video-change.digital Open in urlscan Pro
213.227.149.216 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://cpa-optimizer.online/lp/common/arb/?url=/31mar21/6/?cp=9&tn=60&tx=95&cp=10&tag=15602&tag1=musicplayer&tag2=D3O8MGMA8V...
Effective URL:
https://video-change.digital/common/content/contentforyou6.php?CC=GB&tn=100&tx=150&affid=6739
Submission: On November 05 via manual (November 5th 2021, 1:02:27 pm UTC) from SG — Scanned from NL

Summary HTTP 63 Redirects Behaviour Indicators

Summary

This website contacted 13 IPs in 4 countries across 15 domains to perform 63 HTTP transactions. The main IP is 213.227.149.216, located in Netherlands and belongs to LEASEWEB-NL-AMS-01 Netherlands, NL. The main domain is video-change.digital.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G2 on March 10th 2021. Valid for: a year.

This is the only time video-change.digital was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
12	213.227.145.147 213.227.145.147	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
4	95.211.60.56 95.211.60.56	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1	2606:4700:310... 2606:4700:3108::ac42:28e2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	81.171.6.34 81.171.6.34	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
4	8.253.95.113 8.253.95.113	3356 (LEVEL3) (LEVEL3)
2	2a00:1450:400... 2a00:1450:4001:802::200e	15169 (GOOGLE) (GOOGLE)
2 5	95.168.170.165 95.168.170.165	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
2 2	2a03:b0c0:3:d... 2a03:b0c0:3:d0::105c:9001	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1 1	85.17.31.90 85.17.31.90	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1 17	104.19.133.80 104.19.133.80	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	104.19.131.80 104.19.131.80	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 3	213.227.145.130 213.227.145.130	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1	104.19.138.80 104.19.138.80	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	213.227.149.216 213.227.149.216	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
2 2	138.68.122.17 138.68.122.17	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
3	2606:4700:303... 2606:4700:3035::6815:5e55	13335 (CLOUDFLAR...) (CLOUDFLARENET)
63	13

12 213.227.145.147 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

cpa-optimizer.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
daily-news.one	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
free-coupons.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 95.211.60.56 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

wbidr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3108::ac42:28e2 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn1.iconfinder.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 81.171.6.34 (Bocholtz, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

wbidder.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 8.253.95.113 (United States)

ASN3356 (LEVEL3, US)

cdn.special-offers.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 95.168.170.165 (Netherlands) 2 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

special-offers.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
int.special-offers.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:b0c0:3:d0::105c:9001 (Frankfurt am Main, Germany) 2 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

track.special-promotions.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
track.cpa-optimizer.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.17.31.90 (Netherlands) 1 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

clk.wbidder.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 104.19.133.80 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

jsc.adskeeper.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.adskeeper.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.adskeeper.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
servicer.adskeeper.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.adskeeper.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s-img.adskeeper.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 104.19.131.80 (None, )

ASN13335 (CLOUDFLARENET, US)

s-img.adskeeper.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.227.145.130 (Netherlands) 3 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

crtv.wboptim.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.19.138.80 (None, )

ASN13335 (CLOUDFLARENET, US)

cm.steepto.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.227.149.216 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

video-change.digital	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 138.68.122.17 (Amsterdam, Netherlands) 2 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

tracking.eu.adoperatorcore.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3035::6815:5e55 (United States)

ASN13335 (CLOUDFLARENET, US)

s.adoppop.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
25	adskeeper.co.uk 1 redirects jsc.adskeeper.co.uk c.adskeeper.co.uk cdn.adskeeper.co.uk servicer.adskeeper.co.uk s-img.adskeeper.co.uk cm.adskeeper.co.uk	337 KB
9	special-offers.online 2 redirects cdn.special-offers.online special-offers.online int.special-offers.online	267 KB
6	daily-news.one daily-news.one	219 KB
5	free-coupons.network free-coupons.network	127 KB
5	wbidder.online 1 redirects wbidder.online clk.wbidder.online	5 KB
4	wbidr.com wbidr.com	5 KB
3	adoppop.com s.adoppop.com	81 KB
3	video-change.digital video-change.digital	27 KB
3	wboptim.online crtv.wboptim.online Failed	2 KB
2	adoperatorcore.com 2 redirects tracking.eu.adoperatorcore.com	254 B
2	google-analytics.com www.google-analytics.com
2	cpa-optimizer.online 1 redirects cpa-optimizer.online track.cpa-optimizer.online	1 KB
1	steepto.com cm.steepto.com	173 B
1	special-promotions.online 1 redirects track.special-promotions.online	1 KB
1	iconfinder.com cdn1.iconfinder.com	4 KB
63	15

	Domain	Requested by
9	s-img.adskeeper.co.uk	jsc.adskeeper.co.uk
6	daily-news.one	cpa-optimizer.online daily-news.one
5	cdn.adskeeper.co.uk	jsc.adskeeper.co.uk
5	free-coupons.network	int.special-offers.online
4	jsc.adskeeper.co.uk	int.special-offers.online jsc.adskeeper.co.uk video-change.digital
4	special-offers.online	2 redirects daily-news.one int.special-offers.online
4	cdn.special-offers.online	daily-news.one int.special-offers.online
4	wbidder.online	daily-news.one free-coupons.network video-change.digital
4	wbidr.com	daily-news.one free-coupons.network video-change.digital
3	s.adoppop.com
3	video-change.digital	free-coupons.network video-change.digital
3	c.adskeeper.co.uk	1 redirects jsc.adskeeper.co.uk
3	crtv.wboptim.online
2	tracking.eu.adoperatorcore.com	2 redirects
2	cm.adskeeper.co.uk	jsc.adskeeper.co.uk
2	servicer.adskeeper.co.uk	jsc.adskeeper.co.uk
2	www.google-analytics.com	daily-news.one free-coupons.network
1	track.cpa-optimizer.online	1 redirects
1	cm.steepto.com
1	int.special-offers.online	daily-news.one
1	clk.wbidder.online	1 redirects
1	track.special-promotions.online	1 redirects
1	cdn1.iconfinder.com	daily-news.one
1	cpa-optimizer.online
63	24

This site contains no links.

Subject Issuer	Validity	Valid
*.cpa-optimizer.online AlphaSSL CA - SHA256 - G2	`2021-03-30` - `2022-05-01`	a year	crt.sh
*.daily-news.one AlphaSSL CA - SHA256 - G2	`2021-07-04` - `2022-08-05`	a year	crt.sh
*.wbidr.com AlphaSSL CA - SHA256 - G2	`2021-03-06` - `2022-04-07`	a year	crt.sh
*.iconfinder.com R3	`2021-10-23` - `2022-01-21`	3 months	crt.sh
*.wbidder.online AlphaSSL CA - SHA256 - G2	`2021-03-06` - `2022-04-07`	a year	crt.sh
*.special-offers.online AlphaSSL CA - SHA256 - G2	`2021-08-09` - `2022-09-10`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-11` - `2022-06-10`	a year	crt.sh
*.free-coupons.network AlphaSSL CA - SHA256 - G2	`2021-03-08` - `2022-04-09`	a year	crt.sh
*.video-change.digital AlphaSSL CA - SHA256 - G2	`2021-03-10` - `2022-04-11`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://video-change.digital/common/content/contentforyou6.php?CC=GB&tn=100&tx=150&affid=6739
Frame ID: 3DD0CB37267FA4E28BC52A19AFA6CF81
Requests: 62 HTTP requests in this frame

Frame: https://cm.adskeeper.co.uk/i-noref.js?cbuster=1636117341811112449703
Frame ID: ADE55432586977CA7ED169B23C7F1A11
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

RECOMMENDED FOR YOU:

Page URL History Show full URLs

https://cpa-optimizer.online/lp/common/arb/?url=/31mar21/6/?cp=9&tn=60&tx=95&cp=10&tag=15602&tag1=musicpl... Page URL
https://daily-news.one/31mar21/6/?cp=9&tn=60&tx=95&cp=10&tag=15602&tag1=musicplayer&tag2=D3O8MGMA8V... Page URL
https://track.special-promotions.online/15G9io?cp=10&tn=60&tx=95&tag=15602&tag1=musicplayer&tag2=D3O8MGMA8V&tag3=156... HTTP 302
https://clk.wbidder.online/redirect?url=https%3A%2F%2Fint.special-offers.online%2Fcommon%2Fcontent%2Fsp... HTTP 302
https://int.special-offers.online/common/content/special-contentforyou.php?affid=bid_15602&subid=D3O8MGMA8V&sC... Page URL
http://special-offers.online/affidLink/redirect.php?affid=bid_15602&subid=D3O8MGMA8V&sClient=1&r=16361173... HTTP 301
https://special-offers.online/affidLink/redirect.php?affid=bid_15602&subid=D3O8MGMA8V&sClient=1&r=16361173... HTTP 302
https://track.cpa-optimizer.online/15Gxg8?subid=bid_15602_D3O8MGMA8V HTTP 302
https://video-change.digital/common/content/contentforyou6.php?CC=GB&tn=100&tx=150&affid=6739 Page URL

Page Statistics

63
Requests

92 %
HTTPS

25 %
IPv6

15
Domains

24
Subdomains

13
IPs

4
Countries

1070 kB
Transfer

1517 kB
Size

13
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://cpa-optimizer.online/lp/common/arb/?url=/31mar21/6/?cp=9&tn=60&tx=95&cp=10&tag=15602&tag1=musicplayer&tag2=D3O8MGMA8V&tag3=15602&tag4=dating&clickid=a99ce89a7a64a988bcfec1a865d0a1a0-4888-1104&device=Desktop&brand=Desktop&model=Desktop&country=US&affid=15602&subid=D3O8MGMA8V&ln=en&cid=usd&useragent=%7Bvar:useragent%7D&ip=50.199.90.242&bv=Chrome%2095&as=pc&gf=20. Page URL
https://daily-news.one/31mar21/6/?cp=9&tn=60&tx=95&cp=10&tag=15602&tag1=musicplayer&tag2=D3O8MGMA8V&tag3=15602&tag4=dating&clickid=a99ce89a7a64a988bcfec1a865d0a1a0-4888-1104&device=Desktop&brand=Desktop&model=Desktop&country=US&affid=15602&subid=D3O8MGMA8V&ln=en&cid=usd&useragent=%7Bvar:useragent%7D&ip=50.199.90.242&bv=Chrome%2095&as=pc&gf=20. Page URL
https://track.special-promotions.online/15G9io?cp=10&tn=60&tx=95&tag=15602&tag1=musicplayer&tag2=D3O8MGMA8V&tag3=15602&tag4=dating&clickid=a99ce89a7a64a988bcfec1a865d0a1a0-4888-1104&device=Desktop&brand=Desktop&model=Desktop&country=US&affid=15602&subid=D3O8MGMA8V&ln=en&cid=usd&useragent=%257Bvar%3Auseragent%257D&ip=50.199.90.242&bv=Chrome%252095&as=pc&gf=20.&onw=1&link=url%3Dhttps%253A%252F%252Fint.special-offers.online%252Fcommon%252Fcontent%252Fspecial-contentforyou.php%253Faffid%253Dbid_15602%2526subid%253DD3O8MGMA8V%2526sClient%253D1%2526r%253D1636117340.0.9142006010310948%26s%3DDEFAULT%26a%3Dbid_onw_15602%26uA%3D%26sub%3DD3O8MGMA8V%26ts%3D1636117340%26d%3D20%26i%3D4063c1vsmikvme0rej%26t%3Dclient%26c%3D657546855 HTTP 302
https://clk.wbidder.online/redirect?url=https%3A%2F%2Fint.special-offers.online%2Fcommon%2Fcontent%2Fspecial-contentforyou.php%3Faffid%3Dbid_15602%26subid%3DD3O8MGMA8V%26sClient%3D1%26r%3D1636117340.0.9142006010310948&s=DEFAULT&a=bid_onw_15602&uA=&sub=D3O8MGMA8V&ts=1636117340&d=20&i=4063c1vsmikvme0rej&t=client&c=657546855 HTTP 302
https://int.special-offers.online/common/content/special-contentforyou.php?affid=bid_15602&subid=D3O8MGMA8V&sClient=1&r=1636117340.0.9142006010310948 Page URL
http://special-offers.online/affidLink/redirect.php?affid=bid_15602&subid=D3O8MGMA8V&sClient=1&r=1636117340.0.9142006010310948 HTTP 301
https://special-offers.online/affidLink/redirect.php?affid=bid_15602&subid=D3O8MGMA8V&sClient=1&r=1636117340.0.9142006010310948 HTTP 302
https://track.cpa-optimizer.online/15Gxg8?subid=bid_15602_D3O8MGMA8V HTTP 302
https://video-change.digital/common/content/contentforyou6.php?CC=GB&tn=100&tx=150&affid=6739 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 15

https://track.special-promotions.online/15G9io?cp=10&tn=60&tx=95&tag=15602&tag1=musicplayer&tag2=D3O8MGMA8V&tag3=15602&tag4=dating&clickid=a99ce89a7a64a988bcfec1a865d0a1a0-4888-1104&device=Desktop&brand=Desktop&model=Desktop&country=US&affid=15602&subid=D3O8MGMA8V&ln=en&cid=usd&useragent=%257Bvar%3Auseragent%257D&ip=50.199.90.242&bv=Chrome%252095&as=pc&gf=20.&onw=1&link=url%3Dhttps%253A%252F%252Fint.special-offers.online%252Fcommon%252Fcontent%252Fspecial-contentforyou.php%253Faffid%253Dbid_15602%2526subid%253DD3O8MGMA8V%2526sClient%253D1%2526r%253D1636117340.0.9142006010310948%26s%3DDEFAULT%26a%3Dbid_onw_15602%26uA%3D%26sub%3DD3O8MGMA8V%26ts%3D1636117340%26d%3D20%26i%3D4063c1vsmikvme0rej%26t%3Dclient%26c%3D657546855 HTTP 302
https://clk.wbidder.online/redirect?url=https%3A%2F%2Fint.special-offers.online%2Fcommon%2Fcontent%2Fspecial-contentforyou.php%3Faffid%3Dbid_15602%26subid%3DD3O8MGMA8V%26sClient%3D1%26r%3D1636117340.0.9142006010310948&s=DEFAULT&a=bid_onw_15602&uA=&sub=D3O8MGMA8V&ts=1636117340&d=20&i=4063c1vsmikvme0rej&t=client&c=657546855 HTTP 302
https://int.special-offers.online/common/content/special-contentforyou.php?affid=bid_15602&subid=D3O8MGMA8V&sClient=1&r=1636117340.0.9142006010310948

Request Chain 44

https://crtv.wboptim.online/icon?url=https%3A%2F%2Fc.adskeeper.co.uk%2Fc%3Fpv%3D2%26v%3D0%7C0%7C0%7Cu_X1_cMX-2CyRpjEOC0Y_6gLA9ziiLJosQ8SvZAJ3pjLjKtZAdYtYylaNhxTwHFj%26cid%3D721392%26f%3D1%26h2%3DTksHyUx4_agIKijc0a11upCVMW4LAIrJQS4dA0CrhS4*%26rid%3D9cc3c733-3e38-11ec-b93f-e4434b374bc6%26psid%3Dbid_15760%26iub%3DaHR0cHM6Ly9zLWltZy5hZHNrZWVwZXIuY28udWsvZy8zODM1NjYxLzMyOHgzMjgvMTA2eDE2eDQ0OHg0NDgvYUhSMGNEb3ZMMmx0WjJodmMzUnpMbU52YlM5MEx6SXdNVGt0TURZdk1UQXhPVEkwTHpNMFl6azVPVEkyT1dFeU9EUXdPRGM0TWpWaVpqZ3hPVGxoTWpRek1HSXlMbXB3WldjLndlYnA_dj0xNjM2MTE3MzQxLXJ6eTRxb1NUYkt2NFNid3lkdTFMQWp5TERiRmF3VHJYRW1Ed3otOEF0OEk%3D&s=1060&a=bid_onw_15602&uA=bid_15760&sub=D3O8MGMA8V&d=6&ic=1 HTTP 302
https://c.adskeeper.co.uk/c?pv=2&v=0|0|0|u_X1_cMX-2CyRpjEOC0Y_6gLA9ziiLJosQ8SvZAJ3pjLjKtZAdYtYylaNhxTwHFj&cid=721392&f=1&h2=TksHyUx4_agIKijc0a11upCVMW4LAIrJQS4dA0CrhS4*&rid=9cc3c733-3e38-11ec-b93f-e4434b374bc6&psid=bid_15760&iub=aHR0cHM6Ly9zLWltZy5hZHNrZWVwZXIuY28udWsvZy8zODM1NjYxLzMyOHgzMjgvMTA2eDE2eDQ0OHg0NDgvYUhSMGNEb3ZMMmx0WjJodmMzUnpMbU52YlM5MEx6SXdNVGt0TURZdk1UQXhPVEkwTHpNMFl6azVPVEkyT1dFeU9EUXdPRGM0TWpWaVpqZ3hPVGxoTWpRek1HSXlMbXB3WldjLndlYnA_dj0xNjM2MTE3MzQxLXJ6eTRxb1NUYkt2NFNid3lkdTFMQWp5TERiRmF3VHJYRW1Ed3otOEF0OEk= HTTP 301
https://s-img.adskeeper.co.uk/g/3835661/328x328/106x16x448x448/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDYvMTAxOTI0LzM0Yzk5OTI2OWEyODQwODc4MjViZjgxOTlhMjQzMGIyLmpwZWc.webp?v=1636117341-rzy4qoSTbKv4Sbwydu1LAjyLDbFawTrXEmDwz-8At8I

Request Chain 59

https://crtv.wboptim.online/icon?url=https%3A%2F%2Ftracking.eu.adoperatorcore.com%2Frtb%2Ffeedimpression%3Fuuid%3D85124932-06e0-40db-a3d7-b7d2a11e5c3a%26s%3D101%26d%3D221%26feedid%3De908%26rt%3D1636117345688%26sb%3D0.0004%26db%3D0.0008%26subid%3Dbid_501219%26tokid%3Dnull%26url%3DM6R2B4GETR2CBYFKGVL23NVIDJRWMWAVTP7SS6K44OJVF6F7YRDQJYIMNYL4H4EFOGNSF3DEAYIKMIU2ZUHGWSWMDICU3J76A7YYGTY%253D%26i%3D72a29d%26u%3Dca4e66&s=1036&a=bid_onw_6739&uA=bid_501219&sub=undefined&d=19&ic=1 HTTP 302
https://tracking.eu.adoperatorcore.com/rtb/feedimpression?uuid=85124932-06e0-40db-a3d7-b7d2a11e5c3a&s=101&d=221&feedid=e908&rt=1636117345688&sb=0.0004&db=0.0008&subid=bid_501219&tokid=null&url=M6R2B4GETR2CBYFKGVL23NVIDJRWMWAVTP7SS6K44OJVF6F7YRDQJYIMNYL4H4EFOGNSF3DEAYIKMIU2ZUHGWSWMDICU3J76A7YYGTY%3D&i=72a29d&u=ca4e66 HTTP 302
https://s.adoppop.com/images/icon/instagram2.png

Request Chain 61

https://crtv.wboptim.online/icon?url=https%3A%2F%2Ftracking.eu.adoperatorcore.com%2Frtb%2Ffeedimpression%3Fuuid%3D794ef1f5-0b81-4040-8211-6572ac3c5219%26s%3D101%26d%3D221%26feedid%3De908%26rt%3D1636117345688%26sb%3D0.0004%26db%3D0.0008%26subid%3Dbid_500212%26tokid%3Dnull%26url%3DM6R2B4GETR2CBYFKGVL23NVIDJRWMWAVTP7SS6K44OJVF6F7YRDQJYIMNYL4H4EFOGNSF3DEAYIKMIU2ZUHGWSWMDICU3J76A7YYGTY%253D%26i%3D72a29d%26u%3Dca4e66&s=1036&a=bid_onw_6739&uA=bid_500212&sub=undefined&d=33&ic=1 HTTP 302
https://tracking.eu.adoperatorcore.com/rtb/feedimpression?uuid=794ef1f5-0b81-4040-8211-6572ac3c5219&s=101&d=221&feedid=e908&rt=1636117345688&sb=0.0004&db=0.0008&subid=bid_500212&tokid=null&url=M6R2B4GETR2CBYFKGVL23NVIDJRWMWAVTP7SS6K44OJVF6F7YRDQJYIMNYL4H4EFOGNSF3DEAYIKMIU2ZUHGWSWMDICU3J76A7YYGTY%3D&i=72a29d&u=ca4e66 HTTP 302
https://s.adoppop.com/images/icon/instagram2.png

63 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 /
cpa-optimizer.online/lp/common/arb/ 440 B
533 B 118ms
15ms Document
text/html 213.227.145.147
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://cpa-optimizer.online/lp/common/arb/?url=/31mar21/6/?cp=9&tn=60&tx=95&cp=10&tag=15602&tag1=musicplayer&tag2=D3O8MGMA8V&tag3=15602&tag4=dating&clickid=a99ce89a7a64a988bcfec1a865d0a1a0-4888-1104&device=Desktop&brand=Desktop&model=Desktop&country=US&affid=15602&subid=D3O8MGMA8V&ln=en&cid=usd&useragent=%7Bvar:useragent%7D&ip=50.199.90.242&bv=Chrome%2095&as=pc&gf=20.

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

213.227.145.147 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: nl-NL,nl;q=0.9

Response headers

server: nginx
date: Fri, 05 Nov 2021 13:02:19 GMT
content-type: text/html; charset=UTF-8
x-frame-options: SAMEORIGIN

GET
H2 200 / Show response
daily-news.one/31mar21/6/ 34 KB
34 KB 56ms
17ms Document
text/html 213.227.145.147
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://daily-news.one/31mar21/6/?cp=9&tn=60&tx=95&cp=10&tag=15602&tag1=musicplayer&tag2=D3O8MGMA8V&tag3=15602&tag4=dating&clickid=a99ce89a7a64a988bcfec1a865d0a1a0-4888-1104&device=Desktop&brand=Desktop&model=Desktop&country=US&affid=15602&subid=D3O8MGMA8V&ln=en&cid=usd&useragent=%7Bvar:useragent%7D&ip=50.199.90.242&bv=Chrome%2095&as=pc&gf=20.

Requested by

Host: cpa-optimizer.online
URL: https://cpa-optimizer.online/lp/common/arb/?url=/31mar21/6/?cp=9&tn=60&tx=95&cp=10&tag=15602&tag1=musicplayer&tag2=D3O8MGMA8V&tag3=15602&tag4=dating&clickid=a99ce89a7a64a988bcfec1a865d0a1a0-4888-1104&device=Desktop&brand=Desktop&model=Desktop&country=US&affid=15602&subid=D3O8MGMA8V&ln=en&cid=usd&useragent=%7Bvar:useragent%7D&ip=50.199.90.242&bv=Chrome%2095&as=pc&gf=20.

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

213.227.145.147 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

Software

nginx /

Resource Hash

0cad566bc182c430a2b6984489dd83ec975a1a600ad20275edb409d843999d21

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: nl-NL,nl;q=0.9
Referer: https://cpa-optimizer.online/

Response headers

server: nginx
date: Fri, 05 Nov 2021 13:02:19 GMT
content-type: text/html
content-length: 34474
last-modified: Tue, 07 Sep 2021 09:36:24 GMT
etag: "61373298-86aa"
x-frame-options: SAMEORIGIN
accept-ranges: bytes

GET
H2 200 style.css
daily-news.one/plugin/css/ 38 KB
25 KB 18ms
18ms Stylesheet
text/css 213.227.145.147
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://daily-news.one/plugin/css/style.css

Requested by

Host: daily-news.one
URL: https://daily-news.one/31mar21/6/?cp=9&tn=60&tx=95&cp=10&tag=15602&tag1=musicplayer&tag2=D3O8MGMA8V&tag3=15602&tag4=dating&clickid=a99ce89a7a64a988bcfec1a865d0a1a0-4888-1104&device=Desktop&brand=Desktop&model=Desktop&country=US&affid=15602&subid=D3O8MGMA8V&ln=en&cid=usd&useragent=%7Bvar:useragent%7D&ip=50.199.90.242&bv=Chrome%2095&as=pc&gf=20.

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

213.227.145.147 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

Software

nginx /

Resource Hash

88463998ff9fa0fc4c6d6ca048e456779eaae4305b3e8ede91666b5c7ef4d9e3

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://daily-news.one/31mar21/6/?cp=9&tn=60&tx=95&cp=10&tag=15602&tag1=musicplayer&tag2=D3O8MGMA8V&tag3=15602&tag4=dating&clickid=a99ce89a7a64a988bcfec1a865d0a1a0-4888-1104&device=Desktop&brand=Desktop&model=Desktop&country=US&affid=15602&subid=D3O8MGMA8V&ln=en&cid=usd&useragent=%7Bvar:useragent%7D&ip=50.199.90.242&bv=Chrome%2095&as=pc&gf=20.
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 13:02:19 GMT
content-encoding: gzip
vary: Accept-Encoding
last-modified: Wed, 17 Oct 2018 08:06:12 GMT
server: nginx
etag: "5bc6ed74-6264"
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=2592000
content-length: 25188
expires: Sun, 05 Dec 2021 13:02:19 GMT

GET
H2 200 e-client.v2.js Show response
daily-news.one/plugin/js/ 28 KB
29 KB 27ms
26ms Script
application/javascript 213.227.145.147
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://daily-news.one/plugin/js/e-client.v2.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

213.227.145.147 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

Software

nginx /

Resource Hash

9ea4f8f97e8f4cd2cf66e0a96d43eb300abe6b170a3664bd6f19ccecbd91aaf1

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://daily-news.one/31mar21/6/?cp=9&tn=60&tx=95&cp=10&tag=15602&tag1=musicplayer&tag2=D3O8MGMA8V&tag3=15602&tag4=dating&clickid=a99ce89a7a64a988bcfec1a865d0a1a0-4888-1104&device=Desktop&brand=Desktop&model=Desktop&country=US&affid=15602&subid=D3O8MGMA8V&ln=en&cid=usd&useragent=%7Bvar:useragent%7D&ip=50.199.90.242&bv=Chrome%2095&as=pc&gf=20.
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 13:02:19 GMT
last-modified: Wed, 20 Oct 2021 13:39:58 GMT
server: nginx
etag: "61701c2e-711b"
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 28955
expires: Sun, 05 Dec 2021 13:02:19 GMT

GET
H2 200 bidder.js Show response
daily-news.one/plugin/js/ 14 KB
14 KB 32ms
32ms Script
application/javascript 213.227.145.147
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://daily-news.one/plugin/js/bidder.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

213.227.145.147 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

Software

nginx /

Resource Hash

b5e6f5bdadae7c9848885393c515f75dc1b65e4b1e6002fd7f51207831e7b476

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://daily-news.one/31mar21/6/?cp=9&tn=60&tx=95&cp=10&tag=15602&tag1=musicplayer&tag2=D3O8MGMA8V&tag3=15602&tag4=dating&clickid=a99ce89a7a64a988bcfec1a865d0a1a0-4888-1104&device=Desktop&brand=Desktop&model=Desktop&country=US&affid=15602&subid=D3O8MGMA8V&ln=en&cid=usd&useragent=%7Bvar:useragent%7D&ip=50.199.90.242&bv=Chrome%2095&as=pc&gf=20.
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 13:02:19 GMT
last-modified: Tue, 12 Oct 2021 12:17:48 GMT
server: nginx
etag: "61657cec-3678"
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 13944
expires: Sun, 05 Dec 2021 13:02:19 GMT

GET
H2 200 log.js Show response
daily-news.one/plugin/js/ 18 KB
18 KB 35ms
35ms Script
application/javascript 213.227.145.147
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://daily-news.one/plugin/js/log.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

213.227.145.147 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

Software

nginx /

Resource Hash

fcd35ee3fac58b9fafffcc6c61df73f78b58e0d3f2ab1fa2edbb5e7707c61314

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://daily-news.one/31mar21/6/?cp=9&tn=60&tx=95&cp=10&tag=15602&tag1=musicplayer&tag2=D3O8MGMA8V&tag3=15602&tag4=dating&clickid=a99ce89a7a64a988bcfec1a865d0a1a0-4888-1104&device=Desktop&brand=Desktop&model=Desktop&country=US&affid=15602&subid=D3O8MGMA8V&ln=en&cid=usd&useragent=%7Bvar:useragent%7D&ip=50.199.90.242&bv=Chrome%2095&as=pc&gf=20.
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 13:02:19 GMT
last-modified: Fri, 28 Feb 2020 14:27:14 GMT
server: nginx
etag: "5e592342-48db"
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 18651
expires: Sun, 05 Dec 2021 13:02:19 GMT

GET
H2 200 client2.js Show response
daily-news.one/lp/plugin/js/ 99 KB
99 KB 39ms
38ms Script
application/javascript 213.227.145.147
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://daily-news.one/lp/plugin/js/client2.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

213.227.145.147 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

Software

nginx /

Resource Hash

8d0db99fcf4aa2da7fdd7180c88021e7543c0f15147e78b30df222cd6adaff06

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://daily-news.one/31mar21/6/?cp=9&tn=60&tx=95&cp=10&tag=15602&tag1=musicplayer&tag2=D3O8MGMA8V&tag3=15602&tag4=dating&clickid=a99ce89a7a64a988bcfec1a865d0a1a0-4888-1104&device=Desktop&brand=Desktop&model=Desktop&country=US&affid=15602&subid=D3O8MGMA8V&ln=en&cid=usd&useragent=%7Bvar:useragent%7D&ip=50.199.90.242&bv=Chrome%2095&as=pc&gf=20.
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 13:02:19 GMT
last-modified: Wed, 11 Aug 2021 10:50:25 GMT
server: nginx
etag: "6113ab71-18c3a"
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 101434
expires: Sun, 05 Dec 2021 13:02:19 GMT

GET
H/1.1 200
OK client
wbidr.com/offer/ 8 KB
2 KB 845ms
792ms Fetch
application/json 95.211.60.56
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://wbidr.com/offer/client?affid=onw_15602&subid=D3O8MGMA8V&days=8&count=5&adult=undefined
Requested by: Host: daily-news.one
URL: https://daily-news.one/plugin/js/e-client.v2.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.211.60.56 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 05 Nov 2021 13:02:20 GMT
content-encoding: gzip
vary: Origin, Accept-Encoding
keep-alive: timeout=5
transfer-encoding: chunked
content-type: application/json; charset=utf-8

GET
H2 200 youtube-512.png
cdn1.iconfinder.com/data/icons/logotypes/32/ 4 KB
4 KB 126ms
49ms Image
image/webp 2606:4700:3108::ac42:28e2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn1.iconfinder.com/data/icons/logotypes/32/youtube-512.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:28e2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2cde4918567fd7c3ad60ecd1033bbd0a554c09f2cf28a256b7bea7a4120f533d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 13:02:20 GMT
via: 1.1 vegur
x-content-type-options: nosniff
cf-cache-status: HIT
age: 101440
cf-polished: origFmt=png, origSize=9019
content-disposition: inline; filename="youtube-512.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 3828
x-request-id: 971fe263-0296-4fc9-8432-816128de198b
expires: Sat, 05 Nov 2022 13:02:20 GMT
last-modified: Wed, 20 Oct 2021 17:02:35 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/webp
access-control-allow-origin: *
vary: Accept
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6a96469f5e1c3743-MXP
cf-bgj: imgq:100,h2pri

GET client
wbidr.com/offer/ 0
0

GET
H/1.1 200
OK client Show response
wbidder.online/offer/ 4 KB
1 KB 333ms
290ms Fetch
application/json 81.171.6.34
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://wbidder.online/offer/client?affid=onw_15602&subid=D3O8MGMA8V&days=8&count=3
Requested by: Host: daily-news.one
URL: https://daily-news.one/lp/plugin/js/client2.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 81.171.6.34 Bocholtz, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: bcb24c1159980a767555d2b057f927e67d38e2893e67e754a6990cb545ad6e09

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 05 Nov 2021 13:02:20 GMT
content-encoding: gzip
vary: Origin, Accept-Encoding
keep-alive: timeout=5
transfer-encoding: chunked
content-type: application/json; charset=utf-8

GET
H2 200 newB1modal.png
cdn.special-offers.online/pluginstuff/ 9 KB
9 KB 400ms
24ms Image
image/png 8.253.95.113
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.special-offers.online/pluginstuff/newB1modal.png
Requested by: Host: daily-news.one
URL: https://daily-news.one/31mar21/6/?cp=9&tn=60&tx=95&cp=10&tag=15602&tag1=musicplayer&tag2=D3O8MGMA8V&tag3=15602&tag4=dating&clickid=a99ce89a7a64a988bcfec1a865d0a1a0-4888-1104&device=Desktop&brand=Desktop&model=Desktop&country=US&affid=15602&subid=D3O8MGMA8V&ln=en&cid=usd&useragent=%7Bvar:useragent%7D&ip=50.199.90.242&bv=Chrome%2095&as=pc&gf=20.
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 8.253.95.113 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: SE-1.15.12 /
Resource Hash

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 13:02:20 GMT
last-modified: Tue, 08 May 2018 15:55:26 GMT
server: SE-1.15.12
age: 1311383
etag: "5af1c86e-2359"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
x-cachetier-status: EXPIRED
x-cdn: Level3
accept-ranges: bytes
content-length: 9049
x-edgecache-status: MISS
expires: Sat, 20 Nov 2021 08:45:57 GMT

GET
H2 206 onBack.mp3
cdn.special-offers.online/ 18 KB
19 KB 408ms
36ms Media
audio/mpeg 8.253.95.113
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.special-offers.online/onBack.mp3
Requested by: Host: daily-news.one
URL: https://daily-news.one/31mar21/6/?cp=9&tn=60&tx=95&cp=10&tag=15602&tag1=musicplayer&tag2=D3O8MGMA8V&tag3=15602&tag4=dating&clickid=a99ce89a7a64a988bcfec1a865d0a1a0-4888-1104&device=Desktop&brand=Desktop&model=Desktop&country=US&affid=15602&subid=D3O8MGMA8V&ln=en&cid=usd&useragent=%7Bvar:useragent%7D&ip=50.199.90.242&bv=Chrome%2095&as=pc&gf=20.
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 8.253.95.113 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: SE-1.15.12 /
Resource Hash

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Range: bytes=0-

Response headers

date: Fri, 05 Nov 2021 13:02:20 GMT
last-modified: Wed, 26 Apr 2017 17:44:10 GMT
server: SE-1.15.12
age: 1311429
etag: "5900dc6a-4922"
content-type: audio/mpeg
Content-Range: bytes 0-18721/18722
cache-control: max-age=2592000
x-cachetier-status: HIT
x-cdn: Level3
access-control-allow-origin: *
Content-Length: 18722
x-edgecache-status: MISS
expires: Sat, 20 Nov 2021 08:45:11 GMT

POST
H2 200 collect
www.google-analytics.com/ 35 B
0 80ms
29ms Fetch
image/gif 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/collect

Requested by

Host: daily-news.one
URL: https://daily-news.one/plugin/js/log.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
Accept-Language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 05 Nov 2021 13:02:20 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: https://daily-news.one
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 spinner.gif
special-offers.online/flow-lp/porsche-1/img/ 113 KB
113 KB 53ms
15ms Image
image/gif 95.168.170.165
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://special-offers.online/flow-lp/porsche-1/img/spinner.gif

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.168.170.165 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

Software

nginx /

Resource Hash

7ffbc5613ad711543dc07ae92ea8a151ed27fa356f0a591181910f4270b2e908

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 13:02:20 GMT
last-modified: Fri, 01 Nov 2019 13:26:09 GMT
server: nginx
etag: "5dbc3271-1c3fd"
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 115709
expires: Sun, 05 Dec 2021 13:02:20 GMT

GET
H2

200

special-contentforyou.php Show response
int.special-offers.online/common/content/
Redirect Chain

https://track.special-promotions.online/15G9io?cp=10&tn=60&tx=95&tag=15602&tag1=musicplayer&tag2=D3O8MGMA8V&tag3=15602&tag4=dating&clickid=a99ce89a7a64a988bcfec1a865d0a1a0-4888-1104&device=Desktop&...
https://clk.wbidder.online/redirect?url=https%3A%2F%2Fint.special-offers.online%2Fcommon%2Fcontent%2Fspecial-contentforyou.php%3Faffid%3Dbid_15602%26subid%3DD3O8MGMA8V%26sClient%3D1%26r%3D163611734...
https://int.special-offers.online/common/content/special-contentforyou.php?affid=bid_15602&subid=D3O8MGMA8V&sClient=1&r=1636117340.0.9142006010310948

3 KB
3 KB

110ms
15ms

Document
text/html

95.168.170.165
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://int.special-offers.online/common/content/special-contentforyou.php?affid=bid_15602&subid=D3O8MGMA8V&sClient=1&r=1636117340.0.9142006010310948

Requested by

Host: daily-news.one
URL: https://daily-news.one/lp/plugin/js/client2.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.168.170.165 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

Software

nginx /

Resource Hash

393fef02a9233cb9ca9029855d4a73fa0244c620759c0fa7987d6e75a7457fb6

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: nl-NL,nl;q=0.9
Referer: https://daily-news.one/31mar21/6/?cp=9&tn=60&tx=95&cp=10&tag=15602&tag1=musicplayer&tag2=D3O8MGMA8V&tag3=15602&tag4=dating&clickid=a99ce89a7a64a988bcfec1a865d0a1a0-4888-1104&device=Desktop&brand=Desktop&model=Desktop&country=US&affid=15602&subid=D3O8MGMA8V&ln=en&cid=usd&useragent=%7Bvar:useragent%7D&ip=50.199.90.242&bv=Chrome%2095&as=pc&gf=20.

Response headers

server: nginx
date: Fri, 05 Nov 2021 13:02:20 GMT
content-type: text/html; charset=UTF-8
x-frame-options: SAMEORIGIN

Redirect headers

vary: Origin
access-control-allow-origin: *
location: https://int.special-offers.online/common/content/special-contentforyou.php?affid=bid_15602&subid=D3O8MGMA8V&sClient=1&r=1636117340.0.9142006010310948
content-length: 0
date: Fri, 05 Nov 2021 13:02:20 GMT

GET icon
crtv.wboptim.online/ 0
0

GET
H2 200 offerwall.clickpush.com.964329.js Show response
jsc.adskeeper.co.uk/o/f/ 2 KB
1 KB 76ms
27ms Script
text/javascript 104.19.133.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.adskeeper.co.uk/o/f/offerwall.clickpush.com.964329.js
Requested by: Host: int.special-offers.online
URL: https://int.special-offers.online/common/content/special-contentforyou.php?affid=bid_15602&subid=D3O8MGMA8V&sClient=1&r=1636117340.0.9142006010310948
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 19247a03b4a5a8eceeeb30f0772650d1d6439ff15989f483f419e90b253470cf

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://int.special-offers.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 13:02:20 GMT
content-encoding: br
cf-cache-status: HIT
age: 2569
last-modified: Wed, 03 Nov 2021 10:42:37 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: F9FXEMFDF531YHT6
x-amz-id-2: BaE2hCBKdaMS6CQldstMP6+OWX40ugM19/Q3cVQjbRqQrD123iZ+EFobVXYw1RXJv1/Ra4ucNVw=
cf-bgj: minify
server: cloudflare
etag: W/"a7854587402d5679eb4d1f0f62b843db"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=14400
cf-ray: 6a9646a4c8426b50-AMS
expires: Fri, 05 Nov 2021 17:02:20 GMT

GET
H2 200 IndexedDb.js Show response
free-coupons.network/lp/plugin/js/ 4 KB
4 KB 54ms
15ms Script
application/javascript 213.227.145.147
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://free-coupons.network/lp/plugin/js/IndexedDb.js

Requested by

Host: int.special-offers.online
URL: https://int.special-offers.online/common/content/special-contentforyou.php?affid=bid_15602&subid=D3O8MGMA8V&sClient=1&r=1636117340.0.9142006010310948

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

213.227.145.147 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

Software

nginx /

Resource Hash

2ae833f4464565f0a42688dc6e386f1e2fdfd63ccafe93151404b4c27fa9f8f7

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://int.special-offers.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 13:02:20 GMT
last-modified: Fri, 03 Jul 2020 09:20:38 GMT
server: nginx
etag: "5efef866-1012"
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 4114
expires: Sun, 05 Dec 2021 13:02:20 GMT

GET
H2 200 log.js Show response
free-coupons.network/lp/plugin/js/ 1 KB
2 KB 55ms
16ms Script
application/javascript 213.227.145.147
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://free-coupons.network/lp/plugin/js/log.js

Requested by

Host: int.special-offers.online
URL: https://int.special-offers.online/common/content/special-contentforyou.php?affid=bid_15602&subid=D3O8MGMA8V&sClient=1&r=1636117340.0.9142006010310948

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

213.227.145.147 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

Software

nginx /

Resource Hash

b126582a2dc15643553ecc896192ffe2b58858c39571411ef548013a0be9d258

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://int.special-offers.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 13:02:20 GMT
last-modified: Fri, 03 Jul 2020 09:20:39 GMT
server: nginx
etag: "5efef867-5c3"
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 1475
expires: Sun, 05 Dec 2021 13:02:20 GMT

GET
H2 200 client.js Show response
free-coupons.network/lp/plugin/js/ 99 KB
99 KB 73ms
34ms Script
application/javascript 213.227.145.147
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://free-coupons.network/lp/plugin/js/client.js

Requested by

Host: int.special-offers.online
URL: https://int.special-offers.online/common/content/special-contentforyou.php?affid=bid_15602&subid=D3O8MGMA8V&sClient=1&r=1636117340.0.9142006010310948

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

213.227.145.147 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

Software

nginx /

Resource Hash

e68a5fa473afa396b513a8a02c197417123b13dc4b0109af33de25d49da9e862

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://int.special-offers.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 13:02:20 GMT
last-modified: Fri, 03 Jul 2020 09:20:39 GMT
server: nginx
etag: "5efef867-18c61"
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 101473
expires: Sun, 05 Dec 2021 13:02:20 GMT

GET
H2 200 bidder-interval.js Show response
free-coupons.network/plugin/js/ 8 KB
8 KB 66ms
29ms Script
application/javascript 213.227.145.147
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://free-coupons.network/plugin/js/bidder-interval.js

Requested by

Host: int.special-offers.online
URL: https://int.special-offers.online/common/content/special-contentforyou.php?affid=bid_15602&subid=D3O8MGMA8V&sClient=1&r=1636117340.0.9142006010310948

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

213.227.145.147 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

Software

nginx /

Resource Hash

24141558e900e7958550c5fd92cc9b06c901ca0eee038bba7ed53b5c6e539ff6

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://int.special-offers.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 13:02:20 GMT
last-modified: Fri, 06 Aug 2021 08:27:00 GMT
server: nginx
etag: "610cf254-1f8f"
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 8079
expires: Sun, 05 Dec 2021 13:02:20 GMT

GET
H2 200 bidder.js Show response
free-coupons.network/plugin/js/ 14 KB
14 KB 64ms
27ms Script
application/javascript 213.227.145.147
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://free-coupons.network/plugin/js/bidder.js

Requested by

Host: int.special-offers.online
URL: https://int.special-offers.online/common/content/special-contentforyou.php?affid=bid_15602&subid=D3O8MGMA8V&sClient=1&r=1636117340.0.9142006010310948

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

213.227.145.147 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

Software

nginx /

Resource Hash

b5e6f5bdadae7c9848885393c515f75dc1b65e4b1e6002fd7f51207831e7b476

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://int.special-offers.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 13:02:20 GMT
last-modified: Tue, 12 Oct 2021 12:17:48 GMT
server: nginx
etag: "61657cec-3678"
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 13944
expires: Sun, 05 Dec 2021 13:02:20 GMT

GET
H2 200 offerwall.clickpush.com.964329.es6.js Show response
jsc.adskeeper.co.uk/o/f/ 233 KB
65 KB 219ms
219ms Script
text/javascript 104.19.133.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.adskeeper.co.uk/o/f/offerwall.clickpush.com.964329.es6.js
Requested by: Host: jsc.adskeeper.co.uk
URL: https://jsc.adskeeper.co.uk/o/f/offerwall.clickpush.com.964329.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8fdc2769d3aa7a2652012e25b24fe82a964ffc6eac486b058c7bd56aeceb663a

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://int.special-offers.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 13:02:21 GMT
content-encoding: br
cf-cache-status: REVALIDATED
x-amz-request-id: G6ZV7MFM8F673CJ1
last-modified: Wed, 03 Nov 2021 10:42:37 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-id-2: CySglwp9xHibKyT2XmZ15A2wAW2xIDtA9ueXsC2oILuqW//oNkJCXT840bEclHLF9kWtzngMY4M=
cf-bgj: minify
server: cloudflare
etag: W/"5fe2354ba19eb7767440d40aaa9a1400"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=14400
cf-ray: 6a9646a4f8b36b50-AMS
expires: Fri, 05 Nov 2021 17:02:21 GMT

GET
H/1.1 200
OK client Show response
wbidder.online/offer/ 2 B
280 B 1240ms
1240ms Fetch
application/json 81.171.6.34
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://wbidder.online/offer/client?affid=onw_bid_15602&subid=D3O8MGMA8V&days=8&count=3
Requested by: Host: free-coupons.network
URL: https://free-coupons.network/lp/plugin/js/client.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 81.171.6.34 Bocholtz, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 05 Nov 2021 13:02:22 GMT
content-encoding: gzip
vary: Origin, Accept-Encoding
keep-alive: timeout=5
transfer-encoding: chunked
content-type: application/json; charset=utf-8

GET
H2 200 newB1modal.png
cdn.special-offers.online/pluginstuff/ 9 KB
9 KB 23ms
22ms Image
image/png 8.253.95.113
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.special-offers.online/pluginstuff/newB1modal.png
Requested by: Host: int.special-offers.online
URL: https://int.special-offers.online/common/content/special-contentforyou.php?affid=bid_15602&subid=D3O8MGMA8V&sClient=1&r=1636117340.0.9142006010310948
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 8.253.95.113 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: SE-1.15.12 /
Resource Hash: 3f0014f83976d1cf838ba0bb0dd7b9150457ebc601c4f6840d8e16620c12ad5b

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 13:02:21 GMT
last-modified: Tue, 08 May 2018 15:55:26 GMT
server: SE-1.15.12
age: 1311384
etag: "5af1c86e-2359"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
x-cachetier-status: EXPIRED
x-cdn: Level3
accept-ranges: bytes
content-length: 9049
x-edgecache-status: MISS
expires: Sat, 20 Nov 2021 08:45:57 GMT

GET
H/1.1 200
OK client Show response
wbidr.com/offer/ 2 KB
1 KB 831ms
831ms Fetch
application/json 95.211.60.56
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://wbidr.com/offer/client?affid=onw_bid_15602&subid=D3O8MGMA8V&days=8
Requested by: Host: free-coupons.network
URL: https://free-coupons.network/plugin/js/bidder.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.211.60.56 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: 3e879597eb09c44d0897e1c1f0b57a17c0f8871699ce8e094beff968d36f91f7

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 05 Nov 2021 13:02:21 GMT
content-encoding: gzip
vary: Origin, Accept-Encoding
keep-alive: timeout=5
transfer-encoding: chunked
content-type: application/json; charset=utf-8

GET
H2 206 onBack.mp3
cdn.special-offers.online/ 18 KB
0 24ms
24ms Media
audio/mpeg 8.253.95.113
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.special-offers.online/onBack.mp3
Requested by: Host: int.special-offers.online
URL: https://int.special-offers.online/common/content/special-contentforyou.php?affid=bid_15602&subid=D3O8MGMA8V&sClient=1&r=1636117340.0.9142006010310948
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 8.253.95.113 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: SE-1.15.12 /
Resource Hash

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Range: bytes=0-

Response headers

date: Fri, 05 Nov 2021 13:02:21 GMT
last-modified: Wed, 26 Apr 2017 17:44:10 GMT
server: SE-1.15.12
age: 1311430
etag: "5900dc6a-4922"
content-type: audio/mpeg
Content-Range: bytes 0-18721/18722
cache-control: max-age=2592000
x-cachetier-status: HIT
x-cdn: Level3
access-control-allow-origin: *
Content-Length: 18722
x-edgecache-status: MISS
expires: Sat, 20 Nov 2021 08:45:11 GMT

POST
H2 200 collect
www.google-analytics.com/ 35 B
0 28ms
28ms Fetch
image/gif 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/collect

Requested by

Host: free-coupons.network
URL: https://free-coupons.network/lp/plugin/js/log.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
Accept-Language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 05 Nov 2021 13:02:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: https://int.special-offers.online
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 spinner.gif
special-offers.online/flow-lp/porsche-1/img/ 113 KB
113 KB 15ms
15ms Image
image/gif 95.168.170.165
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://special-offers.online/flow-lp/porsche-1/img/spinner.gif

Requested by

Host: int.special-offers.online
URL: https://int.special-offers.online/common/content/special-contentforyou.php?affid=bid_15602&subid=D3O8MGMA8V&sClient=1&r=1636117340.0.9142006010310948

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.168.170.165 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

Software

nginx /

Resource Hash

7ffbc5613ad711543dc07ae92ea8a151ed27fa356f0a591181910f4270b2e908

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 13:02:21 GMT
last-modified: Fri, 01 Nov 2019 13:26:09 GMT
server: nginx
etag: "5dbc3271-1c3fd"
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 115709
expires: Sun, 05 Dec 2021 13:02:21 GMT

GET
H2 200 / Show response
c.adskeeper.co.uk/pv/ 0
285 B 83ms
73ms Script
text/plain 104.19.133.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.adskeeper.co.uk/pv/?pv=5&src_id=bid_15602&cbuster=1636117341561384219199&uniqId=0e03e&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Fint.special-offers.online%2Fcommon%2Fcontent%2Fspecial-contentforyou.php%3Faffid%3Dbid_15602%26subid%3DD3O8MGMA8V%26sClient%3D1%26r%3D1636117340.0.9142006010310948&lu=https%3A%2F%2Fint.special-offers.online%2Fcommon%2Fcontent%2Fspecial-contentforyou.php%3Faffid%3Dbid_15602%26subid%3DD3O8MGMA8V%26sClient%3D1%26r%3D1636117340.0.9142006010310948&sessionId=61852b5e-0157d&pageView=1&pvid=17cf031657aa61571cd&site=613482&implVersion=11&dpr=1
Requested by: Host: jsc.adskeeper.co.uk
URL: https://jsc.adskeeper.co.uk/o/f/offerwall.clickpush.com.964329.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://int.special-offers.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Nov 2021 13:02:21 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 6a9646a8e91e6b50-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 adskeeper_svg.svg
cdn.adskeeper.co.uk/images/ 4 KB
1 KB 38ms
28ms Image
image/svg+xml 104.19.133.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.adskeeper.co.uk/images/adskeeper_svg.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c1798ee0e6e7de78f91bb457e6670385951caea9fc9c97295ca303ec6fe49be

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 13:02:21 GMT
content-encoding: br
cf-cache-status: HIT
age: 6343
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: STBT0HSHGQK0T59Q
x-amz-id-2: HO61UXHp1/THGWOoHoYXpKwBWiUjiy3IsvVvYdSeEVeKa3d2gbpgmny/QikXuvvHzfOAkTYN1SI=
last-modified: Tue, 08 Dec 2020 08:34:59 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1607416491/ctime:1607416491/gid:0/gname:root/md5:93f6d1136fb77e38a0a2c72108588f09/mode:33206/mtime:1607416491/uid:0/uname:root
etag: W/"93f6d1136fb77e38a0a2c72108588f09"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=14400
cf-ray: 6a9646a8f94a6b50-AMS
expires: Fri, 05 Nov 2021 17:02:21 GMT

GET
H2 200 1 Show response
servicer.adskeeper.co.uk/964329/ 5 KB
2 KB 107ms
81ms Script
application/x-javascript 104.19.133.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.adskeeper.co.uk/964329/1?pv=5&src_id=bid_15602&cbuster=1636117341635336908816&uniqId=0e03e&niet=4g&nisd=false&jsv=es6&w=1584&h=821&cols=3&ref=&cxurl=https%3A%2F%2Fint.special-offers.online%2Fcommon%2Fcontent%2Fspecial-contentforyou.php%3Faffid%3Dbid_15602%26subid%3DD3O8MGMA8V%26sClient%3D1%26r%3D1636117340.0.9142006010310948&lu=https%3A%2F%2Fint.special-offers.online%2Fcommon%2Fcontent%2Fspecial-contentforyou.php%3Faffid%3Dbid_15602%26subid%3DD3O8MGMA8V%26sClient%3D1%26r%3D1636117340.0.9142006010310948&sessionId=61852b5e-0157d&pageView=1&pvid=17cf031657aa61571cd&implVersion=11&dpr=1
Requested by: Host: jsc.adskeeper.co.uk
URL: https://jsc.adskeeper.co.uk/o/f/offerwall.clickpush.com.964329.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eca0543190abd40468ed89ba4ae6588a0ee0496a0e1cdf7fc1d5301e2e9ab4df

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://int.special-offers.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Nov 2021 13:02:21 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/x-javascript; charset=utf-8
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 6a9646a97a876b50-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 adskeeper_svg.svg
cdn.adskeeper.co.uk/images/ 4 KB
2 KB 33ms
32ms Image
image/svg+xml 104.19.133.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.adskeeper.co.uk/images/adskeeper_svg.svg
Requested by: Host: jsc.adskeeper.co.uk
URL: https://jsc.adskeeper.co.uk/o/f/offerwall.clickpush.com.964329.es6.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.133.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c1798ee0e6e7de78f91bb457e6670385951caea9fc9c97295ca303ec6fe49be

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 13:02:21 GMT
content-encoding: br
cf-cache-status: HIT
age: 6343
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: STBT0HSHGQK0T59Q
x-amz-id-2: HO61UXHp1/THGWOoHoYXpKwBWiUjiy3IsvVvYdSeEVeKa3d2gbpgmny/QikXuvvHzfOAkTYN1SI=
last-modified: Tue, 08 Dec 2020 08:34:59 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1607416491/ctime:1607416491/gid:0/gname:root/md5:93f6d1136fb77e38a0a2c72108588f09/mode:33206/mtime:1607416491/uid:0/uname:root
etag: W/"93f6d1136fb77e38a0a2c72108588f09"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=14400
cf-ray: 6a9646aa0eb61e75-AMS
expires: Fri, 05 Nov 2021 17:02:21 GMT

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0LzRlMmNlNzhkMjk5NDM4Yjg4YjE1NGY0ZWE5MzI1MTNjLmpwZWc.webp
s-img.adskeeper.co.uk/g/4023143/492x328/0x80x1024x682/ 19 KB
19 KB 94ms
45ms Image
image/webp 104.19.131.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.adskeeper.co.uk/g/4023143/492x328/0x80x1024x682/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0LzRlMmNlNzhkMjk5NDM4Yjg4YjE1NGY0ZWE5MzI1MTNjLmpwZWc.webp?v=1636117341-iXgO9lUlU6nVR7EcLuOmt7zlIcNqzbehdYFqDXoePLE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.131.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c43cb3cf9a1433f627239bbd19eae768c63b38e713ed8b605ab762d8e64e81f2

Request headers

Referer
Origin: https://int.special-offers.online
Accept-Language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 13:02:21 GMT
cf-cache-status: HIT
last-modified: Fri, 01 Oct 2021 14:24:04 GMT
x-mg-request-uuid: 2aed3e9b-9a3b-41aa-90a1-d66f14fd1167
age: 3014655
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6a9646aa587e4c2b-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 19242
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzFhOWQzMDlmMGFiMDMxMzNkZjA0ZjIwNjBhMjkzOWMxLmpwZWc.webp
s-img.adskeeper.co.uk/g/3887977/492x328/0x0x857x571/ 40 KB
40 KB 115ms
67ms Image
image/webp 104.19.131.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.adskeeper.co.uk/g/3887977/492x328/0x0x857x571/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzFhOWQzMDlmMGFiMDMxMzNkZjA0ZjIwNjBhMjkzOWMxLmpwZWc.webp?v=1636117341-hpHckm8VUiaC3kuE3S9ZAw3AhX7TiMUMMBHD5JtcttE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.131.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 89be742d7859712b8e9b281d503dec09692718d3bbd60c8133174d033f90db7a

Request headers

Referer
Origin: https://int.special-offers.online
Accept-Language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 13:02:21 GMT
cf-cache-status: HIT
last-modified: Fri, 01 Oct 2021 14:23:59 GMT
x-mg-request-uuid: a261302a-5c2f-4c6c-87e3-008d782fa895
age: 3014247
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6a9646aa58814c2b-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 40508
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMTAvMTc1Njg1L2Y1NzM2Yjk4N2NkMDIxZTA1MzUxYzUyZDJjZDE1OGVjLmpwZWc.webp
s-img.adskeeper.co.uk/g/4415482/492x328/0x187x681x454/ 12 KB
12 KB 96ms
48ms Image
image/webp 104.19.131.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.adskeeper.co.uk/g/4415482/492x328/0x187x681x454/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMTAvMTc1Njg1L2Y1NzM2Yjk4N2NkMDIxZTA1MzUxYzUyZDJjZDE1OGVjLmpwZWc.webp?v=1636117341-Edhwp4yeyusCqUufEHG8iJWVhXAfXRh-lWyl9UfFT0U
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.131.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 341281d30ec1780b80f7c17ccba1cd2026e722ea43f43337061ef61c20c94e04

Request headers

Referer
Origin: https://int.special-offers.online
Accept-Language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 13:02:21 GMT
cf-cache-status: HIT
last-modified: Fri, 01 Oct 2021 14:26:20 GMT
x-mg-request-uuid: 02383954-f411-4e2f-9364-6ba128ae7368
age: 53077
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6a9646aa58824c2b-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 12492
server: cloudflare

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTA4LzEwMTkyNC8yOGMwMjdhYjk2NTc1NjI4N...
s-img.adskeeper.co.uk/g/10881013/492x328/-/ 19 KB
19 KB 360ms
312ms Image
image/webp 104.19.131.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.adskeeper.co.uk/g/10881013/492x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTA4LzEwMTkyNC8yOGMwMjdhYjk2NTc1NjI4NWYxMDJlZThkMzMwZTA0MC5qcGVn.webp?v=1636117341-5L2-7QhZjLWCUxPWt2wXsjTG8NvyV5yrCmdZjGbfLhA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.131.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 966d55c803c231c8840a9b02798052ad467038d99779f2d23d2c2900f6b71973

Request headers

Referer
Origin: https://int.special-offers.online
Accept-Language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 13:02:22 GMT
cf-cache-status: MISS
last-modified: Tue, 05 Oct 2021 13:46:31 GMT
x-mg-request-uuid: 13b0e998-504a-4c94-b7ab-a82a6d1d809e
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6a9646aa58834c2b-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 19768
server: cloudflare

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTAzLzEwMTkyNC8xOGQwNGQ3OWM0NGU5NzQ2O...
s-img.adskeeper.co.uk/g/10881047/492x328/-/ 18 KB
18 KB 76ms
29ms Image
image/webp 104.19.131.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.adskeeper.co.uk/g/10881047/492x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTAzLzEwMTkyNC8xOGQwNGQ3OWM0NGU5NzQ2OWQzY2NiMWI4ODUzNjVkOC5qcGVn.webp?v=1636117341-wNPpxDZTWeO1VOecLycpZHa3g1ByotDCYXdBctkVtRI
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.131.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ccf225c0ce0bb9624866e26b19aabf989a1d7847578c52d5a5a78881b9e5cc53

Request headers

Referer
Origin: https://int.special-offers.online
Accept-Language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 13:02:21 GMT
cf-cache-status: HIT
last-modified: Tue, 05 Oct 2021 13:46:41 GMT
x-mg-request-uuid: a4b5d8e3-45e7-4e45-a8ac-f644715d074b
age: 12520
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6a9646aa58844c2b-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 18018
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzMyOGRjMGYxNzE2MzMzMGU2NDA2MmZkNTgxMDBkMzExLmpwZWc.webp
s-img.adskeeper.co.uk/g/3944295/492x328/96x0x866x577/ 18 KB
18 KB 105ms
58ms Image
image/webp 104.19.131.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.adskeeper.co.uk/g/3944295/492x328/96x0x866x577/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzMyOGRjMGYxNzE2MzMzMGU2NDA2MmZkNTgxMDBkMzExLmpwZWc.webp?v=1636117341-i3j4L7uyEMPAb-4n-aGPBHl67JOf746I1FxjE90-Zdo
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.131.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dc4054b757ca7b7c187132a4506d45a523ff1a51a34d5ccfa5d514396beda0e1

Request headers

Referer
Origin: https://int.special-offers.online
Accept-Language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 13:02:21 GMT
cf-cache-status: HIT
last-modified: Fri, 01 Oct 2021 14:24:26 GMT
x-mg-request-uuid: 51b45655-4806-4b38-a707-5b362e718a5f
age: 67561
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6a9646aa58854c2b-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 18556
server: cloudflare

GET
H3 200 int_exchange_wages_src.svg
cdn.adskeeper.co.uk/images/adskeeper/ 855 B
980 B 24ms
23ms Image
image/svg+xml 104.19.133.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.adskeeper.co.uk/images/adskeeper/int_exchange_wages_src.svg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.133.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bf48ab5bd0aa94e42a820a7714971f4e29b680774aac08b4bd0ae1cf21b16167

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 13:02:21 GMT
content-encoding: br
cf-cache-status: HIT
age: 4696
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: QZTPRBW175B7V9ZC
x-amz-id-2: hNQScEjeeLikVzRyhK9QBUUCZtdecXALUsLIin0HwCqa9wkXLQbggEimIthB0YAHQSzT6cdNSg8=
last-modified: Mon, 04 May 2020 12:16:42 GMT
server: cloudflare
etag: W/"8a4c1edaf146a31549d5287a7ab74b63"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=14400
cf-ray: 6a9646aa2eea1e75-AMS
expires: Fri, 05 Nov 2021 17:02:21 GMT

GET
H3 200 int_exchange_wages_ad.svg
cdn.adskeeper.co.uk/images/adskeeper/ 1 KB
1 KB 25ms
24ms Image
image/svg+xml 104.19.133.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.adskeeper.co.uk/images/adskeeper/int_exchange_wages_ad.svg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.133.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 096a4bb9d7f8588a8520d57f103bdf0dae273af88fc0265371124c048bff7b05

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 13:02:21 GMT
content-encoding: br
cf-cache-status: HIT
age: 5454
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: QK25EK44YG8K96HC
x-amz-id-2: kcbn3ASjvFt8UaJZTbJyaNXt0kt9v7Z1k4CX32TYAT54LPl3FbK+tSPPeMICVGIuwFiIoyXekCI=
last-modified: Mon, 04 May 2020 12:16:42 GMT
server: cloudflare
etag: W/"37346cd2daeeec771e8ffe3a34ef43ea"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=14400
cf-ray: 6a9646aa2eec1e75-AMS
expires: Fri, 05 Nov 2021 17:02:21 GMT

GET
H2 200 i.js Show response
cm.adskeeper.co.uk/ 113 B
254 B 215ms
204ms Script
application/javascript 104.19.133.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.adskeeper.co.uk/i.js?&cbuster=1636117341794201885197
Requested by: Host: jsc.adskeeper.co.uk
URL: https://jsc.adskeeper.co.uk/o/f/offerwall.clickpush.com.964329.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 69237f4898457345d15088212b13728ad538f648cc75c9c40470ef7532bfa4cb

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Nov 2021 13:02:22 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 05 Nov 2021 13:02:22 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 6a9646aa5c5c6b50-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 i-noref.js Show response
cm.adskeeper.co.uk/ Frame ADE5 19 B
77 B 209ms
209ms Script
application/javascript 104.19.133.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.adskeeper.co.uk/i-noref.js?cbuster=1636117341811112449703
Requested by: Host: jsc.adskeeper.co.uk
URL: https://jsc.adskeeper.co.uk/o/f/offerwall.clickpush.com.964329.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Nov 2021 13:02:22 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 05 Nov 2021 13:02:22 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 6a9646aa6c806b50-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3

200

aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDYvMTAxOTI0LzM0Yzk5OTI2OWEyODQwODc4MjViZjgxOTlhMjQzMGIyLmpwZWc.webp
s-img.adskeeper.co.uk/g/3835661/328x328/106x16x448x448/
Redirect Chain

https://crtv.wboptim.online/icon?url=https%3A%2F%2Fc.adskeeper.co.uk%2Fc%3Fpv%3D2%26v%3D0%7C0%7C0%7Cu_X1_cMX-2CyRpjEOC0Y_6gLA9ziiLJosQ8SvZAJ3pjLjKtZAdYtYylaNhxTwHFj%26cid%3D721392%26f%3D1%26h2%3DTk...
https://c.adskeeper.co.uk/c?pv=2&v=0|0|0|u_X1_cMX-2CyRpjEOC0Y_6gLA9ziiLJosQ8SvZAJ3pjLjKtZAdYtYylaNhxTwHFj&cid=721392&f=1&h2=TksHyUx4_agIKijc0a11upCVMW4LAIrJQS4dA0CrhS4*&rid=9cc3c733-3e38-11ec-b93f-...
https://s-img.adskeeper.co.uk/g/3835661/328x328/106x16x448x448/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDYvMTAxOTI0LzM0Yzk5OTI2OWEyODQwODc4MjViZjgxOTlhMjQzMGIyLmpwZWc.webp?v=1636117341-rzy4qoSTbKv4Sbwy...

16 KB
17 KB

31ms
30ms

Image
image/webp

104.19.133.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.adskeeper.co.uk/g/3835661/328x328/106x16x448x448/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDYvMTAxOTI0LzM0Yzk5OTI2OWEyODQwODc4MjViZjgxOTlhMjQzMGIyLmpwZWc.webp?v=1636117341-rzy4qoSTbKv4Sbwydu1LAjyLDbFawTrXEmDwz-8At8I
Protocol: H3
Server: 104.19.133.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 84b13f767ed7011dfe778ceee82c889dcc1b5dc21a376d2a906a5d8f79272f8b

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 13:02:22 GMT
cf-cache-status: HIT
last-modified: Tue, 13 Oct 2020 11:31:29 GMT
x-mg-request-uuid: 701d5cea-2fee-4282-b440-8ffc7c77c8ef
age: 16961490
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6a9646ab99231e75-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 16884
server: cloudflare

Redirect headers

pragma: no-cache
date: Fri, 05 Nov 2021 13:02:22 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: fefd8f86-8b70-4dfa-b723-9c4e545dc243
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
location: https://s-img.adskeeper.co.uk/g/3835661/328x328/106x16x448x448/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDYvMTAxOTI0LzM0Yzk5OTI2OWEyODQwODc4MjViZjgxOTlhMjQzMGIyLmpwZWc.webp?v=1636117341-rzy4qoSTbKv4Sbwydu1LAjyLDbFawTrXEmDwz-8At8I
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 6a9646aad8041e75-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server: cloudflare

GET
H3 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0LzRlMmNlNzhkMjk5NDM4Yjg4YjE1NGY0ZWE5MzI1MTNjLmpwZWc.webp
s-img.adskeeper.co.uk/g/4023143/492x328/0x80x1024x682/ 19 KB
19 KB 46ms
26ms Image
image/webp 104.19.131.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.adskeeper.co.uk/g/4023143/492x328/0x80x1024x682/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0LzRlMmNlNzhkMjk5NDM4Yjg4YjE1NGY0ZWE5MzI1MTNjLmpwZWc.webp?v=1636117341-iXgO9lUlU6nVR7EcLuOmt7zlIcNqzbehdYFqDXoePLE
Requested by: Host: jsc.adskeeper.co.uk
URL: https://jsc.adskeeper.co.uk/o/f/offerwall.clickpush.com.964329.es6.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.131.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c43cb3cf9a1433f627239bbd19eae768c63b38e713ed8b605ab762d8e64e81f2

Request headers

Referer
Origin: https://int.special-offers.online
Accept-Language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 13:02:21 GMT
cf-cache-status: HIT
last-modified: Fri, 01 Oct 2021 14:24:04 GMT
x-mg-request-uuid: 2aed3e9b-9a3b-41aa-90a1-d66f14fd1167
age: 3014655
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6a9646aacc1ffa64-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 19242
server: cloudflare

GET
H3 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTAzLzEwMTkyNC8xOGQwNGQ3OWM0NGU5NzQ2O...
s-img.adskeeper.co.uk/g/10881047/492x328/-/ 18 KB
18 KB 62ms
42ms Image
image/webp 104.19.131.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.adskeeper.co.uk/g/10881047/492x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTAzLzEwMTkyNC8xOGQwNGQ3OWM0NGU5NzQ2OWQzY2NiMWI4ODUzNjVkOC5qcGVn.webp?v=1636117341-wNPpxDZTWeO1VOecLycpZHa3g1ByotDCYXdBctkVtRI
Requested by: Host: jsc.adskeeper.co.uk
URL: https://jsc.adskeeper.co.uk/o/f/offerwall.clickpush.com.964329.es6.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.131.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ccf225c0ce0bb9624866e26b19aabf989a1d7847578c52d5a5a78881b9e5cc53

Request headers

Referer
Origin: https://int.special-offers.online
Accept-Language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 13:02:21 GMT
cf-cache-status: HIT
last-modified: Tue, 05 Oct 2021 13:46:41 GMT
x-mg-request-uuid: a4b5d8e3-45e7-4e45-a8ac-f644715d074b
age: 12520
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6a9646aacc22fa64-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 18018
server: cloudflare

GET
H2 200 /
cm.steepto.com/setmuidn/ 0
173 B 194ms
150ms Image
image/gif 104.19.138.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.steepto.com/setmuidn/?muidf=la5l49ib6R26
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.138.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 13:02:22 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6a9646abe9e61fd2-AMS
content-length: 0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif

GET
H2

200

Primary Request contentforyou6.php Show response
video-change.digital/common/content/
Redirect Chain

http://special-offers.online/affidLink/redirect.php?affid=bid_15602&subid=D3O8MGMA8V&sClient=1&r=1636117340.0.9142006010310948
https://special-offers.online/affidLink/redirect.php?affid=bid_15602&subid=D3O8MGMA8V&sClient=1&r=1636117340.0.9142006010310948
https://track.cpa-optimizer.online/15Gxg8?subid=bid_15602_D3O8MGMA8V
https://video-change.digital/common/content/contentforyou6.php?CC=GB&tn=100&tx=150&affid=6739

5 KB
5 KB

101ms
23ms

Document
text/html

213.227.149.216
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://video-change.digital/common/content/contentforyou6.php?CC=GB&tn=100&tx=150&affid=6739

Requested by

Host: free-coupons.network
URL: https://free-coupons.network/lp/plugin/js/client.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

213.227.149.216 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

Software

nginx /

Resource Hash

41bf0a5846b0c3e922bc66247b50f8e335c833cf6d203593b1d50d677c5a5c4a

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: nl-NL,nl;q=0.9

Response headers

server: nginx
date: Fri, 05 Nov 2021 13:02:22 GMT
content-type: text/html; charset=UTF-8
x-frame-options: SAMEORIGIN

Redirect headers

Server: nginx/1.19.5
Date: Fri, 05 Nov 2021 13:02:22 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 254
Connection: keep-alive
X-Powered-By: Express
Location: https://video-change.digital/common/content/contentforyou6.php?CC=GB&tn=100&tx=150&affid=6739
Vary: Accept

GET
H3 200 offerwall.clickpush.com.963060.js Show response
jsc.adskeeper.co.uk/o/f/ 3 KB
2 KB 23ms
22ms Script
text/javascript 104.19.133.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.adskeeper.co.uk/o/f/offerwall.clickpush.com.963060.js
Requested by: Host: video-change.digital
URL: https://video-change.digital/common/content/contentforyou6.php?CC=GB&tn=100&tx=150&affid=6739
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.133.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 58c61421193923a5eafb2e113cadeefc052d12c03c4894e9d1266000ed9f7cf0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://video-change.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 13:02:22 GMT
content-encoding: br
cf-cache-status: HIT
age: 2515
cf-polished: origSize=5650
last-modified: Fri, 29 Oct 2021 20:14:19 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: JRR4519M31JRA7KD
x-amz-id-2: rBMEIZKxBatHW93x0N1gd+xBrEsZu+TMwZjeoG18+qy2SKXLvXffw5gYXyu2BWTHzYd+6qNrWL8=
cf-bgj: minify
server: cloudflare
etag: W/"2c43a826da614f02d5c42877466ee119"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=14400
cf-ray: 6a9646af8f821e75-AMS
expires: Fri, 05 Nov 2021 17:02:22 GMT

GET
H2 200 bidder.js Show response
video-change.digital/plugin/js/ 14 KB
14 KB 19ms
19ms Script
application/javascript 213.227.149.216
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://video-change.digital/plugin/js/bidder.js

Requested by

Host: video-change.digital
URL: https://video-change.digital/common/content/contentforyou6.php?CC=GB&tn=100&tx=150&affid=6739

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

213.227.149.216 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

Software

nginx /

Resource Hash

b5e6f5bdadae7c9848885393c515f75dc1b65e4b1e6002fd7f51207831e7b476

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://video-change.digital/common/content/contentforyou6.php?CC=GB&tn=100&tx=150&affid=6739
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 13:02:22 GMT
last-modified: Tue, 12 Oct 2021 12:17:48 GMT
server: nginx
etag: "61657cec-3678"
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 13944
expires: Sun, 05 Dec 2021 13:02:22 GMT

GET
H2 200 bidder-interval.js Show response
video-change.digital/plugin/js/ 8 KB
8 KB 21ms
21ms Script
application/javascript 213.227.149.216
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://video-change.digital/plugin/js/bidder-interval.js

Requested by

Host: video-change.digital
URL: https://video-change.digital/common/content/contentforyou6.php?CC=GB&tn=100&tx=150&affid=6739

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

213.227.149.216 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

Software

nginx /

Resource Hash

24141558e900e7958550c5fd92cc9b06c901ca0eee038bba7ed53b5c6e539ff6

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://video-change.digital/common/content/contentforyou6.php?CC=GB&tn=100&tx=150&affid=6739
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 13:02:22 GMT
last-modified: Fri, 06 Aug 2021 08:27:00 GMT
server: nginx
etag: "610cf254-1f8f"
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 8079
expires: Sun, 05 Dec 2021 13:02:22 GMT

GET
H/1.1 200
OK client Show response
wbidr.com/offer/ 2 B
280 B 1565ms
1565ms Fetch
application/json 95.211.60.56
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://wbidr.com/offer/client?affid=onw_6739&subid=undefined&days=8
Requested by: Host: video-change.digital
URL: https://video-change.digital/plugin/js/bidder.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.211.60.56 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 05 Nov 2021 13:02:24 GMT
content-encoding: gzip
vary: Origin, Accept-Encoding
keep-alive: timeout=5
transfer-encoding: chunked
content-type: application/json; charset=utf-8

GET
H3 200 offerwall.clickpush.com.963060.es6.js Show response
jsc.adskeeper.co.uk/o/f/ 304 KB
78 KB 40ms
39ms Script
text/javascript 104.19.133.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.adskeeper.co.uk/o/f/offerwall.clickpush.com.963060.es6.js
Requested by: Host: jsc.adskeeper.co.uk
URL: https://jsc.adskeeper.co.uk/o/f/offerwall.clickpush.com.963060.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.133.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6c22a9b5833ddf456eb7776ff9e0db78ca2ab513a994cec072efb066da5810b1

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 13:02:22 GMT
content-encoding: br
cf-cache-status: HIT
age: 2540
cf-polished: origSize=424351
last-modified: Wed, 03 Nov 2021 20:01:51 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: RSFCR9QPGJGFR1BW
x-amz-id-2: 5NNSKccNEpnIJW70KmLpwJkOvi0i2uskpzukhBqPXk1tK5V3Lzqbs7P5xVMjFLopJokJ3AXf10c=
cf-bgj: minify
server: cloudflare
etag: W/"2d811da05525916249b636bf2bc5d65a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=14400
cf-ray: 6a9646afbfc31e75-AMS
expires: Fri, 05 Nov 2021 17:02:22 GMT

GET
H3 200 / Show response
c.adskeeper.co.uk/pv/ 0
353 B 118ms
118ms Script
text/plain 104.19.133.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.adskeeper.co.uk/pv/?pv=5&src_id=bid_42525&cbuster=1636117343107947341852&uniqId=06a5d&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Fvideo-change.digital%2Fcommon%2Fcontent%2Fcontentforyou6.php%3FCC%3DGB%26tn%3D100%26tx%3D150%26affid%3D6739&lu=https%3A%2F%2Fvideo-change.digital%2Fcommon%2Fcontent%2Fcontentforyou6.php%3FCC%3DGB%26tn%3D100%26tx%3D150%26affid%3D6739&sessionId=61852b5f-00759&pageView=1&pvid=17cf0316b84b3562f9e&site=613482&implVersion=11&dpr=1
Requested by: Host: jsc.adskeeper.co.uk
URL: https://jsc.adskeeper.co.uk/o/f/offerwall.clickpush.com.963060.es6.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.133.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://video-change.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Nov 2021 13:02:23 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 6a9646b27d5d1e75-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 adskeeper_svg.svg
cdn.adskeeper.co.uk/images/ 4 KB
2 KB 25ms
24ms Image
image/svg+xml 104.19.133.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.adskeeper.co.uk/images/adskeeper_svg.svg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.133.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c1798ee0e6e7de78f91bb457e6670385951caea9fc9c97295ca303ec6fe49be

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 13:02:23 GMT
content-encoding: br
cf-cache-status: HIT
age: 6345
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: STBT0HSHGQK0T59Q
x-amz-id-2: HO61UXHp1/THGWOoHoYXpKwBWiUjiy3IsvVvYdSeEVeKa3d2gbpgmny/QikXuvvHzfOAkTYN1SI=
last-modified: Tue, 08 Dec 2020 08:34:59 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1607416491/ctime:1607416491/gid:0/gname:root/md5:93f6d1136fb77e38a0a2c72108588f09/mode:33206/mtime:1607416491/uid:0/uname:root
etag: W/"93f6d1136fb77e38a0a2c72108588f09"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=14400
cf-ray: 6a9646b29d8c1e75-AMS
expires: Fri, 05 Nov 2021 17:02:23 GMT

GET
H3 204 1 Show response
servicer.adskeeper.co.uk/963060/ 0
381 B 72ms
72ms Script
text/plain 104.19.133.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.adskeeper.co.uk/963060/1?pv=5&src_id=bid_42525&cbuster=163611734318087529398&uniqId=06a5d&niet=4g&nisd=false&jsv=es6&w=1584&h=267&wrongImageSize=1&cols=2&ref=&cxurl=https%3A%2F%2Fvideo-change.digital%2Fcommon%2Fcontent%2Fcontentforyou6.php%3FCC%3DGB%26tn%3D100%26tx%3D150%26affid%3D6739&lu=https%3A%2F%2Fvideo-change.digital%2Fcommon%2Fcontent%2Fcontentforyou6.php%3FCC%3DGB%26tn%3D100%26tx%3D150%26affid%3D6739&sessionId=61852b5f-00759&pageView=1&pvid=17cf0316b84b3562f9e&implVersion=11&dpr=1
Requested by: Host: jsc.adskeeper.co.uk
URL: https://jsc.adskeeper.co.uk/o/f/offerwall.clickpush.com.963060.es6.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.133.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://video-change.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Nov 2021 13:02:23 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-mg-blocked: publisher_source_filters
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 6a9646b2ee0d1e75-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H/1.1 200
OK client Show response
wbidr.com/offer/ 3 KB
1 KB 1067ms
1067ms Fetch
application/json 95.211.60.56
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://wbidr.com/offer/client?affid=onw_6739&subid=undefined&days=8&count=3&adult=undefined
Requested by: Host: video-change.digital
URL: https://video-change.digital/plugin/js/bidder.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.211.60.56 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: d7881e71a13731ee3ac0ce182d14cc05336d0685eebe26c27ce65e7cf8a7dee9

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 05 Nov 2021 13:02:26 GMT
content-encoding: gzip
vary: Origin, Accept-Encoding
keep-alive: timeout=5
transfer-encoding: chunked
content-type: application/json; charset=utf-8

GET
H/1.1 200
OK client Show response
wbidder.online/offer/ 7 KB
2 KB 503ms
502ms Fetch
application/json 81.171.6.34
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://wbidder.online/offer/client?affid=onw_6739&subid=undefined&days=8&count=4&adult=undefined
Requested by: Host: video-change.digital
URL: https://video-change.digital/plugin/js/bidder-interval.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 81.171.6.34 Bocholtz, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: 505754633c3c758a25d3cb1d10f1464a5468d4b11b41c783fec34e99ca0ce118

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 05 Nov 2021 13:02:26 GMT
content-encoding: gzip
vary: Origin, Accept-Encoding
keep-alive: timeout=5
transfer-encoding: chunked
content-type: application/json; charset=utf-8

GET
H/1.1 200
OK client Show response
wbidder.online/offer/ 6 KB
1 KB 1681ms
1650ms Fetch
application/json 81.171.6.34
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://wbidder.online/offer/client?affid=onw_6739&subid=undefined&days=8&count=4&adult=undefined
Requested by: Host: video-change.digital
URL: https://video-change.digital/plugin/js/bidder-interval.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 81.171.6.34 Bocholtz, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: 11f02913d9929df5c0bce2d45aa2084c2d4c1fa6aa3c35e893c7b60bbeee3ae0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 05 Nov 2021 13:02:27 GMT
content-encoding: gzip
vary: Origin, Accept-Encoding
keep-alive: timeout=5
transfer-encoding: chunked
content-type: application/json; charset=utf-8

GET
H2

200

instagram2.png
s.adoppop.com/images/icon/
Redirect Chain

https://crtv.wboptim.online/icon?url=https%3A%2F%2Ftracking.eu.adoperatorcore.com%2Frtb%2Ffeedimpression%3Fuuid%3D85124932-06e0-40db-a3d7-b7d2a11e5c3a%26s%3D101%26d%3D221%26feedid%3De908%26rt%3D163...
https://tracking.eu.adoperatorcore.com/rtb/feedimpression?uuid=85124932-06e0-40db-a3d7-b7d2a11e5c3a&s=101&d=221&feedid=e908&rt=1636117345688&sb=0.0004&db=0.0008&subid=bid_501219&tokid=null&url=M6R2...
https://s.adoppop.com/images/icon/instagram2.png

35 KB
36 KB

45ms
44ms

Image
image/png

2606:4700:3035::6815:5e55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.adoppop.com/images/icon/instagram2.png
Protocol: H2
Server: 2606:4700:3035::6815:5e55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 322d1e7cd9152479ac2dda43a2123e69eeb191d1f8626fcdd5604315545c77d2

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 13:02:26 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2561927
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 36276
last-modified: Tue, 07 Sep 2021 15:51:24 GMT
server: cloudflare
etag: "61378a7c-8db4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CNr23J%2Fggi3PTT79eqrONTZGBbGRUx6LV2EJkM1jXklfww45MSdzECvQy%2F1P1low9Mqt6SZtJJEFHzj8TXarxsHs%2BU18S2m01nVxmje7mQbNcvNyJ6pFQgct6CiFggLE4zArn3eaQnvZNI89"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 6a9646c67fc40f76-MXP
expires: Fri, 05 Nov 2021 21:23:39 GMT

Redirect headers

location: https://s.adoppop.com/images/icon/instagram2.png
date: Fri, 05 Nov 2021 13:02:25 GMT
referrer-policy: no-referrer
content-length: 0

GET
H2 200 19639636.jpg
s.adoppop.com/images/image/ 8 KB
9 KB 128ms
49ms Image
image/jpeg 2606:4700:3035::6815:5e55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.adoppop.com/images/image/19639636.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:5e55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 24a65952289a346dfbc351a9805a638d5c3a51244b319a5ee5dc148550d5a2d3

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 13:02:26 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1193451
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 8635
last-modified: Wed, 22 Sep 2021 14:55:44 GMT
server: cloudflare
etag: "614b43f0-21bb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rQj2gGi45kAqe5l3XdjCDnvQswwesTh56aPqlMBMWv6nAzsTy5QytqV8HVfJ1DjH8aZe%2FyVR3kw4wdrz18DH%2BKJQWKYWBFVMS0tzVrvsuO1OD5970arxlMahECjU%2FEQcTWaAqUx4NDeOoLI5"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 6a9646c62f230f76-MXP
expires: Sun, 21 Nov 2021 17:31:35 GMT

GET
H2

200

instagram2.png
s.adoppop.com/images/icon/
Redirect Chain

https://crtv.wboptim.online/icon?url=https%3A%2F%2Ftracking.eu.adoperatorcore.com%2Frtb%2Ffeedimpression%3Fuuid%3D794ef1f5-0b81-4040-8211-6572ac3c5219%26s%3D101%26d%3D221%26feedid%3De908%26rt%3D163...
https://tracking.eu.adoperatorcore.com/rtb/feedimpression?uuid=794ef1f5-0b81-4040-8211-6572ac3c5219&s=101&d=221&feedid=e908&rt=1636117345688&sb=0.0004&db=0.0008&subid=bid_500212&tokid=null&url=M6R2...
https://s.adoppop.com/images/icon/instagram2.png

35 KB
36 KB

339ms
37ms

Image
image/png

2606:4700:3035::6815:5e55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.adoppop.com/images/icon/instagram2.png
Protocol: H2
Server: 2606:4700:3035::6815:5e55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 322d1e7cd9152479ac2dda43a2123e69eeb191d1f8626fcdd5604315545c77d2

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 13:02:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2561928
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 36276
last-modified: Tue, 07 Sep 2021 15:51:24 GMT
server: cloudflare
etag: "61378a7c-8db4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7mUYfdOZBF2aw%2FUnLZGVlKISUpC5PomIpQ2Q0HdVYst%2Btrg06vMpbBAeD3CHyPbX5rcTQxJCcR65iOK%2FDqyT4IAj3wlJDcj1mSwxnzlhGlpbEXMun1J2BUc%2B5Ae45Kbsff2JhOM0%2B3bH4msb"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 6a9646cb59fe0f76-MXP
expires: Fri, 05 Nov 2021 21:23:39 GMT

Redirect headers

location: https://s.adoppop.com/images/icon/instagram2.png
date: Fri, 05 Nov 2021 13:02:25 GMT
referrer-policy: no-referrer
content-length: 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: wbidr.com
URL: https://wbidr.com/offer/client?affid=onw_15602&subid=D3O8MGMA8V&days=8

Domain: crtv.wboptim.online
URL: https://crtv.wboptim.online/icon?url=https%3A%2F%2Ftracking.eu.adoperatorcore.com%2Frtb%2Ffeedimpression%3Fuuid%3Dfe3e2226-0f93-4813-86c5-14111f287482%26s%3D101%26d%3D221%26feedid%3De908%26rt%3D1636117340044%26sb%3D0.0004%26db%3D0.0008%26subid%3Dbid_15760%26tokid%3Dnull%26url%3DM6R2B4GETR2CBYFKGVL23NVIDJRWMWAVTP7SS6K44OJVF6F7YRDW74572PXDFTRYEDPDH35F3MNOM%253D%253D%253D%26i%3D72a29d%26u%3Dca4e66&s=1036&a=bid_onw_15602&uA=bid_15760&sub=D3O8MGMA8V&d=2&ic=1

Verdicts & Comments Add Verdict or Comment

44 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.track.special-promotions.online/	1970-01-19 22:30:03	Name: 15G9ioo Value: 20211105131636117920963
.track.special-promotions.online/	1970-01-19 22:30:03	Name: _pc_lc_id Value: 15G9io
.track.special-promotions.online/	1970-01-19 22:30:03	Name: peerclickcid Value: b94166ca3a8969be288e7cd0f683a380-4888-1105
.track.special-promotions.online/	1970-01-19 22:30:03	Name: _norg Value: 1
servicer.adskeeper.co.uk/	1970-01-19 22:28:38	Name: __mglb Value: b77c90ace61932b85ead847cc0fcb78b
.adskeeper.co.uk/	1970-01-25 20:31:23	Name: muidn Value: la5l49ib6R26
int.special-offers.online/	1969-12-31 23:59:59	Name: AdskeeperStorage Value: %7B%220%22%3A%7B%7D%2C%22C964329%22%3A%7B%22page%22%3A1%2C%22time%22%3A1636117341758%7D%7D
.track.cpa-optimizer.online/	1970-01-19 22:30:03	Name: 15Gxg8o Value: 20211105131636117476877
.track.cpa-optimizer.online/	1970-01-19 22:30:03	Name: _pc_lc_id Value: 15Gxg8
.track.cpa-optimizer.online/	1970-01-19 22:30:03	Name: peerclickcid Value: 62c1d37ebdb74be2a8d6c444c92b0230-4888-1105
.track.cpa-optimizer.online/	1970-01-19 22:30:03	Name: _norg Value: 1
video-change.digital/	1970-01-23 12:52:37	Name: pc Value: data_1
video-change.digital/	1969-12-31 23:59:59	Name: AdskeeperStorage Value: %7B%220%22%3A%7B%22svspr%22%3A%22%22%2C%22svsds%22%3A1%2C%22TejndEEDj%22%3A%22aFoI9o9uF%22%7D%2C%22C963060%22%3A%7B%22page%22%3A1%7D%7D

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	error	URL: https://daily-news.one/31mar21/6/?cp=9&tn=60&tx=95&cp=10&tag=15602&tag1=musicplayer&tag2=D3O8MGMA8V&tag3=15602&tag4=dating&clickid=a99ce89a7a64a988bcfec1a865d0a1a0-4888-1104&device=Desktop&brand=Desktop&model=Desktop&country=US&affid=15602&subid=D3O8MGMA8V&ln=en&cid=usd&useragent=%7Bvar:useragent%7D&ip=50.199.90.242&bv=Chrome%2095&as=pc&gf=20. Message: Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.
other	error	URL: https://int.special-offers.online/common/content/special-contentforyou.php?affid=bid_15602&subid=D3O8MGMA8V&sClient=1&r=1636117340.0.9142006010310948 Message: Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

c.adskeeper.co.uk
cdn.adskeeper.co.uk
cdn.special-offers.online
cdn1.iconfinder.com
clk.wbidder.online
cm.adskeeper.co.uk
cm.steepto.com
cpa-optimizer.online
crtv.wboptim.online
daily-news.one
free-coupons.network
int.special-offers.online
jsc.adskeeper.co.uk
s-img.adskeeper.co.uk
s.adoppop.com
servicer.adskeeper.co.uk
special-offers.online
track.cpa-optimizer.online
track.special-promotions.online
tracking.eu.adoperatorcore.com
video-change.digital
wbidder.online
wbidr.com
www.google-analytics.com
crtv.wboptim.online
wbidr.com
104.19.131.80
104.19.133.80
104.19.138.80
138.68.122.17
213.227.145.130
213.227.145.147
213.227.149.216
2606:4700:3035::6815:5e55
2606:4700:3108::ac42:28e2
2a00:1450:4001:802::200e
2a03:b0c0:3:d0::105c:9001
8.253.95.113
81.171.6.34
85.17.31.90
95.168.170.165
95.211.60.56
096a4bb9d7f8588a8520d57f103bdf0dae273af88fc0265371124c048bff7b05
0cad566bc182c430a2b6984489dd83ec975a1a600ad20275edb409d843999d21
11f02913d9929df5c0bce2d45aa2084c2d4c1fa6aa3c35e893c7b60bbeee3ae0
19247a03b4a5a8eceeeb30f0772650d1d6439ff15989f483f419e90b253470cf
24141558e900e7958550c5fd92cc9b06c901ca0eee038bba7ed53b5c6e539ff6
24a65952289a346dfbc351a9805a638d5c3a51244b319a5ee5dc148550d5a2d3
2ae833f4464565f0a42688dc6e386f1e2fdfd63ccafe93151404b4c27fa9f8f7
2cde4918567fd7c3ad60ecd1033bbd0a554c09f2cf28a256b7bea7a4120f533d
31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c
322d1e7cd9152479ac2dda43a2123e69eeb191d1f8626fcdd5604315545c77d2
341281d30ec1780b80f7c17ccba1cd2026e722ea43f43337061ef61c20c94e04
393fef02a9233cb9ca9029855d4a73fa0244c620759c0fa7987d6e75a7457fb6
3c1798ee0e6e7de78f91bb457e6670385951caea9fc9c97295ca303ec6fe49be
3e879597eb09c44d0897e1c1f0b57a17c0f8871699ce8e094beff968d36f91f7
3f0014f83976d1cf838ba0bb0dd7b9150457ebc601c4f6840d8e16620c12ad5b
41bf0a5846b0c3e922bc66247b50f8e335c833cf6d203593b1d50d677c5a5c4a
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
505754633c3c758a25d3cb1d10f1464a5468d4b11b41c783fec34e99ca0ce118
58c61421193923a5eafb2e113cadeefc052d12c03c4894e9d1266000ed9f7cf0
69237f4898457345d15088212b13728ad538f648cc75c9c40470ef7532bfa4cb
6c22a9b5833ddf456eb7776ff9e0db78ca2ab513a994cec072efb066da5810b1
7ffbc5613ad711543dc07ae92ea8a151ed27fa356f0a591181910f4270b2e908
84b13f767ed7011dfe778ceee82c889dcc1b5dc21a376d2a906a5d8f79272f8b
88463998ff9fa0fc4c6d6ca048e456779eaae4305b3e8ede91666b5c7ef4d9e3
89be742d7859712b8e9b281d503dec09692718d3bbd60c8133174d033f90db7a
8d0db99fcf4aa2da7fdd7180c88021e7543c0f15147e78b30df222cd6adaff06
8fdc2769d3aa7a2652012e25b24fe82a964ffc6eac486b058c7bd56aeceb663a
966d55c803c231c8840a9b02798052ad467038d99779f2d23d2c2900f6b71973
9ea4f8f97e8f4cd2cf66e0a96d43eb300abe6b170a3664bd6f19ccecbd91aaf1
b126582a2dc15643553ecc896192ffe2b58858c39571411ef548013a0be9d258
b5e6f5bdadae7c9848885393c515f75dc1b65e4b1e6002fd7f51207831e7b476
bcb24c1159980a767555d2b057f927e67d38e2893e67e754a6990cb545ad6e09
bf48ab5bd0aa94e42a820a7714971f4e29b680774aac08b4bd0ae1cf21b16167
c43cb3cf9a1433f627239bbd19eae768c63b38e713ed8b605ab762d8e64e81f2
ccf225c0ce0bb9624866e26b19aabf989a1d7847578c52d5a5a78881b9e5cc53
d7881e71a13731ee3ac0ce182d14cc05336d0685eebe26c27ce65e7cf8a7dee9
dc4054b757ca7b7c187132a4506d45a523ff1a51a34d5ccfa5d514396beda0e1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e68a5fa473afa396b513a8a02c197417123b13dc4b0109af33de25d49da9e862
eca0543190abd40468ed89ba4ae6588a0ee0496a0e1cdf7fc1d5301e2e9ab4df
fcd35ee3fac58b9fafffcc6c61df73f78b58e0d3f2ab1fa2edbb5e7707c61314

video-change.digital Open in urlscan Pro 213.227.149.216 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

63 Requests

92 %HTTPS

25 %IPv6

15 Domains

24 Subdomains

13 IPs

4 Countries

1070 kBTransfer

1517 kBSize

13 Cookies

0 Outgoing links

Page URL History

Redirected requests

63 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

video-change.digital Open in urlscan Pro
213.227.149.216 Public Scan

Screenshot
Live screenshot

Full Image

63
Requests

92 %
HTTPS

25 %
IPv6

15
Domains

24
Subdomains

13
IPs

4
Countries

1070 kB
Transfer

1517 kB
Size

13
Cookies

63 HTTP transactions
0 data transactions