urlscan.io logo urlscan.io
SecurityTrails logo

0.nextyourcontent.com Open in urlscan Pro
2606:4700:3033::ac43:da7c  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://mypushz.com/Dp6EMMRX5Gu9iBkJOWxWqr49U8CN4dRLtycFlHCwiUg?cid=16146291671275815312037050916140522&pubid=3642571
Effective URL: https://0.nextyourcontent.com/index.php?sub1=2575139-1524105518-0&cid=16146292213117722435022819850745427&utm_source=site-8975...
Submission: On March 01 via manual from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 3 countries across 10 domains to perform 11 HTTP transactions. The main IP is 2606:4700:3033::ac43:da7c, located in United States and belongs to CLOUDFLARENET, US. The main domain is 0.nextyourcontent.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 9th 2020. Valid for: a year.
This is the only time 0.nextyourcontent.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

2    34.231.89.205 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-231-89-205.compute-1.amazonaws.com
mypushz.com
news-easy.net
2    104.22.64.104 (United States)

ASN13335 (CLOUDFLARENET, US)
feed.r-tb.com
t.r-tb.com
3    35.227.196.138 (Kansas City, United States)

ASN15169 (GOOGLE, US)
www.performanceonclick.com
1    2606:4700:3033::ac43:da7c (United States)

ASN13335 (CLOUDFLARENET, US)
0.nextyourcontent.com
1    2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:400c:c0c::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
Domain Requested by
3 www.performanceonclick.com 2 redirects mypushz.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
1 www.google.de
1 www.google.com
1 stats.g.doubleclick.net www.google-analytics.com
1 www.googletagmanager.com 0.nextyourcontent.com
1 0.nextyourcontent.com www.performanceonclick.com
1 t.r-tb.com mypushz.com
1 news-easy.net 1 redirects
1 feed.r-tb.com mypushz.com
1 mypushz.com
11 11

This site contains links to these domains. Also see Links.

Domain
analystd.com
Subject Issuer Validity Valid
mypushz.com
R3		 2021-02-27 -
2021-05-28		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-07-08 -
2021-07-08		 a year crt.sh
*.google-analytics.com
GTS CA 1O1		 2021-02-17 -
2021-05-12		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2021-01-26 -
2021-04-20		 3 months crt.sh
www.google.com
GTS CA 1O1		 2021-01-26 -
2021-04-20		 3 months crt.sh
www.google.de
GTS CA 1O1		 2021-02-17 -
2021-05-12		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://0.nextyourcontent.com/index.php?sub1=2575139-1524105518-0&cid=16146292213117722435022819850745427&utm_source=site-897541_zone-2575139-1524105518-0&utm_medium=isp-M247%20Ltd&utm_campaign=ssp-Coinis&utm_content=geo-NL_Amsterdam&visimp=http%3A%2F%2Fwww.performanceonclick.com%2Fscript%2Fi.php%3Fstamat%3Dm%257Cd79ifjdhaQdH8AH0dEdHP3xP.703%252CcYqvnsVQQF3aNqVZ3pGRmRDAH_Y8piuGXVCrsNxEpeowB_MP3Ak6R3epUQceDIanYLdfuuI9xtOk87Dpss6l0IzTPH_x8He63AvdJJrNMBLlyiDmKr75_a_IWPti91dC
Frame ID: AF64EBDD4D41E22C8ADD3F7546C00CBE
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://mypushz.com/Dp6EMMRX5Gu9iBkJOWxWqr49U8CN4dRLtycFlHCwiUg?cid=1614629167127581531203705091... Page URL
  2. https://news-easy.net/Fu7pFVBntLJpLw3NkAeYa_Uvaba_bwcCE2F9IDT7xGc?clck=uF0C4vWzpcj7zmE9U84FfOpiPM6... HTTP 302
    http://www.performanceonclick.com/jump/next.php?r=2575139&pub_clickid=wap7iSZOya4aL5ZaQfbCqxKdobVtZPYI4wBbi9T4... Page URL
  3. http://www.performanceonclick.com/jump/next.php?stamat=m%7C%2C%2Cw3E-NhMuoGU3BP-GH0dEdHP3xP.fb0%2CmTUFgiTdrzWH... HTTP 302
    http://www.performanceonclick.com/script/i.php?stamat=m%7C%2C%2CQha3oiJyoGU3Bv4GH0dEdHP3xP.6fc%2C2_Zd2Lhu2bTAf... HTTP 302
    https://0.nextyourcontent.com/index.php?sub1=2575139-1524105518-0&cid=16146292213117722435022819850745427&... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

11
Requests

91 %
HTTPS

67 %
IPv6

10
Domains

11
Subdomains

10
IPs

3
Countries

124 kB
Transfer

244 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://mypushz.com/Dp6EMMRX5Gu9iBkJOWxWqr49U8CN4dRLtycFlHCwiUg?cid=16146291671275815312037050916140522&pubid=3642571 Page URL
  2. https://news-easy.net/Fu7pFVBntLJpLw3NkAeYa_Uvaba_bwcCE2F9IDT7xGc?clck=uF0C4vWzpcj7zmE9U84FfOpiPM6aL09VqkRRhYmbF3tdKvjzsT1mhFkSbsIJf-cJXMaR5EumCD0GFmVLkYPxpGce6o6DwlykF0iUE21BjCUiygehWBzXSh0TO9N1qTX6PZPXRl8QUcjvbPlqe2duEHGaCFeQCQmkvT9GJx_yNKzLsqddU0nZLPQcuWD6kWXMxImAilgAOiKk_iqEbytzHw&sid=roki_w10_0210_AC-ODMOR-1363 HTTP 302
    http://www.performanceonclick.com/jump/next.php?r=2575139&pub_clickid=wap7iSZOya4aL5ZaQfbCqxKdobVtZPYI4wBbi9T4A6HCKd_lr5q_LTfNxX2vegeIi6A1oaNCgfm7tTH4sbx_6-Xx6n1PbRJKGHJWeG9GF_qduMKGaRxRkZM4tIpsd_f4rWJjs0vcUY-skmNN1ixFnjmOIKu0pG_vLnfrHX7Mf_6lnFm-sBkZjtAYLWuCceE25HoTPM5Thi5Wo0Cx1FoMYDwU5q5FAv-hxrXngBVSzC4xS8WnDcksWKNewze1BwblDLSsnOXWwTl1u-CzDze08x_nIdygpAZIuZygSNhF2VPsSyc0kpDTYeepdvD-eA7ZIkIesrk7k8wBWhZxhxTOUvt55Mb34_TvtIoH7_OyrzZX10oMAJ0xi5bCLx20WkpHUa45pLJ4NwPh2QhS-NgVdNEv78jhYBO6EnE4wZj0xz8pajb5LD2TAIPKUVHQLjmuPAa1dh6xxoR-LCN3e7n5rQ&sub1=roki_w10_0210_AC-ODMOR-1363 Page URL
  3. http://www.performanceonclick.com/jump/next.php?stamat=m%7C%2C%2Cw3E-NhMuoGU3BP-GH0dEdHP3xP.fb0%2CmTUFgiTdrzWHTUOurdrbpLaAPJiRM4xNiEpPVS1LrJJ679j7G6k8oovSAG5TDGevBFRzUfTfFB9DTvIKnu5gNt2ef_BGFdsRJ7Ihe2kd5nljpG87jw1f1zZ51-z2fp_0ZDhv3WMvYsduzxFfc4_UnqMLfrDvBWIQqcZVCAdJC-_NzQTNSgpAR9gwJ0wZ4hyTH6PgW-iHWlhEw0tVuDgsTyoOvLy-jhOkHuia1ZKuplRZM4TXaRE15wXX8vOohATPMbtUG7Hs-FvwfG-JOWLMzBoQW3r7TZ8T38regl-_36e8FYT-bYla2B7EWDv9L_2JUn12zKz9p2FieZAUV270o5g3HwxlnIDkFRNi1lGYiL8xb4LnS4v_EeYf-k7MReQQsv_bIcuDIzMxrPNN5TWgIbjRF_2TPl5E0iDNuxmIcuM_QWYMdeBbPg9WQGtxGFqBJUCQT8OuWTtkIZ_VTDWKBeBrKillbrbKjiMOwrwHBXzRdQq7yarDerfwjclc-kmPSBiw0URAxO0EBOk0QH0AczDK4no4H6auTCBH38661j3xKHhhA9KKnVlMRqBv1E3e8fpdnN0Zr6tLzKvQi8DBexE7yBYuwDYoBQBcNneVGDZqvlGUbYgEKwe0rgasueYT&cbrandom=0.17308958478427372&cbtitle=&cbiframe=0&cbWidth=1600&cbHeight=1200&cbdescription=&cbkeywords=&cbref= HTTP 302
    http://www.performanceonclick.com/script/i.php?stamat=m%7C%2C%2CQha3oiJyoGU3Bv4GH0dEdHP3xP.6fc%2C2_Zd2Lhu2bTAf7ZqH4OkHMHN2Mq8-Kt36dvjC_QEKtVLTptMVuOQQZkIBbcMPJDth2K8RHuQfNo2et41hSzZY6nc-OfplDdb7wSoy0eOZwbeAshjVFgJJUr9Yv_xrxvDfviaSDL9x1y60OeLVa-OIl31ekM_qVxUemxAczj1gnFCUCigNsnj9pc9qtstnvKQ0EtkoSnakdhfdV9AIEQ7QmT_OObFj3SI7QaTJ-IOSG4Bn8LBADABf882vtDRf3_YDg0PAzvKEeQVCwYD7xGmb5_H9BsunTdht9vjZMuH_jom_OpfEojR3X47R4uoxW-g9WXsAHKd_wlH0oCEm_uL8zNp226Jdy4A7ojfX478LRJUx96mcNXMxvAJwcp0mHwArfkTsQ2gkuDqRDon861PuQF3ioeDGk1N-Ya-oUagIwTvA09wqfpfhnE4CIu4xVPpvKcwF196Cce7oj8ZJYcboWgM7U2jQeHTGELuNsC7NoBEkxSlz8igjtdm7qagAenzWoAckcLFVYAKHxZ_5V77xnfbIOLRORaHVKa5pGIx1OoJgJipOFP2kHBOADboQld3bsJP-glPNSGhylU5v2Jt2SHEQl6-ZHhn7lcxp8x2tbNeycL_xhCxFbY03B69fCltNiH0abaAtTdt1gam03fXqCtzGr2Wdbf2t6MIScXqbQ3fpGDSWIPA89WOhUnhElrwZPEiiMcoBwmj0PvygdiOnWkaBXoqB6A0I3k71QRZyjL9pl1YmOJNUJLxU0UWk28KXtzTCOT9HEpuZ3RKraZr71k7MatnxhUJnwYCWMQQb6lVZZy8v7EOQ0pt2I098LVKN8A5-yd3Ucd9oPT4VTGtAl90z5ESegwIskFWKULZyA-JfT-GmgxjNf40PzPoEk_2lgXIbx5Uj3HwnNgabCl7Xh0U-IwuWaN--3cJqqrdnAiQ60mKsvCdPnHFjXw_eaEoATSNhyTRKZhO2ROCsCHrbczCVUpgVGGMe4kbJle53Dy24xvkaWCypkkqlAMHAyyp HTTP 302
    https://0.nextyourcontent.com/index.php?sub1=2575139-1524105518-0&cid=16146292213117722435022819850745427&utm_source=site-897541_zone-2575139-1524105518-0&utm_medium=isp-M247%20Ltd&utm_campaign=ssp-Coinis&utm_content=geo-NL_Amsterdam&visimp=http%3A%2F%2Fwww.performanceonclick.com%2Fscript%2Fi.php%3Fstamat%3Dm%257Cd79ifjdhaQdH8AH0dEdHP3xP.703%252CcYqvnsVQQF3aNqVZ3pGRmRDAH_Y8piuGXVCrsNxEpeowB_MP3Ak6R3epUQceDIanYLdfuuI9xtOk87Dpss6l0IzTPH_x8He63AvdJJrNMBLlyiDmKr75_a_IWPti91dC Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4
  • https://news-easy.net/Fu7pFVBntLJpLw3NkAeYa_Uvaba_bwcCE2F9IDT7xGc?clck=uF0C4vWzpcj7zmE9U84FfOpiPM6aL09VqkRRhYmbF3tdKvjzsT1mhFkSbsIJf-cJXMaR5EumCD0GFmVLkYPxpGce6o6DwlykF0iUE21BjCUiygehWBzXSh0TO9N1qTX6PZPXRl8QUcjvbPlqe2duEHGaCFeQCQmkvT9GJx_yNKzLsqddU0nZLPQcuWD6kWXMxImAilgAOiKk_iqEbytzHw&sid=roki_w10_0210_AC-ODMOR-1363 HTTP 302
  • http://www.performanceonclick.com/jump/next.php?r=2575139&pub_clickid=wap7iSZOya4aL5ZaQfbCqxKdobVtZPYI4wBbi9T4A6HCKd_lr5q_LTfNxX2vegeIi6A1oaNCgfm7tTH4sbx_6-Xx6n1PbRJKGHJWeG9GF_qduMKGaRxRkZM4tIpsd_f4rWJjs0vcUY-skmNN1ixFnjmOIKu0pG_vLnfrHX7Mf_6lnFm-sBkZjtAYLWuCceE25HoTPM5Thi5Wo0Cx1FoMYDwU5q5FAv-hxrXngBVSzC4xS8WnDcksWKNewze1BwblDLSsnOXWwTl1u-CzDze08x_nIdygpAZIuZygSNhF2VPsSyc0kpDTYeepdvD-eA7ZIkIesrk7k8wBWhZxhxTOUvt55Mb34_TvtIoH7_OyrzZX10oMAJ0xi5bCLx20WkpHUa45pLJ4NwPh2QhS-NgVdNEv78jhYBO6EnE4wZj0xz8pajb5LD2TAIPKUVHQLjmuPAa1dh6xxoR-LCN3e7n5rQ&sub1=roki_w10_0210_AC-ODMOR-1363

11 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Cookie set Dp6EMMRX5Gu9iBkJOWxWqr49U8CN4dRLtycFlHCwiUg
mypushz.com/ 		49 KB
49 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://mypushz.com/Dp6EMMRX5Gu9iBkJOWxWqr49U8CN4dRLtycFlHCwiUg?cid=16146291671275815312037050916140522&pubid=3642571
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.231.89.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-231-89-205.compute-1.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Host
mypushz.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 01 Mar 2021 20:06:58 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Origin
*
Set-Cookie
session=d5b718ae-bfd0-4fbb-bd92-1dd41cbc353a
Server
nginx
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ee3df69641a083faeda162fce068aef31075856f15c43c74eada446496b865f2

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		19 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cdd78097db43a8a1c561554493a1a27df59c86f61991edba31dab72ab5db6d43

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
AFU1kAAPaBk
feed.r-tb.com/v1/native/ 		3 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://feed.r-tb.com/v1/native/AFU1kAAPaBk?subid=roki_w10_0210_AC-ODMOR-1363&uid=3ae3434c-f2cb-431d-a149-d58a963f439a
Requested by
Host: mypushz.com
URL: https://mypushz.com/Dp6EMMRX5Gu9iBkJOWxWqr49U8CN4dRLtycFlHCwiUg?cid=16146291671275815312037050916140522&pubid=3642571
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.64.104 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://mypushz.com/Dp6EMMRX5Gu9iBkJOWxWqr49U8CN4dRLtycFlHCwiUg?cid=16146291671275815312037050916140522&pubid=3642571
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Mar 2021 20:06:59 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache
cf-request-id
0890ffc36500000c81f79f6000000001
cf-ray
6295024bc91e0c81-AMS
krcc
NL
next.php
www.performanceonclick.com/jump/
Redirect Chain
  • https://news-easy.net/Fu7pFVBntLJpLw3NkAeYa_Uvaba_bwcCE2F9IDT7xGc?clck=uF0C4vWzpcj7zmE9U84FfOpiPM6aL09VqkRRhYmbF3tdKvjzsT1mhFkSbsIJf-cJXMaR5EumCD0GFmVLkYPxpGce6o6DwlykF0iUE21BjCUiygehWBzXSh0TO9N1qT...
  • http://www.performanceonclick.com/jump/next.php?r=2575139&pub_clickid=wap7iSZOya4aL5ZaQfbCqxKdobVtZPYI4wBbi9T4A6HCKd_lr5q_LTfNxX2vegeIi6A1oaNCgfm7tTH4sbx_6-Xx6n1PbRJKGHJWeG9GF_qduMKGaRxRkZM4tIpsd_f...
8 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://www.performanceonclick.com/jump/next.php?r=2575139&pub_clickid=wap7iSZOya4aL5ZaQfbCqxKdobVtZPYI4wBbi9T4A6HCKd_lr5q_LTfNxX2vegeIi6A1oaNCgfm7tTH4sbx_6-Xx6n1PbRJKGHJWeG9GF_qduMKGaRxRkZM4tIpsd_f4rWJjs0vcUY-skmNN1ixFnjmOIKu0pG_vLnfrHX7Mf_6lnFm-sBkZjtAYLWuCceE25HoTPM5Thi5Wo0Cx1FoMYDwU5q5FAv-hxrXngBVSzC4xS8WnDcksWKNewze1BwblDLSsnOXWwTl1u-CzDze08x_nIdygpAZIuZygSNhF2VPsSyc0kpDTYeepdvD-eA7ZIkIesrk7k8wBWhZxhxTOUvt55Mb34_TvtIoH7_OyrzZX10oMAJ0xi5bCLx20WkpHUa45pLJ4NwPh2QhS-NgVdNEv78jhYBO6EnE4wZj0xz8pajb5LD2TAIPKUVHQLjmuPAa1dh6xxoR-LCN3e7n5rQ&sub1=roki_w10_0210_AC-ODMOR-1363
Requested by
Host: mypushz.com
URL: https://mypushz.com/Dp6EMMRX5Gu9iBkJOWxWqr49U8CN4dRLtycFlHCwiUg?cid=16146291671275815312037050916140522&pubid=3642571
Protocol
HTTP/1.1
Server
35.227.196.138 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
openresty /
Resource Hash
0dbe10b7214b22746644f7f015ab2c81b82df3e5296e188f39339dfba3996cec

Request headers

Host
www.performanceonclick.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://mypushz.com/Dp6EMMRX5Gu9iBkJOWxWqr49U8CN4dRLtycFlHCwiUg?cid=16146291671275815312037050916140522&pubid=3642571

Response headers

Server
openresty
Date
Mon, 01 Mar 2021 20:07:01 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 google

Redirect headers

Date
Mon, 01 Mar 2021 20:07:01 GMT
Content-Type
text/html
Content-Length
142
Connection
keep-alive
Access-Control-Allow-Origin
*
Location
http://www.performanceonclick.com/jump/next.php?r=2575139&pub_clickid=wap7iSZOya4aL5ZaQfbCqxKdobVtZPYI4wBbi9T4A6HCKd_lr5q_LTfNxX2vegeIi6A1oaNCgfm7tTH4sbx_6-Xx6n1PbRJKGHJWeG9GF_qduMKGaRxRkZM4tIpsd_f4rWJjs0vcUY-skmNN1ixFnjmOIKu0pG_vLnfrHX7Mf_6lnFm-sBkZjtAYLWuCceE25HoTPM5Thi5Wo0Cx1FoMYDwU5q5FAv-hxrXngBVSzC4xS8WnDcksWKNewze1BwblDLSsnOXWwTl1u-CzDze08x_nIdygpAZIuZygSNhF2VPsSyc0kpDTYeepdvD-eA7ZIkIesrk7k8wBWhZxhxTOUvt55Mb34_TvtIoH7_OyrzZX10oMAJ0xi5bCLx20WkpHUa45pLJ4NwPh2QhS-NgVdNEv78jhYBO6EnE4wZj0xz8pajb5LD2TAIPKUVHQLjmuPAa1dh6xxoR-LCN3e7n5rQ&sub1=roki_w10_0210_AC-ODMOR-1363
Set-Cookie
session=b80a4a1b-3767-4254-b18e-4c648b781ffc
Server
nginx
imp
t.r-tb.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://t.r-tb.com/imp?l=oFo2gvReJNu1yXETPLVvRy_CGh4iOSDc7EOOESy-A6KAjYmPeCcM5GofnmOYL4zGH7AKhMXKLCQrLcaSkm5zCcXeTJSNrvewlLh1c3EDsdo-0PkVe0y_pLzYridYo7EB4B2MQxZNcoB_KL8ZVGeAX0tMfLZxx9rHGZrFb94AgZ1DtVrxUAe2xttcEa17LBBS8UsGORrKS0i-C2ET_5ai-dZewhqG-GuzbvqjwkT97rzjRasrZYG5GFqzNUOAVa310gkFHDIeSenhAdTs4fb6evuiS1IRn87UqXK5zVHG49RY-LZ_Jjn1pL1_bG2PJD3gq21mx0epma1Wpp0dU8Pym9psug95xkkaX0BCnigtBbVgOYMf8n9K9eFLPw1JToA8
Requested by
Host: mypushz.com
URL: https://mypushz.com/Dp6EMMRX5Gu9iBkJOWxWqr49U8CN4dRLtycFlHCwiUg?cid=16146291671275815312037050916140522&pubid=3642571
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.64.104 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://mypushz.com/Dp6EMMRX5Gu9iBkJOWxWqr49U8CN4dRLtycFlHCwiUg?cid=16146291671275815312037050916140522&pubid=3642571
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Mar 2021 20:06:59 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-origin
*
cache-control
no-cache
cf-ray
6295024ec9900c81-AMS
cf-request-id
0890ffc53d00000c81df32d000000001
Primary Request index.php
0.nextyourcontent.com/
Redirect Chain
  • http://www.performanceonclick.com/jump/next.php?stamat=m%7C%2C%2Cw3E-NhMuoGU3BP-GH0dEdHP3xP.fb0%2CmTUFgiTdrzWHTUOurdrbpLaAPJiRM4xNiEpPVS1LrJJ679j7G6k8oovSAG5TDGevBFRzUfTfFB9DTvIKnu5gNt2ef_BGFdsRJ7I...
  • http://www.performanceonclick.com/script/i.php?stamat=m%7C%2C%2CQha3oiJyoGU3Bv4GH0dEdHP3xP.6fc%2C2_Zd2Lhu2bTAf7ZqH4OkHMHN2Mq8-Kt36dvjC_QEKtVLTptMVuOQQZkIBbcMPJDth2K8RHuQfNo2et41hSzZY6nc-OfplDdb7wSo...
  • https://0.nextyourcontent.com/index.php?sub1=2575139-1524105518-0&cid=16146292213117722435022819850745427&utm_source=site-897541_zone-2575139-1524105518-0&utm_medium=isp-M247%20Ltd&utm_campaign=ssp...
17 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://0.nextyourcontent.com/index.php?sub1=2575139-1524105518-0&cid=16146292213117722435022819850745427&utm_source=site-897541_zone-2575139-1524105518-0&utm_medium=isp-M247%20Ltd&utm_campaign=ssp-Coinis&utm_content=geo-NL_Amsterdam&visimp=http%3A%2F%2Fwww.performanceonclick.com%2Fscript%2Fi.php%3Fstamat%3Dm%257Cd79ifjdhaQdH8AH0dEdHP3xP.703%252CcYqvnsVQQF3aNqVZ3pGRmRDAH_Y8piuGXVCrsNxEpeowB_MP3Ak6R3epUQceDIanYLdfuuI9xtOk87Dpss6l0IzTPH_x8He63AvdJJrNMBLlyiDmKr75_a_IWPti91dC
Requested by
Host: www.performanceonclick.com
URL: http://www.performanceonclick.com/jump/next.php?r=2575139&pub_clickid=wap7iSZOya4aL5ZaQfbCqxKdobVtZPYI4wBbi9T4A6HCKd_lr5q_LTfNxX2vegeIi6A1oaNCgfm7tTH4sbx_6-Xx6n1PbRJKGHJWeG9GF_qduMKGaRxRkZM4tIpsd_f4rWJjs0vcUY-skmNN1ixFnjmOIKu0pG_vLnfrHX7Mf_6lnFm-sBkZjtAYLWuCceE25HoTPM5Thi5Wo0Cx1FoMYDwU5q5FAv-hxrXngBVSzC4xS8WnDcksWKNewze1BwblDLSsnOXWwTl1u-CzDze08x_nIdygpAZIuZygSNhF2VPsSyc0kpDTYeepdvD-eA7ZIkIesrk7k8wBWhZxhxTOUvt55Mb34_TvtIoH7_OyrzZX10oMAJ0xi5bCLx20WkpHUa45pLJ4NwPh2QhS-NgVdNEv78jhYBO6EnE4wZj0xz8pajb5LD2TAIPKUVHQLjmuPAa1dh6xxoR-LCN3e7n5rQ&sub1=roki_w10_0210_AC-ODMOR-1363
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:da7c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd78235cc966a3f64c9ad03d56e698eacf799af4c191440b06aa1a88c496cd3b

Request headers

:method
GET
:authority
0.nextyourcontent.com
:scheme
https
:path
/index.php?sub1=2575139-1524105518-0&cid=16146292213117722435022819850745427&utm_source=site-897541_zone-2575139-1524105518-0&utm_medium=isp-M247%20Ltd&utm_campaign=ssp-Coinis&utm_content=geo-NL_Amsterdam&visimp=http%3A%2F%2Fwww.performanceonclick.com%2Fscript%2Fi.php%3Fstamat%3Dm%257Cd79ifjdhaQdH8AH0dEdHP3xP.703%252CcYqvnsVQQF3aNqVZ3pGRmRDAH_Y8piuGXVCrsNxEpeowB_MP3Ak6R3epUQceDIanYLdfuuI9xtOk87Dpss6l0IzTPH_x8He63AvdJJrNMBLlyiDmKr75_a_IWPti91dC
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://www.performanceonclick.com/jump/next.php?r=2575139&pub_clickid=wap7iSZOya4aL5ZaQfbCqxKdobVtZPYI4wBbi9T4A6HCKd_lr5q_LTfNxX2vegeIi6A1oaNCgfm7tTH4sbx_6-Xx6n1PbRJKGHJWeG9GF_qduMKGaRxRkZM4tIpsd_f4rWJjs0vcUY-skmNN1ixFnjmOIKu0pG_vLnfrHX7Mf_6lnFm-sBkZjtAYLWuCceE25HoTPM5Thi5Wo0Cx1FoMYDwU5q5FAv-hxrXngBVSzC4xS8WnDcksWKNewze1BwblDLSsnOXWwTl1u-CzDze08x_nIdygpAZIuZygSNhF2VPsSyc0kpDTYeepdvD-eA7ZIkIesrk7k8wBWhZxhxTOUvt55Mb34_TvtIoH7_OyrzZX10oMAJ0xi5bCLx20WkpHUa45pLJ4NwPh2QhS-NgVdNEv78jhYBO6EnE4wZj0xz8pajb5LD2TAIPKUVHQLjmuPAa1dh6xxoR-LCN3e7n5rQ&sub1=roki_w10_0210_AC-ODMOR-1363

Response headers

date
Mon, 01 Mar 2021 20:07:01 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=d0e4e79cf7f587100390569cbcaa3e3a01614629221; expires=Wed, 31-Mar-21 20:07:01 GMT; path=/; domain=.nextyourcontent.com; HttpOnly; SameSite=Lax __cf_bm=e12504c90060f8a6e3f1acdcb94cc735fed7a27d-1614629221-1800-AX1IRbNeaHrOvPcB0JTkmARsx7RKrDz3976MJNK0hrPyf4aRONBSFH57NtGMpiFNTELhRV+7EKyqQM8zPxCHH9o=; path=/; expires=Mon, 01-Mar-21 20:37:01 GMT; domain=.nextyourcontent.com; HttpOnly; Secure; SameSite=None
cf-cache-status
DYNAMIC
cf-request-id
0890ffccd100004a6293a2f000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=fTP4P%2F6YzYCSkjQYR40d7PPdeK33ybsvD6ocfbuICQyVtJ0y4tPlJITMQCJ2g3h0txzYY6DG9XjOxCLUDg3JM746kOkfyS4lcY9%2BvBLo5NWrpImO0ztH1UEFBcmJZLPI0Co%3D"}],"max_age":604800,"group":"cf-nel"}
nel
{"max_age":604800,"report_to":"cf-nel"}
server
cloudflare
cf-ray
6295025ae8dd4a62-FRA
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

Server
openresty
Date
Mon, 01 Mar 2021 20:07:01 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Access-Control-Allow-Origin
*
Location
https://0.nextyourcontent.com/index.php?sub1=2575139-1524105518-0&cid=16146292213117722435022819850745427&utm_source=site-897541_zone-2575139-1524105518-0&utm_medium=isp-M247 Ltd&utm_campaign=ssp-Coinis&utm_content=geo-NL_Amsterdam&visimp=http%3A%2F%2Fwww.performanceonclick.com%2Fscript%2Fi.php%3Fstamat%3Dm%257Cd79ifjdhaQdH8AH0dEdHP3xP.703%252CcYqvnsVQQF3aNqVZ3pGRmRDAH_Y8piuGXVCrsNxEpeowB_MP3Ak6R3epUQceDIanYLdfuuI9xtOk87Dpss6l0IzTPH_x8He63AvdJJrNMBLlyiDmKr75_a_IWPti91dC
Referrer-Policy
no-referrer
Via
1.1 google
js
www.googletagmanager.com/gtag/ 		98 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-123906028-1
Requested by
Host: 0.nextyourcontent.com
URL: https://0.nextyourcontent.com/index.php?sub1=2575139-1524105518-0&cid=16146292213117722435022819850745427&utm_source=site-897541_zone-2575139-1524105518-0&utm_medium=isp-M247%20Ltd&utm_campaign=ssp-Coinis&utm_content=geo-NL_Amsterdam&visimp=http%3A%2F%2Fwww.performanceonclick.com%2Fscript%2Fi.php%3Fstamat%3Dm%257Cd79ifjdhaQdH8AH0dEdHP3xP.703%252CcYqvnsVQQF3aNqVZ3pGRmRDAH_Y8piuGXVCrsNxEpeowB_MP3Ak6R3epUQceDIanYLdfuuI9xtOk87Dpss6l0IzTPH_x8He63AvdJJrNMBLlyiDmKr75_a_IWPti91dC
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2cfb7f5d608dbc1257d4181e78362dd9e0125ab32c5ee66b08d39d3f9db3e650
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://0.nextyourcontent.com/index.php?sub1=2575139-1524105518-0&cid=16146292213117722435022819850745427&utm_source=site-897541_zone-2575139-1524105518-0&utm_medium=isp-M247%20Ltd&utm_campaign=ssp-Coinis&utm_content=geo-NL_Amsterdam&visimp=http%3A%2F%2Fwww.performanceonclick.com%2Fscript%2Fi.php%3Fstamat%3Dm%257Cd79ifjdhaQdH8AH0dEdHP3xP.703%252CcYqvnsVQQF3aNqVZ3pGRmRDAH_Y8piuGXVCrsNxEpeowB_MP3Ak6R3epUQceDIanYLdfuuI9xtOk87Dpss6l0IzTPH_x8He63AvdJJrNMBLlyiDmKr75_a_IWPti91dC
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Mar 2021 20:07:01 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39361
x-xss-protection
0
last-modified
Mon, 01 Mar 2021 18:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 01 Mar 2021 20:07:01 GMT
analytics.js
www.google-analytics.com/ 		46 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-123906028-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://0.nextyourcontent.com/index.php?sub1=2575139-1524105518-0&cid=16146292213117722435022819850745427&utm_source=site-897541_zone-2575139-1524105518-0&utm_medium=isp-M247%20Ltd&utm_campaign=ssp-Coinis&utm_content=geo-NL_Amsterdam&visimp=http%3A%2F%2Fwww.performanceonclick.com%2Fscript%2Fi.php%3Fstamat%3Dm%257Cd79ifjdhaQdH8AH0dEdHP3xP.703%252CcYqvnsVQQF3aNqVZ3pGRmRDAH_Y8piuGXVCrsNxEpeowB_MP3Ak6R3epUQceDIanYLdfuuI9xtOk87Dpss6l0IzTPH_x8He63AvdJJrNMBLlyiDmKr75_a_IWPti91dC
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 05 Feb 2021 21:33:27 GMT
server
Golfe2
age
1185
date
Mon, 01 Mar 2021 19:47:17 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18980
expires
Mon, 01 Mar 2021 21:47:17 GMT
collect
www.google-analytics.com/j/ 		2 B
211 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j88&a=81725124&t=pageview&_s=1&dl=https%3A%2F%2F0.nextyourcontent.com%2Findex.php%3Fsub1%3D2575139-1524105518-0%26cid%3D16146292213117722435022819850745427%26utm_source%3Dsite-897541_zone-2575139-1524105518-0%26utm_medium%3Disp-M247%2520Ltd%26utm_campaign%3Dssp-Coinis%26utm_content%3Dgeo-NL_Amsterdam%26visimp%3Dhttp%253A%252F%252Fwww.performanceonclick.com%252Fscript%252Fi.php%253Fstamat%253Dm%25257Cd79ifjdhaQdH8AH0dEdHP3xP.703%25252CcYqvnsVQQF3aNqVZ3pGRmRDAH_Y8piuGXVCrsNxEpeowB_MP3Ak6R3epUQceDIanYLdfuuI9xtOk87Dpss6l0IzTPH_x8He63AvdJJrNMBLlyiDmKr75_a_IWPti91dC&ul=en-us&de=UTF-8&dt=Allow%20to%20continue&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUABAAAAAC~&jid=455095016&gjid=1666243833&cid=52886423.1614629222&tid=UA-123906028-1&_gid=1710254954.1614629222&_r=1&gtm=2ou2h0&z=378162696
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://0.nextyourcontent.com/index.php?sub1=2575139-1524105518-0&cid=16146292213117722435022819850745427&utm_source=site-897541_zone-2575139-1524105518-0&utm_medium=isp-M247%20Ltd&utm_campaign=ssp-Coinis&utm_content=geo-NL_Amsterdam&visimp=http%3A%2F%2Fwww.performanceonclick.com%2Fscript%2Fi.php%3Fstamat%3Dm%257Cd79ifjdhaQdH8AH0dEdHP3xP.703%252CcYqvnsVQQF3aNqVZ3pGRmRDAH_Y8piuGXVCrsNxEpeowB_MP3Ak6R3epUQceDIanYLdfuuI9xtOk87Dpss6l0IzTPH_x8He63AvdJJrNMBLlyiDmKr75_a_IWPti91dC
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 01 Mar 2021 20:07:02 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://0.nextyourcontent.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
450 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j88&tid=UA-123906028-1&cid=52886423.1614629222&jid=455095016&gjid=1666243833&_gid=1710254954.1614629222&_u=IEBAAUAAAAAAAC~&z=827749266
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://0.nextyourcontent.com/index.php?sub1=2575139-1524105518-0&cid=16146292213117722435022819850745427&utm_source=site-897541_zone-2575139-1524105518-0&utm_medium=isp-M247%20Ltd&utm_campaign=ssp-Coinis&utm_content=geo-NL_Amsterdam&visimp=http%3A%2F%2Fwww.performanceonclick.com%2Fscript%2Fi.php%3Fstamat%3Dm%257Cd79ifjdhaQdH8AH0dEdHP3xP.703%252CcYqvnsVQQF3aNqVZ3pGRmRDAH_Y8piuGXVCrsNxEpeowB_MP3Ak6R3epUQceDIanYLdfuuI9xtOk87Dpss6l0IzTPH_x8He63AvdJJrNMBLlyiDmKr75_a_IWPti91dC
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Mon, 01 Mar 2021 20:07:02 GMT
content-type
text/plain
access-control-allow-origin
https://0.nextyourcontent.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
505 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-123906028-1&cid=52886423.1614629222&jid=455095016&_u=IEBAAUAAAAAAAC~&z=511661977
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://0.nextyourcontent.com/index.php?sub1=2575139-1524105518-0&cid=16146292213117722435022819850745427&utm_source=site-897541_zone-2575139-1524105518-0&utm_medium=isp-M247%20Ltd&utm_campaign=ssp-Coinis&utm_content=geo-NL_Amsterdam&visimp=http%3A%2F%2Fwww.performanceonclick.com%2Fscript%2Fi.php%3Fstamat%3Dm%257Cd79ifjdhaQdH8AH0dEdHP3xP.703%252CcYqvnsVQQF3aNqVZ3pGRmRDAH_Y8piuGXVCrsNxEpeowB_MP3Ak6R3epUQceDIanYLdfuuI9xtOk87Dpss6l0IzTPH_x8He63AvdJJrNMBLlyiDmKr75_a_IWPti91dC
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 Mar 2021 20:07:02 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
505 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-123906028-1&cid=52886423.1614629222&jid=455095016&_u=IEBAAUAAAAAAAC~&z=511661977
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://0.nextyourcontent.com/index.php?sub1=2575139-1524105518-0&cid=16146292213117722435022819850745427&utm_source=site-897541_zone-2575139-1524105518-0&utm_medium=isp-M247%20Ltd&utm_campaign=ssp-Coinis&utm_content=geo-NL_Amsterdam&visimp=http%3A%2F%2Fwww.performanceonclick.com%2Fscript%2Fi.php%3Fstamat%3Dm%257Cd79ifjdhaQdH8AH0dEdHP3xP.703%252CcYqvnsVQQF3aNqVZ3pGRmRDAH_Y8piuGXVCrsNxEpeowB_MP3Ak6R3epUQceDIanYLdfuuI9xtOk87Dpss6l0IzTPH_x8He63AvdJJrNMBLlyiDmKr75_a_IWPti91dC
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 Mar 2021 20:07:02 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| addClass function| gtag object| dataLayer object| _0xfff9 object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData

2 Cookies

Domain/Path Name / Value
.nextyourcontent.com/ Name: __cf_bm
Value: e12504c90060f8a6e3f1acdcb94cc735fed7a27d-1614629221-1800-AX1IRbNeaHrOvPcB0JTkmARsx7RKrDz3976MJNK0hrPyf4aRONBSFH57NtGMpiFNTELhRV+7EKyqQM8zPxCHH9o=
.nextyourcontent.com/ Name: __cfduid
Value: d0e4e79cf7f587100390569cbcaa3e3a01614629221