MDk2NXw4MHxVU0R8VVNEfDF8MXwyMnx8MXxERVV8ODMuOTcuMjMuNDN8NjB8NHwxfHwxNDY2OWIxMTA1NDNjYWRhODcwOWJkNjU2Y2Y0NTQxZXxmYjFiMzE1MGYwNDg4MDM3NGQyNTIyYTI3NjgxMjMzZnwxfDB8ODMyOS5wZWFrYWR4LmNvbXwwfDB8MHwwLjAxfDF8MHxleGNoYW5nZV9saW5rfGJmNDg2ZjNhYmE0YzQzMjYzMmJkZWQwZjk5YTdiZDQyfDB8MHwwfDI5NTAxNTd8MHwwfDI5NTAxNTl8aG9zdGluZ3x2cG58MXwxNDQwfHwwfDB8MHxPS3wwOTlhNWYwOWI3YmM2Mzk4MmY3ZDc2MTg2NWNkNDYyMQ==

Response headers

status
200
date
Thu, 21 Mar 2019 17:05:21 GMT
content-type
text/html
set-cookie
__cfduid=ddc1b18e4927405d196bcca6bc64dd7b21553187921; expires=Fri, 20-Mar-20 17:05:21 GMT; path=/; domain=.localnewsreviews.com; HttpOnly
last-modified
Wed, 20 Mar 2019 04:22:16 GMT
vary
Accept-Encoding
alt-svc
quic=":443"; ma=2592000; v="35,39,43,44"
x-turbo-charged-by
LiteSpeed
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
4bb1829b2f1463d9-FRA
content-encoding
br

Redirect headers

Server
nginx
Date
Thu, 21 Mar 2019 17:05:21 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
__uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%225c93c45106b535.021794933289142726%22%3B%7D; expires=Sat, 20-Mar-2021 17:05:21 GMT; Max-Age=63072000; domain=exoclick.com cimp-registry=eyIwOTlhNWYwOWI3YmM2Mzk4MmY3ZDc2MTg2NWNkNDYyMSI6MTU1MzE4NzkyMX18NDM3ZDAyOTQ5MjI4MjM3NmViNjU2YWI2YzU4NmZmYTc%3D; expires=Thu, 21-Mar-2019 18:06:11 GMT; Max-Age=3650; path=/; domain=syndication.exoclick.com impressions=x%9CK%B42%B4%AA%CE%B42%B2%B04366%B0N%B42%06q%0D%AC3%AD%0Ca%D8%D4%D4%D8%D0%C2%DC%D2%08%C41%B2.%B62%B1R2411P%B2%AE%AD%05%00%FA%40%0F%D3; expires=Fri, 22-Mar-2019 17:05:21 GMT; Max-Age=86400; path=/; domain=.exoclick.com tag-link=v3%7C83.97.23.43%7CDEU%7C3268024%7C28026426%7C0%7C%7C513%7C52%7C2%7C16%7C0%7C0%7C0%7C15547%7C2950157%7C2950159%7C0%7C1%7C0%7C0%7C0%7C0%7C1%7C0%7C0%7C1%7C5c93c45106b535.021794933289142726%7Cfb1b3150f04880374d2522a27681233f%7C7642%7C8329.peakadx.com%7C1600x1200%7C%7C0%7C0%7C0%7Cok; expires=Fri, 22-Mar-2019 17:05:21 GMT; Max-Age=86400; path=/; domain=.exoclick.com
Location
https://www.localnewsreviews.com/btc/DEwfhd.html
ouibounce.css
www.localnewsreviews.com/btc/btcde299_files/
4 KB
859 B
Stylesheet
General
Full URL
https://www.localnewsreviews.com/btc/btcde299_files/ouibounce.css
Requested by
Host: www.localnewsreviews.com
URL: https://www.localnewsreviews.com/btc/DEwfhd.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681c:b29 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
5782084e5ec96e23e26ff4f2220a53e896630f200b0dadcf012a7760901fe696

Request headers

:path
/btc/btcde299_files/ouibounce.css
pragma
no-cache
cookie
__cfduid=ddc1b18e4927405d196bcca6bc64dd7b21553187921
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/css,*/*;q=0.1
cache-control
no-cache
:authority
www.localnewsreviews.com
referer
https://www.localnewsreviews.com/btc/DEwfhd.html
:scheme
https
:method
GET
Referer
https://www.localnewsreviews.com/btc/DEwfhd.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 21 Mar 2019 17:05:21 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 22 Feb 2019 14:42:04 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
4bb1829c2ffa63d9-FRA
alt-svc
quic=":443"; ma=2592000; v="35,39,43,44"
expires
Thu, 28 Mar 2019 17:05:21 GMT
bootstrap.css
www.localnewsreviews.com/btc/btcde299_files/
154 KB
20 KB
Stylesheet
General
Full URL
https://www.localnewsreviews.com/btc/btcde299_files/bootstrap.css
Requested by
Host: www.localnewsreviews.com
URL: https://www.localnewsreviews.com/btc/DEwfhd.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681c:b29 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
86f3b6ded588e2832dd412d046715e3ce1c62b460468922de235833ae7a2eecd

Request headers

:path
/btc/btcde299_files/bootstrap.css
pragma
no-cache
cookie
__cfduid=ddc1b18e4927405d196bcca6bc64dd7b21553187921
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/css,*/*;q=0.1
cache-control
no-cache
:authority
www.localnewsreviews.com
referer
https://www.localnewsreviews.com/btc/DEwfhd.html
:scheme
https
:method
GET
Referer
https://www.localnewsreviews.com/btc/DEwfhd.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 21 Mar 2019 17:05:21 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 22 Feb 2019 14:42:04 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
4bb1829c2ffd63d9-FRA
alt-svc
quic=":443"; ma=2592000; v="35,39,43,44"
expires
Thu, 28 Mar 2019 17:05:21 GMT
font-awesome.css
www.localnewsreviews.com/btc/btcde299_files/
18 KB
4 KB
Stylesheet
General
Full URL
https://www.localnewsreviews.com/btc/btcde299_files/font-awesome.css
Requested by
Host: www.localnewsreviews.com
URL: https://www.localnewsreviews.com/btc/DEwfhd.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681c:b29 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
18dc545f0219ee9faae854e550ca8a992a800ce0a9b968ffddfd04627b2a1508

Request headers

:path
/btc/btcde299_files/font-awesome.css
pragma
no-cache
cookie
__cfduid=ddc1b18e4927405d196bcca6bc64dd7b21553187921
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/css,*/*;q=0.1
cache-control
no-cache
:authority
www.localnewsreviews.com
referer
https://www.localnewsreviews.com/btc/DEwfhd.html
:scheme
https
:method
GET
Referer
https://www.localnewsreviews.com/btc/DEwfhd.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 21 Mar 2019 17:05:21 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 22 Feb 2019 14:42:04 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
4bb1829c2fff63d9-FRA
alt-svc
quic=":443"; ma=2592000; v="35,39,43,44"
expires
Thu, 28 Mar 2019 17:05:21 GMT
style.css
www.localnewsreviews.com/btc/btcde299_files/
9 KB
2 KB
Stylesheet
General
Full URL
https://www.localnewsreviews.com/btc/btcde299_files/style.css
Requested by
Host: www.localnewsreviews.com
URL: https://www.localnewsreviews.com/btc/DEwfhd.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681c:b29 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
f2a8ba6fa5e07e7984163dcfc0923328dfda7d121636590ab09866c388fa80f1

Request headers

:path
/btc/btcde299_files/style.css
pragma
no-cache
cookie
__cfduid=ddc1b18e4927405d196bcca6bc64dd7b21553187921
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/css,*/*;q=0.1
cache-control
no-cache
:authority
www.localnewsreviews.com
referer
https://www.localnewsreviews.com/btc/DEwfhd.html
:scheme
https
:method
GET
Referer
https://www.localnewsreviews.com/btc/DEwfhd.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 21 Mar 2019 17:05:21 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 22 Feb 2019 14:42:04 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
4bb1829c280063d9-FRA
alt-svc
quic=":443"; ma=2592000; v="35,39,43,44"
expires
Thu, 28 Mar 2019 17:05:21 GMT
mobile-logo3.jpg
www.localnewsreviews.com/btc/btcde299_files/
14 KB
14 KB
Image
General
Full URL
https://www.localnewsreviews.com/btc/btcde299_files/mobile-logo3.jpg
Requested by
Host: www.localnewsreviews.com
URL: https://www.localnewsreviews.com/btc/DEwfhd.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681c:b29 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe5ace5beacee2e7084a040e468951965174b3bfdf233bde1657f0c6cfbb9be4

Request headers

:path
/btc/btcde299_files/mobile-logo3.jpg
pragma
no-cache
cookie
__cfduid=ddc1b18e4927405d196bcca6bc64dd7b21553187921
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.localnewsreviews.com
referer
https://www.localnewsreviews.com/btc/DEwfhd.html
:scheme
https
:method
GET
Referer
https://www.localnewsreviews.com/btc/DEwfhd.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 21 Mar 2019 17:05:21 GMT
cf-cache-status
HIT
last-modified
Tue, 19 Mar 2019 18:01:11 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
4bb1829c280363d9-FRA
alt-svc
quic=":443"; ma=2592000; v="35,39,43,44"
content-length
14651
expires
Thu, 28 Mar 2019 17:05:21 GMT
asseenin.jpg
www.localnewsreviews.com/btc/btcde299_files/
26 KB
26 KB
Image
General
Full URL
https://www.localnewsreviews.com/btc/btcde299_files/asseenin.jpg
Requested by
Host: www.localnewsreviews.com
URL: https://www.localnewsreviews.com/btc/DEwfhd.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681c:b29 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b454fdf5113b68f29f2a028d744bf33fa1ba7f14e3ac4f72019de131af8a830

Request headers

:path
/btc/btcde299_files/asseenin.jpg
pragma
no-cache
cookie
__cfduid=ddc1b18e4927405d196bcca6bc64dd7b21553187921
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.localnewsreviews.com
referer
https://www.localnewsreviews.com/btc/DEwfhd.html
:scheme
https
:method
GET
Referer
https://www.localnewsreviews.com/btc/DEwfhd.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 21 Mar 2019 17:05:21 GMT
cf-cache-status
HIT
last-modified
Fri, 22 Feb 2019 14:42:04 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
4bb1829c280463d9-FRA
alt-svc
quic=":443"; ma=2592000; v="35,39,43,44"
content-length
26697
expires
Thu, 28 Mar 2019 17:05:21 GMT
lamb.jpg
www.localnewsreviews.com/btc/DEwfh_files/
174 KB
174 KB
Image
General
Full URL
https://www.localnewsreviews.com/btc/DEwfh_files/lamb.jpg
Requested by
Host: www.localnewsreviews.com
URL: https://www.localnewsreviews.com/btc/DEwfhd.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681c:b29 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ad8eb95d1a4bcead09b2830d6687d547e46323c7395866230077b70d24a878f

Request headers

:path
/btc/DEwfh_files/lamb.jpg
pragma
no-cache
cookie
__cfduid=ddc1b18e4927405d196bcca6bc64dd7b21553187921
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.localnewsreviews.com
referer
https://www.localnewsreviews.com/btc/DEwfhd.html
:scheme
https
:method
GET
Referer
https://www.localnewsreviews.com/btc/DEwfhd.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 21 Mar 2019 17:05:21 GMT
cf-cache-status
HIT
last-modified
Thu, 07 Mar 2019 11:55:11 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
4bb1829c280563d9-FRA
alt-svc
quic=":443"; ma=2592000; v="35,39,43,44"
content-length
177679
expires
Thu, 28 Mar 2019 17:05:21 GMT
2018-03-28%25252012_002-min.jpg
www.localnewsreviews.com/btc/btcde299_files/
65 KB
65 KB
Image
General
Full URL
https://www.localnewsreviews.com/btc/btcde299_files/2018-03-28%25252012_002-min.jpg
Requested by
Host: www.localnewsreviews.com
URL: https://www.localnewsreviews.com/btc/DEwfhd.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681c:b29 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
3236e8b1e416a9798314e699498a0900b4d51df2b4036532c620924c64e6c0d4

Request headers

:path
/btc/btcde299_files/2018-03-28%25252012_002-min.jpg
pragma
no-cache
cookie
__cfduid=ddc1b18e4927405d196bcca6bc64dd7b21553187921
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.localnewsreviews.com
referer
https://www.localnewsreviews.com/btc/DEwfhd.html
:scheme
https
:method
GET
Referer
https://www.localnewsreviews.com/btc/DEwfhd.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 21 Mar 2019 17:05:21 GMT
cf-cache-status
HIT
last-modified
Fri, 22 Feb 2019 17:50:00 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
4bb1829c280663d9-FRA
alt-svc
quic=":443"; ma=2592000; v="35,39,43,44"
content-length
66466
expires
Thu, 28 Mar 2019 17:05:21 GMT
2018-03-28%252012-min.jpg
www.localnewsreviews.com/btc/btcde299_files/
85 KB
86 KB
Image
General
Full URL
https://www.localnewsreviews.com/btc/btcde299_files/2018-03-28%252012-min.jpg
Requested by
Host: www.localnewsreviews.com
URL: https://www.localnewsreviews.com/btc/DEwfhd.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681c:b29 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
4bacc9a03fd7033ed2eb62cf2f82ca66aac34b7058f65d1935d37f2b23eec65e

Request headers

:path
/btc/btcde299_files/2018-03-28%252012-min.jpg
pragma
no-cache
cookie
__cfduid=ddc1b18e4927405d196bcca6bc64dd7b21553187921
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.localnewsreviews.com
referer
https://www.localnewsreviews.com/btc/DEwfhd.html
:scheme
https
:method
GET
Referer
https://www.localnewsreviews.com/btc/DEwfhd.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 21 Mar 2019 17:05:21 GMT
cf-cache-status
HIT
last-modified
Fri, 22 Feb 2019 17:49:56 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
4bb1829c280763d9-FRA
alt-svc
quic=":443"; ma=2592000; v="35,39,43,44"
content-length
87517
expires
Thu, 28 Mar 2019 17:05:21 GMT
carsten-maschmeyer-und-judith-williams-min.jpg
www.localnewsreviews.com/btc/btcde299_files/
71 KB
71 KB
Image
General
Full URL
https://www.localnewsreviews.com/btc/btcde299_files/carsten-maschmeyer-und-judith-williams-min.jpg
Requested by
Host: www.localnewsreviews.com
URL: https://www.localnewsreviews.com/btc/DEwfhd.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681c:b29 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
f126567da92f02739a3ad0dfe266fdad3635b3e9ef129f4c513e2c3b575ff723

Request headers

:path
/btc/btcde299_files/carsten-maschmeyer-und-judith-williams-min.jpg
pragma
no-cache
cookie
__cfduid=ddc1b18e4927405d196bcca6bc64dd7b21553187921
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.localnewsreviews.com
referer
https://www.localnewsreviews.com/btc/DEwfhd.html
:scheme
https
:method
GET
Referer
https://www.localnewsreviews.com/btc/DEwfhd.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 21 Mar 2019 17:05:21 GMT
cf-cache-status
HIT
last-modified
Fri, 22 Feb 2019 17:50:06 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
4bb1829c280863d9-FRA
alt-svc
quic=":443"; ma=2592000; v="35,39,43,44"
content-length
72496
expires
Thu, 28 Mar 2019 17:05:21 GMT
ccccc-min.jpg
www.localnewsreviews.com/btc/btcde299_files/
81 KB
81 KB
Image
General
Full URL
https://www.localnewsreviews.com/btc/btcde299_files/ccccc-min.jpg
Requested by
Host: www.localnewsreviews.com
URL: https://www.localnewsreviews.com/btc/DEwfhd.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681c:b29 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce2231fa073bd51d7c7028ab57c431302e532045dc5b8dbf0f61cbfae0b29173

Request headers

:path
/btc/btcde299_files/ccccc-min.jpg
pragma
no-cache
cookie
__cfduid=ddc1b18e4927405d196bcca6bc64dd7b21553187921
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.localnewsreviews.com
referer
https://www.localnewsreviews.com/btc/DEwfhd.html
:scheme
https
:method
GET
Referer
https://www.localnewsreviews.com/btc/DEwfhd.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 21 Mar 2019 17:05:21 GMT
cf-cache-status
HIT
last-modified
Fri, 22 Feb 2019 17:50:08 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
4bb1829c280963d9-FRA
alt-svc
quic=":443"; ma=2592000; v="35,39,43,44"
content-length
82759
expires
Thu, 28 Mar 2019 17:05:21 GMT
1112018-03-28%252012-min.jpg
www.localnewsreviews.com/btc/btcde299_files/
57 KB
57 KB
Image
General
Full URL
https://www.localnewsreviews.com/btc/btcde299_files/1112018-03-28%252012-min.jpg
Requested by
Host: www.localnewsreviews.com
URL: https://www.localnewsreviews.com/btc/DEwfhd.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681c:b29 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
1230de73f31f9b4fb64040b169530d0fb0bc6c8fd7b13a07c0fb048679a4c963

Request headers

:path
/btc/btcde299_files/1112018-03-28%252012-min.jpg
pragma
no-cache
cookie
__cfduid=ddc1b18e4927405d196bcca6bc64dd7b21553187921
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.localnewsreviews.com
referer
https://www.localnewsreviews.com/btc/DEwfhd.html
:scheme
https
:method
GET
Referer
https://www.localnewsreviews.com/btc/DEwfhd.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 21 Mar 2019 17:05:21 GMT
cf-cache-status
HIT
last-modified
Fri, 22 Feb 2019 17:50:02 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
4bb1829c280a63d9-FRA
alt-svc
quic=":443"; ma=2592000; v="35,39,43,44"
content-length
58449
expires
Thu, 28 Mar 2019 17:05:21 GMT
ddd2018-03-28%252012.jpg
www.localnewsreviews.com/btc/btcde299_files/
46 KB
46 KB
Image
General
Full URL
https://www.localnewsreviews.com/btc/btcde299_files/ddd2018-03-28%252012.jpg
Requested by
Host: www.localnewsreviews.com
URL: https://www.localnewsreviews.com/btc/DEwfhd.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681c:b29 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
68d900100a626ce8a6149344561ebe975bc0242fe5af81a08544b9ea92d7682d

Request headers

:path
/btc/btcde299_files/ddd2018-03-28%252012.jpg
pragma
no-cache
cookie
__cfduid=ddc1b18e4927405d196bcca6bc64dd7b21553187921
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.localnewsreviews.com
referer
https://www.localnewsreviews.com/btc/DEwfhd.html
:scheme
https
:method
GET
Referer
https://www.localnewsreviews.com/btc/DEwfhd.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 21 Mar 2019 17:05:21 GMT
cf-cache-status
HIT
last-modified
Fri, 22 Feb 2019 14:42:04 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
4bb1829c280b63d9-FRA
alt-svc
quic=":443"; ma=2592000; v="35,39,43,44"
content-length
47390
expires
Thu, 28 Mar 2019 17:05:21 GMT
2jjjj018-03-28%252012.jpg
www.localnewsreviews.com/btc/btcde299_files/
53 KB
53 KB
Image
General
Full URL
https://www.localnewsreviews.com/btc/btcde299_files/2jjjj018-03-28%252012.jpg
Requested by
Host: www.localnewsreviews.com
URL: https://www.localnewsreviews.com/btc/DEwfhd.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681c:b29 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
efe345bc9012c7eb798ef6545d33371e7b3b25b2b2cb457d374dec3b94b39786

Request headers

:path
/btc/btcde299_files/2jjjj018-03-28%252012.jpg
pragma
no-cache
cookie
__cfduid=ddc1b18e4927405d196bcca6bc64dd7b21553187921
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.localnewsreviews.com
referer
https://www.localnewsreviews.com/btc/DEwfhd.html
:scheme
https
:method
GET
Referer
https://www.localnewsreviews.com/btc/DEwfhd.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 21 Mar 2019 17:05:21 GMT
cf-cache-status
HIT
last-modified
Fri, 22 Feb 2019 14:42:04 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
4bb1829c280d63d9-FRA
alt-svc
quic=":443"; ma=2592000; v="35,39,43,44"
content-length
54345
expires
Thu, 28 Mar 2019 17:05:21 GMT
rrrr2018-03-28%252012-min.jpg
www.localnewsreviews.com/btc/btcde299_files/
65 KB
65 KB
Image
General
Full URL
https://www.localnewsreviews.com/btc/btcde299_files/rrrr2018-03-28%252012-min.jpg
Requested by
Host: www.localnewsreviews.com
URL: https://www.localnewsreviews.com/btc/DEwfhd.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681c:b29 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
ddc2d161fa9c485221f11ae8f71b453b760ada71fbc4d279a4ee462d171fc75f

Request headers

:path
/btc/btcde299_files/rrrr2018-03-28%252012-min.jpg
pragma
no-cache
cookie
__cfduid=ddc1b18e4927405d196bcca6bc64dd7b21553187921
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.localnewsreviews.com
referer
https://www.localnewsreviews.com/btc/DEwfhd.html
:scheme
https
:method
GET
Referer
https://www.localnewsreviews.com/btc/DEwfhd.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 21 Mar 2019 17:05:21 GMT
cf-cache-status
HIT
last-modified
Fri, 22 Feb 2019 17:50:26 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
4bb1829c280e63d9-FRA
alt-svc
quic=":443"; ma=2592000; v="35,39,43,44"
content-length
66083
expires
Thu, 28 Mar 2019 17:05:21 GMT
side1.png
www.localnewsreviews.com/btc/btcde299_files/
34 KB
34 KB
Image
General
Full URL
https://www.localnewsreviews.com/btc/btcde299_files/side1.png
Requested by
Host: www.localnewsreviews.com
URL: https://www.localnewsreviews.com/btc/DEwfhd.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681c:b29 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
5adbed9d75481c04641b70a78519079b1aa08150757ee14f7c84327356e73b1f

Request headers

:path
/btc/btcde299_files/side1.png
pragma
no-cache
cookie
__cfduid=ddc1b18e4927405d196bcca6bc64dd7b21553187921
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.localnewsreviews.com
referer
https://www.localnewsreviews.com/btc/DEwfhd.html
:scheme
https
:method
GET
Referer
https://www.localnewsreviews.com/btc/DEwfhd.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 21 Mar 2019 17:05:21 GMT
cf-cache-status
HIT
last-modified
Fri, 22 Feb 2019 14:42:04 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
4bb1829c280f63d9-FRA
alt-svc
quic=":443"; ma=2592000; v="35,39,43,44"
content-length
34888
expires
Thu, 28 Mar 2019 17:05:21 GMT
side2.png
www.localnewsreviews.com/btc/btcde299_files/
34 KB
34 KB
Image
General
Full URL
https://www.localnewsreviews.com/btc/btcde299_files/side2.png
Requested by
Host: www.localnewsreviews.com
URL: https://www.localnewsreviews.com/btc/DEwfhd.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681c:b29 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
3dde975bef15653e64134deee5e1dd5220720f5ecb8fc26adc38f63b6cb57226

Request headers

:path
/btc/btcde299_files/side2.png
pragma
no-cache
cookie
__cfduid=ddc1b18e4927405d196bcca6bc64dd7b21553187921
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.localnewsreviews.com
referer
https://www.localnewsreviews.com/btc/DEwfhd.html
:scheme
https
:method
GET
Referer
https://www.localnewsreviews.com/btc/DEwfhd.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 21 Mar 2019 17:05:21 GMT
cf-cache-status
HIT
last-modified
Fri, 22 Feb 2019 14:42:04 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
4bb1829c281063d9-FRA
alt-svc
quic=":443"; ma=2592000; v="35,39,43,44"
content-length
35141
expires
Thu, 28 Mar 2019 17:05:21 GMT
side3.png
www.localnewsreviews.com/btc/btcde299_files/
38 KB
38 KB
Image
General
Full URL
https://www.localnewsreviews.com/btc/btcde299_files/side3.png
Requested by
Host: www.localnewsreviews.com
URL: https://www.localnewsreviews.com/btc/DEwfhd.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681c:b29 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e5f99941f717ee56ec795c58e4c73d8f72d15494deb92d94894e2f0ea0f47b7e

Request headers

:path
/btc/btcde299_files/side3.png
pragma
no-cache
cookie
__cfduid=ddc1b18e4927405d196bcca6bc64dd7b21553187921
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.localnewsreviews.com
referer
https://www.localnewsreviews.com/btc/DEwfhd.html
:scheme
https
:method
GET
Referer
https://www.localnewsreviews.com/btc/DEwfhd.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 21 Mar 2019 17:05:21 GMT
cf-cache-status
HIT
last-modified
Fri, 22 Feb 2019 14:42:04 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
4bb1829c281463d9-FRA
alt-svc
quic=":443"; ma=2592000; v="35,39,43,44"
content-length
38902
expires
Thu, 28 Mar 2019 17:05:21 GMT
side4.png
www.localnewsreviews.com/btc/btcde299_files/
25 KB
25 KB
Image
General
Full URL
https://www.localnewsreviews.com/btc/btcde299_files/side4.png
Requested by
Host: www.localnewsreviews.com
URL: https://www.localnewsreviews.com/btc/DEwfhd.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681c:b29 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b7e0a2736aeb5f656f8b9cc2fda4b3eb2ea212d2f344dae9b7792136c9c5562

Request headers

:path
/btc/btcde299_files/side4.png
pragma
no-cache
cookie
__cfduid=ddc1b18e4927405d196bcca6bc64dd7b21553187921
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.localnewsreviews.com
referer
https://www.localnewsreviews.com/btc/DEwfhd.html
:scheme
https
:method
GET
Referer
https://www.localnewsreviews.com/btc/DEwfhd.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 21 Mar 2019 17:05:21 GMT
cf-cache-status
HIT
last-modified
Fri, 22 Feb 2019 14:42:04 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
4bb1829c281663d9-FRA
alt-svc
quic=":443"; ma=2592000; v="35,39,43,44"
content-length
25718
expires
Thu, 28 Mar 2019 17:05:21 GMT
side5.png
www.localnewsreviews.com/btc/btcde299_files/
37 KB
37 KB
Image
General
Full URL
https://www.localnewsreviews.com/btc/btcde299_files/side5.png
Requested by
Host: www.localnewsreviews.com
URL: https://www.localnewsreviews.com/btc/DEwfhd.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681c:b29 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
494a3efdafd5407a5a88d922f5a4a72d71ac2f3ad8f3f9fe607f8cf89314dfa1

Request headers

:path
/btc/btcde299_files/side5.png
pragma
no-cache
cookie
__cfduid=ddc1b18e4927405d196bcca6bc64dd7b21553187921
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.localnewsreviews.com
referer
https://www.localnewsreviews.com/btc/DEwfhd.html
:scheme
https
:method
GET
Referer
https://www.localnewsreviews.com/btc/DEwfhd.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 21 Mar 2019 17:05:21 GMT
cf-cache-status
HIT
last-modified
Fri, 22 Feb 2019 14:42:04 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
4bb1829c281763d9-FRA
alt-svc
quic=":443"; ma=2592000; v="35,39,43,44"
content-length
37859
expires
Thu, 28 Mar 2019 17:05:21 GMT
side6.png
www.localnewsreviews.com/btc/btcde299_files/
34 KB
34 KB
Image
General
Full URL
https://www.localnewsreviews.com/btc/btcde299_files/side6.png
Requested by
Host: www.localnewsreviews.com
URL: https://www.localnewsreviews.com/btc/DEwfhd.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681c:b29 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
54e408290bafacaad2eaf0b17ec04ecf29ae7333a69784730a1af7d749b3c4a9

Request headers

:path
/btc/btcde299_files/side6.png
pragma
no-cache
cookie
__cfduid=ddc1b18e4927405d196bcca6bc64dd7b21553187921
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.localnewsreviews.com
referer
https://www.localnewsreviews.com/btc/DEwfhd.html
:scheme
https
:method
GET
Referer
https://www.localnewsreviews.com/btc/DEwfhd.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 21 Mar 2019 17:05:21 GMT
cf-cache-status
HIT
last-modified
Fri, 22 Feb 2019 14:42:04 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
4bb1829c281863d9-FRA
alt-svc
quic=":443"; ma=2592000; v="35,39,43,44"
content-length
34979
expires
Thu, 28 Mar 2019 17:05:21 GMT
side7.png
www.localnewsreviews.com/btc/btcde299_files/
30 KB
30 KB
Image
General
Full URL
https://www.localnewsreviews.com/btc/btcde299_files/side7.png
Requested by
Host: www.localnewsreviews.com
URL: https://www.localnewsreviews.com/btc/DEwfhd.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681c:b29 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
b8ff47c69f9495e6ea65471b668c7d0145a9b2122aa780087cd59ca4ef8644b5

Request headers

:path
/btc/btcde299_files/side7.png
pragma
no-cache
cookie
__cfduid=ddc1b18e4927405d196bcca6bc64dd7b21553187921
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.localnewsreviews.com
referer
https://www.localnewsreviews.com/btc/DEwfhd.html
:scheme
https
:method
GET
Referer
https://www.localnewsreviews.com/btc/DEwfhd.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 21 Mar 2019 17:05:21 GMT
cf-cache-status
HIT
last-modified
Fri, 22 Feb 2019 14:42:04 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
4bb1829c281963d9-FRA
alt-svc
quic=":443"; ma=2592000; v="35,39,43,44"
content-length
31140
expires
Thu, 28 Mar 2019 17:05:21 GMT
checkmark.png
www.localnewsreviews.com/btc/btcde299_files/
341 B
407 B
Image
General
Full URL
https://www.localnewsreviews.com/btc/btcde299_files/checkmark.png
Requested by
Host: www.localnewsreviews.com
URL: https://www.localnewsreviews.com/btc/DEwfhd.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681c:b29 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e9d04e4fbd1f7c6a052cccf0588ed2c6ea41af104c59c70baaa10d8e0f5715a8

Request headers

:path
/btc/btcde299_files/checkmark.png
pragma
no-cache
cookie
__cfduid=ddc1b18e4927405d196bcca6bc64dd7b21553187921
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.localnewsreviews.com
referer
https://www.localnewsreviews.com/btc/DEwfhd.html
:scheme
https
:method
GET
Referer
https://www.localnewsreviews.com/btc/DEwfhd.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 21 Mar 2019 17:05:21 GMT
cf-cache-status
HIT
last-modified
Fri, 22 Feb 2019 14:42:04 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
4bb1829c281a63d9-FRA
alt-svc
quic=":443"; ma=2592000; v="35,39,43,44"
content-length
341
expires
Thu, 28 Mar 2019 17:05:21 GMT
profit1_1-min.jpg
www.localnewsreviews.com/btc/btcde299_files/
67 KB
67 KB
Image
General
Full URL
https://www.localnewsreviews.com/btc/btcde299_files/profit1_1-min.jpg
Requested by
Host: www.localnewsreviews.com
URL: https://www.localnewsreviews.com/btc/DEwfhd.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681c:b29 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
446594175cedf0d04a2a5906d1dc4f121dd15dc6143a8193c3c89b27c970ee18

Request headers

:path
/btc/btcde299_files/profit1_1-min.jpg
pragma
no-cache
cookie
__cfduid=ddc1b18e4927405d196bcca6bc64dd7b21553187921
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.localnewsreviews.com
referer
https://www.localnewsreviews.com/btc/DEwfhd.html
:scheme
https
:method
GET
Referer
https://www.localnewsreviews.com/btc/DEwfhd.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 21 Mar 2019 17:05:21 GMT
cf-cache-status
HIT
last-modified
Fri, 22 Feb 2019 17:50:13 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
4bb1829c281b63d9-FRA
alt-svc
quic=":443"; ma=2592000; v="35,39,43,44"
content-length
68234
expires
Thu, 28 Mar 2019 17:05:21 GMT
profit1-min.jpg
www.localnewsreviews.com/btc/btcde299_files/
136 KB
136 KB
Image
General
Full URL
https://www.localnewsreviews.com/btc/btcde299_files/profit1-min.jpg
Requested by
Host: www.localnewsreviews.com
URL: https://www.localnewsreviews.com/btc/DEwfhd.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681c:b29 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
1d74317800bcbb017d8dfb1d80dee0bf5cab6e70e80b9eaa809efd7e257bfada

Request headers

:path
/btc/btcde299_files/profit1-min.jpg
pragma
no-cache
cookie
__cfduid=ddc1b18e4927405d196bcca6bc64dd7b21553187921
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.localnewsreviews.com
referer
https://www.localnewsreviews.com/btc/DEwfhd.html
:scheme
https
:method
GET
Referer
https://www.localnewsreviews.com/btc/DEwfhd.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 21 Mar 2019 17:05:21 GMT
cf-cache-status
HIT
last-modified
Fri, 22 Feb 2019 17:50:16 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
4bb1829c281c63d9-FRA
alt-svc
quic=":443"; ma=2592000; v="35,39,43,44"
content-length
139525
expires
Thu, 28 Mar 2019 17:05:21 GMT
fontawesome-webfontba72ba72ba72-2.html
bestnews24.net/geld/immg/
0
0

fontawesome-webfontba72ba72ba72-3.html
bestnews24.net/geld/immg/
0
0

opensans-bold.html
bestnews24.net/geld/immg/
0
0

opensans-regular.html
bestnews24.net/geld/immg/
0
0

tahoma.html
bestnews24.net/geld/immg/
0
0

franklin-gothic-condensed.html
bestnews24.net/geld/immg/
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
bestnews24.net
URL
http://bestnews24.net/geld/immg/fontawesome-webfontba72ba72ba72-2.html?v=4.0.3
Domain
bestnews24.net
URL
http://bestnews24.net/geld/immg/fontawesome-webfontba72ba72ba72-3.html?v=4.0.3
Domain
bestnews24.net
URL
http://bestnews24.net/geld/immg/opensans-bold.html
Domain
bestnews24.net
URL
http://bestnews24.net/geld/immg/opensans-regular.html
Domain
bestnews24.net
URL
http://bestnews24.net/geld/immg/tahoma.html
Domain
bestnews24.net
URL
http://bestnews24.net/geld/immg/franklin-gothic-condensed.html

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Lion's Den Scam (Online)

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask object| dayNames object| monthNames object| now number| dayOfTheWeek

1 Cookies

Domain/Path Name / Value
.localnewsreviews.com/ Name: __cfduid
Value: ddc1b18e4927405d196bcca6bc64dd7b21553187921

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1d616818f69.traffic-c.com
bestnews24.net
enjrg.com
maketraff.com
rtb.exoclick.com
svkrg.com
typrg.com
www.localnewsreviews.com
xhnmaq.peakperformsrv.com
bestnews24.net
2606:4700:30::681c:b29
3.209.27.50
34.193.160.81
52.206.107.84
52.206.38.50
52.215.113.202
62.212.87.142
95.211.229.247
0db50e12d22f02c40fbad0714ffb945c2de4a355fc9ec4990bb5f14af8895867
1230de73f31f9b4fb64040b169530d0fb0bc6c8fd7b13a07c0fb048679a4c963
18dc545f0219ee9faae854e550ca8a992a800ce0a9b968ffddfd04627b2a1508
1b7e0a2736aeb5f656f8b9cc2fda4b3eb2ea212d2f344dae9b7792136c9c5562
1d74317800bcbb017d8dfb1d80dee0bf5cab6e70e80b9eaa809efd7e257bfada
3236e8b1e416a9798314e699498a0900b4d51df2b4036532c620924c64e6c0d4
3dde975bef15653e64134deee5e1dd5220720f5ecb8fc26adc38f63b6cb57226
446594175cedf0d04a2a5906d1dc4f121dd15dc6143a8193c3c89b27c970ee18
494a3efdafd5407a5a88d922f5a4a72d71ac2f3ad8f3f9fe607f8cf89314dfa1
4bacc9a03fd7033ed2eb62cf2f82ca66aac34b7058f65d1935d37f2b23eec65e
54e408290bafacaad2eaf0b17ec04ecf29ae7333a69784730a1af7d749b3c4a9
5782084e5ec96e23e26ff4f2220a53e896630f200b0dadcf012a7760901fe696
5adbed9d75481c04641b70a78519079b1aa08150757ee14f7c84327356e73b1f
68d900100a626ce8a6149344561ebe975bc0242fe5af81a08544b9ea92d7682d
6b454fdf5113b68f29f2a028d744bf33fa1ba7f14e3ac4f72019de131af8a830
7ad8eb95d1a4bcead09b2830d6687d547e46323c7395866230077b70d24a878f
84218aaea4b1305589535d180785655ed4deccf863ffd8aa9e5a0c6ddbcc9bb0
86f3b6ded588e2832dd412d046715e3ce1c62b460468922de235833ae7a2eecd
975e2ea42ee8599a3b10f089f4091c8de111ed0d7c854c23045661c0912556e7
a0033d1fb19786542fd62432f412fac83f4c40a95da3a0e24d8223cf3489f15c
b7806578c7b5de3f40d8e4696a84c3b0b4e686e0b7dea2e935af3df63404e523
b8ff47c69f9495e6ea65471b668c7d0145a9b2122aa780087cd59ca4ef8644b5
ce2231fa073bd51d7c7028ab57c431302e532045dc5b8dbf0f61cbfae0b29173
ddc2d161fa9c485221f11ae8f71b453b760ada71fbc4d279a4ee462d171fc75f
e5f99941f717ee56ec795c58e4c73d8f72d15494deb92d94894e2f0ea0f47b7e
e9d04e4fbd1f7c6a052cccf0588ed2c6ea41af104c59c70baaa10d8e0f5715a8
efe345bc9012c7eb798ef6545d33371e7b3b25b2b2cb457d374dec3b94b39786
f126567da92f02739a3ad0dfe266fdad3635b3e9ef129f4c513e2c3b575ff723
f2a8ba6fa5e07e7984163dcfc0923328dfda7d121636590ab09866c388fa80f1
fe5ace5beacee2e7084a040e468951965174b3bfdf233bde1657f0c6cfbb9be4