Submitted URL: https://f.acebook.watch/gbvx31Ll
Effective URL: https://int.special-trending-news.com/common/content/special-contentforyou.php?affid=bid_+30555&subid=1041905-4038682438-0&sClient=1&r...
Submission: On July 25 via manual from BE — Scanned from NL

Summary

This website contacted 12 IPs in 6 countries across 23 domains to perform 55 HTTP transactions. The main IP is 213.227.149.216, located in Netherlands and belongs to LEASEWEB-NL-AMS-01 Netherlands, NL. The main domain is int.special-trending-news.com. The Cisco Umbrella rank of the primary domain is 212613.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G2 on February 7th 2022. Valid for: a year.
This is the only time int.special-trending-news.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 3 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 1 162.0.217.76 22612 (NAMECHEAP...)
1 1 64.227.23.114 14061 (DIGITALOC...)
3 99.198.108.194 32475 (SINGLEHOP...)
2 3 51.68.81.31 16276 (OVH)
1 1 34.147.1.177 396982 (GOOGLE-CL...)
1 1 51.161.115.163 16276 (OVH)
1 1 23.235.251.114 19437 (SS-ASH)
1 1 67.205.182.5 14061 (DIGITALOC...)
1 2 51.83.143.92 16276 (OVH)
2 3 35.186.193.41 15169 (GOOGLE)
2 2 2603:1020:c01... 8075 (MICROSOFT...)
1 9 95.168.170.165 60781 (LEASEWEB-...)
10 37.48.112.55 60781 (LEASEWEB-...)
1 1 85.17.31.90 60781 (LEASEWEB-...)
3 213.227.149.216 60781 (LEASEWEB-...)
2 2 213.227.145.132 60781 (LEASEWEB-...)
2 4 104.19.132.78 13335 (CLOUDFLAR...)
11 104.18.27.174 13335 (CLOUDFLAR...)
6 2a03:90c0:41:... 199524 (GCORE)
55 12
Apex Domain
Subdomains
Transfer
17 adskeeper.co.uk
s-img.adskeeper.co.uk — Cisco Umbrella Rank: 44224 Failed
jsc.adskeeper.co.uk — Cisco Umbrella Rank: 57643
c.adskeeper.co.uk — Cisco Umbrella Rank: 42122
cdn.adskeeper.co.uk — Cisco Umbrella Rank: 30897
servicer.adskeeper.co.uk — Cisco Umbrella Rank: 51866
cm.adskeeper.co.uk — Cisco Umbrella Rank: 65172
195 KB
11 wbidder2.com
wbidder2.com — Cisco Umbrella Rank: 76457
clk.wbidder2.com — Cisco Umbrella Rank: 128675
12 KB
9 celeb-secret-trends.com
celeb-secret-trends.com
171 KB
4 mgid.com
c.mgid.com — Cisco Umbrella Rank: 4360
s-img.mgid.com — Cisco Umbrella Rank: 3691
28 KB
3 special-trending-news.com
int.special-trending-news.com — Cisco Umbrella Rank: 212613
10 KB
3 linkonclick.com
www.linkonclick.com — Cisco Umbrella Rank: 192606
4 KB
3 offermyvist.com
www.offermyvist.com — Cisco Umbrella Rank: 709273
6 KB
3 redirectmaster.com
monkey.redirectmaster.com
7 KB
2 wboptim.online
crtv.wboptim.online — Cisco Umbrella Rank: 14010
1 KB
2 popmyads.com
popmyads.com — Cisco Umbrella Rank: 101547
2 KB
2 labtrffc.com
cola.labtrffc.com — Cisco Umbrella Rank: 86679
1 KB
1 cpvlabtrk.online
trk.cpvlabtrk.online — Cisco Umbrella Rank: 123207
908 B
1 ts-tracker.me
go.ts-tracker.me — Cisco Umbrella Rank: 109467
916 B
1 silverwinds.xyz
redir.silverwinds.xyz — Cisco Umbrella Rank: 67908
430 B
1 tealwinds.xyz
48.us.tealwinds.xyz — Cisco Umbrella Rank: 548855
247 B
1 goldensevenseas.net
t3.goldensevenseas.net — Cisco Umbrella Rank: 513913
296 B
1 go2affise.com
admoustache.go2affise.com — Cisco Umbrella Rank: 193673
239 B
1 thegadgetguru.club
polo.thegadgetguru.club — Cisco Umbrella Rank: 526272
295 B
1 1ie.ca
1ie.ca
688 B
1 acebook.watch
f.acebook.watch
580 B
0 rhaxpy.com Failed
rhaxpy.com Failed
0 jpgyub.com Failed
jpgyub.com Failed
0 amung.us Failed
whos.amung.us Failed
55 23
Domain Requested by
10 wbidder2.com celeb-secret-trends.com
int.special-trending-news.com
9 celeb-secret-trends.com 1 redirects www.linkonclick.com
celeb-secret-trends.com
6 s-img.adskeeper.co.uk
4 cdn.adskeeper.co.uk jsc.adskeeper.co.uk
3 int.special-trending-news.com celeb-secret-trends.com
int.special-trending-news.com
3 www.linkonclick.com 2 redirects
3 www.offermyvist.com 2 redirects monkey.redirectmaster.com
3 monkey.redirectmaster.com monkey.redirectmaster.com
2 cm.adskeeper.co.uk jsc.adskeeper.co.uk
2 c.adskeeper.co.uk jsc.adskeeper.co.uk
2 jsc.adskeeper.co.uk int.special-trending-news.com
jsc.adskeeper.co.uk
2 s-img.mgid.com
2 c.mgid.com 2 redirects
2 crtv.wboptim.online 2 redirects
2 popmyads.com 1 redirects cola.labtrffc.com
2 cola.labtrffc.com 1 redirects www.offermyvist.com
1 servicer.adskeeper.co.uk jsc.adskeeper.co.uk
1 clk.wbidder2.com 1 redirects
1 trk.cpvlabtrk.online 1 redirects
1 go.ts-tracker.me 1 redirects
1 redir.silverwinds.xyz 1 redirects
1 48.us.tealwinds.xyz 1 redirects
1 t3.goldensevenseas.net 1 redirects
1 admoustache.go2affise.com 1 redirects
1 polo.thegadgetguru.club 1 redirects
1 1ie.ca 1 redirects
1 f.acebook.watch 1 redirects
0 rhaxpy.com Failed
0 jpgyub.com Failed
0 whos.amung.us Failed popmyads.com
55 30

This site contains links to these domains. Also see Links.

Domain
widgets.adskeeper.com
clck.adskeeper.co.uk
Subject Issuer Validity Valid
monkey.redirectmaster.com
R3
2022-06-07 -
2022-09-05
3 months crt.sh
www.offermyvist.com
R3
2022-07-03 -
2022-10-01
3 months crt.sh
lone-star.landingtrack.com
R3
2022-06-12 -
2022-09-10
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2022-06-03 -
2023-06-02
a year crt.sh
*.celeb-secret-trends.com
AlphaSSL CA - SHA256 - G2
2022-03-19 -
2023-04-20
a year crt.sh
*.wbidder2.com
AlphaSSL CA - SHA256 - G2
2021-11-12 -
2022-12-14
a year crt.sh
*.special-trending-news.com
AlphaSSL CA - SHA256 - G2
2022-02-07 -
2023-03-11
a year crt.sh
*.adskeeper.co.uk
Go Daddy Secure Certificate Authority - G2
2022-01-03 -
2023-02-04
a year crt.sh

This page contains 2 frames:

Primary Page: https://int.special-trending-news.com/common/content/special-contentforyou.php?affid=bid_+30555&subid=1041905-4038682438-0&sClient=1&r=1658793289.0.6595990818037012&tn=1200&tx=1800
Frame ID: D7BB2A158AB624899B2AD23E1A8419F4
Requests: 55 HTTP requests in this frame

Frame: https://cm.adskeeper.co.uk/i-noref.js?cbuster=1658793289988927068676
Frame ID: 35D6ECF245AB49D141C62E82BEDEB52E
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

RECOMMENDED FOR YOU:

Page URL History Show full URLs

  1. https://f.acebook.watch/gbvx31Ll HTTP 302
    https://1ie.ca/7bd59b10002012011716 HTTP 302
    https://polo.thegadgetguru.club/?k=6d693537584456d56cecd5b1b43e5eff&type=mainstream&subtype=global HTTP 302
    https://monkey.redirectmaster.com/?utm_medium=9edef15e72214e8a973d0e5b01f40580976cda9b&utm_campaign=optimizedb Page URL
  2. https://monkey.redirectmaster.com/?utm_term=7124462905621217283&ver=4viyaptcjo&utm_content=fdc2c69a9cafac9c949... Page URL
  3. https://monkey.redirectmaster.com/proc.php?2479dd4efc86a284150fee0fb7d6dec6b03e1c49 Page URL
  4. https://www.offermyvist.com/?sl=5504646-65846&data1=Track1&data2=Track2&tag=M7124462905621217283&website... Page URL
  5. https://www.offermyvist.com/?sl=5504646-65846&data1=Track1&data2=Track2&tag=M7124462905621217283&website... HTTP 302
    https://www.offermyvist.com/?sl=5504646-65846&data1=Track1&data2=Track2&tag=M7124462905621217283&website... HTTP 302
    https://admoustache.go2affise.com/sl?id=5f0efd61dabed1d602e0fe6a&pid=503&sub1=33000c8188c550b709695b8971f3f688... HTTP 302
    https://t3.goldensevenseas.net/c.php?p=c:o6450ylcdnn31butk&d=624e9ea3e8e2a8163b65d246&s=503&pid=62df2d4525a... HTTP 302
    https://48.us.tealwinds.xyz/feed/?link=true&tid=48&subid=48.503&ref=&s1=62df2d451d4e5372de1bdcbb HTTP 301
    https://redir.silverwinds.xyz/click/invalid/?tid=48&subid=48.503 HTTP 302
    https://cola.labtrffc.com/r.php?p=c:xecd97ullhqs49nas&d=62a055db84c90235f05e05a1&s=48 Page URL
  6. https://cola.labtrffc.com/r.php?p=c:xecd97ullhqs49nas&d=62a055db84c90235f05e05a1&s=48&bv=1 HTTP 302
    https://popmyads.com/serve/52264/64661/szqpmqqoapdpgpq/aHR0cDovL3RyYWZmaXgxMy5jb20= Page URL
  7. https://popmyads.com/gget HTTP 302
    http://www.linkonclick.com/jump/next.php?r=1041905&sub1=0646614000 Page URL
  8. http://www.linkonclick.com/jump/next.php?stamat=m%257C%252CoNhP2Y3PqB1dQO0dEdHP3xP.c5a%252CS0kXXHXf2ck-... HTTP 302
    http://www.linkonclick.com/script/i.php?stamat=m%257C%252C%252CQ2MSYiEWoGU3B0-GH0dEdHP3xP.f39%252CChQva... HTTP 302
    https://go.ts-tracker.me/15GIEA?subid=1041905-4038682438-0&cid=16587932880533501579003960313997743&af... HTTP 302
    https://celeb-secret-trends.com/lp/y-arrow?cp=9&tag=%2030555&tag1=musicplayer&tag2=1041905-4038682438-0&tag3... HTTP 301
    https://celeb-secret-trends.com/lp/y-arrow/?cp=9&tag=%2030555&tag1=musicplayer&tag2=1041905-4038682438-0&tag... Page URL
  9. https://trk.cpvlabtrk.online/15GtmV?cp=9&tag=%2030555&tag1=musicplayer&tag2=1041905-4038682438-0&tag3=%20... HTTP 302
    https://clk.wbidder2.com/redirect?url=https%3A%2F%2Fint.special-trending-news.com%2Fcommon%2Fcontent%... HTTP 302
    https://int.special-trending-news.com/common/content/special-contentforyou.php?affid=bid_+30555&subid=1041905-4038... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)

Page Statistics

55
Requests

80 %
HTTPS

15 %
IPv6

23
Domains

30
Subdomains

12
IPs

6
Countries

432 kB
Transfer

743 kB
Size

10
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://f.acebook.watch/gbvx31Ll HTTP 302
    https://1ie.ca/7bd59b10002012011716 HTTP 302
    https://polo.thegadgetguru.club/?k=6d693537584456d56cecd5b1b43e5eff&type=mainstream&subtype=global HTTP 302
    https://monkey.redirectmaster.com/?utm_medium=9edef15e72214e8a973d0e5b01f40580976cda9b&utm_campaign=optimizedb Page URL
  2. https://monkey.redirectmaster.com/?utm_term=7124462905621217283&ver=4viyaptcjo&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2fbf0f1f1fff4fde8efe9edecefe5ebea90 Page URL
  3. https://monkey.redirectmaster.com/proc.php?2479dd4efc86a284150fee0fb7d6dec6b03e1c49 Page URL
  4. https://www.offermyvist.com/?sl=5504646-65846&data1=Track1&data2=Track2&tag=M7124462905621217283&website=4400-bd34abaz&placement=4400&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889bf8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2fbf0f1f1fff4fde8efe9edecefe5ebea91 Page URL
  5. https://www.offermyvist.com/?sl=5504646-65846&data1=Track1&data2=Track2&tag=M7124462905621217283&website=4400-bd34abaz&placement=4400&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889bf8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2fbf0f1f1fff4fde8efe9edecefe5ebea91&eyeg=3fd43e57d3d6458d3bc462b9b9c18834&eyer=0.913960577796944&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=monkey.redirectmaster.com HTTP 302
    https://www.offermyvist.com/?sl=5504646-65846&data1=Track1&data2=Track2&tag=M7124462905621217283&website=4400-bd34abaz&placement=4400&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889bf8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2fbf0f1f1fff4fde8efe9edecefe5ebea91&eyeg=3&eyer=0.913960577796944&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=monkey.redirectmaster.com HTTP 302
    https://admoustache.go2affise.com/sl?id=5f0efd61dabed1d602e0fe6a&pid=503&sub1=33000c8188c550b709695b8971f3f688f665e0725-202207-flb*5504646-65846*M7124462905621217283*sl_5504646-65846*c9776690c1c314e46ec80c11e1732ef9e9bbcb2a*4400-bd34abaz*4400 HTTP 302
    https://t3.goldensevenseas.net/c.php?p=c:o6450ylcdnn31butk&d=624e9ea3e8e2a8163b65d246&s=503&pid=62df2d4525a6940001969705 HTTP 302
    https://48.us.tealwinds.xyz/feed/?link=true&tid=48&subid=48.503&ref=&s1=62df2d451d4e5372de1bdcbb HTTP 301
    https://redir.silverwinds.xyz/click/invalid/?tid=48&subid=48.503 HTTP 302
    https://cola.labtrffc.com/r.php?p=c:xecd97ullhqs49nas&d=62a055db84c90235f05e05a1&s=48 Page URL
  6. https://cola.labtrffc.com/r.php?p=c:xecd97ullhqs49nas&d=62a055db84c90235f05e05a1&s=48&bv=1 HTTP 302
    https://popmyads.com/serve/52264/64661/szqpmqqoapdpgpq/aHR0cDovL3RyYWZmaXgxMy5jb20= Page URL
  7. https://popmyads.com/gget HTTP 302
    http://www.linkonclick.com/jump/next.php?r=1041905&sub1=0646614000 Page URL
  8. http://www.linkonclick.com/jump/next.php?stamat=m%257C%252CoNhP2Y3PqB1dQO0dEdHP3xP.c5a%252CS0kXXHXf2ck-DOZ9HRvwuM9aL_G46JdZU-2oa3bmXM8JUm5HksBtX5-SSJ8vLRk63-N4BDJVFBP0whOMTY8_LA%252C%252C&cbpage=http://www.linkonclick.com/jump/next.php?r=1041905&sub1=0646614000&cbur=0.38620724201242473&cbtitle=&cbiframe=0&cbWidth=1600&cbHeight=1200&cbdescription=&cbkeywords=&cbref= HTTP 302
    http://www.linkonclick.com/script/i.php?stamat=m%257C%252C%252CQ2MSYiEWoGU3B0-GH0dEdHP3xP.f39%252CChQvapGUUp3do6H7nbdvo2UhoO_Siv6idq5mM523Q4f5oK4S9okLZtWVXPUXRTcG5Y-EVVvozYJvw2RlKmWpHCq-jLtviUHSe5yNkESJLqi4hbsF0kZBVifmREev9xkkW_h0c3kb2psmhLzd4eXjxj5hJwIBr0dAcuFmr9ejt95PovmTYW_Jeiry6aXzRGGD9QPmxUlIaT_RYRtntdcE-RFz1ogLSaRtN8qUZUOFhebWH4ME0Y21kBR4pPe-2mNzIJW4duSLdG3pggIRBPOx3V8UbPsLZlpSEcn1KuKFG2X2XCsg21FbLWaWMLNgYzCfh8hzUsg_bj1HSzf40g5qBn4-O_nf7j_lA-4hglrsRPZriS11SzS-IW4pAkO82mTAIumzUsL0332SE3f2IRI0MRsZB2hL9Q9UMRCDJbrepeFWDy1GJQrqclgLC_uKedL6hooNvzGmhL0vAWSSkIJQGr7lZOWomA7Byg5JUh0BvGl0NOnWWSCue1y8UHr5ZRv3x5QreVCRAA5XoBQTYHWO4EoMgP3kkgqCoTh-TsT0QLHsrQ5mF6CnzPvRpHnGiFQrS0aUhTlhJpNxC3KU8peJuGiTERuwzKjOVp9x9bKPDPQ%252C HTTP 302
    https://go.ts-tracker.me/15GIEA?subid=1041905-4038682438-0&cid=16587932880533501579003960313997743&affid=%2030555&cost=[payout]&external_id=16587932880533501579003960313997743 HTTP 302
    https://celeb-secret-trends.com/lp/y-arrow?cp=9&tag=%2030555&tag1=musicplayer&tag2=1041905-4038682438-0&tag3=%2030555&tag4=dating&clickid=23322e42a2dab2a6b3fa725c1b0c6d1d-4888-0725&device=Desktop&brand=Desktop&model=Desktop&country=NL&affid=%2030555&subid=1041905-4038682438-0&ln=nl&cid=16587932880533501579003960313997743&useragent={var:useragent}&ip=2a00:1630:2:1c03::12&bv=Chrome%20103&as=pc&gf=12 HTTP 301
    https://celeb-secret-trends.com/lp/y-arrow/?cp=9&tag=%2030555&tag1=musicplayer&tag2=1041905-4038682438-0&tag3=%2030555&tag4=dating&clickid=23322e42a2dab2a6b3fa725c1b0c6d1d-4888-0725&device=Desktop&brand=Desktop&model=Desktop&country=NL&affid=%2030555&subid=1041905-4038682438-0&ln=nl&cid=16587932880533501579003960313997743&useragent={var:useragent}&ip=2a00:1630:2:1c03::12&bv=Chrome%20103&as=pc&gf=12 Page URL
  9. https://trk.cpvlabtrk.online/15GtmV?cp=9&tag=%2030555&tag1=musicplayer&tag2=1041905-4038682438-0&tag3=%2030555&tag4=dating&clickid=23322e42a2dab2a6b3fa725c1b0c6d1d-4888-0725&device=Desktop&brand=Desktop&model=Desktop&country=NL&affid=%2030555&subid=1041905-4038682438-0&ln=nl&cid=16587932880533501579003960313997743&useragent=%7Bvar%3Auseragent%7D&ip=2a00%3A1630%3A2%3A1c03%3A%3A12&bv=Chrome%20103&as=pc&gf=12&onw=1&link=url%3Dhttps%253A%252F%252Fint.special-trending-news.com%252Fcommon%252Fcontent%252Fspecial-contentforyou.php%253Faffid%253Dbid_%252B30555%2526subid%253D1041905-4038682438-0%2526sClient%253D1%2526r%253D1658793289.0.6595990818037012%2526tn%253D1200%2526tx%253D1800%26s%3DDEFAULT%26a%3Dbid_onw_%252030555%26uA%3D%26sub%3D1041905-4038682438-0%26ts%3D1658793289%26d%3D24%26i%3D4068ivl61ep1ia%26t%3Dclient%26c%3D4423181587 HTTP 302
    https://clk.wbidder2.com/redirect?url=https%3A%2F%2Fint.special-trending-news.com%2Fcommon%2Fcontent%2Fspecial-contentforyou.php%3Faffid%3Dbid_%2B30555%26subid%3D1041905-4038682438-0%26sClient%3D1%26r%3D1658793289.0.6595990818037012%26tn%3D1200%26tx%3D1800&s=DEFAULT&a=bid_onw_%2030555&uA=&sub=1041905-4038682438-0&ts=1658793289&d=24&i=4068ivl61ep1ia&t=client&c=4423181587 HTTP 302
    https://int.special-trending-news.com/common/content/special-contentforyou.php?affid=bid_+30555&subid=1041905-4038682438-0&sClient=1&r=1658793289.0.6595990818037012&tn=1200&tx=1800 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://f.acebook.watch/gbvx31Ll HTTP 302
  • https://1ie.ca/7bd59b10002012011716 HTTP 302
  • https://polo.thegadgetguru.club/?k=6d693537584456d56cecd5b1b43e5eff&type=mainstream&subtype=global HTTP 302
  • https://monkey.redirectmaster.com/?utm_medium=9edef15e72214e8a973d0e5b01f40580976cda9b&utm_campaign=optimizedb
Request Chain 4
  • https://www.offermyvist.com/?sl=5504646-65846&data1=Track1&data2=Track2&tag=M7124462905621217283&website=4400-bd34abaz&placement=4400&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889bf8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2fbf0f1f1fff4fde8efe9edecefe5ebea91&eyeg=3fd43e57d3d6458d3bc462b9b9c18834&eyer=0.913960577796944&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=monkey.redirectmaster.com HTTP 302
  • https://www.offermyvist.com/?sl=5504646-65846&data1=Track1&data2=Track2&tag=M7124462905621217283&website=4400-bd34abaz&placement=4400&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889bf8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2fbf0f1f1fff4fde8efe9edecefe5ebea91&eyeg=3&eyer=0.913960577796944&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=monkey.redirectmaster.com HTTP 302
  • https://admoustache.go2affise.com/sl?id=5f0efd61dabed1d602e0fe6a&pid=503&sub1=33000c8188c550b709695b8971f3f688f665e0725-202207-flb*5504646-65846*M7124462905621217283*sl_5504646-65846*c9776690c1c314e46ec80c11e1732ef9e9bbcb2a*4400-bd34abaz*4400 HTTP 302
  • https://t3.goldensevenseas.net/c.php?p=c:o6450ylcdnn31butk&d=624e9ea3e8e2a8163b65d246&s=503&pid=62df2d4525a6940001969705 HTTP 302
  • https://48.us.tealwinds.xyz/feed/?link=true&tid=48&subid=48.503&ref=&s1=62df2d451d4e5372de1bdcbb HTTP 301
  • https://redir.silverwinds.xyz/click/invalid/?tid=48&subid=48.503 HTTP 302
  • https://cola.labtrffc.com/r.php?p=c:xecd97ullhqs49nas&d=62a055db84c90235f05e05a1&s=48
Request Chain 5
  • https://cola.labtrffc.com/r.php?p=c:xecd97ullhqs49nas&d=62a055db84c90235f05e05a1&s=48&bv=1 HTTP 302
  • https://popmyads.com/serve/52264/64661/szqpmqqoapdpgpq/aHR0cDovL3RyYWZmaXgxMy5jb20=
Request Chain 7
  • https://popmyads.com/gget HTTP 302
  • http://www.linkonclick.com/jump/next.php?r=1041905&sub1=0646614000
Request Chain 8
  • http://www.linkonclick.com/jump/next.php?stamat=m%257C%252CoNhP2Y3PqB1dQO0dEdHP3xP.c5a%252CS0kXXHXf2ck-DOZ9HRvwuM9aL_G46JdZU-2oa3bmXM8JUm5HksBtX5-SSJ8vLRk63-N4BDJVFBP0whOMTY8_LA%252C%252C&cbpage=http://www.linkonclick.com/jump/next.php?r=1041905&sub1=0646614000&cbur=0.38620724201242473&cbtitle=&cbiframe=0&cbWidth=1600&cbHeight=1200&cbdescription=&cbkeywords=&cbref= HTTP 302
  • http://www.linkonclick.com/script/i.php?stamat=m%257C%252C%252CQ2MSYiEWoGU3B0-GH0dEdHP3xP.f39%252CChQvapGUUp3do6H7nbdvo2UhoO_Siv6idq5mM523Q4f5oK4S9okLZtWVXPUXRTcG5Y-EVVvozYJvw2RlKmWpHCq-jLtviUHSe5yNkESJLqi4hbsF0kZBVifmREev9xkkW_h0c3kb2psmhLzd4eXjxj5hJwIBr0dAcuFmr9ejt95PovmTYW_Jeiry6aXzRGGD9QPmxUlIaT_RYRtntdcE-RFz1ogLSaRtN8qUZUOFhebWH4ME0Y21kBR4pPe-2mNzIJW4duSLdG3pggIRBPOx3V8UbPsLZlpSEcn1KuKFG2X2XCsg21FbLWaWMLNgYzCfh8hzUsg_bj1HSzf40g5qBn4-O_nf7j_lA-4hglrsRPZriS11SzS-IW4pAkO82mTAIumzUsL0332SE3f2IRI0MRsZB2hL9Q9UMRCDJbrepeFWDy1GJQrqclgLC_uKedL6hooNvzGmhL0vAWSSkIJQGr7lZOWomA7Byg5JUh0BvGl0NOnWWSCue1y8UHr5ZRv3x5QreVCRAA5XoBQTYHWO4EoMgP3kkgqCoTh-TsT0QLHsrQ5mF6CnzPvRpHnGiFQrS0aUhTlhJpNxC3KU8peJuGiTERuwzKjOVp9x9bKPDPQ%252C HTTP 302
  • https://go.ts-tracker.me/15GIEA?subid=1041905-4038682438-0&cid=16587932880533501579003960313997743&affid=%2030555&cost=[payout]&external_id=16587932880533501579003960313997743 HTTP 302
  • https://celeb-secret-trends.com/lp/y-arrow?cp=9&tag=%2030555&tag1=musicplayer&tag2=1041905-4038682438-0&tag3=%2030555&tag4=dating&clickid=23322e42a2dab2a6b3fa725c1b0c6d1d-4888-0725&device=Desktop&brand=Desktop&model=Desktop&country=NL&affid=%2030555&subid=1041905-4038682438-0&ln=nl&cid=16587932880533501579003960313997743&useragent={var:useragent}&ip=2a00:1630:2:1c03::12&bv=Chrome%20103&as=pc&gf=12 HTTP 301
  • https://celeb-secret-trends.com/lp/y-arrow/?cp=9&tag=%2030555&tag1=musicplayer&tag2=1041905-4038682438-0&tag3=%2030555&tag4=dating&clickid=23322e42a2dab2a6b3fa725c1b0c6d1d-4888-0725&device=Desktop&brand=Desktop&model=Desktop&country=NL&affid=%2030555&subid=1041905-4038682438-0&ln=nl&cid=16587932880533501579003960313997743&useragent={var:useragent}&ip=2a00:1630:2:1c03::12&bv=Chrome%20103&as=pc&gf=12
Request Chain 23
  • https://crtv.wboptim.online/icon?url=https%3A%2F%2Fc.mgid.com%2Fc%3Fpv%3D2%26v%3D0%7C0%7C0%7CEmqnNIX_cd_FrTtOCC0TBcvzSCYfvmWqjI9qm-9b8Su8AI8jwUKFgpqZC8IrI9ZQJSBLlSBocnAPbLt0-KvJHw**%26cid%3D383522%26f%3D1%26h2%3DrxFlexBzE_zhJnata_ZVfxl6iGqttv2K4WhjkwnpzEA*%26rid%3D2b06b707-0c75-11ed-ac3f-e4434b374cb2%26psid%3D%26iub%3DaHR0cHM6Ly9zLWltZy5tZ2lkLmNvbS9nLzEyNTc4MTg5LzMyOHgzMjgvMjM5eDB4NjczeDY3My9hSFIwY0RvdkwybHRaMmh2YzNSekxtTnZiUzkwTHpJd01Ua3RNVEF2TVRBeE9USTBMMlF6TURka1kyWXdObVppTXpVd01qUTVObVppTWpObU16QTRNek13TmpjMkxtcHdaV2Mud2VicD92PTE2NTg3OTMyODktT1VRUG1HellMSGlQc3IxZk84NDlSMWhOU2s1bHVKRUNYaWFsWHhqWk9Mbw%3D%3D&s=1000&a=bid_onw_%2030555&uA=bid_%2030555&sub=1041905-4038682438-0&d=40&ic=1 HTTP 302
  • https://c.mgid.com/c?pv=2&v=0|0|0|EmqnNIX_cd_FrTtOCC0TBcvzSCYfvmWqjI9qm-9b8Su8AI8jwUKFgpqZC8IrI9ZQJSBLlSBocnAPbLt0-KvJHw**&cid=383522&f=1&h2=rxFlexBzE_zhJnata_ZVfxl6iGqttv2K4WhjkwnpzEA*&rid=2b06b707-0c75-11ed-ac3f-e4434b374cb2&psid=&iub=aHR0cHM6Ly9zLWltZy5tZ2lkLmNvbS9nLzEyNTc4MTg5LzMyOHgzMjgvMjM5eDB4NjczeDY3My9hSFIwY0RvdkwybHRaMmh2YzNSekxtTnZiUzkwTHpJd01Ua3RNVEF2TVRBeE9USTBMMlF6TURka1kyWXdObVppTXpVd01qUTVObVppTWpObU16QTRNek13TmpjMkxtcHdaV2Mud2VicD92PTE2NTg3OTMyODktT1VRUG1HellMSGlQc3IxZk84NDlSMWhOU2s1bHVKRUNYaWFsWHhqWk9Mbw== HTTP 301
  • https://s-img.mgid.com/g/12578189/328x328/239x0x673x673/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMTAvMTAxOTI0L2QzMDdkY2YwNmZiMzUwMjQ5NmZiMjNmMzA4MzMwNjc2LmpwZWc.webp?v=1658793289-OUQPmGzYLHiPsr1fO849R1hNSk5luJECXialXxjZOLo
Request Chain 24
  • https://crtv.wboptim.online/icon?url=https%3A%2F%2Fjpgyub.com%2Fdsp%2Fph%2Ficm%3Faid%3D13711235275738336892%26mid%3D0%26sid%3D1399%26t%3D1658793289%26subid%3Dbid-%2030555&s=1051&a=bid_onw_%2030555&uA=bid_%2030555&sub=1041905-4038682438-0&d=14&ic=1 HTTP 302
  • https://jpgyub.com/dsp/ph/icm?aid=13711235275738336892&mid=0&sid=1399&t=1658793289&subid=bid-%2030555
Request Chain 25
  • https://crtv.wboptim.online/icon?url=https%3A%2F%2Fc.mgid.com%2Fc%3Fpv%3D2%26v%3D0%7C0%7C0%7CEmqnNIX_cd_FrTtOCC0TBXVNN8DuZegt_hiNwHYkj6e8AI8jwUKFgpqZC8IrI9ZQuAPBKC4pkscijaLi-PFNOg**%26cid%3D383523%26f%3D1%26h2%3DrxFlexBzE_zhJnata_ZVfxl6iGqttv2K4WhjkwnpzEA*%26rid%3D2b066c98-0c75-11ed-a1e6-e4434b374c12%26psid%3D%26iub%3DaHR0cHM6Ly9zLWltZy5tZ2lkLmNvbS9nLzEyNTc4MjUwLzMyOHgzMjgvLS9hSFIwY0RvdkwyTnNMbWx0WjJodmMzUnpMbU52YlM5cGJXZG9MMmx0WVdkbEwyWmxkR05vTDJGeVh6RTZNU3hqWDJacGJHd3NaVjl6YUdGeWNHVnVPakV3TUN4bVgycHdaeXhuWDJaaFkyVnpPbUYxZEc4c2QxODVOakF2YUhSMGNEb3ZMMmx0WjJodmMzUnpMbU52YlM5MEx6SXdNakl0TURJdk1UQXhPVEkwTHpNNFpqVTBNemt6TkdKbE9ERmlaVFkwWm1VM1l6SXpOVFppWVdZd05ERmlMbXB3Wncud2VicD92PTE2NTg3OTMyODktYWlLYTlZOV9xdld5UGU2MDFodVg4cmtCSkNoRi1STmVSMkxOVE5jajQyNA%3D%3D&s=1000&a=bid_onw_%2030555&uA=bid_%2030555&sub=1041905-4038682438-0&d=49&ic=1 HTTP 302
  • https://c.mgid.com/c?pv=2&v=0|0|0|EmqnNIX_cd_FrTtOCC0TBXVNN8DuZegt_hiNwHYkj6e8AI8jwUKFgpqZC8IrI9ZQuAPBKC4pkscijaLi-PFNOg**&cid=383523&f=1&h2=rxFlexBzE_zhJnata_ZVfxl6iGqttv2K4WhjkwnpzEA*&rid=2b066c98-0c75-11ed-a1e6-e4434b374c12&psid=&iub=aHR0cHM6Ly9zLWltZy5tZ2lkLmNvbS9nLzEyNTc4MjUwLzMyOHgzMjgvLS9hSFIwY0RvdkwyTnNMbWx0WjJodmMzUnpMbU52YlM5cGJXZG9MMmx0WVdkbEwyWmxkR05vTDJGeVh6RTZNU3hqWDJacGJHd3NaVjl6YUdGeWNHVnVPakV3TUN4bVgycHdaeXhuWDJaaFkyVnpPbUYxZEc4c2QxODVOakF2YUhSMGNEb3ZMMmx0WjJodmMzUnpMbU52YlM5MEx6SXdNakl0TURJdk1UQXhPVEkwTHpNNFpqVTBNemt6TkdKbE9ERmlaVFkwWm1VM1l6SXpOVFppWVdZd05ERmlMbXB3Wncud2VicD92PTE2NTg3OTMyODktYWlLYTlZOV9xdld5UGU2MDFodVg4cmtCSkNoRi1STmVSMkxOVE5jajQyNA== HTTP 301
  • https://s-img.mgid.com/g/12578250/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjItMDIvMTAxOTI0LzM4ZjU0MzkzNGJlODFiZTY0ZmU3YzIzNTZiYWYwNDFiLmpwZw.webp?v=1658793289-aiKa9Y9_qvWyPe601huX8rkBJChF-RNeR2LNTNcj424
Request Chain 26
  • https://crtv.wboptim.online/icon?url=https%3A%2F%2Frhaxpy.com%2Fdsp%2Fph%2Ficm%3Faid%3D15017947017277294690%26mid%3D0%26sid%3D1399%26t%3D1658793289%26subid%3Dbid-30731&s=1051&a=bid_onw_%2030555&uA=bid_30731&sub=1041905-4038682438-0&d=21&ic=1 HTTP 302
  • https://rhaxpy.com/dsp/ph/icm?aid=15017947017277294690&mid=0&sid=1399&t=1658793289&subid=bid-30731
Request Chain 27
  • https://crtv.wboptim.online/icon?url=https%3A%2F%2Fc.adskeeper.co.uk%2Fc%3Fpv%3D2%26v%3D0%7C0%7C0%7CEmqnNIX_cd_FrTtOCC0TBWUuFHs30URkmLGy87NBVgSdsExVCBob-x26RLpkCbgHlkgxvZT9UUaBXNPaBIs3ig**%26cid%3D327360%26f%3D1%26h2%3DrxFlexBzE_zhJnata_ZVfxl6iGqttv2K4WhjkwnpzEA*%26rid%3D2b06c328-0c75-11ed-a208-e4434b151302%26psid%3D%26iub%3DaHR0cHM6Ly9zLWltZy5hZHNrZWVwZXIuY28udWsvZy8xMjU3ODE5NC8zMjh4MzI4Ly0vYUhSMGNEb3ZMMk5zTG1sdFoyaHZjM1J6TG1OdmJTOXBiV2RvTDJsdFlXZGxMMlpsZEdOb0wyRnlYekU2TVN4algyWnBiR3dzWlY5emFHRnljR1Z1T2pFd01DeG1YMmRwWml4bWJGOXNiM056ZVN4blgyWmhZMlZ6T21GMWRHOHNkMTgwT0RBdmFIUjBjRG92TDJsdFoyaHZjM1J6TG1OdmJTOTBMekl3TWpJdE1ESXZNVEF4T1RJMEx6UTFZemxrWlRkbFpXVm1NVEl4WVdKalpqWXlaVFU1WWpkbE5qWmpPVEZpTG1kcFpnLmdpZj92PTE2NTg3OTMyODktRngzUEdmRmlHQ1lmMGJYbGt0VG14Mm5ZV24wWXNXc2hZcDZ0Y3F4NFVBQQ%3D%3D&s=1003&a=bid_onw_%2030555&uA=bid_%2030555&sub=1041905-4038682438-0&d=21&ic=1 HTTP 302
  • https://c.adskeeper.co.uk/c?pv=2&v=0|0|0|EmqnNIX_cd_FrTtOCC0TBWUuFHs30URkmLGy87NBVgSdsExVCBob-x26RLpkCbgHlkgxvZT9UUaBXNPaBIs3ig**&cid=327360&f=1&h2=rxFlexBzE_zhJnata_ZVfxl6iGqttv2K4WhjkwnpzEA*&rid=2b06c328-0c75-11ed-a208-e4434b151302&psid=&iub=aHR0cHM6Ly9zLWltZy5hZHNrZWVwZXIuY28udWsvZy8xMjU3ODE5NC8zMjh4MzI4Ly0vYUhSMGNEb3ZMMk5zTG1sdFoyaHZjM1J6TG1OdmJTOXBiV2RvTDJsdFlXZGxMMlpsZEdOb0wyRnlYekU2TVN4algyWnBiR3dzWlY5emFHRnljR1Z1T2pFd01DeG1YMmRwWml4bWJGOXNiM056ZVN4blgyWmhZMlZ6T21GMWRHOHNkMTgwT0RBdmFIUjBjRG92TDJsdFoyaHZjM1J6TG1OdmJTOTBMekl3TWpJdE1ESXZNVEF4T1RJMEx6UTFZemxrWlRkbFpXVm1NVEl4WVdKalpqWXlaVFU1WWpkbE5qWmpPVEZpTG1kcFpnLmdpZj92PTE2NTg3OTMyODktRngzUEdmRmlHQ1lmMGJYbGt0VG14Mm5ZV24wWXNXc2hZcDZ0Y3F4NFVBQQ== HTTP 301
  • https://s-img.adskeeper.co.uk/g/12578194/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2dpZixmbF9sb3NzeSxnX2ZhY2VzOmF1dG8sd180ODAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjItMDIvMTAxOTI0LzQ1YzlkZTdlZWVmMTIxYWJjZjYyZTU5YjdlNjZjOTFiLmdpZg.gif?v=1658793289-Fx3PGfFiGCYf0bXlktTmx2nYWn0YsWshYp6tcqx4UAA

55 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
/
monkey.redirectmaster.com/
Redirect Chain
  • https://f.acebook.watch/gbvx31Ll
  • https://1ie.ca/7bd59b10002012011716
  • https://polo.thegadgetguru.club/?k=6d693537584456d56cecd5b1b43e5eff&type=mainstream&subtype=global
  • https://monkey.redirectmaster.com/?utm_medium=9edef15e72214e8a973d0e5b01f40580976cda9b&utm_campaign=optimizedb
3 KB
2 KB
Document
General
Full URL
https://monkey.redirectmaster.com/?utm_medium=9edef15e72214e8a973d0e5b01f40580976cda9b&utm_campaign=optimizedb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.198.108.194 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
server04.com-2.mobi
Software
nginx / PHP/8.0.11
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate, max-age=0
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 25 Jul 2022 23:54:44 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://monkey.redirectmaster.com/?utm_term=7124462905621217283&ver=4viyaptcjo
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubdomains;
vary
Accept-Encoding
x-powered-by
PHP/8.0.11

Redirect headers

Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=UTF-8
Date
Mon, 25 Jul 2022 23:54:43 GMT
Location
https://monkey.redirectmaster.com/?utm_medium=9edef15e72214e8a973d0e5b01f40580976cda9b&utm_campaign=optimizedb
Server
nginx/1.16.1 (Ubuntu)
/
monkey.redirectmaster.com/
8 KB
3 KB
Document
General
Full URL
https://monkey.redirectmaster.com/?utm_term=7124462905621217283&ver=4viyaptcjo&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2fbf0f1f1fff4fde8efe9edecefe5ebea90
Requested by
Host: monkey.redirectmaster.com
URL: https://monkey.redirectmaster.com/?utm_medium=9edef15e72214e8a973d0e5b01f40580976cda9b&utm_campaign=optimizedb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.198.108.194 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
server04.com-2.mobi
Software
nginx / PHP/8.0.11
Resource Hash
60860870553d890ca65cade394c1e818e9a2281422863bded50449582b5d6a36
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;

Request headers

Referer
https://monkey.redirectmaster.com/?utm_medium=9edef15e72214e8a973d0e5b01f40580976cda9b&utm_campaign=optimizedb
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate, max-age=0
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Mon, 25 Jul 2022 23:54:44 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubdomains;
vary
Accept-Encoding
x-powered-by
PHP/8.0.11
proc.php
monkey.redirectmaster.com/
4 KB
2 KB
Document
General
Full URL
https://monkey.redirectmaster.com/proc.php?2479dd4efc86a284150fee0fb7d6dec6b03e1c49
Requested by
Host: monkey.redirectmaster.com
URL: https://monkey.redirectmaster.com/?utm_term=7124462905621217283&ver=4viyaptcjo&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2fbf0f1f1fff4fde8efe9edecefe5ebea90
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.198.108.194 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
server04.com-2.mobi
Software
nginx / PHP/8.0.11
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;

Request headers

Referer
https://monkey.redirectmaster.com/?utm_term=7124462905621217283&ver=4viyaptcjo&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2fbf0f1f1fff4fde8efe9edecefe5ebea90
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate, max-age=0
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 25 Jul 2022 23:54:44 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://www.offermyvist.com/?sl=5504646-65846&data1=Track1&data2=Track2&tag=M7124462905621217283&website=4400-bd34abaz&placement=4400
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubdomains;
vary
Accept-Encoding
x-powered-by
PHP/8.0.11
/
www.offermyvist.com/
5 KB
5 KB
Document
General
Full URL
https://www.offermyvist.com/?sl=5504646-65846&data1=Track1&data2=Track2&tag=M7124462905621217283&website=4400-bd34abaz&placement=4400&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889bf8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2fbf0f1f1fff4fde8efe9edecefe5ebea91
Requested by
Host: monkey.redirectmaster.com
URL: https://monkey.redirectmaster.com/proc.php?2479dd4efc86a284150fee0fb7d6dec6b03e1c49
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.68.81.31 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://monkey.redirectmaster.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

Cache-Control
no-transform
Connection
keep-alive
Content-Type
text/html
Date
Mon, 25 Jul 2022 23:54:44 GMT
Transfer-Encoding
chunked
r.php
cola.labtrffc.com/
Redirect Chain
  • https://www.offermyvist.com/?sl=5504646-65846&data1=Track1&data2=Track2&tag=M7124462905621217283&website=4400-bd34abaz&placement=4400&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd838...
  • https://www.offermyvist.com/?sl=5504646-65846&data1=Track1&data2=Track2&tag=M7124462905621217283&website=4400-bd34abaz&placement=4400&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd838...
  • https://admoustache.go2affise.com/sl?id=5f0efd61dabed1d602e0fe6a&pid=503&sub1=33000c8188c550b709695b8971f3f688f665e0725-202207-flb*5504646-65846*M7124462905621217283*sl_5504646-65846*c9776690c1c314...
  • https://t3.goldensevenseas.net/c.php?p=c:o6450ylcdnn31butk&d=624e9ea3e8e2a8163b65d246&s=503&pid=62df2d4525a6940001969705
  • https://48.us.tealwinds.xyz/feed/?link=true&tid=48&subid=48.503&ref=&s1=62df2d451d4e5372de1bdcbb
  • https://redir.silverwinds.xyz/click/invalid/?tid=48&subid=48.503
  • https://cola.labtrffc.com/r.php?p=c:xecd97ullhqs49nas&d=62a055db84c90235f05e05a1&s=48
876 B
849 B
Document
General
Full URL
https://cola.labtrffc.com/r.php?p=c:xecd97ullhqs49nas&d=62a055db84c90235f05e05a1&s=48
Requested by
Host: www.offermyvist.com
URL: https://www.offermyvist.com/?sl=5504646-65846&data1=Track1&data2=Track2&tag=M7124462905621217283&website=4400-bd34abaz&placement=4400&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889bf8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2fbf0f1f1fff4fde8efe9edecefe5ebea91
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.83.143.92 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3155458.ip-51-83-143.eu
Software
nginx /
Resource Hash

Request headers

Referer
https://www.offermyvist.com/?sl=5504646-65846&data1=Track1&data2=Track2&tag=M7124462905621217283&website=4400-bd34abaz&placement=4400&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889bf8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2fbf0f1f1fff4fde8efe9edecefe5ebea91
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Mon, 25 Jul 2022 23:54:47 GMT
Server
nginx
Transfer-Encoding
chunked

Redirect headers

Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate
Connection
keep-alive
Content-Length
230
Content-Type
text/html; charset=utf-8
Date
Mon, 25 Jul 2022 23:54:47 GMT
Expires
0
Keep-Alive
timeout=5
Location
https://cola.labtrffc.com/r.php?p=c:xecd97ullhqs49nas&d=62a055db84c90235f05e05a1&s=48
Pragma
no-cache
Surrogate-Control
no-store
Vary
Accept
X-Powered-By
Express
aHR0cDovL3RyYWZmaXgxMy5jb20=
popmyads.com/serve/52264/64661/szqpmqqoapdpgpq/
Redirect Chain
  • https://cola.labtrffc.com/r.php?p=c:xecd97ullhqs49nas&d=62a055db84c90235f05e05a1&s=48&bv=1
  • https://popmyads.com/serve/52264/64661/szqpmqqoapdpgpq/aHR0cDovL3RyYWZmaXgxMy5jb20=
2 KB
1 KB
Document
General
Full URL
https://popmyads.com/serve/52264/64661/szqpmqqoapdpgpq/aHR0cDovL3RyYWZmaXgxMy5jb20=
Requested by
Host: cola.labtrffc.com
URL: https://cola.labtrffc.com/r.php?p=c:xecd97ullhqs49nas&d=62a055db84c90235f05e05a1&s=48
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.1.33
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
X-Frame-Options DENY

Request headers

Referer
https://cola.labtrffc.com/r.php?p=c:xecd97ullhqs49nas&d=62a055db84c90235f05e05a1&s=48
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7308d2a09ddab837-AMS
content-encoding
br
content-security-policy
frame-ancestors 'none'
content-type
text/html; charset=UTF-8
date
Mon, 25 Jul 2022 23:54:47 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LygjpMEV7PNXoK17o%2BAyARY3U88yepGv%2BEBm%2FrnZQGgpTtrzIfvhLEEbdVRnRBuMfeFCUq1cQ%2BCqa1Mx3A71xqQeDtzs94GmHyy6cBNh9%2FC0c1MfrPsolTO5z1cctfTXJMm3NiOHoVeTgSQ%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-frame-options
DENY
x-powered-by
PHP/7.1.33

Redirect headers

Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=UTF-8
Date
Mon, 25 Jul 2022 23:54:47 GMT
Location
https://popmyads.com/serve/52264/64661/szqpmqqoapdpgpq/aHR0cDovL3RyYWZmaXgxMy5jb20=
Raund
2fo
Round
11kgq037yu
Server
nginx
popmyads.png
whos.amung.us/swidget/
0
0

next.php
www.linkonclick.com/jump/
Redirect Chain
  • https://popmyads.com/gget
  • http://www.linkonclick.com/jump/next.php?r=1041905&sub1=0646614000
7 KB
3 KB
Document
General
Full URL
http://www.linkonclick.com/jump/next.php?r=1041905&sub1=0646614000
Protocol
HTTP/1.1
Server
35.186.193.41 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
41.193.186.35.bc.googleusercontent.com
Software
openresty /
Resource Hash

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://popmyads.com
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

Access-Control-Allow-Origin
*
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Mon, 25 Jul 2022 23:54:48 GMT
Server
openresty
Transfer-Encoding
chunked
Via
1.1 google

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7308d2a13e3db837-AMS
content-type
text/html; charset=UTF-8
date
Mon, 25 Jul 2022 23:54:47 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location
http://www.linkonclick.com/jump/next.php?r=1041905&sub1=0646614000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CWzz5CulEUHZYUAuIgOPaXSCSZpei3TVtPwkuYEGGcdd35MXnUhafDjVoRsrNO0vv5Uyk0TIwgFvCkidMXyBaF6jT5pU0SPyVEbQWlwtZvWMSCcrMdT11fgxyx0rfG2qNX7HRBONNvD4LV8%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.1.33
/
celeb-secret-trends.com/lp/y-arrow/
Redirect Chain
  • http://www.linkonclick.com/jump/next.php?stamat=m%257C%252CoNhP2Y3PqB1dQO0dEdHP3xP.c5a%252CS0kXXHXf2ck-DOZ9HRvwuM9aL_G46JdZU-2oa3bmXM8JUm5HksBtX5-SSJ8vLRk63-N4BDJVFBP0whOMTY8_LA%252C%252C&cbpage=ht...
  • http://www.linkonclick.com/script/i.php?stamat=m%257C%252C%252CQ2MSYiEWoGU3B0-GH0dEdHP3xP.f39%252CChQvapGUUp3do6H7nbdvo2UhoO_Siv6idq5mM523Q4f5oK4S9okLZtWVXPUXRTcG5Y-EVVvozYJvw2RlKmWpHCq-jLtviUHSe5y...
  • https://go.ts-tracker.me/15GIEA?subid=1041905-4038682438-0&cid=16587932880533501579003960313997743&affid=%2030555&cost=[payout]&external_id=16587932880533501579003960313997743
  • https://celeb-secret-trends.com/lp/y-arrow?cp=9&tag=%2030555&tag1=musicplayer&tag2=1041905-4038682438-0&tag3=%2030555&tag4=dating&clickid=23322e42a2dab2a6b3fa725c1b0c6d1d-4888-0725&device=Desktop&b...
  • https://celeb-secret-trends.com/lp/y-arrow/?cp=9&tag=%2030555&tag1=musicplayer&tag2=1041905-4038682438-0&tag3=%2030555&tag4=dating&clickid=23322e42a2dab2a6b3fa725c1b0c6d1d-4888-0725&device=Desktop&...
29 KB
16 KB
Document
General
Full URL
https://celeb-secret-trends.com/lp/y-arrow/?cp=9&tag=%2030555&tag1=musicplayer&tag2=1041905-4038682438-0&tag3=%2030555&tag4=dating&clickid=23322e42a2dab2a6b3fa725c1b0c6d1d-4888-0725&device=Desktop&brand=Desktop&model=Desktop&country=NL&affid=%2030555&subid=1041905-4038682438-0&ln=nl&cid=16587932880533501579003960313997743&useragent={var:useragent}&ip=2a00:1630:2:1c03::12&bv=Chrome%20103&as=pc&gf=12
Requested by
Host: www.linkonclick.com
URL: http://www.linkonclick.com/jump/next.php?r=1041905&sub1=0646614000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.168.170.165 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
0c1ec20cebee238e4fa9aa825a6d5005a429fb7fcd3ef4c741c9e85e748adfc7
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
http://www.linkonclick.com/jump/next.php?r=1041905&sub1=0646614000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

content-encoding
gzip
content-type
text/html
date
Mon, 25 Jul 2022 23:54:48 GMT
etag
W/"62341cea-729d"
last-modified
Fri, 18 Mar 2022 05:47:22 GMT
server
nginx
vary
Accept-Encoding
x-frame-options
SAMEORIGIN

Redirect headers

content-length
162
content-type
text/html
date
Mon, 25 Jul 2022 23:54:48 GMT
location
https://celeb-secret-trends.com/lp/y-arrow/?cp=9&tag=%2030555&tag1=musicplayer&tag2=1041905-4038682438-0&tag3=%2030555&tag4=dating&clickid=23322e42a2dab2a6b3fa725c1b0c6d1d-4888-0725&device=Desktop&brand=Desktop&model=Desktop&country=NL&affid=%2030555&subid=1041905-4038682438-0&ln=nl&cid=16587932880533501579003960313997743&useragent={var:useragent}&ip=2a00:1630:2:1c03::12&bv=Chrome%20103&as=pc&gf=12
server
nginx
x-frame-options
SAMEORIGIN
client.new.js
celeb-secret-trends.com/plugin/js/
26 KB
11 KB
Script
General
Full URL
https://celeb-secret-trends.com/plugin/js/client.new.js
Requested by
Host: celeb-secret-trends.com
URL: https://celeb-secret-trends.com/lp/y-arrow/?cp=9&tag=%2030555&tag1=musicplayer&tag2=1041905-4038682438-0&tag3=%2030555&tag4=dating&clickid=23322e42a2dab2a6b3fa725c1b0c6d1d-4888-0725&device=Desktop&brand=Desktop&model=Desktop&country=NL&affid=%2030555&subid=1041905-4038682438-0&ln=nl&cid=16587932880533501579003960313997743&useragent={var:useragent}&ip=2a00:1630:2:1c03::12&bv=Chrome%20103&as=pc&gf=12
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.168.170.165 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
ea8d074475a237fc34ae2ed9415f0faa805968e5747b685873841dca68c9042a
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://celeb-secret-trends.com/lp/y-arrow/?cp=9&tag=%2030555&tag1=musicplayer&tag2=1041905-4038682438-0&tag3=%2030555&tag4=dating&clickid=23322e42a2dab2a6b3fa725c1b0c6d1d-4888-0725&device=Desktop&brand=Desktop&model=Desktop&country=NL&affid=%2030555&subid=1041905-4038682438-0&ln=nl&cid=16587932880533501579003960313997743&useragent={var:useragent}&ip=2a00:1630:2:1c03::12&bv=Chrome%20103&as=pc&gf=12
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 25 Jul 2022 23:54:48 GMT
content-encoding
gzip
vary
Accept-Encoding
last-modified
Mon, 04 Jul 2022 17:04:55 GMT
server
nginx
etag
W/"62c31db7-692e"
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=2592000
expires
Wed, 24 Aug 2022 23:54:48 GMT
bidder.js
celeb-secret-trends.com/plugin/js/
15 KB
6 KB
Script
General
Full URL
https://celeb-secret-trends.com/plugin/js/bidder.js
Requested by
Host: celeb-secret-trends.com
URL: https://celeb-secret-trends.com/lp/y-arrow/?cp=9&tag=%2030555&tag1=musicplayer&tag2=1041905-4038682438-0&tag3=%2030555&tag4=dating&clickid=23322e42a2dab2a6b3fa725c1b0c6d1d-4888-0725&device=Desktop&brand=Desktop&model=Desktop&country=NL&affid=%2030555&subid=1041905-4038682438-0&ln=nl&cid=16587932880533501579003960313997743&useragent={var:useragent}&ip=2a00:1630:2:1c03::12&bv=Chrome%20103&as=pc&gf=12
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.168.170.165 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
d3a7350f32ae624e1d340bbfe32400930c4b75e5c5860f65351d31a0ee4d8377
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://celeb-secret-trends.com/lp/y-arrow/?cp=9&tag=%2030555&tag1=musicplayer&tag2=1041905-4038682438-0&tag3=%2030555&tag4=dating&clickid=23322e42a2dab2a6b3fa725c1b0c6d1d-4888-0725&device=Desktop&brand=Desktop&model=Desktop&country=NL&affid=%2030555&subid=1041905-4038682438-0&ln=nl&cid=16587932880533501579003960313997743&useragent={var:useragent}&ip=2a00:1630:2:1c03::12&bv=Chrome%20103&as=pc&gf=12
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 25 Jul 2022 23:54:48 GMT
content-encoding
gzip
vary
Accept-Encoding
last-modified
Mon, 04 Jul 2022 17:04:55 GMT
server
nginx
etag
W/"62c31db7-3b60"
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=2592000
expires
Wed, 24 Aug 2022 23:54:48 GMT
bidder-interval.js
celeb-secret-trends.com/plugin/js/
8 KB
3 KB
Script
General
Full URL
https://celeb-secret-trends.com/plugin/js/bidder-interval.js
Requested by
Host: celeb-secret-trends.com
URL: https://celeb-secret-trends.com/lp/y-arrow/?cp=9&tag=%2030555&tag1=musicplayer&tag2=1041905-4038682438-0&tag3=%2030555&tag4=dating&clickid=23322e42a2dab2a6b3fa725c1b0c6d1d-4888-0725&device=Desktop&brand=Desktop&model=Desktop&country=NL&affid=%2030555&subid=1041905-4038682438-0&ln=nl&cid=16587932880533501579003960313997743&useragent={var:useragent}&ip=2a00:1630:2:1c03::12&bv=Chrome%20103&as=pc&gf=12
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.168.170.165 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
4fcf63aeecc00b000351d5b887fb4cc3dc9b6bc97cb7852734864852b7797226
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://celeb-secret-trends.com/lp/y-arrow/?cp=9&tag=%2030555&tag1=musicplayer&tag2=1041905-4038682438-0&tag3=%2030555&tag4=dating&clickid=23322e42a2dab2a6b3fa725c1b0c6d1d-4888-0725&device=Desktop&brand=Desktop&model=Desktop&country=NL&affid=%2030555&subid=1041905-4038682438-0&ln=nl&cid=16587932880533501579003960313997743&useragent={var:useragent}&ip=2a00:1630:2:1c03::12&bv=Chrome%20103&as=pc&gf=12
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 25 Jul 2022 23:54:48 GMT
content-encoding
gzip
vary
Accept-Encoding
last-modified
Thu, 16 Jun 2022 13:19:20 GMT
server
nginx
etag
W/"62ab2dd8-1f27"
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=2592000
expires
Wed, 24 Aug 2022 23:54:48 GMT
e-client.v2.js
celeb-secret-trends.com/plugin/js/
33 KB
11 KB
Script
General
Full URL
https://celeb-secret-trends.com/plugin/js/e-client.v2.js
Requested by
Host: celeb-secret-trends.com
URL: https://celeb-secret-trends.com/lp/y-arrow/?cp=9&tag=%2030555&tag1=musicplayer&tag2=1041905-4038682438-0&tag3=%2030555&tag4=dating&clickid=23322e42a2dab2a6b3fa725c1b0c6d1d-4888-0725&device=Desktop&brand=Desktop&model=Desktop&country=NL&affid=%2030555&subid=1041905-4038682438-0&ln=nl&cid=16587932880533501579003960313997743&useragent={var:useragent}&ip=2a00:1630:2:1c03::12&bv=Chrome%20103&as=pc&gf=12
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.168.170.165 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
3e0c01a6c467139034e28e06b14cfe72288008d377ef4c02219210058973a72a
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://celeb-secret-trends.com/lp/y-arrow/?cp=9&tag=%2030555&tag1=musicplayer&tag2=1041905-4038682438-0&tag3=%2030555&tag4=dating&clickid=23322e42a2dab2a6b3fa725c1b0c6d1d-4888-0725&device=Desktop&brand=Desktop&model=Desktop&country=NL&affid=%2030555&subid=1041905-4038682438-0&ln=nl&cid=16587932880533501579003960313997743&useragent={var:useragent}&ip=2a00:1630:2:1c03::12&bv=Chrome%20103&as=pc&gf=12
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 25 Jul 2022 23:54:48 GMT
content-encoding
gzip
vary
Accept-Encoding
last-modified
Thu, 07 Jul 2022 08:43:02 GMT
server
nginx
etag
W/"62c69c96-82de"
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=2592000
expires
Wed, 24 Aug 2022 23:54:48 GMT
truncated
/
4 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4261f5b9b560c04a5b01559c45547e64f80f412e364d11520e2f8e70bdfc3978

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type
image/png
client
wbidder2.com/offer/
2 KB
1 KB
Fetch
General
Full URL
https://wbidder2.com/offer/client?affid=onw_%2030555&subid=1041905-4038682438-0&days=8&count=1
Requested by
Host: celeb-secret-trends.com
URL: https://celeb-secret-trends.com/plugin/js/client.new.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.48.112.55 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 25 Jul 2022 23:54:49 GMT
content-encoding
gzip
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
client
wbidder2.com/offer/
2 KB
735 B
Fetch
General
Full URL
https://wbidder2.com/offer/client?affid=onw_%2030555&subid=1041905-4038682438-0&days=8&count=1
Requested by
Host: celeb-secret-trends.com
URL: https://celeb-secret-trends.com/plugin/js/client.new.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.48.112.55 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 25 Jul 2022 23:54:49 GMT
content-encoding
gzip
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
client
wbidder2.com/offer/
3 KB
2 KB
Fetch
General
Full URL
https://wbidder2.com/offer/client?affid=onw_%2030555&subid=1041905-4038682438-0&days=8&count=1
Requested by
Host: celeb-secret-trends.com
URL: https://celeb-secret-trends.com/plugin/js/client.new.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.48.112.55 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 25 Jul 2022 23:54:49 GMT
content-encoding
gzip
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
newB1modal.png
celeb-secret-trends.com/pluginstuff/
9 KB
9 KB
Image
General
Full URL
https://celeb-secret-trends.com/pluginstuff/newB1modal.png
Requested by
Host: celeb-secret-trends.com
URL: https://celeb-secret-trends.com/lp/y-arrow/?cp=9&tag=%2030555&tag1=musicplayer&tag2=1041905-4038682438-0&tag3=%2030555&tag4=dating&clickid=23322e42a2dab2a6b3fa725c1b0c6d1d-4888-0725&device=Desktop&brand=Desktop&model=Desktop&country=NL&affid=%2030555&subid=1041905-4038682438-0&ln=nl&cid=16587932880533501579003960313997743&useragent={var:useragent}&ip=2a00:1630:2:1c03::12&bv=Chrome%20103&as=pc&gf=12
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.168.170.165 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
3f0014f83976d1cf838ba0bb0dd7b9150457ebc601c4f6840d8e16620c12ad5b
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 25 Jul 2022 23:54:48 GMT
last-modified
Fri, 14 May 2021 16:13:10 GMT
server
nginx
etag
"609ea196-2359"
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
9049
expires
Wed, 24 Aug 2022 23:54:48 GMT
client
wbidder2.com/offer/
1 KB
683 B
Fetch
General
Full URL
https://wbidder2.com/offer/client?affid=onw_%2030555&subid=1041905-4038682438-0&days=8
Requested by
Host: celeb-secret-trends.com
URL: https://celeb-secret-trends.com/plugin/js/bidder.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.48.112.55 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 25 Jul 2022 23:54:49 GMT
content-encoding
gzip
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
client
wbidder2.com/offer/
9 KB
3 KB
Fetch
General
Full URL
https://wbidder2.com/offer/client?affid=onw_%2030555&subid=1041905-4038682438-0&days=8&count=5&adult=undefined
Requested by
Host: celeb-secret-trends.com
URL: https://celeb-secret-trends.com/plugin/js/e-client.v2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.48.112.55 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 25 Jul 2022 23:54:49 GMT
content-encoding
gzip
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
eclientclick
wbidder2.com/offer/
2 KB
753 B
Fetch
General
Full URL
https://wbidder2.com/offer/eclientclick?affid=onw_%2030555&subid=1041905-4038682438-0&days=8&count=1&adult=undefined
Requested by
Host: celeb-secret-trends.com
URL: https://celeb-secret-trends.com/plugin/js/e-client.v2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.48.112.55 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
1f3b01223f7d4813b15696b43ce525db2a3d31c7632fe2a108ea9566d32bc65a

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 25 Jul 2022 23:54:49 GMT
content-encoding
gzip
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
youtube-eclient.png
celeb-secret-trends.com/icons/
1 KB
2 KB
Image
General
Full URL
https://celeb-secret-trends.com/icons/youtube-eclient.png
Requested by
Host: celeb-secret-trends.com
URL: https://celeb-secret-trends.com/lp/y-arrow/?cp=9&tag=%2030555&tag1=musicplayer&tag2=1041905-4038682438-0&tag3=%2030555&tag4=dating&clickid=23322e42a2dab2a6b3fa725c1b0c6d1d-4888-0725&device=Desktop&brand=Desktop&model=Desktop&country=NL&affid=%2030555&subid=1041905-4038682438-0&ln=nl&cid=16587932880533501579003960313997743&useragent={var:useragent}&ip=2a00:1630:2:1c03::12&bv=Chrome%20103&as=pc&gf=12
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.168.170.165 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
44732c891c3fffbf3ec24e05f43fb59908ed9e467f35f424f71a45a649f78f01
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 25 Jul 2022 23:54:48 GMT
last-modified
Tue, 15 Mar 2022 16:54:11 GMT
server
nginx
etag
"6230c4b3-57c"
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
1404
expires
Wed, 24 Aug 2022 23:54:48 GMT
spinner.gif
celeb-secret-trends.com/flow-lp/porsche-1/img/
113 KB
113 KB
Image
General
Full URL
https://celeb-secret-trends.com/flow-lp/porsche-1/img/spinner.gif
Requested by
Host: celeb-secret-trends.com
URL: https://celeb-secret-trends.com/lp/y-arrow/?cp=9&tag=%2030555&tag1=musicplayer&tag2=1041905-4038682438-0&tag3=%2030555&tag4=dating&clickid=23322e42a2dab2a6b3fa725c1b0c6d1d-4888-0725&device=Desktop&brand=Desktop&model=Desktop&country=NL&affid=%2030555&subid=1041905-4038682438-0&ln=nl&cid=16587932880533501579003960313997743&useragent={var:useragent}&ip=2a00:1630:2:1c03::12&bv=Chrome%20103&as=pc&gf=12
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.168.170.165 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
7ffbc5613ad711543dc07ae92ea8a151ed27fa356f0a591181910f4270b2e908
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 25 Jul 2022 23:54:48 GMT
last-modified
Fri, 01 Nov 2019 13:26:09 GMT
server
nginx
etag
"5dbc3271-1c3fd"
x-frame-options
SAMEORIGIN
content-type
image/gif
cache-control
max-age=2592000
accept-ranges
bytes
content-length
115709
expires
Wed, 24 Aug 2022 23:54:48 GMT
Primary Request special-contentforyou.php
int.special-trending-news.com/common/content/
Redirect Chain
  • https://trk.cpvlabtrk.online/15GtmV?cp=9&tag=%2030555&tag1=musicplayer&tag2=1041905-4038682438-0&tag3=%2030555&tag4=dating&clickid=23322e42a2dab2a6b3fa725c1b0c6d1d-4888-0725&device=Desktop&brand=De...
  • https://clk.wbidder2.com/redirect?url=https%3A%2F%2Fint.special-trending-news.com%2Fcommon%2Fcontent%2Fspecial-contentforyou.php%3Faffid%3Dbid_%2B30555%26subid%3D1041905-4038682438-0%26sClient%3D1%...
  • https://int.special-trending-news.com/common/content/special-contentforyou.php?affid=bid_+30555&subid=1041905-4038682438-0&sClient=1&r=1658793289.0.6595990818037012&tn=1200&tx=1800
2 KB
986 B
Document
General
Full URL
https://int.special-trending-news.com/common/content/special-contentforyou.php?affid=bid_+30555&subid=1041905-4038682438-0&sClient=1&r=1658793289.0.6595990818037012&tn=1200&tx=1800
Requested by
Host: celeb-secret-trends.com
URL: https://celeb-secret-trends.com/plugin/js/client.new.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.227.149.216 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
6d28613dc81532efccdf3913078a6d90c6fb7d92fbd956fca3e7c3f07cc5db36
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 25 Jul 2022 23:54:49 GMT
server
nginx
vary
Accept-Encoding
x-frame-options
SAMEORIGIN

Redirect headers

access-control-allow-origin
*
content-length
0
date
Mon, 25 Jul 2022 23:54:49 GMT
location
https://int.special-trending-news.com/common/content/special-contentforyou.php?affid=bid_+30555&subid=1041905-4038682438-0&sClient=1&r=1658793289.0.6595990818037012&tn=1200&tx=1800
vary
Origin
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMTAvMTAxOTI0L2QzMDdkY2YwNmZiMzUwMjQ5NmZiMjNmMzA4MzMwNjc2LmpwZWc.webp
s-img.mgid.com/g/12578189/328x328/239x0x673x673/
Redirect Chain
  • https://crtv.wboptim.online/icon?url=https%3A%2F%2Fc.mgid.com%2Fc%3Fpv%3D2%26v%3D0%7C0%7C0%7CEmqnNIX_cd_FrTtOCC0TBcvzSCYfvmWqjI9qm-9b8Su8AI8jwUKFgpqZC8IrI9ZQJSBLlSBocnAPbLt0-KvJHw**%26cid%3D383522%...
  • https://c.mgid.com/c?pv=2&v=0|0|0|EmqnNIX_cd_FrTtOCC0TBcvzSCYfvmWqjI9qm-9b8Su8AI8jwUKFgpqZC8IrI9ZQJSBLlSBocnAPbLt0-KvJHw**&cid=383522&f=1&h2=rxFlexBzE_zhJnata_ZVfxl6iGqttv2K4WhjkwnpzEA*&rid=2b06b70...
  • https://s-img.mgid.com/g/12578189/328x328/239x0x673x673/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMTAvMTAxOTI0L2QzMDdkY2YwNmZiMzUwMjQ5NmZiMjNmMzA4MzMwNjc2LmpwZWc.webp?v=1658793289-OUQPmGzYLHiPsr1fO849R1h...
11 KB
11 KB
Image
General
Full URL
https://s-img.mgid.com/g/12578189/328x328/239x0x673x673/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMTAvMTAxOTI0L2QzMDdkY2YwNmZiMzUwMjQ5NmZiMjNmMzA4MzMwNjc2LmpwZWc.webp?v=1658793289-OUQPmGzYLHiPsr1fO849R1hNSk5luJECXialXxjZOLo
Protocol
H2
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 25 Jul 2022 23:54:49 GMT
cf-cache-status
HIT
last-modified
Tue, 29 Mar 2022 08:52:28 GMT
x-mg-request-uuid
80c4b078-6537-46a9-a8dd-51158df67898
age
4035923
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
7308d2ab5ce9b950-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
11216
server
cloudflare

Redirect headers

date
Mon, 25 Jul 2022 23:54:49 GMT
cf-cache-status
DYNAMIC
x-mg-request-uuid
57e5e23e-a0c6-4918-8a77-1805038065d4
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location
https://s-img.mgid.com/g/12578189/328x328/239x0x673x673/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMTAvMTAxOTI0L2QzMDdkY2YwNmZiMzUwMjQ5NmZiMjNmMzA4MzMwNjc2LmpwZWc.webp?v=1658793289-OUQPmGzYLHiPsr1fO849R1hNSk5luJECXialXxjZOLo
cf-ray
7308d2aa8bacb950-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
server
cloudflare
icm
jpgyub.com/dsp/ph/
Redirect Chain
  • https://crtv.wboptim.online/icon?url=https%3A%2F%2Fjpgyub.com%2Fdsp%2Fph%2Ficm%3Faid%3D13711235275738336892%26mid%3D0%26sid%3D1399%26t%3D1658793289%26subid%3Dbid-%2030555&s=1051&a=bid_onw_%2030555&...
  • https://jpgyub.com/dsp/ph/icm?aid=13711235275738336892&mid=0&sid=1399&t=1658793289&subid=bid-%2030555
0
0

aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjItMDIvMTAxOTI0LzM4ZjU0MzkzNGJlODFiZTY0Z...
s-img.mgid.com/g/12578250/328x328/-/
Redirect Chain
  • https://crtv.wboptim.online/icon?url=https%3A%2F%2Fc.mgid.com%2Fc%3Fpv%3D2%26v%3D0%7C0%7C0%7CEmqnNIX_cd_FrTtOCC0TBXVNN8DuZegt_hiNwHYkj6e8AI8jwUKFgpqZC8IrI9ZQuAPBKC4pkscijaLi-PFNOg**%26cid%3D383523%...
  • https://c.mgid.com/c?pv=2&v=0|0|0|EmqnNIX_cd_FrTtOCC0TBXVNN8DuZegt_hiNwHYkj6e8AI8jwUKFgpqZC8IrI9ZQuAPBKC4pkscijaLi-PFNOg**&cid=383523&f=1&h2=rxFlexBzE_zhJnata_ZVfxl6iGqttv2K4WhjkwnpzEA*&rid=2b066c9...
  • https://s-img.mgid.com/g/12578250/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90L...
16 KB
16 KB
Image
General
Full URL
https://s-img.mgid.com/g/12578250/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjItMDIvMTAxOTI0LzM4ZjU0MzkzNGJlODFiZTY0ZmU3YzIzNTZiYWYwNDFiLmpwZw.webp?v=1658793289-aiKa9Y9_qvWyPe601huX8rkBJChF-RNeR2LNTNcj424
Protocol
H2
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 25 Jul 2022 23:54:49 GMT
cf-cache-status
HIT
last-modified
Tue, 29 Mar 2022 06:55:41 GMT
x-mg-request-uuid
a28bd938-dbdf-441f-a869-068004250ae4
age
4035842
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
7308d2ab5cebb950-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
16208
server
cloudflare

Redirect headers

date
Mon, 25 Jul 2022 23:54:49 GMT
cf-cache-status
DYNAMIC
x-mg-request-uuid
a8399d22-5f26-490c-8eb4-c38ba0f1ba6c
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location
https://s-img.mgid.com/g/12578250/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjItMDIvMTAxOTI0LzM4ZjU0MzkzNGJlODFiZTY0ZmU3YzIzNTZiYWYwNDFiLmpwZw.webp?v=1658793289-aiKa9Y9_qvWyPe601huX8rkBJChF-RNeR2LNTNcj424
cf-ray
7308d2aa8bb0b950-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
server
cloudflare
icm
rhaxpy.com/dsp/ph/
Redirect Chain
  • https://crtv.wboptim.online/icon?url=https%3A%2F%2Frhaxpy.com%2Fdsp%2Fph%2Ficm%3Faid%3D15017947017277294690%26mid%3D0%26sid%3D1399%26t%3D1658793289%26subid%3Dbid-30731&s=1051&a=bid_onw_%2030555&uA=...
  • https://rhaxpy.com/dsp/ph/icm?aid=15017947017277294690&mid=0&sid=1399&t=1658793289&subid=bid-30731
0
0

aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2dpZixmbF9sb3NzeSxnX2ZhY2VzOmF1dG8sd180ODAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjItMDIvMTAxOTI0LzQ1YzlkZTdlZ...
s-img.adskeeper.co.uk/g/12578194/328x328/-/
Redirect Chain
  • https://crtv.wboptim.online/icon?url=https%3A%2F%2Fc.adskeeper.co.uk%2Fc%3Fpv%3D2%26v%3D0%7C0%7C0%7CEmqnNIX_cd_FrTtOCC0TBWUuFHs30URkmLGy87NBVgSdsExVCBob-x26RLpkCbgHlkgxvZT9UUaBXNPaBIs3ig**%26cid%3D...
  • https://c.adskeeper.co.uk/c?pv=2&v=0|0|0|EmqnNIX_cd_FrTtOCC0TBWUuFHs30URkmLGy87NBVgSdsExVCBob-x26RLpkCbgHlkgxvZT9UUaBXNPaBIs3ig**&cid=327360&f=1&h2=rxFlexBzE_zhJnata_ZVfxl6iGqttv2K4WhjkwnpzEA*&rid=...
  • https://s-img.adskeeper.co.uk/g/12578194/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2dpZixmbF9sb3NzeSxnX2ZhY2VzOmF1dG8sd180ODAvaHR0cDovL2...
0
0

offerwall.clickpush.com.964329.js
jsc.adskeeper.co.uk/o/f/
2 KB
1 KB
Script
General
Full URL
https://jsc.adskeeper.co.uk/o/f/offerwall.clickpush.com.964329.js
Requested by
Host: int.special-trending-news.com
URL: https://int.special-trending-news.com/common/content/special-contentforyou.php?affid=bid_+30555&subid=1041905-4038682438-0&sClient=1&r=1658793289.0.6595990818037012&tn=1200&tx=1800
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.27.174 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4622db92c9f187856841ddcfcaedb27507f67afe40bb0a6fca9fa33d9c4a8868

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://int.special-trending-news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 25 Jul 2022 23:54:49 GMT
content-encoding
gzip
cf-cache-status
HIT
age
3028
cf-ray
7308d2abea62b90f-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
918
x-amz-id-2
WANyp0kGdqYC8YcYq5o5kKxJUxv/ILKOv3GocmR1Xs21zkNUswTr/9Lhw50nE+yG06kmdJxntck=
last-modified
Tue, 21 Jun 2022 10:34:04 GMT
server
cloudflare
etag
"098e073f503262f4410d13d56ab084d2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-request-id
2QX26Z3BTZKNXP1Y
cache-control
public, max-age=14400
x-amz-version-id
Qh9W22UsqYP_rIK_NTavvm1WQZwJipFq
accept-ranges
bytes
content-type
text/javascript
expires
Tue, 26 Jul 2022 03:54:49 GMT
bidder.js
int.special-trending-news.com/plugin/js/
15 KB
6 KB
Script
General
Full URL
https://int.special-trending-news.com/plugin/js/bidder.js
Requested by
Host: int.special-trending-news.com
URL: https://int.special-trending-news.com/common/content/special-contentforyou.php?affid=bid_+30555&subid=1041905-4038682438-0&sClient=1&r=1658793289.0.6595990818037012&tn=1200&tx=1800
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.227.149.216 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
d3a7350f32ae624e1d340bbfe32400930c4b75e5c5860f65351d31a0ee4d8377
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://int.special-trending-news.com/common/content/special-contentforyou.php?affid=bid_+30555&subid=1041905-4038682438-0&sClient=1&r=1658793289.0.6595990818037012&tn=1200&tx=1800
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 25 Jul 2022 23:54:49 GMT
content-encoding
gzip
vary
Accept-Encoding
last-modified
Mon, 04 Jul 2022 17:04:55 GMT
server
nginx
etag
W/"62c31db7-3b60"
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=2592000
expires
Wed, 24 Aug 2022 23:54:49 GMT
bidder-interval.js
int.special-trending-news.com/plugin/js/
8 KB
3 KB
Script
General
Full URL
https://int.special-trending-news.com/plugin/js/bidder-interval.js
Requested by
Host: int.special-trending-news.com
URL: https://int.special-trending-news.com/common/content/special-contentforyou.php?affid=bid_+30555&subid=1041905-4038682438-0&sClient=1&r=1658793289.0.6595990818037012&tn=1200&tx=1800
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.227.149.216 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
4fcf63aeecc00b000351d5b887fb4cc3dc9b6bc97cb7852734864852b7797226
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://int.special-trending-news.com/common/content/special-contentforyou.php?affid=bid_+30555&subid=1041905-4038682438-0&sClient=1&r=1658793289.0.6595990818037012&tn=1200&tx=1800
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 25 Jul 2022 23:54:49 GMT
content-encoding
gzip
vary
Accept-Encoding
last-modified
Thu, 16 Jun 2022 13:19:20 GMT
server
nginx
etag
W/"62ab2dd8-1f27"
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=2592000
expires
Wed, 24 Aug 2022 23:54:49 GMT
client
wbidder2.com/offer/
2 KB
708 B
Fetch
General
Full URL
https://wbidder2.com/offer/client?affid=onw_bid_%2B30555&subid=1041905-4038682438-0&days=8
Requested by
Host: int.special-trending-news.com
URL: https://int.special-trending-news.com/plugin/js/bidder.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.48.112.55 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
b9deb06d217d5ee183a6492df691160127aedbdadfcfdcc38a948e8009e4ae68

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 25 Jul 2022 23:54:49 GMT
content-encoding
gzip
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
offerwall.clickpush.com.964329.es6.js
jsc.adskeeper.co.uk/o/f/
263 KB
79 KB
Script
General
Full URL
https://jsc.adskeeper.co.uk/o/f/offerwall.clickpush.com.964329.es6.js
Requested by
Host: jsc.adskeeper.co.uk
URL: https://jsc.adskeeper.co.uk/o/f/offerwall.clickpush.com.964329.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.27.174 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a1f5300d5b4d375485ecd15ae1ffb99dd722d01bbe68e07f3e26f6272e2671ef

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 25 Jul 2022 23:54:49 GMT
content-encoding
gzip
cf-cache-status
HIT
age
4648
cf-ray
7308d2ac5b03b704-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
80625
x-amz-id-2
y4kfmZPkz6C92CGlfF+zHxyUvX7wqm4FAcWX14ZSx0rq/G061XzBQfDQliXqdHAhx7v247MjNsk=
last-modified
Mon, 18 Jul 2022 10:49:39 GMT
server
cloudflare
etag
"b6be6d320d339ffcc1455ea61cf21fed"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-request-id
4PXZPFF4WZB6MGXH
cache-control
public, max-age=14400
x-amz-version-id
Kl1BBx_IGN5yo8iZ278Z7Zt5i.dNOXPo
accept-ranges
bytes
content-type
text/javascript
expires
Tue, 26 Jul 2022 03:54:49 GMT
23b0f201-f7d5-4e24-9b30-9432c2811a79
https://int.special-trending-news.com/
0
0
Other
General
Full URL
blob:https://int.special-trending-news.com/23b0f201-f7d5-4e24-9b30-9432c2811a79
Requested by
Host: int.special-trending-news.com
URL: https://int.special-trending-news.com/common/content/special-contentforyou.php?affid=bid_+30555&subid=1041905-4038682438-0&sClient=1&r=1658793289.0.6595990818037012&tn=1200&tx=1800
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Length
0
Content-Type
text/javascript
4ec697cd-ad8f-4fa7-9132-01827a35e3c7
https://int.special-trending-news.com/
245 B
0
Other
General
Full URL
blob:https://int.special-trending-news.com/4ec697cd-ad8f-4fa7-9132-01827a35e3c7
Requested by
Host: int.special-trending-news.com
URL: https://int.special-trending-news.com/common/content/special-contentforyou.php?affid=bid_+30555&subid=1041905-4038682438-0&sClient=1&r=1658793289.0.6595990818037012&tn=1200&tx=1800
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d68edf3c87c6a6d87223649e8162ef1584ea6faad6f20e80fdd5f72c21b16a17

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Length
245
Content-Type
text/javascript
/
c.adskeeper.co.uk/pv/
0
186 B
Script
General
Full URL
https://c.adskeeper.co.uk/pv/?pv=5&src_id=bid_%2030555&cbuster=1658793289804429628805&uniqId=0deda&lct=1658102400&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Fint.special-trending-news.com%2Fcommon%2Fcontent%2Fspecial-contentforyou.php%3Faffid%3Dbid_%2B30555%26subid%3D1041905-4038682438-0%26sClient%3D1%26r%3D1658793289.0.6595990818037012%26tn%3D1200%26tx%3D1800&lu=https%3A%2F%2Fint.special-trending-news.com%2Fcommon%2Fcontent%2Fspecial-contentforyou.php%3Faffid%3Dbid_%2B30555%26subid%3D1041905-4038682438-0%26sClient%3D1%26r%3D1658793289.0.6595990818037012%26tn%3D1200%26tx%3D1800&sessionId=62df2d4a-181aa&pageView=1&pvid=18237c8e84db5819671&site=613482&implVersion=11&dpr=1
Requested by
Host: jsc.adskeeper.co.uk
URL: https://jsc.adskeeper.co.uk/o/f/offerwall.clickpush.com.964329.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.27.174 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://int.special-trending-news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 25 Jul 2022 23:54:49 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7308d2ad6badb704-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
fd88e8cc-8dce-48cb-9545-b7b7cd3fcb99
https://int.special-trending-news.com/
1 KB
0
Media
General
Full URL
blob:https://int.special-trending-news.com/fd88e8cc-8dce-48cb-9545-b7b7cd3fcb99
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Range
bytes=0-

Response headers

Content-Range
bytes 0-1492/1493
Content-Length
1493
Content-Type
video/mp4
adskeeper_svg.svg
cdn.adskeeper.co.uk/images/
4 KB
1 KB
Image
General
Full URL
https://cdn.adskeeper.co.uk/images/adskeeper_svg.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.27.174 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c1798ee0e6e7de78f91bb457e6670385951caea9fc9c97295ca303ec6fe49be

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 25 Jul 2022 23:54:49 GMT
content-encoding
gzip
cf-cache-status
HIT
age
2349
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
CPESVA9VNWP38SZX
x-amz-id-2
ukUERCkECh+CTRwW6IbeAqPosNJNlyGoyUJj/NjLh8f2x4newo65pRIZO8fTB4yyiCKAs+GxUeE=
last-modified
Tue, 08 Dec 2020 08:34:59 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1607416491/ctime:1607416491/gid:0/gname:root/md5:93f6d1136fb77e38a0a2c72108588f09/mode:33206/mtime:1607416491/uid:0/uname:root
etag
W/"93f6d1136fb77e38a0a2c72108588f09"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=14400
x-amz-version-id
null
cf-ray
7308d2ad8c6cb90f-AMS
expires
Tue, 26 Jul 2022 03:54:49 GMT
1
servicer.adskeeper.co.uk/964329/
5 KB
2 KB
Script
General
Full URL
https://servicer.adskeeper.co.uk/964329/1?pv=5&src_id=bid_%2030555&cbuster=1658793289869306021976&uniqId=0deda&lct=1658102400&niet=4g&nisd=false&jsv=es6&mp4=1&ap=1&w=1584&h=885&cols=3&ref=&cxurl=https%3A%2F%2Fint.special-trending-news.com%2Fcommon%2Fcontent%2Fspecial-contentforyou.php%3Faffid%3Dbid_%2B30555%26subid%3D1041905-4038682438-0%26sClient%3D1%26r%3D1658793289.0.6595990818037012%26tn%3D1200%26tx%3D1800&lu=https%3A%2F%2Fint.special-trending-news.com%2Fcommon%2Fcontent%2Fspecial-contentforyou.php%3Faffid%3Dbid_%2B30555%26subid%3D1041905-4038682438-0%26sClient%3D1%26r%3D1658793289.0.6595990818037012%26tn%3D1200%26tx%3D1800&sessionId=62df2d4a-181aa&pageView=1&pvid=18237c8e84db5819671&implVersion=11&dpr=1
Requested by
Host: jsc.adskeeper.co.uk
URL: https://jsc.adskeeper.co.uk/o/f/offerwall.clickpush.com.964329.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.27.174 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
568773b65a6352f5c7dea4b2ec436b5e6fa0f9e985e10f19ac5fb2b63b7cc8c9

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://int.special-trending-news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 25 Jul 2022 23:54:49 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cf-ray
7308d2addd0eb90f-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
adskeeper_svg.svg
cdn.adskeeper.co.uk/images/
4 KB
2 KB
Image
General
Full URL
https://cdn.adskeeper.co.uk/images/adskeeper_svg.svg
Requested by
Host: jsc.adskeeper.co.uk
URL: https://jsc.adskeeper.co.uk/o/f/offerwall.clickpush.com.964329.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.27.174 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c1798ee0e6e7de78f91bb457e6670385951caea9fc9c97295ca303ec6fe49be

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 25 Jul 2022 23:54:49 GMT
content-encoding
gzip
cf-cache-status
HIT
age
6051
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
NJS61QFZ1DEM484Q
x-amz-id-2
QD3sXvb0WXOpkp6Y6YE03h5uZ3k81edm+1/yZIOKiMh7I88X3KdBNk8+ATf6ScJ26jAjD4DD2zM=
last-modified
Tue, 08 Dec 2020 08:34:59 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1607416491/ctime:1607416491/gid:0/gname:root/md5:93f6d1136fb77e38a0a2c72108588f09/mode:33206/mtime:1607416491/uid:0/uname:root
etag
W/"93f6d1136fb77e38a0a2c72108588f09"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=14400
x-amz-version-id
null
cf-ray
7308d2ae4c29b704-AMS
expires
Tue, 26 Jul 2022 03:54:49 GMT
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX3h5X2NlbnRlcixxX2F1dG86Z29vZCx3XzEwMjAseF8yODQseV8zMDQvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjItMDYvM...
s-img.adskeeper.co.uk/g/13268982/492x328/-/
25 KB
25 KB
Image
General
Full URL
https://s-img.adskeeper.co.uk/g/13268982/492x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX3h5X2NlbnRlcixxX2F1dG86Z29vZCx3XzEwMjAseF8yODQseV8zMDQvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjItMDYvMTAxOTI0L2U0YzI5ZTYwMjVlZjE1ODY1NzY5OTE4YmZhNTQxNDM0LmpwZw.webp?v=1658793289-ik740qx69px79tnzaGkMBwDE_FPdHKPQK4ODLAIqSAQ
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
43271784841ca0d31ec7734537945fb926cfe14af3d2aa38fb96e8b65e778c47

Request headers

Referer
Origin
https://int.special-trending-news.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-id
dc3-up-gc33, fr5-up-gc34
date
Mon, 25 Jul 2022 23:54:50 GMT
last-modified
Thu, 16 Jun 2022 11:45:12 GMT
x-mg-request-uuid
50e2571c-b36c-45c1-a1c6-cd6f72dcc1d3
x-cached-since
2022-06-16T11:46:59+00:00, 2022-06-16T11:50:57+00:00
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
cache
HIT, HIT
accept-ranges
bytes
content-length
25308
server
nginx
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDUvMTAxOTI0LzM0NDEyOTg1Y2NjOTY3YmUzZTA3MDBkZDBlZWMwNjcxLmpwZWc.webp
s-img.adskeeper.co.uk/g/3805654/492x328/0x34x603x402/
16 KB
17 KB
Image
General
Full URL
https://s-img.adskeeper.co.uk/g/3805654/492x328/0x34x603x402/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDUvMTAxOTI0LzM0NDEyOTg1Y2NjOTY3YmUzZTA3MDBkZDBlZWMwNjcxLmpwZWc.webp?v=1658793289-eh-lwguuVAxtEoBONT-lv4Sjxdr8sj7KHD2Zs9EbNHs
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
aead0ee9af1c14f5c50639fa9965cd94acdc44a1977b0f2335fb6bd0ff23f604

Request headers

Referer
Origin
https://int.special-trending-news.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-id
dc3-up-gc33, fr5-up-gc15
date
Mon, 25 Jul 2022 23:54:50 GMT
last-modified
Thu, 11 Nov 2021 15:57:16 GMT
x-mg-request-uuid
438cf7c5-f39a-4ddc-9acf-8a912678bd01
x-cached-since
2022-06-07T09:19:12+00:00, 2022-07-05T13:12:28+00:00
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
cache
HIT, HIT
accept-ranges
bytes
content-length
16866
server
nginx
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX3h5X2NlbnRlcixxX2F1dG86Z29vZCx3XzEwMjAseF8xMjY3LHlfNzI1L2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIyLTA2L...
s-img.adskeeper.co.uk/g/13268959/492x328/-/
20 KB
20 KB
Image
General
Full URL
https://s-img.adskeeper.co.uk/g/13268959/492x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX3h5X2NlbnRlcixxX2F1dG86Z29vZCx3XzEwMjAseF8xMjY3LHlfNzI1L2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIyLTA2LzEwMTkyNC9iNGViM2ZlOGVkNWMzYmI1NDBkMzQ3NjFkMjAxZjQ2Yy5qcGVn.webp?v=1658793289-xsAQN0kStTFnBxpyeZvMKFPAcv16LfM9jhw2W-CPCKs
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
127a5893d24bc53455f64da921f0452b66d10dcb6a54ff084e4b129dface1eb4

Request headers

Referer
Origin
https://int.special-trending-news.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-id
dc3-up-gc33, fr5-up-gc28
date
Mon, 25 Jul 2022 23:54:50 GMT
last-modified
Thu, 16 Jun 2022 11:46:38 GMT
x-mg-request-uuid
d0c6a56a-5ad8-48ba-81a5-569e04b064c0
x-cached-since
2022-06-16T11:50:06+00:00, 2022-06-16T12:08:22+00:00
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
cache
HIT, HIT
accept-ranges
bytes
content-length
20620
server
nginx
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDYvMTAxOTI0Lzg0ODcwNDVlZDczODM4ZDQzMGIyNGQ5NGRhODRhYTZhLmpwZWc.webp
s-img.adskeeper.co.uk/g/6288119/492x328/0x55x642x428/
13 KB
14 KB
Image
General
Full URL
https://s-img.adskeeper.co.uk/g/6288119/492x328/0x55x642x428/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDYvMTAxOTI0Lzg0ODcwNDVlZDczODM4ZDQzMGIyNGQ5NGRhODRhYTZhLmpwZWc.webp?v=1658793289-6VcAT4ecinyLbDKaa2Z2msv9WYgok8EUl-okrUmXbck
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
dd8b8d2b0aa29bfe8c19f8ce897312273d85f057102957dbf3ebe3dfa641a50a

Request headers

Referer
Origin
https://int.special-trending-news.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-id
dc3-up-gc33, fr5-up-gc17
date
Mon, 25 Jul 2022 23:54:50 GMT
last-modified
Thu, 11 Nov 2021 15:58:47 GMT
x-mg-request-uuid
39930e40-84b7-456b-8f33-0a244f9e189b
x-cached-since
2022-06-07T09:17:00+00:00, 2022-07-05T13:13:31+00:00
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
cache
HIT, HIT
accept-ranges
bytes
content-length
13698
server
nginx
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIyLTA1LzEwMTkyNC9mNmVlZ...
s-img.adskeeper.co.uk/g/13054720/492x328/-/
17 KB
17 KB
Image
General
Full URL
https://s-img.adskeeper.co.uk/g/13054720/492x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIyLTA1LzEwMTkyNC9mNmVlZWJlYjdlZWU5OTlkZWExNDNiYjVlZDA1MGRmYS5qcGVn.webp?v=1658793289-rgCbXuP7BMUxIfsz04QjvULuCj1lQUpC5zOa-BpHYwQ
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
3de2447571c2d39df1a5f2cd9b32d2ee33795ff8c996261865e8f619c788d41d

Request headers

Referer
Origin
https://int.special-trending-news.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-id
dc3-up-gc8, fr5-up-gc29
date
Mon, 25 Jul 2022 23:54:50 GMT
last-modified
Wed, 25 May 2022 11:55:37 GMT
x-mg-request-uuid
01e34ebb-e53e-438a-8be5-68aa33d39bb5
x-cached-since
2022-06-07T09:19:18+00:00, 2022-06-07T09:38:29+00:00
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
cache
HIT, HIT
accept-ranges
bytes
content-length
17728
server
nginx
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTExLzEwMTkyNC84YWQ5ZGRhODY4YjFlZmY1M...
s-img.adskeeper.co.uk/g/11533326/492x328/-/
14 KB
15 KB
Image
General
Full URL
https://s-img.adskeeper.co.uk/g/11533326/492x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTExLzEwMTkyNC84YWQ5ZGRhODY4YjFlZmY1MjMwOTQ1MGFlNGQ2ZjIyZi5wbmc.webp?v=1658793289-2YW0NEDyNrU1igeUyhA4T14PyXkIMcFons9qMotd67s
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
3727966cd2c2249977ca70e613d92e12dbc0990ff115d492664d2c0149a027b0

Request headers

Referer
Origin
https://int.special-trending-news.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-id
dc3-up-gc33, fr5-up-gc28
date
Mon, 25 Jul 2022 23:54:50 GMT
last-modified
Wed, 01 Dec 2021 12:24:15 GMT
x-mg-request-uuid
29064346-d4df-4970-b4b2-4d38e6d316d0
x-cached-since
2022-06-07T09:19:05+00:00, 2022-06-07T09:47:33+00:00
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
cache
HIT, HIT
accept-ranges
bytes
content-length
14724
server
nginx
int_exchange_wages_src.svg
cdn.adskeeper.co.uk/images/adskeeper/
855 B
964 B
Image
General
Full URL
https://cdn.adskeeper.co.uk/images/adskeeper/int_exchange_wages_src.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.27.174 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bf48ab5bd0aa94e42a820a7714971f4e29b680774aac08b4bd0ae1cf21b16167

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 25 Jul 2022 23:54:49 GMT
content-encoding
gzip
cf-cache-status
HIT
age
2748
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
F1R1PVDVY1YHYK5Y
x-amz-id-2
2yWDlkhL80CVoQJ9THBWT+P67YEH+PmjjP1k03nL6NJXz7d9VUWmRWAeVfpR5JUxvDrw9e8d5dQ=
last-modified
Mon, 04 May 2020 12:16:42 GMT
server
cloudflare
etag
W/"8a4c1edaf146a31549d5287a7ab74b63"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=14400
x-amz-version-id
null
cf-ray
7308d2ae6c40b704-AMS
expires
Tue, 26 Jul 2022 03:54:49 GMT
int_exchange_wages_ad.svg
cdn.adskeeper.co.uk/images/adskeeper/
1 KB
1013 B
Image
General
Full URL
https://cdn.adskeeper.co.uk/images/adskeeper/int_exchange_wages_ad.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.27.174 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
096a4bb9d7f8588a8520d57f103bdf0dae273af88fc0265371124c048bff7b05

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 25 Jul 2022 23:54:49 GMT
content-encoding
gzip
cf-cache-status
HIT
age
3708
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
BY4WXQF2C0VDCDN3
x-amz-id-2
H637dOf99MX+y/Y9wvevF9FT2CeMhoEWqO8kjokAzLKsAKFZTkH3RP25pA8PJdmie4ejh5GNNQw=
last-modified
Mon, 04 May 2020 12:16:42 GMT
server
cloudflare
etag
W/"37346cd2daeeec771e8ffe3a34ef43ea"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=14400
x-amz-version-id
null
cf-ray
7308d2ae6c41b704-AMS
expires
Tue, 26 Jul 2022 03:54:49 GMT
i.js
cm.adskeeper.co.uk/
0
125 B
Script
General
Full URL
https://cm.adskeeper.co.uk/i.js?&cbuster=1658793289975820266128
Requested by
Host: jsc.adskeeper.co.uk
URL: https://jsc.adskeeper.co.uk/o/f/offerwall.clickpush.com.964329.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.27.174 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Jul 2022 23:54:50 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, max-age=0
cf-ray
7308d2ae8dcfb90f-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
i-noref.js
cm.adskeeper.co.uk/ Frame 35D6
0
38 B
Script
General
Full URL
https://cm.adskeeper.co.uk/i-noref.js?cbuster=1658793289988927068676
Requested by
Host: jsc.adskeeper.co.uk
URL: https://jsc.adskeeper.co.uk/o/f/offerwall.clickpush.com.964329.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.27.174 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Jul 2022 23:54:50 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, max-age=0
cf-ray
7308d2ae8dd8b90f-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
c
c.adskeeper.co.uk/
43 B
279 B
Image
General
Full URL
https://c.adskeeper.co.uk/c?f=1&pv=3&v=512|403|12|EmqnNIX_cd_FrTtOCC0TBZjx-8I49bj_7UKcDKYpoqF-aYIaYbY9wbEbFLCtxLrrvCxgIrQ9OcavWwZWtTr6KA**&fw=1&extjs=66044&v=512|403|12|EmqnNIX_cd_FrTtOCC0TBfZRM6sWmUzJIfrzc1pjAzUZGquBLueTU0vtt7lxLyZiB3o2oQyni5VcM0wySM232Q**&v=512|403|12|EmqnNIX_cd_FrTtOCC0TBd_Pjv--C8HYTF6lfGY5utHgb5l5Ljhjcer9F6mKKi4Nzny2GUSKpNV5urckYE4EGw**&v=512|381|12|EmqnNIX_cd_FrTtOCC0TBa6ozzzZh1-JLwFYA9U0aeHEbg53EDAGjwExf2wBU-WYQLoXfkyqv64yL2sv97Nrkw**&v=512|381|12|EmqnNIX_cd_FrTtOCC0TBa3Ui_SXzD-aBCV7tEQ85f8izvmJJkyUrc2FGBbJ15J5am-RwRIoTDSrF3266jF_vQ**&v=512|381|12|EmqnNIX_cd_FrTtOCC0TBU2uj7NLt0ocrfnAnR_M1n70Ukhppj0b1tp8PCpJXyHF55XoG6ITtSBp9AR5qAzeMw**&cid=964329&h2=rxFlexBzE_zhJnata_ZVfxl6iGqttv2K4WhjkwnpzEA*&rid=2b843c56-0c75-11ed-a365-e43d1a2a96ea&tt=Direct&iv=11&pageImp=1&pvid=18237c8e84db5819671&cbuster=1658793291193407170712
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.27.174 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 25 Jul 2022 23:54:51 GMT
cf-cache-status
DYNAMIC
x-mg-request-uuid
b092e48b-ae55-42f9-a3a0-84f2f30a93e1
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif
cf-ray
7308d2b608d0b704-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
server
cloudflare
client
wbidder2.com/offer/
5 KB
1 KB
Fetch
General
Full URL
https://wbidder2.com/offer/client?affid=onw_bid_%2B30555&subid=1041905-4038682438-0&days=8&count=3&adult=undefined
Requested by
Host: int.special-trending-news.com
URL: https://int.special-trending-news.com/plugin/js/bidder.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.48.112.55 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
441f3295f280ba4f5ea98678baa1948f198e16788f1d147f3e6ddf557697a87c

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 25 Jul 2022 23:54:52 GMT
content-encoding
gzip
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
client
wbidder2.com/offer/
6 KB
1 KB
Fetch
General
Full URL
https://wbidder2.com/offer/client?affid=onw_bid_%2B30555&subid=1041905-4038682438-0&days=8&count=4&adult=undefined
Requested by
Host: int.special-trending-news.com
URL: https://int.special-trending-news.com/plugin/js/bidder-interval.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.48.112.55 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
399b43c50a86fe72d165adacaeb8e1dd770d8fe688ea86369ddf0e21ee8a22a6

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 25 Jul 2022 23:54:52 GMT
content-encoding
gzip
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
client
wbidder2.com/offer/
6 KB
1 KB
Fetch
General
Full URL
https://wbidder2.com/offer/client?affid=onw_bid_%2B30555&subid=1041905-4038682438-0&days=8&count=4&adult=undefined
Requested by
Host: int.special-trending-news.com
URL: https://int.special-trending-news.com/plugin/js/bidder-interval.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.48.112.55 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
dca5a15e2ed5eb3ea326ee9fbf0165cddfbeab740e7555122b693afbde51b1bb

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 25 Jul 2022 23:54:52 GMT
content-encoding
gzip
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
client
wbidder2.com/offer/
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
whos.amung.us
URL
https://whos.amung.us/swidget/popmyads.png
Domain
jpgyub.com
URL
https://jpgyub.com/dsp/ph/icm?aid=13711235275738336892&mid=0&sid=1399&t=1658793289&subid=bid-%2030555
Domain
rhaxpy.com
URL
https://rhaxpy.com/dsp/ph/icm?aid=15017947017277294690&mid=0&sid=1399&t=1658793289&subid=bid-30731
Domain
s-img.adskeeper.co.uk
URL
https://s-img.adskeeper.co.uk/g/12578194/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2dpZixmbF9sb3NzeSxnX2ZhY2VzOmF1dG8sd180ODAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjItMDIvMTAxOTI0LzQ1YzlkZTdlZWVmMTIxYWJjZjYyZTU5YjdlNjZjOTFiLmdpZg.gif?v=1658793289-Fx3PGfFiGCYf0bXlktTmx2nYWn0YsWshYp6tcqx4UAA
Domain
wbidder2.com
URL
https://wbidder2.com/offer/client?affid=onw_bid_%2B30555&subid=1041905-4038682438-0&days=8&count=3&adult=undefined

Verdicts & Comments Add Verdict or Comment

45 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation string| s1 object| _0x187e function| _0x1009 function| ownKeys function| _objectSpread function| _defineProperty function| asyncGeneratorStep function| _asyncToGenerator function| _slicedToArray function| _nonIterableRest function| _unsupportedIterableToArray function| _arrayLikeToArray function| _iterableToArrayLimit function| _arrayWithHoles function| getBidderUrl number| chromeVersion object| _mgIntExchangeNews object| AdskeeperInfC964329 boolean| mg_loaded_613482_964329 object| onClickExcludes function| mgReject964329 function| mgLoadAds964329_0deda function| AdskeeperCReject964329 function| AdskeeperLoadGoods964329_0deda object| _mgq function| _mgqp number| _mgqt number| _mgqi object| _mgPageViewEndPoint613482 string| _mgCanonicalUri object| _mgPageView613482 string| _mgPvid boolean| i.js.loaded boolean| i-noref.js.loaded object| _mgwcapping object| _mgPageImp613482

10 Cookies

Domain/Path Name / Value
monkey.redirectmaster.com/ Name: u
Value: b00601b66792e6ec7370552cbbf0413f
admoustache.go2affise.com/ Name: afclick
Value: 62df2d4525a6940001969705
.go.ts-tracker.me/ Name: 15GIEAo
Value: 1
.go.ts-tracker.me/ Name: pc-cid
Value: 23322e42a2dab2a6b3fa725c1b0c6d1d-4888-0725
.go.ts-tracker.me/ Name: pc-campaign
Value: 15GIEA
.trk.cpvlabtrk.online/ Name: 15GtmVo
Value: 1
.trk.cpvlabtrk.online/ Name: pc-cid
Value: 9aa0ed67e467f88100f22919e40eb412-4888-0725
.trk.cpvlabtrk.online/ Name: pc-campaign
Value: 15GtmV
.mgid.com/ Name: __cf_bm
Value: 19g26mTUVzT6tnK3kKZJRAPt3Lb_f5VQ8kBnF2Empik-1658793289-0-AYX0AavV1N66YRKyL6bMTqosDDGfactIqyqJm5fh0g2F6veELIGgI5fapWn1sY6pOnJrqsaDUeiHQhbocDGNa+0=
int.special-trending-news.com/ Name: AdskeeperStorage
Value: %7B%220%22%3A%7B%22svspr%22%3A%22%22%2C%22svsds%22%3A1%7D%2C%22C964329%22%3A%7B%22page%22%3A1%2C%22time%22%3A1658793289950%7D%7D

1 Console Messages

Source Level URL
Text
other error URL: https://celeb-secret-trends.com/lp/y-arrow/?cp=9&tag=%2030555&tag1=musicplayer&tag2=1041905-4038682438-0&tag3=%2030555&tag4=dating&clickid=23322e42a2dab2a6b3fa725c1b0c6d1d-4888-0725&device=Desktop&brand=Desktop&model=Desktop&country=NL&affid=%2030555&subid=1041905-4038682438-0&ln=nl&cid=16587932880533501579003960313997743&useragent={var:useragent}&ip=2a00:1630:2:1c03::12&bv=Chrome%20103&as=pc&gf=12
Message:
Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubdomains;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1ie.ca
48.us.tealwinds.xyz
admoustache.go2affise.com
c.adskeeper.co.uk
c.mgid.com
cdn.adskeeper.co.uk
celeb-secret-trends.com
clk.wbidder2.com
cm.adskeeper.co.uk
cola.labtrffc.com
crtv.wboptim.online
f.acebook.watch
go.ts-tracker.me
int.special-trending-news.com
jpgyub.com
jsc.adskeeper.co.uk
monkey.redirectmaster.com
polo.thegadgetguru.club
popmyads.com
redir.silverwinds.xyz
rhaxpy.com
s-img.adskeeper.co.uk
s-img.mgid.com
servicer.adskeeper.co.uk
t3.goldensevenseas.net
trk.cpvlabtrk.online
wbidder2.com
whos.amung.us
www.linkonclick.com
www.offermyvist.com
jpgyub.com
rhaxpy.com
s-img.adskeeper.co.uk
wbidder2.com
whos.amung.us
104.18.27.174
104.19.132.78
162.0.217.76
213.227.145.132
213.227.149.216
23.235.251.114
2603:1020:c01:2::19
2a03:90c0:41:2801::254
2a06:98c1:3121::3
34.147.1.177
35.186.193.41
37.48.112.55
51.161.115.163
51.68.81.31
51.83.143.92
64.227.23.114
67.205.182.5
85.17.31.90
95.168.170.165
99.198.108.194
096a4bb9d7f8588a8520d57f103bdf0dae273af88fc0265371124c048bff7b05
0c1ec20cebee238e4fa9aa825a6d5005a429fb7fcd3ef4c741c9e85e748adfc7
127a5893d24bc53455f64da921f0452b66d10dcb6a54ff084e4b129dface1eb4
1f3b01223f7d4813b15696b43ce525db2a3d31c7632fe2a108ea9566d32bc65a
3727966cd2c2249977ca70e613d92e12dbc0990ff115d492664d2c0149a027b0
399b43c50a86fe72d165adacaeb8e1dd770d8fe688ea86369ddf0e21ee8a22a6
3c1798ee0e6e7de78f91bb457e6670385951caea9fc9c97295ca303ec6fe49be
3de2447571c2d39df1a5f2cd9b32d2ee33795ff8c996261865e8f619c788d41d
3e0c01a6c467139034e28e06b14cfe72288008d377ef4c02219210058973a72a
3f0014f83976d1cf838ba0bb0dd7b9150457ebc601c4f6840d8e16620c12ad5b
4261f5b9b560c04a5b01559c45547e64f80f412e364d11520e2f8e70bdfc3978
43271784841ca0d31ec7734537945fb926cfe14af3d2aa38fb96e8b65e778c47
441f3295f280ba4f5ea98678baa1948f198e16788f1d147f3e6ddf557697a87c
44732c891c3fffbf3ec24e05f43fb59908ed9e467f35f424f71a45a649f78f01
4622db92c9f187856841ddcfcaedb27507f67afe40bb0a6fca9fa33d9c4a8868
4fcf63aeecc00b000351d5b887fb4cc3dc9b6bc97cb7852734864852b7797226
568773b65a6352f5c7dea4b2ec436b5e6fa0f9e985e10f19ac5fb2b63b7cc8c9
60860870553d890ca65cade394c1e818e9a2281422863bded50449582b5d6a36
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda
6d28613dc81532efccdf3913078a6d90c6fb7d92fbd956fca3e7c3f07cc5db36
7ffbc5613ad711543dc07ae92ea8a151ed27fa356f0a591181910f4270b2e908
a1f5300d5b4d375485ecd15ae1ffb99dd722d01bbe68e07f3e26f6272e2671ef
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aead0ee9af1c14f5c50639fa9965cd94acdc44a1977b0f2335fb6bd0ff23f604
b9deb06d217d5ee183a6492df691160127aedbdadfcfdcc38a948e8009e4ae68
bf48ab5bd0aa94e42a820a7714971f4e29b680774aac08b4bd0ae1cf21b16167
d3a7350f32ae624e1d340bbfe32400930c4b75e5c5860f65351d31a0ee4d8377
d68edf3c87c6a6d87223649e8162ef1584ea6faad6f20e80fdd5f72c21b16a17
dca5a15e2ed5eb3ea326ee9fbf0165cddfbeab740e7555122b693afbde51b1bb
dd8b8d2b0aa29bfe8c19f8ce897312273d85f057102957dbf3ebe3dfa641a50a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea8d074475a237fc34ae2ed9415f0faa805968e5747b685873841dca68c9042a