urlscan.io logo urlscan.io
SecurityTrails logo

int.special-trending-news.com Open in urlscan Pro
95.168.170.165  Public Scan

Go To Rescan Add Verdict Report
URL: https://int.special-trending-news.com/common/content/special-contentforyou.php?affid=bid_15602&subid=D9DINGMA8V&sClient=1&r=1645766427...
Submission: On March 05 via api from LU — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 3 countries across 7 domains to perform 26 HTTP transactions. The main IP is 95.168.170.165, located in Netherlands and belongs to LEASEWEB-NL-AMS-01 Netherlands, NL. The main domain is int.special-trending-news.com. The Cisco Umbrella rank of the primary domain is 301661.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G2 on February 7th 2022. Valid for: a year.
This is the only time int.special-trending-news.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 95.168.170.165 60781 (LEASEWEB-...)
11 104.19.131.80 13335 (CLOUDFLAR...)
5 213.227.152.232 60781 (LEASEWEB-...)
6 104.19.130.80 13335 (CLOUDFLAR...)
1 1 213.227.145.134 60781 (LEASEWEB-...)
1 1 2a02:b48:207:... 39572 (ADVANCEDH...)
1 45.133.44.33 39572 (ADVANCEDH...)
26 5
3    95.168.170.165 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
int.special-trending-news.com
free-coupons.network
11    104.19.131.80 (None, )

ASN13335 (CLOUDFLARENET, US)
jsc.adskeeper.co.uk
c.adskeeper.co.uk
cdn.adskeeper.co.uk
servicer.adskeeper.co.uk
cm.adskeeper.co.uk
5    213.227.152.232 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
wbidder2.com
6    104.19.130.80 (None, )

ASN13335 (CLOUDFLARENET, US)
s-img.adskeeper.co.uk
1    213.227.145.134 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
crtv.wboptim.online
1    2a02:b48:207:1::7 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
ttdqzj.com
1    45.133.44.33 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
i.wmgtr.com
Apex Domain
Subdomains		 Transfer
17 adskeeper.co.uk
jsc.adskeeper.co.uk — Cisco Umbrella Rank: 29533
c.adskeeper.co.uk — Cisco Umbrella Rank: 30031
cdn.adskeeper.co.uk — Cisco Umbrella Rank: 27896
servicer.adskeeper.co.uk — Cisco Umbrella Rank: 35572
s-img.adskeeper.co.uk — Cisco Umbrella Rank: 28407
cm.adskeeper.co.uk — Cisco Umbrella Rank: 41850
281 KB
5 wbidder2.com
wbidder2.com — Cisco Umbrella Rank: 78687
5 KB
2 special-trending-news.com
int.special-trending-news.com — Cisco Umbrella Rank: 301661
17 KB
1 wmgtr.com
i.wmgtr.com — Cisco Umbrella Rank: 11864
12 KB
1 ttdqzj.com
ttdqzj.com — Cisco Umbrella Rank: 62480
108 B
1 wboptim.online
crtv.wboptim.online — Cisco Umbrella Rank: 13272
205 B
1 free-coupons.network
free-coupons.network — Cisco Umbrella Rank: 94179
8 KB
26 7
Domain Requested by
6 s-img.adskeeper.co.uk
5 wbidder2.com int.special-trending-news.com
free-coupons.network
4 cdn.adskeeper.co.uk jsc.adskeeper.co.uk
2 cm.adskeeper.co.uk jsc.adskeeper.co.uk
2 c.adskeeper.co.uk jsc.adskeeper.co.uk
2 jsc.adskeeper.co.uk int.special-trending-news.com
jsc.adskeeper.co.uk
2 int.special-trending-news.com int.special-trending-news.com
1 i.wmgtr.com
1 ttdqzj.com 1 redirects
1 crtv.wboptim.online 1 redirects
1 servicer.adskeeper.co.uk jsc.adskeeper.co.uk
1 free-coupons.network int.special-trending-news.com
26 12

This site contains links to these domains. Also see Links.

Domain
widgets.adskeeper.com
www.adskeeper.co.uk
Subject Issuer Validity Valid
*.special-trending-news.com
AlphaSSL CA - SHA256 - G2		 2022-02-07 -
2023-03-11		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-06-11 -
2022-06-10		 a year crt.sh
*.free-coupons.network
AlphaSSL CA - SHA256 - G2		 2021-03-08 -
2022-04-09		 a year crt.sh
*.wbidder2.com
AlphaSSL CA - SHA256 - G2		 2021-11-12 -
2022-12-14		 a year crt.sh

This page contains 2 frames:

Primary Page: https://int.special-trending-news.com/common/content/special-contentforyou.php?affid=bid_15602&subid=D9DINGMA8V&sClient=1&r=1645766427.0.8319937735165475&tn=10&tx=30&s=DEFAULT&a=bid_onw_15602&uA=&sub=D9DINGMA8V&ts=1645766428&d=72&i=d9eazo8pl01yu6tf&t=client&c=56333253867
Frame ID: 1253C672AD68856004BCA1B20230D938
Requests: 25 HTTP requests in this frame

Frame: https://cm.adskeeper.co.uk/i-noref.js?cbuster=1646476123838952960122
Frame ID: 229D4F99D867538A677CE5EDDFC7CB61
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

RECOMMENDED FOR YOU:

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)

Page Statistics

26
Requests

96 %
HTTPS

14 %
IPv6

7
Domains

12
Subdomains

5
IPs

3
Countries

323 kB
Transfer

512 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 23
  • https://crtv.wboptim.online/icon?url=https%3A%2F%2Fttdqzj.com%2Fdsp%2Fph%2Ficm%3Faid%3D8336620710236407655%26mid%3D0%26sid%3D1399%26t%3D1646476126%26subid%3Dbid-15767&s=1051&a=bid_onw_15602&uA=bid_15767&sub=D9DINGMA8V&d=5&ic=1 HTTP 302
  • https://ttdqzj.com/dsp/ph/icm?aid=8336620710236407655&mid=0&sid=1399&t=1646476126&subid=bid-15767 HTTP 302
  • https://i.wmgtr.com/cic/V1JJoi0Pz0ntTGcgY5gRdqmHlkO-qOrM.png

26 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request special-contentforyou.php
int.special-trending-news.com/common/content/ 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://int.special-trending-news.com/common/content/special-contentforyou.php?affid=bid_15602&subid=D9DINGMA8V&sClient=1&r=1645766427.0.8319937735165475&tn=10&tx=30&s=DEFAULT&a=bid_onw_15602&uA=&sub=D9DINGMA8V&ts=1645766428&d=72&i=d9eazo8pl01yu6tf&t=client&c=56333253867
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.168.170.165 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
6c388b549eead5f5e5a40f9682db07bd15dfd3e8ac819daf95626d57a5de41a5
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:52.9) Gecko/20100101 Goanna/3.4 Firefox/52.9 PaleMoon/27.8.1
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Sat, 05 Mar 2022 10:28:43 GMT
content-type
text/html; charset=UTF-8
x-frame-options
SAMEORIGIN
offerwall.clickpush.com.964329.js
jsc.adskeeper.co.uk/o/f/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.adskeeper.co.uk/o/f/offerwall.clickpush.com.964329.js
Requested by
Host: int.special-trending-news.com
URL: https://int.special-trending-news.com/common/content/special-contentforyou.php?affid=bid_15602&subid=D9DINGMA8V&sClient=1&r=1645766427.0.8319937735165475&tn=10&tx=30&s=DEFAULT&a=bid_onw_15602&uA=&sub=D9DINGMA8V&ts=1645766428&d=72&i=d9eazo8pl01yu6tf&t=client&c=56333253867
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.131.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e100415c91382940e576bc71ef934f519381f549e1b2da4ff966d24b5dc4580b

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://int.special-trending-news.com/
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:52.9) Gecko/20100101 Goanna/3.4 Firefox/52.9 PaleMoon/27.8.1

Response headers

date
Sat, 05 Mar 2022 10:28:43 GMT
content-encoding
br
cf-cache-status
HIT
age
933
last-modified
Tue, 15 Feb 2022 08:55:40 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
PBXN72FY8JANAP1H
x-amz-id-2
3ftzUrw7SNK/ylExnC+RIilu24datTlwIcUGYi3n948pwxMPdP9xKDc3AgaB0t/+HOhlFbRbLL0=
cf-bgj
minify
server
cloudflare
etag
W/"acc1e88ded4cc376191c5726b9f95393"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=14400
cf-ray
6e722a99cbf79249-FRA
expires
Sat, 05 Mar 2022 14:28:43 GMT
bidder.js
int.special-trending-news.com/common/content/ 		14 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://int.special-trending-news.com/common/content/bidder.js
Requested by
Host: int.special-trending-news.com
URL: https://int.special-trending-news.com/common/content/special-contentforyou.php?affid=bid_15602&subid=D9DINGMA8V&sClient=1&r=1645766427.0.8319937735165475&tn=10&tx=30&s=DEFAULT&a=bid_onw_15602&uA=&sub=D9DINGMA8V&ts=1645766428&d=72&i=d9eazo8pl01yu6tf&t=client&c=56333253867
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.168.170.165 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
6a5390ab01edc0f0243c682c6c764b5bfe2c75fdc234995351cc83b6c7f8aa0d
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://int.special-trending-news.com/common/content/special-contentforyou.php?affid=bid_15602&subid=D9DINGMA8V&sClient=1&r=1645766427.0.8319937735165475&tn=10&tx=30&s=DEFAULT&a=bid_onw_15602&uA=&sub=D9DINGMA8V&ts=1645766428&d=72&i=d9eazo8pl01yu6tf&t=client&c=56333253867
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:52.9) Gecko/20100101 Goanna/3.4 Firefox/52.9 PaleMoon/27.8.1

Response headers

date
Sat, 05 Mar 2022 10:28:43 GMT
last-modified
Fri, 04 Feb 2022 09:55:43 GMT
server
nginx
etag
"61fcf81f-3884"
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=2592000
accept-ranges
bytes
content-length
14468
expires
Mon, 04 Apr 2022 10:28:43 GMT
bidder-interval.js
free-coupons.network/plugin/js/ 		8 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://free-coupons.network/plugin/js/bidder-interval.js
Requested by
Host: int.special-trending-news.com
URL: https://int.special-trending-news.com/common/content/special-contentforyou.php?affid=bid_15602&subid=D9DINGMA8V&sClient=1&r=1645766427.0.8319937735165475&tn=10&tx=30&s=DEFAULT&a=bid_onw_15602&uA=&sub=D9DINGMA8V&ts=1645766428&d=72&i=d9eazo8pl01yu6tf&t=client&c=56333253867
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.168.170.165 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
4fcf63aeecc00b000351d5b887fb4cc3dc9b6bc97cb7852734864852b7797226
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://int.special-trending-news.com/
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:52.9) Gecko/20100101 Goanna/3.4 Firefox/52.9 PaleMoon/27.8.1

Response headers

date
Sat, 05 Mar 2022 10:28:43 GMT
last-modified
Wed, 24 Nov 2021 11:01:21 GMT
server
nginx
etag
"619e1b81-1f27"
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=2592000
accept-ranges
bytes
content-length
7975
expires
Mon, 04 Apr 2022 10:28:43 GMT
client
wbidder2.com/offer/ 		1 KB
779 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://wbidder2.com/offer/client?affid=onw_bid_15602&subid=D9DINGMA8V&days=8
Requested by
Host: int.special-trending-news.com
URL: https://int.special-trending-news.com/common/content/bidder.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.227.152.232 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
6e5b1718f36a51969f427d4c64c357ed9fe9e73471c02ac4f6e97b9ba70490c7

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:52.9) Gecko/20100101 Goanna/3.4 Firefox/52.9 PaleMoon/27.8.1

Response headers

access-control-allow-origin
*
date
Sat, 05 Mar 2022 10:28:43 GMT
content-encoding
gzip
vary
Origin, Accept-Encoding
keep-alive
timeout=5
transfer-encoding
chunked
content-type
application/json; charset=utf-8
offerwall.clickpush.com.964329.es6.js
jsc.adskeeper.co.uk/o/f/ 		240 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.adskeeper.co.uk/o/f/offerwall.clickpush.com.964329.es6.js
Requested by
Host: jsc.adskeeper.co.uk
URL: https://jsc.adskeeper.co.uk/o/f/offerwall.clickpush.com.964329.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.131.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a85b4c3609541d5c934456e4babe058e49a6e09ba0a92e685044be6b549f7627

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:52.9) Gecko/20100101 Goanna/3.4 Firefox/52.9 PaleMoon/27.8.1

Response headers

date
Sat, 05 Mar 2022 10:28:43 GMT
content-encoding
br
cf-cache-status
HIT
age
745
last-modified
Tue, 15 Feb 2022 08:55:40 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
56VV02CR13A3PVFW
x-amz-id-2
JGyku60Ay1CqmyybWGUAMhWHBC/yBshqrc+Iwg8FAMoLf3sechQff3kQJIQXHMHzxdWi4mNhqjE=
cf-bgj
minify
server
cloudflare
etag
W/"044c81d1d38fbc63aaa49dd3530f6e91"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=14400
cf-ray
6e722a99fc509249-FRA
expires
Sat, 05 Mar 2022 14:28:43 GMT
/
c.adskeeper.co.uk/pv/ 		0
285 B 		Script
General
Check archive.org
Download Go to
Full URL
https://c.adskeeper.co.uk/pv/?pv=5&src_id=bid_15602&cbuster=1646476123624369543308&uniqId=10aec&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Fint.special-trending-news.com%2Fcommon%2Fcontent%2Fspecial-contentforyou.php%3Faffid%3Dbid_15602%26subid%3DD9DINGMA8V%26sClient%3D1%26r%3D1645766427.0.8319937735165475%26tn%3D10%26tx%3D30%26s%3DDEFAULT%26a%3Dbid_onw_15602%26uA%3D%26sub%3DD9DINGMA8V%26ts%3D1645766428%26d%3D72%26i%3Dd9eazo8pl01yu6tf%26t%3Dclient%26c%3D56333253867&lu=https%3A%2F%2Fint.special-trending-news.com%2Fcommon%2Fcontent%2Fspecial-contentforyou.php%3Faffid%3Dbid_15602%26subid%3DD9DINGMA8V%26sClient%3D1%26r%3D1645766427.0.8319937735165475%26tn%3D10%26tx%3D30%26s%3DDEFAULT%26a%3Dbid_onw_15602%26uA%3D%26sub%3DD9DINGMA8V%26ts%3D1645766428%26d%3D72%26i%3Dd9eazo8pl01yu6tf%26t%3Dclient%26c%3D56333253867&sessionId=62233b5c-145ef&pageView=1&pvid=17f599fdde9a53c63f6&site=613482&implVersion=11&dpr=1
Requested by
Host: jsc.adskeeper.co.uk
URL: https://jsc.adskeeper.co.uk/o/f/offerwall.clickpush.com.964329.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.131.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://int.special-trending-news.com/
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:52.9) Gecko/20100101 Goanna/3.4 Firefox/52.9 PaleMoon/27.8.1

Response headers

pragma
no-cache
date
Sat, 05 Mar 2022 10:28:43 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
6e722a9cca869249-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
adskeeper_svg.svg
cdn.adskeeper.co.uk/images/ 		4 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.adskeeper.co.uk/images/adskeeper_svg.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.131.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c1798ee0e6e7de78f91bb457e6670385951caea9fc9c97295ca303ec6fe49be

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:52.9) Gecko/20100101 Goanna/3.4 Firefox/52.9 PaleMoon/27.8.1

Response headers

date
Sat, 05 Mar 2022 10:28:43 GMT
content-encoding
br
cf-cache-status
HIT
age
2329
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
GNV2XQNM3QMPWDGC
x-amz-id-2
hsC5ZTDzNYjOHUQaJNesJULEi2+aXIab5m7ha1RiNYSwU83NVlZiDdouMfE0B3APzNKgnEkRnJ4=
last-modified
Tue, 08 Dec 2020 08:34:59 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1607416491/ctime:1607416491/gid:0/gname:root/md5:93f6d1136fb77e38a0a2c72108588f09/mode:33206/mtime:1607416491/uid:0/uname:root
etag
W/"93f6d1136fb77e38a0a2c72108588f09"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=14400
cf-ray
6e722a9cdab99249-FRA
expires
Sat, 05 Mar 2022 14:28:43 GMT
1
servicer.adskeeper.co.uk/964329/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://servicer.adskeeper.co.uk/964329/1?pv=5&src_id=bid_15602&cbuster=1646476123698151591710&uniqId=10aec&niet=4g&nisd=false&jsv=es6&w=1584&h=821&cols=3&ref=&cxurl=https%3A%2F%2Fint.special-trending-news.com%2Fcommon%2Fcontent%2Fspecial-contentforyou.php%3Faffid%3Dbid_15602%26subid%3DD9DINGMA8V%26sClient%3D1%26r%3D1645766427.0.8319937735165475%26tn%3D10%26tx%3D30%26s%3DDEFAULT%26a%3Dbid_onw_15602%26uA%3D%26sub%3DD9DINGMA8V%26ts%3D1645766428%26d%3D72%26i%3Dd9eazo8pl01yu6tf%26t%3Dclient%26c%3D56333253867&lu=https%3A%2F%2Fint.special-trending-news.com%2Fcommon%2Fcontent%2Fspecial-contentforyou.php%3Faffid%3Dbid_15602%26subid%3DD9DINGMA8V%26sClient%3D1%26r%3D1645766427.0.8319937735165475%26tn%3D10%26tx%3D30%26s%3DDEFAULT%26a%3Dbid_onw_15602%26uA%3D%26sub%3DD9DINGMA8V%26ts%3D1645766428%26d%3D72%26i%3Dd9eazo8pl01yu6tf%26t%3Dclient%26c%3D56333253867&sessionId=62233b5c-145ef&pageView=1&pvid=17f599fdde9a53c63f6&implVersion=11&dpr=1
Requested by
Host: jsc.adskeeper.co.uk
URL: https://jsc.adskeeper.co.uk/o/f/offerwall.clickpush.com.964329.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.131.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f21d08354bee9bb532748ac3061a4cf3008643af0615c2cd48057acc5a0fa5e

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://int.special-trending-news.com/
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:52.9) Gecko/20100101 Goanna/3.4 Firefox/52.9 PaleMoon/27.8.1

Response headers

pragma
no-cache
date
Sat, 05 Mar 2022 10:28:43 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/x-javascript; charset=utf-8
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
6e722a9d3b609249-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
adskeeper_svg.svg
cdn.adskeeper.co.uk/images/ 		4 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.adskeeper.co.uk/images/adskeeper_svg.svg
Requested by
Host: jsc.adskeeper.co.uk
URL: https://jsc.adskeeper.co.uk/o/f/offerwall.clickpush.com.964329.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.131.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c1798ee0e6e7de78f91bb457e6670385951caea9fc9c97295ca303ec6fe49be

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:52.9) Gecko/20100101 Goanna/3.4 Firefox/52.9 PaleMoon/27.8.1

Response headers

date
Sat, 05 Mar 2022 10:28:43 GMT
content-encoding
br
cf-cache-status
HIT
age
4628
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
PQQY40JG1BTA00NB
x-amz-id-2
jn8iFc6HIZ78ziSodiCEP66Q9ApPuT2TQqxEag+8wBEQ/l8XxqONp5qtUsNtHzGMPfbkonGCXqs=
last-modified
Tue, 08 Dec 2020 08:34:59 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1607416491/ctime:1607416491/gid:0/gname:root/md5:93f6d1136fb77e38a0a2c72108588f09/mode:33206/mtime:1607416491/uid:0/uname:root
etag
W/"93f6d1136fb77e38a0a2c72108588f09"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=14400
cf-ray
6e722a9dbfd2996c-FRA
expires
Sat, 05 Mar 2022 14:28:43 GMT
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTExLzEwMTkyNC81NTczNmIwNjZhMGNhZjZiO...
s-img.adskeeper.co.uk/g/11533332/492x328/-/ 		50 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.adskeeper.co.uk/g/11533332/492x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTExLzEwMTkyNC81NTczNmIwNjZhMGNhZjZiODExYjBlYmFjMTkzNDlkNy5qcGVn.jpg?v=1646476123-TATYxo6uruiKn_A257dfgE-htdV6G8E9zNNWqIB4BtM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.130.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ad852dd87122c8d349a66e0577b1005ab333dcdfb5e165683ddad2d96a1b69d3

Request headers

Referer
Origin
https://int.special-trending-news.com
Accept-Language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:52.9) Gecko/20100101 Goanna/3.4 Firefox/52.9 PaleMoon/27.8.1

Response headers

date
Sat, 05 Mar 2022 10:28:44 GMT
cf-cache-status
MISS
last-modified
Wed, 01 Dec 2021 12:32:04 GMT
x-mg-request-uuid
4a32097a-a2c4-47c7-a8c4-cabc80183ddc
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6e722a9e094f92c9-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
50945
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzBmYjNmYWI3MDZjNTI1OGVkZWE0YTI4ZmQ4ZmE4OGVlLmpwZw.jpg
s-img.adskeeper.co.uk/g/8164893/492x328/0x63x750x500/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.adskeeper.co.uk/g/8164893/492x328/0x63x750x500/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzBmYjNmYWI3MDZjNTI1OGVkZWE0YTI4ZmQ4ZmE4OGVlLmpwZw.jpg?v=1646476123-y1JIzQozbxPtEAjtWsFd3MlT3URnhHXFdBxBAPzoMeA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.130.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
50e21a7242b325e216bb93bf30d54dc0ac657b73b812951fc281cecf4e75e808

Request headers

Referer
Origin
https://int.special-trending-news.com
Accept-Language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:52.9) Gecko/20100101 Goanna/3.4 Firefox/52.9 PaleMoon/27.8.1

Response headers

date
Sat, 05 Mar 2022 10:28:43 GMT
cf-cache-status
HIT
x-mg-request-uuid
021b2dd9-84fa-44c2-b188-8319f9be11b5
age
132404
cf-polished
qual=85, origFmt=jpeg, origSize=34507
content-disposition
inline; filename="aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzBmYjNmYWI3MDZjNTI1OGVkZWE0YTI4ZmQ4ZmE4OGVlLmpwZw.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
27798
last-modified
Thu, 03 Mar 2022 19:02:41 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6e722a9e095292c9-FRA
cf-bgj
imgq:85,h2pri
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMTEvMTAxOTI0LzNjYjE0NGQxNDdjMWIyMzI2ZWMyOTE3OTYzMTg4ZDc2LmpwZWc.jpg
s-img.adskeeper.co.uk/g/4723155/492x328/168x0x511x340/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.adskeeper.co.uk/g/4723155/492x328/168x0x511x340/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMTEvMTAxOTI0LzNjYjE0NGQxNDdjMWIyMzI2ZWMyOTE3OTYzMTg4ZDc2LmpwZWc.jpg?v=1646476123-VnCOTvNalnm91x1MlEQ6_-r4YVj0KdWYjcbFIXYcyjc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.130.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e35197be4819f28ee4e554f72e8a1661050ad1cde46b381a650498ae521a569

Request headers

Referer
Origin
https://int.special-trending-news.com
Accept-Language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:52.9) Gecko/20100101 Goanna/3.4 Firefox/52.9 PaleMoon/27.8.1

Response headers

date
Sat, 05 Mar 2022 10:28:43 GMT
cf-cache-status
HIT
x-mg-request-uuid
6e76e248-135c-41ab-abb7-b0c21a877498
age
136608
cf-polished
qual=85, origFmt=jpeg, origSize=29845
content-disposition
inline; filename="aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMTEvMTAxOTI0LzNjYjE0NGQxNDdjMWIyMzI2ZWMyOTE3OTYzMTg4ZDc2LmpwZWc.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
22172
last-modified
Thu, 03 Mar 2022 16:22:45 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6e722a9e095392c9-FRA
cf-bgj
imgq:85,h2pri
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTEyLzEwMTkyNC8zYjk1Mzc4MDg5MjYxMTU0Z...
s-img.adskeeper.co.uk/g/12068037/492x328/-/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.adskeeper.co.uk/g/12068037/492x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTEyLzEwMTkyNC8zYjk1Mzc4MDg5MjYxMTU0ZWZkYTAxOWY3M2UxNzNlZi5qcGVn.jpg?v=1646476123-ixjtsNcHx7UXtu_RYiw_RLQ8G8H4fqHyHjc-u3pwfV4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.130.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2248998781fae7e3abc74846aee2a86df77fe258a14b188e6215d1286ed6ad6

Request headers

Referer
Origin
https://int.special-trending-news.com
Accept-Language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:52.9) Gecko/20100101 Goanna/3.4 Firefox/52.9 PaleMoon/27.8.1

Response headers

date
Sat, 05 Mar 2022 10:28:43 GMT
cf-cache-status
HIT
x-mg-request-uuid
664d31ef-fe3a-442e-896f-a1009fec5420
age
101103
cf-polished
qual=85, origFmt=jpeg, origSize=24309
content-disposition
inline; filename="aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTEyLzEwMTkyNC8zYjk1Mzc4MDg5MjYxMTU0ZWZkYTAxOWY3M2UxNzNlZi5qcGVn.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
17084
last-modified
Wed, 26 Jan 2022 14:14:03 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6e722a9e095492c9-FRA
cf-bgj
imgq:85,h2pri
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMTEvMTAxOTI0LzRlODVkMWNkOWEzZTVmYmNlMGViM2QwOWZiNjU3ODM4LmpwZWc.jpg
s-img.adskeeper.co.uk/g/8193526/492x328/0x26x798x532/ 		30 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.adskeeper.co.uk/g/8193526/492x328/0x26x798x532/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMTEvMTAxOTI0LzRlODVkMWNkOWEzZTVmYmNlMGViM2QwOWZiNjU3ODM4LmpwZWc.jpg?v=1646476123-kPL_9ORKeSMhqZDVyNlVhHaxuJmslA3ZdwxRC8waUOU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.130.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
98c10d6519305a30297e4f4866b3c3b51dc7e8900e1153b728862e91e77b4b57

Request headers

Referer
Origin
https://int.special-trending-news.com
Accept-Language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:52.9) Gecko/20100101 Goanna/3.4 Firefox/52.9 PaleMoon/27.8.1

Response headers

date
Sat, 05 Mar 2022 10:28:43 GMT
cf-cache-status
HIT
x-mg-request-uuid
c3243d5a-e933-4652-b0d3-33cc6ef804d6
age
393792
cf-polished
qual=85, origFmt=jpeg, origSize=37800
content-disposition
inline; filename="aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMTEvMTAxOTI0LzRlODVkMWNkOWEzZTVmYmNlMGViM2QwOWZiNjU3ODM4LmpwZWc.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
31126
last-modified
Mon, 28 Feb 2022 09:46:31 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6e722a9e095592c9-FRA
cf-bgj
imgq:85,h2pri
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzE3NTNhYmNhNmM4ZTRiMGRhOTdmNjIwYWQ5NThlZDllLmpwZWc.jpg
s-img.adskeeper.co.uk/g/3885461/492x328/0x0x605x403/ 		54 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.adskeeper.co.uk/g/3885461/492x328/0x0x605x403/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzE3NTNhYmNhNmM4ZTRiMGRhOTdmNjIwYWQ5NThlZDllLmpwZWc.jpg?v=1646476123-8V0mtsB2-_LI_105vZuTKWyJcdH3YYX3sN2xYkxgdc4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.130.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31b0594a20a60143abcd26811d68d5bf919a35a36b9350447912af213ac36683

Request headers

Referer
Origin
https://int.special-trending-news.com
Accept-Language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:52.9) Gecko/20100101 Goanna/3.4 Firefox/52.9 PaleMoon/27.8.1

Response headers

date
Sat, 05 Mar 2022 10:28:43 GMT
cf-cache-status
HIT
x-mg-request-uuid
808c2284-207a-4754-aa1b-08e0273f5f70
age
76321
cf-polished
degrade=85, origSize=59220, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
54846
last-modified
Thu, 03 Mar 2022 14:37:02 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6e722a9e095692c9-FRA
cf-bgj
imgq:85,h2pri
int_exchange_wages_src.svg
cdn.adskeeper.co.uk/images/adskeeper/ 		855 B
943 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.adskeeper.co.uk/images/adskeeper/int_exchange_wages_src.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.131.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bf48ab5bd0aa94e42a820a7714971f4e29b680774aac08b4bd0ae1cf21b16167

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:52.9) Gecko/20100101 Goanna/3.4 Firefox/52.9 PaleMoon/27.8.1

Response headers

date
Sat, 05 Mar 2022 10:28:43 GMT
content-encoding
br
cf-cache-status
HIT
age
2440
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
0BG1VXESSG0Z7PGJ
x-amz-id-2
WD6BjKL2k1KcDVGVX/lQKeSPysfWCi/XOR1CJRZ2DECNVfbPsd723E4LpKwUVacE6rVR482y/p8=
last-modified
Mon, 04 May 2020 12:16:42 GMT
server
cloudflare
etag
W/"8a4c1edaf146a31549d5287a7ab74b63"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=14400
cf-ray
6e722a9dcff9996c-FRA
expires
Sat, 05 Mar 2022 14:28:43 GMT
int_exchange_wages_ad.svg
cdn.adskeeper.co.uk/images/adskeeper/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.adskeeper.co.uk/images/adskeeper/int_exchange_wages_ad.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.131.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
096a4bb9d7f8588a8520d57f103bdf0dae273af88fc0265371124c048bff7b05

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:52.9) Gecko/20100101 Goanna/3.4 Firefox/52.9 PaleMoon/27.8.1

Response headers

date
Sat, 05 Mar 2022 10:28:43 GMT
content-encoding
br
cf-cache-status
HIT
age
2560
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
GBMKE15BM0DHWP6C
x-amz-id-2
j/MPqDfRfeF6OjFMjNhxd1MFpEIyWbRrN6aii1yWcZJxyiRYBqtWcl5YZAQ48Lta/akpmrejslM=
last-modified
Mon, 04 May 2020 12:16:42 GMT
server
cloudflare
etag
W/"37346cd2daeeec771e8ffe3a34ef43ea"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=14400
cf-ray
6e722a9dcfff996c-FRA
expires
Sat, 05 Mar 2022 14:28:43 GMT
i.js
cm.adskeeper.co.uk/ 		0
164 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cm.adskeeper.co.uk/i.js?&cbuster=1646476123815201436823
Requested by
Host: jsc.adskeeper.co.uk
URL: https://jsc.adskeeper.co.uk/o/f/offerwall.clickpush.com.964329.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.131.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:52.9) Gecko/20100101 Goanna/3.4 Firefox/52.9 PaleMoon/27.8.1

Response headers

pragma
no-cache
date
Sat, 05 Mar 2022 10:28:44 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 05 Mar 2022 10:28:44 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
6e722a9dfd0f9249-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
i-noref.js
cm.adskeeper.co.uk/ Frame 229D 		0
61 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cm.adskeeper.co.uk/i-noref.js?cbuster=1646476123838952960122
Requested by
Host: jsc.adskeeper.co.uk
URL: https://jsc.adskeeper.co.uk/o/f/offerwall.clickpush.com.964329.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.131.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:52.9) Gecko/20100101 Goanna/3.4 Firefox/52.9 PaleMoon/27.8.1

Response headers

pragma
no-cache
date
Sat, 05 Mar 2022 10:28:44 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 05 Mar 2022 10:28:44 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
6e722a9e0d479249-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
c
c.adskeeper.co.uk/ 		43 B
403 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.adskeeper.co.uk/c?f=1&pv=2&v=512|381|12|reOWh4CCUR6zlWEnGIAZu-HeKEG3mKUDppoH1DvhrlLyjxUVQQVD7x--c7YlURd3&fw=1&extjs=66044&v=512|381|12|reOWh4CCUR6zlWEnGIAZu3YbZSJlLm9pciF-XeJt8PKCGGBIGSHhlHBK1BfjKl5-&v=512|381|12|reOWh4CCUR6zlWEnGIAZu9EvaJuMLtiAxi2iunxiknAo656Fw5PZbhtHXgqTK6sQ&v=512|403|12|reOWh4CCUR6zlWEnGIAZu3sCQiezUs3av13fZvBoR-Lb2jmigxerrbJ-5FIVL8CR&v=512|403|12|reOWh4CCUR6zlWEnGIAZuxjSpSNogMA2TQ3rPJwOg9vS1tTaMrymm3TnraP7z1gd&v=512|403|12|reOWh4CCUR6zlWEnGIAZuztm85uImngB98Gx-xlaU0RNzclL6uf_GJPR-T4yLbzf&cid=964329&h2=JEFa6_0QGjdmuLNpOeg9FuyZE43r8VusHvGc-GuVePQ*&rid=085fed55-9c6f-11ec-b884-e43d1a2a53a0&tt=Direct&psid=bid_15602&iv=11&pageImp=1&pvid=17f599fdde9a53c63f6&cbuster=1646476124794505000503&tpl=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.131.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:52.9) Gecko/20100101 Goanna/3.4 Firefox/52.9 PaleMoon/27.8.1

Response headers

pragma
no-cache
date
Sat, 05 Mar 2022 10:28:44 GMT
cf-cache-status
DYNAMIC
x-mg-request-uuid
b11add6e-e138-4cd9-91a5-1d25fc4bea66
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
6e722aa40b61996c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
server
cloudflare
client
wbidder2.com/offer/ 		4 KB
994 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://wbidder2.com/offer/client?affid=onw_bid_15602&subid=D9DINGMA8V&days=8&count=3&adult=undefined
Requested by
Host: int.special-trending-news.com
URL: https://int.special-trending-news.com/common/content/bidder.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.227.152.232 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
fcd3286bd4c3225cdaa069d139ebf3d1b11fc6154f032055ab74f694eccd5fbb

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:52.9) Gecko/20100101 Goanna/3.4 Firefox/52.9 PaleMoon/27.8.1

Response headers

access-control-allow-origin
*
date
Sat, 05 Mar 2022 10:28:46 GMT
content-encoding
gzip
vary
Origin, Accept-Encoding
keep-alive
timeout=5
transfer-encoding
chunked
content-type
application/json; charset=utf-8
client
wbidder2.com/offer/ 		6 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://wbidder2.com/offer/client?affid=onw_bid_15602&subid=D9DINGMA8V&days=8&count=4&adult=undefined
Requested by
Host: free-coupons.network
URL: https://free-coupons.network/plugin/js/bidder-interval.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.227.152.232 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
62bcfede66a7528bfc4010102af3cc13528deb9f78eff63ecc32bbc19c9047a9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:52.9) Gecko/20100101 Goanna/3.4 Firefox/52.9 PaleMoon/27.8.1

Response headers

access-control-allow-origin
*
date
Sat, 05 Mar 2022 10:28:46 GMT
content-encoding
gzip
vary
Origin, Accept-Encoding
keep-alive
timeout=5
transfer-encoding
chunked
content-type
application/json; charset=utf-8
client
wbidder2.com/offer/ 		6 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://wbidder2.com/offer/client?affid=onw_bid_15602&subid=D9DINGMA8V&days=8&count=4&adult=undefined
Requested by
Host: free-coupons.network
URL: https://free-coupons.network/plugin/js/bidder-interval.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.227.152.232 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
ae29099e223340af48584f60a2956b5588f0b050141f0ccf5f9ad767b5139d5e

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:52.9) Gecko/20100101 Goanna/3.4 Firefox/52.9 PaleMoon/27.8.1

Response headers

access-control-allow-origin
*
date
Sat, 05 Mar 2022 10:28:46 GMT
content-encoding
gzip
vary
Origin, Accept-Encoding
keep-alive
timeout=5
transfer-encoding
chunked
content-type
application/json; charset=utf-8
V1JJoi0Pz0ntTGcgY5gRdqmHlkO-qOrM.png
i.wmgtr.com/cic/
Redirect Chain
  • https://crtv.wboptim.online/icon?url=https%3A%2F%2Fttdqzj.com%2Fdsp%2Fph%2Ficm%3Faid%3D8336620710236407655%26mid%3D0%26sid%3D1399%26t%3D1646476126%26subid%3Dbid-15767&s=1051&a=bid_onw_15602&uA=bid_...
  • https://ttdqzj.com/dsp/ph/icm?aid=8336620710236407655&mid=0&sid=1399&t=1646476126&subid=bid-15767
  • https://i.wmgtr.com/cic/V1JJoi0Pz0ntTGcgY5gRdqmHlkO-qOrM.png
11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.wmgtr.com/cic/V1JJoi0Pz0ntTGcgY5gRdqmHlkO-qOrM.png
Protocol
H2
Server
45.133.44.33 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.6 /
Resource Hash
8aebf796e2bcc817ad4229ed1d43348f3d47d08537e5236ca02b1a5f461ea284
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:52.9) Gecko/20100101 Goanna/3.4 Firefox/52.9 PaleMoon/27.8.1

Response headers

date
Sat, 05 Mar 2022 10:28:47 GMT
content-encoding
gzip
server
nginx/1.17.6
content-type
image/png
access-control-allow-origin
*
expires
Sat, 05 Mar 2022 22:28:47 GMT
cache-control
max-age=43200
x-content-type-option
nosniff
x-xss-protection
1; mode=block
x-proxy-cache
HIT

Redirect headers

location
https://i.wmgtr.com/cic/V1JJoi0Pz0ntTGcgY5gRdqmHlkO-qOrM.png
date
Sat, 05 Mar 2022 10:28:47 GMT
server
nginx/1.18.0
content-length
0
client
wbidder2.com/offer/ 		4 KB
1011 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://wbidder2.com/offer/client?affid=onw_bid_15602&subid=D9DINGMA8V&days=8&count=3&adult=undefined
Requested by
Host: int.special-trending-news.com
URL: https://int.special-trending-news.com/common/content/bidder.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.227.152.232 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
6a6756290de5a33ac491a2ac3c0f8807c37e035f9b74fea94ced1d97781e6f3e

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:52.9) Gecko/20100101 Goanna/3.4 Firefox/52.9 PaleMoon/27.8.1

Response headers

access-control-allow-origin
*
date
Sat, 05 Mar 2022 10:28:48 GMT
content-encoding
gzip
vary
Origin, Accept-Encoding
keep-alive
timeout=5
transfer-encoding
chunked
content-type
application/json; charset=utf-8

Verdicts & Comments Add Verdict or Comment

48 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| structuredClone object| oncontextlost object| oncontextrestored string| s1 function| ownKeys function| _objectSpread function| _defineProperty function| asyncGeneratorStep function| _asyncToGenerator function| _slicedToArray function| _nonIterableRest function| _unsupportedIterableToArray function| _arrayLikeToArray function| _iterableToArrayLimit function| _arrayWithHoles function| getBidderUrl number| chromeVersion object| _mgIntExchangeNews object| AdskeeperInfC964329 function| AdskeeperCContextBlock964329 function| AdskeeperCMainBlock964329 function| AdskeeperCInternalExchangeBlock964329 function| AdskeeperCRejectBlock964329 function| AdskeeperCInternalExchangeLoggerBlock964329 function| AdskeeperCObserverBlock964329 function| AdskeeperCSendDimensionsBlock964329 function| AdskeeperCRtbBlock964329 function| AdskeeperCContentPreviewBlock964329 function| AdskeeperCResponsiveBlock964329 boolean| mg_loaded_613482_964329 object| onClickExcludes function| mgReject964329 function| mgLoadAds964329_10aec function| AdskeeperCReject964329 function| AdskeeperLoadGoods964329_10aec object| _mgq function| _mgqp number| _mgqt number| _mgqi string| _mgCanonicalUri boolean| _mgPageViewEndPoint613482 string| _mgPvid boolean| _mgPageView613482 boolean| i.js.loaded boolean| i-noref.js.loaded object| _mgwcapping boolean| _mgPageImp613482

3 Cookies

Domain/Path Name / Value
servicer.adskeeper.co.uk/ Name: __mglb
Value: ed02bb11b748a9279413c1eb8e47c448
.adskeeper.co.uk/ Name: muidn
Value: m25HTkBr7Us2
int.special-trending-news.com/ Name: AdskeeperStorage
Value: %7B%220%22%3A%7B%7D%2C%22C964329%22%3A%7B%22page%22%3A1%2C%22time%22%3A1646476123784%7D%7D

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

c.adskeeper.co.uk
cdn.adskeeper.co.uk
cm.adskeeper.co.uk
crtv.wboptim.online
free-coupons.network
i.wmgtr.com
int.special-trending-news.com
jsc.adskeeper.co.uk
s-img.adskeeper.co.uk
servicer.adskeeper.co.uk
ttdqzj.com
wbidder2.com
104.19.130.80
104.19.131.80
213.227.145.134
213.227.152.232
2a02:b48:207:1::7
45.133.44.33
95.168.170.165
096a4bb9d7f8588a8520d57f103bdf0dae273af88fc0265371124c048bff7b05
31b0594a20a60143abcd26811d68d5bf919a35a36b9350447912af213ac36683
3c1798ee0e6e7de78f91bb457e6670385951caea9fc9c97295ca303ec6fe49be
4fcf63aeecc00b000351d5b887fb4cc3dc9b6bc97cb7852734864852b7797226
50e21a7242b325e216bb93bf30d54dc0ac657b73b812951fc281cecf4e75e808
62bcfede66a7528bfc4010102af3cc13528deb9f78eff63ecc32bbc19c9047a9
6a5390ab01edc0f0243c682c6c764b5bfe2c75fdc234995351cc83b6c7f8aa0d
6a6756290de5a33ac491a2ac3c0f8807c37e035f9b74fea94ced1d97781e6f3e
6c388b549eead5f5e5a40f9682db07bd15dfd3e8ac819daf95626d57a5de41a5
6e5b1718f36a51969f427d4c64c357ed9fe9e73471c02ac4f6e97b9ba70490c7
6f21d08354bee9bb532748ac3061a4cf3008643af0615c2cd48057acc5a0fa5e
8aebf796e2bcc817ad4229ed1d43348f3d47d08537e5236ca02b1a5f461ea284
8e35197be4819f28ee4e554f72e8a1661050ad1cde46b381a650498ae521a569
98c10d6519305a30297e4f4866b3c3b51dc7e8900e1153b728862e91e77b4b57
a85b4c3609541d5c934456e4babe058e49a6e09ba0a92e685044be6b549f7627
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
ad852dd87122c8d349a66e0577b1005ab333dcdfb5e165683ddad2d96a1b69d3
ae29099e223340af48584f60a2956b5588f0b050141f0ccf5f9ad767b5139d5e
bf48ab5bd0aa94e42a820a7714971f4e29b680774aac08b4bd0ae1cf21b16167
d2248998781fae7e3abc74846aee2a86df77fe258a14b188e6215d1286ed6ad6
e100415c91382940e576bc71ef934f519381f549e1b2da4ff966d24b5dc4580b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fcd3286bd4c3225cdaa069d139ebf3d1b11fc6154f032055ab74f694eccd5fbb