click-on-this.art Open in urlscan Pro
213.227.149.216 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://chat-grupwhatsapp-viral.se.ke/
Effective URL:
https://click-on-this.art/gif-lp/3/?tag=999762&tag1=musicplayer&tag2=2266483-2658448306-0&tag3=999762&tag4=dating&clickid=...
Submission: On August 27 via automatic, source twitter_securereload (August 27th 2021, 8:03:59 am UTC)

Summary HTTP 25 Redirects Behaviour Indicators

Summary

This website contacted 8 IPs in 5 countries across 13 domains to perform 25 HTTP transactions. The main IP is 213.227.149.216, located in Netherlands and belongs to LEASEWEB-NL-AMS-01 Netherlands, NL. The main domain is click-on-this.art.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G2 on November 9th 2020. Valid for: a year.

This is the only time click-on-this.art was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2a0b:1640:1:1... 2a0b:1640:1:1:1:1:c45:4c4f	205787 (PUBLICLOUD) (PUBLICLOUD)
1 1	13.225.87.117 13.225.87.117	16509 (AMAZON-02) (AMAZON-02)
1 1	2001:41d0:203... 2001:41d0:203:2511::3	16276 (OVH) (OVH)
1	35.201.127.73 35.201.127.73	15169 (GOOGLE) (GOOGLE)
2 2	35.201.117.228 35.201.117.228	15169 (GOOGLE) (GOOGLE)
1 1	2400:6180:100... 2400:6180:100:d0::a68:1001	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
6	213.227.149.216 213.227.149.216	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
2	67.27.157.250 67.27.157.250	3356 (LEVEL3) (LEVEL3)
7	5.79.69.65 5.79.69.65	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1	213.227.152.225 213.227.152.225	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
3 3	5.79.77.202 5.79.77.202	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
2 6	104.19.130.80 104.19.130.80	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 3	104.19.136.78 104.19.136.78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
25	8

1 2a0b:1640:1:1:1:1:c45:4c4f (Bulgaria) 1 redirects

ASN205787 (PUBLICLOUD, BG)

chat-grupwhatsapp-viral.se.ke	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.87.117 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-225-87-117.fra2.r.cloudfront.net

elevisions.biz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:41d0:203:2511::3 (France) 1 redirects

ASN16276 (OVH, FR)

tm-offers.gamingadult.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.201.127.73 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 73.127.201.35.bc.googleusercontent.com

www.trafyield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.201.117.228 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 228.117.201.35.bc.googleusercontent.com

dexchangeinc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2400:6180:100:d0::a68:1001 (Bengaluru, India) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

track.free-coupons.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 213.227.149.216 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

special-offers.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
click-on-this.art	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
free-coupons.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 67.27.157.250 (United States)

ASN3356 (LEVEL3, US)

cdn.special-offers.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 5.79.69.65 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

wbidr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.227.152.225 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

wbidder.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 5.79.77.202 (Netherlands) 3 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

crtv.wboptim.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.19.130.80 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

c.adskeeper.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s-img.adskeeper.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.19.136.78 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

c.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s-img.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	wbidr.com wbidr.com	10 KB
6	adskeeper.co.uk 2 redirects c.adskeeper.co.uk s-img.adskeeper.co.uk	68 KB
4	free-coupons.network 1 redirects track.free-coupons.network free-coupons.network	107 KB
3	mgid.com 1 redirects c.mgid.com s-img.mgid.com	14 KB
3	wboptim.online 3 redirects crtv.wboptim.online	2 KB
3	special-offers.online special-offers.online cdn.special-offers.online	394 KB
2	click-on-this.art click-on-this.art	13 KB
2	dexchangeinc.com 2 redirects dexchangeinc.com	1 KB
1	wbidder.online wbidder.online	1 KB
1	trafyield.com www.trafyield.com	3 KB
1	gamingadult.com 1 redirects tm-offers.gamingadult.com	144 B
1	elevisions.biz 1 redirects elevisions.biz	654 B
1	se.ke 1 redirects chat-grupwhatsapp-viral.se.ke	219 B
25	13

	Domain	Requested by
7	wbidr.com	click-on-this.art
4	s-img.adskeeper.co.uk	click-on-this.art
3	crtv.wboptim.online	3 redirects
3	free-coupons.network	click-on-this.art
2	s-img.mgid.com
2	c.adskeeper.co.uk	2 redirects
2	cdn.special-offers.online	click-on-this.art
2	click-on-this.art	special-offers.online click-on-this.art
2	dexchangeinc.com	2 redirects
1	c.mgid.com	1 redirects
1	wbidder.online	free-coupons.network
1	special-offers.online	www.trafyield.com
1	track.free-coupons.network	1 redirects
1	www.trafyield.com
1	tm-offers.gamingadult.com	1 redirects
1	elevisions.biz	1 redirects
1	chat-grupwhatsapp-viral.se.ke	1 redirects
25	17

This site contains no links.

Subject Issuer	Validity	Valid
*.special-offers.online AlphaSSL CA - SHA256 - G2	`2021-08-09` - `2022-09-10`	a year	crt.sh
*.click-on-this.art AlphaSSL CA - SHA256 - G2	`2020-11-09` - `2021-12-11`	a year	crt.sh
*.free-coupons.network AlphaSSL CA - SHA256 - G2	`2021-03-08` - `2022-04-09`	a year	crt.sh
*.wbidr.com AlphaSSL CA - SHA256 - G2	`2021-03-06` - `2022-04-07`	a year	crt.sh
*.wbidder.online AlphaSSL CA - SHA256 - G2	`2021-03-06` - `2022-04-07`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-11` - `2022-06-10`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://click-on-this.art/gif-lp/3/?tag=999762&tag1=musicplayer&tag2=2266483-2658448306-0&tag3=999762&tag4=dating&clickid=daa84911dacfc5380366f46b385596fe-4888-0827&device=Desktop&brand=Desktop&model=Desktop&country=DE&affid=999762&subid=2266483-2658448306-0&ln=en&cid=%7Bcountry%7D&useragent=%7Bvar:useragent%7D&ip=2a01:04f8:0192:5414:0000:0000:0000:0002&bv=Chrome%2092&as=pc
Frame ID: 7DA64BDDFB629B86E545239EE57DD6B7
Requests: 25 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://chat-grupwhatsapp-viral.se.ke/ HTTP 302
http://elevisions.biz/redirect?tid=934312 HTTP 302
https://tm-offers.gamingadult.com/?offer=461&uid=1b428417-5a71-4589-b1e9-809f2b9dbee1&subid=860777328227077017... HTTP 302
http://www.trafyield.com/jump/next.php?r=2266483&pub_clickid=${UNIQUE_ID}&sub1=${CHANNEL_ID} Page URL
http://dexchangeinc.com/jump/next.php?stamat=m%7C%2C4ojNqNhJqB1dAN0dEdHP3xP.803%2C7H0PozvLiGV-YkDx82... HTTP 302
http://dexchangeinc.com/script/i.php?stamat=m%7C%2C%2Cg2ZrY2Y7oGU3Bv-GH0dEdHP3xP.07d%2CVJnPh-sz8wo-D... HTTP 302
https://track.free-coupons.network/15GlN9?subid=2266483-2658448306-0&country={country}&affid=999762&cost={payou... HTTP 302
https://special-offers.online/lp/common/arb/?url=/gif-lp/3/?tag=999762&tag1=musicplayer&tag2=2266483-26584... Page URL
https://click-on-this.art/gif-lp/3/?tag=999762&tag1=musicplayer&tag2=2266483-2658448306-0&tag3=999762&... Page URL

Detected technologies

Lua (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers server /openresty(?:\/([\d.]+))?/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /openresty(?:\/([\d.]+))?/i

OpenResty (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /openresty(?:\/([\d.]+))?/i

Google Cloud (CDN) Expand

Overall confidence: 100%
Detected patterns

headers via /^1\.1 google$/i

Page Statistics

25
Requests

88 %
HTTPS

23 %
IPv6

13
Domains

17
Subdomains

8
IPs

5
Countries

608 kB
Transfer

640 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://chat-grupwhatsapp-viral.se.ke/ HTTP 302
http://elevisions.biz/redirect?tid=934312 HTTP 302
https://tm-offers.gamingadult.com/?offer=461&uid=1b428417-5a71-4589-b1e9-809f2b9dbee1&subid=8607773282270770176&subid2=934312 HTTP 302
http://www.trafyield.com/jump/next.php?r=2266483&pub_clickid=${UNIQUE_ID}&sub1=${CHANNEL_ID} Page URL
http://dexchangeinc.com/jump/next.php?stamat=m%7C%2C4ojNqNhJqB1dAN0dEdHP3xP.803%2C7H0PozvLiGV-YkDx825CHjXHsSctWIGDQyh13bePJRpTXHmP4fPJqZw3misuQaTrYiQZ_O80jDaW0Nc5Qo-FKvvrAUwtubi-6hYNcaJ4DcM%2C&cbrandom=0.3881243888536534&cbtitle=&cbiframe=0&cbWidth=1600&cbHeight=1200&cbdescription=&cbkeywords=&cbref= HTTP 302
http://dexchangeinc.com/script/i.php?stamat=m%7C%2C%2Cg2ZrY2Y7oGU3Bv-GH0dEdHP3xP.07d%2CVJnPh-sz8wo-D1ks_NLeirfOT0ojBVWeN6atKjY8ewrKTWUbSz7tBzUidbusVgk_OJ8DxZPbT9kpfz04RRT2RiAB1SK_qSM2pbqyaQ7oYsZzSV86qikibcmnwW7MCTzc_e3sKgbAU87AqS71w950YzBc2BOnFXv4wAtu94zMVXoqzcSqhPfWfyjpuefuW0e7JH_umxtV8sm0FnSNRZ0SKVVbX_FFHZ2soj0WTaZZ4IIfD7PQpCdVW2z6vS43lYs4wMoPoQn1waj3-p01YjA98wVOGDfwBwoE60hyi3FyAH2opMVTzxFR0wbwCsQePSl44QwVWX_FaVt1VBAUOUaNXCC6ZtPNeY0z7bnjEsZ3kXH8vMEmveAMCLfYQXgmEZyordTtoDTWAH3AAL7vXIahf6ShDNU-tUNPjVsBCiq0EclvQ7rWEk5LMkft_VgEcZmb7s_dHGcF6pODPAerW5oNIAsiNlpc418ETQSGnYoWMk50eoJz3_05ldMNb9643HFW HTTP 302
https://track.free-coupons.network/15GlN9?subid=2266483-2658448306-0&country={country}&affid=999762&cost={payout}&external_id=16300514183114053485206535634642403 HTTP 302
https://special-offers.online/lp/common/arb/?url=/gif-lp/3/?tag=999762&tag1=musicplayer&tag2=2266483-2658448306-0&tag3=999762&tag4=dating&clickid=daa84911dacfc5380366f46b385596fe-4888-0827&device=Desktop&brand=Desktop&model=Desktop&country=DE&affid=999762&subid=2266483-2658448306-0&ln=en&cid=%7Bcountry%7D&useragent=%7Bvar:useragent%7D&ip=2a01:04f8:0192:5414:0000:0000:0000:0002&bv=Chrome%2092&as=pc Page URL
https://click-on-this.art/gif-lp/3/?tag=999762&tag1=musicplayer&tag2=2266483-2658448306-0&tag3=999762&tag4=dating&clickid=daa84911dacfc5380366f46b385596fe-4888-0827&device=Desktop&brand=Desktop&model=Desktop&country=DE&affid=999762&subid=2266483-2658448306-0&ln=en&cid=%7Bcountry%7D&useragent=%7Bvar:useragent%7D&ip=2a01:04f8:0192:5414:0000:0000:0000:0002&bv=Chrome%2092&as=pc Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://chat-grupwhatsapp-viral.se.ke/ HTTP 302
http://elevisions.biz/redirect?tid=934312 HTTP 302
https://tm-offers.gamingadult.com/?offer=461&uid=1b428417-5a71-4589-b1e9-809f2b9dbee1&subid=8607773282270770176&subid2=934312 HTTP 302
http://www.trafyield.com/jump/next.php?r=2266483&pub_clickid=${UNIQUE_ID}&sub1=${CHANNEL_ID}

Request Chain 1

http://dexchangeinc.com/jump/next.php?stamat=m%7C%2C4ojNqNhJqB1dAN0dEdHP3xP.803%2C7H0PozvLiGV-YkDx825CHjXHsSctWIGDQyh13bePJRpTXHmP4fPJqZw3misuQaTrYiQZ_O80jDaW0Nc5Qo-FKvvrAUwtubi-6hYNcaJ4DcM%2C&cbrandom=0.3881243888536534&cbtitle=&cbiframe=0&cbWidth=1600&cbHeight=1200&cbdescription=&cbkeywords=&cbref= HTTP 302
http://dexchangeinc.com/script/i.php?stamat=m%7C%2C%2Cg2ZrY2Y7oGU3Bv-GH0dEdHP3xP.07d%2CVJnPh-sz8wo-D1ks_NLeirfOT0ojBVWeN6atKjY8ewrKTWUbSz7tBzUidbusVgk_OJ8DxZPbT9kpfz04RRT2RiAB1SK_qSM2pbqyaQ7oYsZzSV86qikibcmnwW7MCTzc_e3sKgbAU87AqS71w950YzBc2BOnFXv4wAtu94zMVXoqzcSqhPfWfyjpuefuW0e7JH_umxtV8sm0FnSNRZ0SKVVbX_FFHZ2soj0WTaZZ4IIfD7PQpCdVW2z6vS43lYs4wMoPoQn1waj3-p01YjA98wVOGDfwBwoE60hyi3FyAH2opMVTzxFR0wbwCsQePSl44QwVWX_FaVt1VBAUOUaNXCC6ZtPNeY0z7bnjEsZ3kXH8vMEmveAMCLfYQXgmEZyordTtoDTWAH3AAL7vXIahf6ShDNU-tUNPjVsBCiq0EclvQ7rWEk5LMkft_VgEcZmb7s_dHGcF6pODPAerW5oNIAsiNlpc418ETQSGnYoWMk50eoJz3_05ldMNb9643HFW HTTP 302
https://track.free-coupons.network/15GlN9?subid=2266483-2658448306-0&country={country}&affid=999762&cost={payout}&external_id=16300514183114053485206535634642403 HTTP 302
https://special-offers.online/lp/common/arb/?url=/gif-lp/3/?tag=999762&tag1=musicplayer&tag2=2266483-2658448306-0&tag3=999762&tag4=dating&clickid=daa84911dacfc5380366f46b385596fe-4888-0827&device=Desktop&brand=Desktop&model=Desktop&country=DE&affid=999762&subid=2266483-2658448306-0&ln=en&cid=%7Bcountry%7D&useragent=%7Bvar:useragent%7D&ip=2a01:04f8:0192:5414:0000:0000:0000:0002&bv=Chrome%2092&as=pc

Request Chain 12

https://crtv.wboptim.online/icon?url=https%3A%2F%2Fc.adskeeper.co.uk%2Fc%3Fpv%3D2%26v%3D0%7C0%7C0%7CGhvRFBDcViALajUSg1JuTHNBtKfNTYv10GqoNIDLI4Y6K8OjPjiqjyccm-TmY-NR%26cid%3D327361%26f%3D1%26h2%3DcU7iphL2HbpkqkDYVTq1HALXCaAxrDfrynEgoSUqjIU*%26rid%3D4c597aa4-070d-11ec-9e56-e4434b15122e%26psid%3Dbid_1000038%26iub%3DaHR0cHM6Ly9zLWltZy5hZHNrZWVwZXIuY28udWsvZy84MTY0ODg5LzMyOHgzMjgvMHgxMjR4NTY1eDU2NS9hSFIwY0RvdkwybHRaMmh2YzNSekxtTnZiUzkwWXk4eU1ERTVMVEEyTHpFd01Ua3lOQzloWTJKaFltUmxNbVJqTlRrek9ERmtNekF5WXpoa01tTTRPREV5T1dFMk55NXFjR2Mud2VicD92PTE2MzAwNTE0MjMtV1RfWVpEbzJOemxYZTRZdmpGVzJEdE9Wb0lqcDZ1SHdjSU91TVBNMVVmdw%3D%3D&s=1003&a=bid_onw_999762&uA=bid_1000038&sub=2266483-2658448306-0&d=55&ic=1 HTTP 302
https://c.adskeeper.co.uk/c?pv=2&v=0|0|0|GhvRFBDcViALajUSg1JuTHNBtKfNTYv10GqoNIDLI4Y6K8OjPjiqjyccm-TmY-NR&cid=327361&f=1&h2=cU7iphL2HbpkqkDYVTq1HALXCaAxrDfrynEgoSUqjIU*&rid=4c597aa4-070d-11ec-9e56-e4434b15122e&psid=bid_1000038&iub=aHR0cHM6Ly9zLWltZy5hZHNrZWVwZXIuY28udWsvZy84MTY0ODg5LzMyOHgzMjgvMHgxMjR4NTY1eDU2NS9hSFIwY0RvdkwybHRaMmh2YzNSekxtTnZiUzkwWXk4eU1ERTVMVEEyTHpFd01Ua3lOQzloWTJKaFltUmxNbVJqTlRrek9ERmtNekF5WXpoa01tTTRPREV5T1dFMk55NXFjR2Mud2VicD92PTE2MzAwNTE0MjMtV1RfWVpEbzJOemxYZTRZdmpGVzJEdE9Wb0lqcDZ1SHdjSU91TVBNMVVmdw== HTTP 301
https://s-img.adskeeper.co.uk/g/8164889/328x328/0x124x565x565/aHR0cDovL2ltZ2hvc3RzLmNvbS90Yy8yMDE5LTA2LzEwMTkyNC9hY2JhYmRlMmRjNTkzODFkMzAyYzhkMmM4ODEyOWE2Ny5qcGc.webp?v=1630051423-WT_YZDo2NzlXe4YvjFW2DtOVoIjp6uHwcIOuMPM1Ufw

Request Chain 17

https://crtv.wboptim.online/icon?url=https%3A%2F%2Fc.mgid.com%2Fc%3Fpv%3D2%26v%3D0%7C0%7C0%7C6FWh1VyLd73tX6TN_UpPgrlv2tQ9BeQ2VdRo04RzZIhK0lWYUBYtX4DItPN5bfIk%26cid%3D383523%26f%3D1%26h2%3DcU7iphL2HbpkqkDYVTq1HALXCaAxrDfrynEgoSUqjIU*%26rid%3D4e1c0343-070d-11ec-81d8-e4434b374cb2%26psid%3Dbid_1000682%26iub%3DaHR0cHM6Ly9zLWltZy5tZ2lkLmNvbS9nLzgxNjQ4NDMvMzI4eDMyOC8weDQweDU2NXg1NjUvYUhSMGNEb3ZMMmx0WjJodmMzUnpMbU52YlM5MEx6SXdNakF0TVRFdk1UQXhPVEkwTHprNU5HTmpZVEJsTmpObU1XRmtNalV4TVRoak56Vm1PVEkwTmprd1ltSTJMbXB3WldjLndlYnA_dj0xNjMwMDUxNDI2LTdHbUxBZHhpWVZSa1ZPQlZ5bE9td0s0VjFaZlJ2TXVUQUE2OGRiS1BuSEk%3D&s=1000&a=bid_onw_999762&uA=bid_1000682&sub=2266483-2658448306-0&d=50&ic=1 HTTP 302
https://c.mgid.com/c?pv=2&v=0|0|0|6FWh1VyLd73tX6TN_UpPgrlv2tQ9BeQ2VdRo04RzZIhK0lWYUBYtX4DItPN5bfIk&cid=383523&f=1&h2=cU7iphL2HbpkqkDYVTq1HALXCaAxrDfrynEgoSUqjIU*&rid=4e1c0343-070d-11ec-81d8-e4434b374cb2&psid=bid_1000682&iub=aHR0cHM6Ly9zLWltZy5tZ2lkLmNvbS9nLzgxNjQ4NDMvMzI4eDMyOC8weDQweDU2NXg1NjUvYUhSMGNEb3ZMMmx0WjJodmMzUnpMbU52YlM5MEx6SXdNakF0TVRFdk1UQXhPVEkwTHprNU5HTmpZVEJsTmpObU1XRmtNalV4TVRoak56Vm1PVEkwTmprd1ltSTJMbXB3WldjLndlYnA_dj0xNjMwMDUxNDI2LTdHbUxBZHhpWVZSa1ZPQlZ5bE9td0s0VjFaZlJ2TXVUQUE2OGRiS1BuSEk= HTTP 301
https://s-img.mgid.com/g/8164843/328x328/0x40x565x565/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMTEvMTAxOTI0Lzk5NGNjYTBlNjNmMWFkMjUxMThjNzVmOTI0NjkwYmI2LmpwZWc.webp?v=1630051426-7GmLAdxiYVRkVOBVylOmwK4V1ZfRvMuTAA68dbKPnHI

Request Chain 19

https://crtv.wboptim.online/icon?url=https%3A%2F%2Fc.adskeeper.co.uk%2Fc%3Fpv%3D2%26v%3D0%7C0%7C0%7CTmcRDg-qQWsioMJNT1v2BnNBtKfNTYv10GqoNIDLI4aRBW6c0WOTxP_y0syydZuj%26cid%3D327361%26f%3D1%26h2%3DcU7iphL2HbpkqkDYVTq1HALXCaAxrDfrynEgoSUqjIU*%26rid%3D4e5b56ab-070d-11ec-9e56-e4434b15122e%26psid%3Dbid_1000682%26iub%3DaHR0cHM6Ly9zLWltZy5hZHNrZWVwZXIuY28udWsvZy84MTY0ODg5LzMyOHgzMjgvMHgxMjR4NTY1eDU2NS9hSFIwY0RvdkwybHRaMmh2YzNSekxtTnZiUzkwWXk4eU1ERTVMVEEyTHpFd01Ua3lOQzloWTJKaFltUmxNbVJqTlRrek9ERmtNekF5WXpoa01tTTRPREV5T1dFMk55NXFjR2Mud2VicD92PTE2MzAwNTE0MjMtV1RfWVpEbzJOemxYZTRZdmpGVzJEdE9Wb0lqcDZ1SHdjSU91TVBNMVVmdw%3D%3D&s=1003&a=bid_onw_999762&uA=bid_1000682&sub=2266483-2658448306-0&d=50&ic=1 HTTP 302
https://c.adskeeper.co.uk/c?pv=2&v=0|0|0|TmcRDg-qQWsioMJNT1v2BnNBtKfNTYv10GqoNIDLI4aRBW6c0WOTxP_y0syydZuj&cid=327361&f=1&h2=cU7iphL2HbpkqkDYVTq1HALXCaAxrDfrynEgoSUqjIU*&rid=4e5b56ab-070d-11ec-9e56-e4434b15122e&psid=bid_1000682&iub=aHR0cHM6Ly9zLWltZy5hZHNrZWVwZXIuY28udWsvZy84MTY0ODg5LzMyOHgzMjgvMHgxMjR4NTY1eDU2NS9hSFIwY0RvdkwybHRaMmh2YzNSekxtTnZiUzkwWXk4eU1ERTVMVEEyTHpFd01Ua3lOQzloWTJKaFltUmxNbVJqTlRrek9ERmtNekF5WXpoa01tTTRPREV5T1dFMk55NXFjR2Mud2VicD92PTE2MzAwNTE0MjMtV1RfWVpEbzJOemxYZTRZdmpGVzJEdE9Wb0lqcDZ1SHdjSU91TVBNMVVmdw== HTTP 301
https://s-img.adskeeper.co.uk/g/8164889/328x328/0x124x565x565/aHR0cDovL2ltZ2hvc3RzLmNvbS90Yy8yMDE5LTA2LzEwMTkyNC9hY2JhYmRlMmRjNTkzODFkMzAyYzhkMmM4ODEyOWE2Ny5qcGc.webp?v=1630051423-WT_YZDo2NzlXe4YvjFW2DtOVoIjp6uHwcIOuMPM1Ufw

25 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

next.php
www.trafyield.com/jump/
Redirect Chain

http://chat-grupwhatsapp-viral.se.ke/
http://elevisions.biz/redirect?tid=934312
https://tm-offers.gamingadult.com/?offer=461&uid=1b428417-5a71-4589-b1e9-809f2b9dbee1&subid=8607773282270770176&subid2=934312
http://www.trafyield.com/jump/next.php?r=2266483&pub_clickid=${UNIQUE_ID}&sub1=${CHANNEL_ID}

7 KB
3 KB

158ms
135ms

Document
text/html

35.201.127.73
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: http://www.trafyield.com/jump/next.php?r=2266483&pub_clickid=${UNIQUE_ID}&sub1=${CHANNEL_ID}
Protocol: HTTP/1.1
Server: 35.201.127.73 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 73.127.201.35.bc.googleusercontent.com
Software: openresty /
Resource Hash

Request headers

Host: www.trafyield.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Server: openresty
Date: Fri, 27 Aug 2021 08:03:38 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 google

Redirect headers

server: nginx
date: Fri, 27 Aug 2021 08:03:38 GMT
content-type: text/html; charset=UTF-8
location: http://www.trafyield.com/jump/next.php?r=2266483&pub_clickid=${UNIQUE_ID}&sub1=${CHANNEL_ID}

GET
H2

200

/
special-offers.online/lp/common/arb/
Redirect Chain

http://dexchangeinc.com/jump/next.php?stamat=m%7C%2C4ojNqNhJqB1dAN0dEdHP3xP.803%2C7H0PozvLiGV-YkDx825CHjXHsSctWIGDQyh13bePJRpTXHmP4fPJqZw3misuQaTrYiQZ_O80jDaW0Nc5Qo-FKvvrAUwtubi-6hYNcaJ4DcM%2C&cbra...
http://dexchangeinc.com/script/i.php?stamat=m%7C%2C%2Cg2ZrY2Y7oGU3Bv-GH0dEdHP3xP.07d%2CVJnPh-sz8wo-D1ks_NLeirfOT0ojBVWeN6atKjY8ewrKTWUbSz7tBzUidbusVgk_OJ8DxZPbT9kpfz04RRT2RiAB1SK_qSM2pbqyaQ7oYsZzSV...
https://track.free-coupons.network/15GlN9?subid=2266483-2658448306-0&country={country}&affid=999762&cost={payout}&external_id=16300514183114053485206535634642403
https://special-offers.online/lp/common/arb/?url=/gif-lp/3/?tag=999762&tag1=musicplayer&tag2=2266483-2658448306-0&tag3=999762&tag4=dating&clickid=daa84911dacfc5380366f46b385596fe-4888-0827&device=D...

471 B
564 B

187ms
40ms

Document
text/html

213.227.149.216
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://special-offers.online/lp/common/arb/?url=/gif-lp/3/?tag=999762&tag1=musicplayer&tag2=2266483-2658448306-0&tag3=999762&tag4=dating&clickid=daa84911dacfc5380366f46b385596fe-4888-0827&device=Desktop&brand=Desktop&model=Desktop&country=DE&affid=999762&subid=2266483-2658448306-0&ln=en&cid=%7Bcountry%7D&useragent=%7Bvar:useragent%7D&ip=2a01:04f8:0192:5414:0000:0000:0000:0002&bv=Chrome%2092&as=pc

Requested by

Host: www.trafyield.com
URL: http://www.trafyield.com/jump/next.php?r=2266483&pub_clickid=${UNIQUE_ID}&sub1=${CHANNEL_ID}

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

213.227.149.216 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

:method: GET
:authority: special-offers.online
:scheme: https
:path: /lp/common/arb/?url=/gif-lp/3/?tag=999762&tag1=musicplayer&tag2=2266483-2658448306-0&tag3=999762&tag4=dating&clickid=daa84911dacfc5380366f46b385596fe-4888-0827&device=Desktop&brand=Desktop&model=Desktop&country=DE&affid=999762&subid=2266483-2658448306-0&ln=en&cid=%7Bcountry%7D&useragent=%7Bvar:useragent%7D&ip=2a01:04f8:0192:5414:0000:0000:0000:0002&bv=Chrome%2092&as=pc
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: http://www.trafyield.com/jump/next.php?r=2266483&pub_clickid=${UNIQUE_ID}&sub1=${CHANNEL_ID}

Response headers

server: nginx
date: Fri, 27 Aug 2021 08:03:40 GMT
content-type: text/html; charset=UTF-8
x-frame-options: SAMEORIGIN

Redirect headers

Server: nginx/1.19.5
Date: Fri, 27 Aug 2021 08:03:40 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 980
Connection: keep-alive
X-Powered-By: Express
Set-Cookie: 15GlN9o=20210827081630052008570; domain=.track.free-coupons.network; path=/;expires=Sat, 28 Aug 2021 08:03:40 GMT; httpOnly=true;SameSite=None; Secure; _pc_lc_id=15GlN9; domain=.track.free-coupons.network; path=/;expires=Sat, 28 Aug 2021 08:03:40 GMT; httpOnly=true;SameSite=None; Secure; peerclickcid=daa84911dacfc5380366f46b385596fe-4888-0827; domain=.track.free-coupons.network; path=/;expires=Sat, 28 Aug 2021 08:03:40 GMT; httpOnly=true;SameSite=None; Secure; _norg=1; domain=.track.free-coupons.network; path=/;expires=Sat, 28 Aug 2021 08:03:40 GMT; httpOnly=true;SameSite=None; Secure;
Location: https://special-offers.online/lp/common/arb/?url=/gif-lp/3/?tag=999762&tag1=musicplayer&tag2=2266483-2658448306-0&tag3=999762&tag4=dating&clickid=daa84911dacfc5380366f46b385596fe-4888-0827&device=Desktop&brand=Desktop&model=Desktop&country=DE&affid=999762&subid=2266483-2658448306-0&ln=en&cid=%7Bcountry%7D&useragent=%7Bvar:useragent%7D&ip=2a01:04f8:0192:5414:0000:0000:0000:0002&bv=Chrome%2092&as=pc
Vary: Accept

GET
H2 200 Primary Request / Show response
click-on-this.art/gif-lp/3/ 774 B
918 B 77ms
23ms Document
text/html 213.227.149.216
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://click-on-this.art/gif-lp/3/?tag=999762&tag1=musicplayer&tag2=2266483-2658448306-0&tag3=999762&tag4=dating&clickid=daa84911dacfc5380366f46b385596fe-4888-0827&device=Desktop&brand=Desktop&model=Desktop&country=DE&affid=999762&subid=2266483-2658448306-0&ln=en&cid=%7Bcountry%7D&useragent=%7Bvar:useragent%7D&ip=2a01:04f8:0192:5414:0000:0000:0000:0002&bv=Chrome%2092&as=pc

Requested by

Host: special-offers.online
URL: https://special-offers.online/lp/common/arb/?url=/gif-lp/3/?tag=999762&tag1=musicplayer&tag2=2266483-2658448306-0&tag3=999762&tag4=dating&clickid=daa84911dacfc5380366f46b385596fe-4888-0827&device=Desktop&brand=Desktop&model=Desktop&country=DE&affid=999762&subid=2266483-2658448306-0&ln=en&cid=%7Bcountry%7D&useragent=%7Bvar:useragent%7D&ip=2a01:04f8:0192:5414:0000:0000:0000:0002&bv=Chrome%2092&as=pc

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

213.227.149.216 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

Software

nginx /

Resource Hash

9b490d5106fdd364fbc4a961cefda9b32cd9a061793b111ef0844aca6c177748

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

:method: GET
:authority: click-on-this.art
:scheme: https
:path: /gif-lp/3/?tag=999762&tag1=musicplayer&tag2=2266483-2658448306-0&tag3=999762&tag4=dating&clickid=daa84911dacfc5380366f46b385596fe-4888-0827&device=Desktop&brand=Desktop&model=Desktop&country=DE&affid=999762&subid=2266483-2658448306-0&ln=en&cid=%7Bcountry%7D&useragent=%7Bvar:useragent%7D&ip=2a01:04f8:0192:5414:0000:0000:0000:0002&bv=Chrome%2092&as=pc
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://special-offers.online/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://special-offers.online/

Response headers

server: nginx
date: Fri, 27 Aug 2021 08:03:40 GMT
content-type: text/html
content-length: 774
last-modified: Fri, 04 Jun 2021 12:25:28 GMT
etag: "60ba1bb8-306"
x-frame-options: SAMEORIGIN
accept-ranges: bytes

GET
H2 200 style-new.css
cdn.special-offers.online/lp/plugin/css/ 38 KB
38 KB 97ms
29ms Stylesheet
text/css 67.27.157.250
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.special-offers.online/lp/plugin/css/style-new.css
Requested by: Host: click-on-this.art
URL: https://click-on-this.art/gif-lp/3/?tag=999762&tag1=musicplayer&tag2=2266483-2658448306-0&tag3=999762&tag4=dating&clickid=daa84911dacfc5380366f46b385596fe-4888-0827&device=Desktop&brand=Desktop&model=Desktop&country=DE&affid=999762&subid=2266483-2658448306-0&ln=en&cid=%7Bcountry%7D&useragent=%7Bvar:useragent%7D&ip=2a01:04f8:0192:5414:0000:0000:0000:0002&bv=Chrome%2092&as=pc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.157.250 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: SE-1.15.12 /
Resource Hash: 16ce0f7d9635fcb57c2ce46a649d17c9cc7e32819161179f41eea29caf5d5223

Request headers

Referer: https://click-on-this.art/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 08:03:40 GMT
last-modified: Fri, 28 Sep 2018 15:56:11 GMT
server: SE-1.15.12
age: 428580
etag: "5bae4f1b-9694"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2592000
x-cachetier-status: EXPIRED
x-cdn: Level3
accept-ranges: bytes
content-length: 38548
x-edgecache-status: MISS
expires: Tue, 21 Sep 2021 09:00:40 GMT

GET
H2 200 bg.webp
cdn.special-offers.online/lp/gif-lp/3/ 355 KB
356 KB 109ms
41ms Image
image/webp 67.27.157.250
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.special-offers.online/lp/gif-lp/3/bg.webp
Requested by: Host: click-on-this.art
URL: https://click-on-this.art/gif-lp/3/?tag=999762&tag1=musicplayer&tag2=2266483-2658448306-0&tag3=999762&tag4=dating&clickid=daa84911dacfc5380366f46b385596fe-4888-0827&device=Desktop&brand=Desktop&model=Desktop&country=DE&affid=999762&subid=2266483-2658448306-0&ln=en&cid=%7Bcountry%7D&useragent=%7Bvar:useragent%7D&ip=2a01:04f8:0192:5414:0000:0000:0000:0002&bv=Chrome%2092&as=pc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.157.250 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: SE-1.15.8 /
Resource Hash: 6695d270650865abfa1944df5d3bc0deae2b6e67f08a271a63aadfb2698e4faf

Request headers

Referer: https://click-on-this.art/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 08:03:40 GMT
last-modified: Wed, 19 Aug 2020 15:05:15 GMT
server: SE-1.15.8
age: 31184462
etag: "5f3d3fab-58c82"
content-type: image/webp
access-control-allow-origin: *
x-cachetier-status: MISS
x-cdn: Level3
accept-ranges: bytes
content-length: 363650
x-edgecache-status: MISS

GET
H2 200 bidder.js Show response
click-on-this.art/plugin/js/ 12 KB
12 KB 28ms
25ms Script
application/javascript 213.227.149.216
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://click-on-this.art/plugin/js/bidder.js

Requested by

Host: click-on-this.art
URL: https://click-on-this.art/gif-lp/3/?tag=999762&tag1=musicplayer&tag2=2266483-2658448306-0&tag3=999762&tag4=dating&clickid=daa84911dacfc5380366f46b385596fe-4888-0827&device=Desktop&brand=Desktop&model=Desktop&country=DE&affid=999762&subid=2266483-2658448306-0&ln=en&cid=%7Bcountry%7D&useragent=%7Bvar:useragent%7D&ip=2a01:04f8:0192:5414:0000:0000:0000:0002&bv=Chrome%2092&as=pc

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

213.227.149.216 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

Software

nginx /

Resource Hash

0e45e493acc08d474a85af518ccd96ed31c5b7beb7c91521c51b5b8c7611632c

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

:path: /plugin/js/bidder.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: click-on-this.art
referer: https://click-on-this.art/gif-lp/3/?tag=999762&tag1=musicplayer&tag2=2266483-2658448306-0&tag3=999762&tag4=dating&clickid=daa84911dacfc5380366f46b385596fe-4888-0827&device=Desktop&brand=Desktop&model=Desktop&country=DE&affid=999762&subid=2266483-2658448306-0&ln=en&cid=%7Bcountry%7D&useragent=%7Bvar:useragent%7D&ip=2a01:04f8:0192:5414:0000:0000:0000:0002&bv=Chrome%2092&as=pc
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://click-on-this.art/gif-lp/3/?tag=999762&tag1=musicplayer&tag2=2266483-2658448306-0&tag3=999762&tag4=dating&clickid=daa84911dacfc5380366f46b385596fe-4888-0827&device=Desktop&brand=Desktop&model=Desktop&country=DE&affid=999762&subid=2266483-2658448306-0&ln=en&cid=%7Bcountry%7D&useragent=%7Bvar:useragent%7D&ip=2a01:04f8:0192:5414:0000:0000:0000:0002&bv=Chrome%2092&as=pc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 08:03:40 GMT
last-modified: Thu, 05 Aug 2021 09:45:24 GMT
server: nginx
etag: "610bb334-2f54"
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 12116
expires: Sun, 26 Sep 2021 08:03:40 GMT

GET
H2 200 IndexedDb.js Show response
free-coupons.network/lp/plugin/js/ 4 KB
4 KB 90ms
30ms Script
application/javascript 213.227.149.216
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://free-coupons.network/lp/plugin/js/IndexedDb.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

213.227.149.216 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

Software

nginx /

Resource Hash

2ae833f4464565f0a42688dc6e386f1e2fdfd63ccafe93151404b4c27fa9f8f7

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://click-on-this.art/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 08:03:40 GMT
last-modified: Fri, 03 Jul 2020 09:20:38 GMT
server: nginx
etag: "5efef866-1012"
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 4114
expires: Sun, 26 Sep 2021 08:03:40 GMT

GET
H2 200 log.js Show response
free-coupons.network/lp/plugin/js/ 1 KB
2 KB 90ms
30ms Script
application/javascript 213.227.149.216
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://free-coupons.network/lp/plugin/js/log.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

213.227.149.216 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

Software

nginx /

Resource Hash

b126582a2dc15643553ecc896192ffe2b58858c39571411ef548013a0be9d258

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://click-on-this.art/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 08:03:40 GMT
last-modified: Fri, 03 Jul 2020 09:20:39 GMT
server: nginx
etag: "5efef867-5c3"
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 1475
expires: Sun, 26 Sep 2021 08:03:40 GMT

GET
H2 200 client.js Show response
free-coupons.network/lp/plugin/js/ 99 KB
99 KB 100ms
41ms Script
application/javascript 213.227.149.216
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://free-coupons.network/lp/plugin/js/client.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

213.227.149.216 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

Software

nginx /

Resource Hash

e68a5fa473afa396b513a8a02c197417123b13dc4b0109af33de25d49da9e862

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://click-on-this.art/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 08:03:40 GMT
last-modified: Fri, 03 Jul 2020 09:20:39 GMT
server: nginx
etag: "5efef867-18c61"
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 101473
expires: Sun, 26 Sep 2021 08:03:40 GMT

GET
H/1.1 200
OK client Show response
wbidr.com/offer/ 2 KB
857 B 1768ms
1711ms Fetch
application/json 5.79.69.65
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://wbidr.com/offer/client?affid=onw_999762&subid=2266483-2658448306-0&days=8
Requested by: Host: click-on-this.art
URL: https://click-on-this.art/plugin/js/bidder.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 5.79.69.65 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: 59bc9e5db12dc0b7b9f82471238db4990675b0f6f73bd3e5eb24d727882819b1

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 27 Aug 2021 08:03:42 GMT
content-encoding: gzip
vary: Origin, Accept-Encoding
keep-alive: timeout=5
transfer-encoding: chunked
content-type: application/json; charset=utf-8

GET
H/1.1 200
OK client Show response
wbidder.online/offer/ 4 KB
1 KB 1528ms
1478ms Fetch
application/json 213.227.152.225
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://wbidder.online/offer/client?affid=onw_999762&subid=2266483-2658448306-0&days=8&count=3
Requested by: Host: free-coupons.network
URL: https://free-coupons.network/lp/plugin/js/client.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.227.152.225 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: d45b5abed3cde47fe7558387c9dbcbc718628b9bb8b06feb3c83fe42e8c39375

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 27 Aug 2021 08:03:42 GMT
content-encoding: gzip
vary: Origin, Accept-Encoding
keep-alive: timeout=5
transfer-encoding: chunked
content-type: application/json; charset=utf-8

GET
H/1.1 200
OK client Show response
wbidr.com/offer/ 6 KB
1 KB 814ms
814ms Fetch
application/json 5.79.69.65
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://wbidr.com/offer/client?affid=onw_999762&subid=2266483-2658448306-0&days=8&count=4&adult=undefined
Requested by: Host: click-on-this.art
URL: https://click-on-this.art/plugin/js/bidder.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 5.79.69.65 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: 256e7c3613e9f9c09902bd52d6c3a2507127c0b0767211ab730cf41634075204

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 27 Aug 2021 08:03:44 GMT
content-encoding: gzip
vary: Origin, Accept-Encoding
keep-alive: timeout=5
transfer-encoding: chunked
content-type: application/json; charset=utf-8

GET
H/1.1 200
OK client Show response
wbidr.com/offer/ 7 KB
2 KB 1748ms
1700ms Fetch
application/json 5.79.69.65
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://wbidr.com/offer/client?affid=onw_999762&subid=2266483-2658448306-0&days=8&count=4&adult=undefined
Requested by: Host: click-on-this.art
URL: https://click-on-this.art/plugin/js/bidder.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 5.79.69.65 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: 3ce184b37fa67643a5187da215368b033763615f1f3159b34fcf5983afc4d133

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 27 Aug 2021 08:03:45 GMT
content-encoding: gzip
vary: Origin, Accept-Encoding
keep-alive: timeout=5
transfer-encoding: chunked
content-type: application/json; charset=utf-8

GET
H3-29

200

aHR0cDovL2ltZ2hvc3RzLmNvbS90Yy8yMDE5LTA2LzEwMTkyNC9hY2JhYmRlMmRjNTkzODFkMzAyYzhkMmM4ODEyOWE2Ny5qcGc.webp
s-img.adskeeper.co.uk/g/8164889/328x328/0x124x565x565/
Redirect Chain

https://crtv.wboptim.online/icon?url=https%3A%2F%2Fc.adskeeper.co.uk%2Fc%3Fpv%3D2%26v%3D0%7C0%7C0%7CGhvRFBDcViALajUSg1JuTHNBtKfNTYv10GqoNIDLI4Y6K8OjPjiqjyccm-TmY-NR%26cid%3D327361%26f%3D1%26h2%3DcU...
https://c.adskeeper.co.uk/c?pv=2&v=0|0|0|GhvRFBDcViALajUSg1JuTHNBtKfNTYv10GqoNIDLI4Y6K8OjPjiqjyccm-TmY-NR&cid=327361&f=1&h2=cU7iphL2HbpkqkDYVTq1HALXCaAxrDfrynEgoSUqjIU*&rid=4c597aa4-070d-11ec-9e56-...
https://s-img.adskeeper.co.uk/g/8164889/328x328/0x124x565x565/aHR0cDovL2ltZ2hvc3RzLmNvbS90Yy8yMDE5LTA2LzEwMTkyNC9hY2JhYmRlMmRjNTkzODFkMzAyYzhkMmM4ODEyOWE2Ny5qcGc.webp?v=1630051423-WT_YZDo2NzlXe4Yvj...

15 KB
16 KB

35ms
19ms

Image
image/webp

104.19.130.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.adskeeper.co.uk/g/8164889/328x328/0x124x565x565/aHR0cDovL2ltZ2hvc3RzLmNvbS90Yy8yMDE5LTA2LzEwMTkyNC9hY2JhYmRlMmRjNTkzODFkMzAyYzhkMmM4ODEyOWE2Ny5qcGc.webp?v=1630051423-WT_YZDo2NzlXe4YvjFW2DtOVoIjp6uHwcIOuMPM1Ufw
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 104.19.130.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fbfabc91b64aa11c14ed6cfe66d6a9d04973d0b2172bb9f0fa08b13c4728f994

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 08:03:45 GMT
cf-cache-status: HIT
last-modified: Mon, 08 Feb 2021 10:20:30 GMT
x-mg-request-uuid: 08e0f2d5-47fe-49c2-915c-8b9d464babaa
age: 10113077
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6853c902ca6701db-ZRH
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 15734
server: cloudflare

Redirect headers

pragma: no-cache
date: Fri, 27 Aug 2021 08:03:45 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: 0d383498-b3ee-413c-912b-bcb87cf734dd
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
location: https://s-img.adskeeper.co.uk/g/8164889/328x328/0x124x565x565/aHR0cDovL2ltZ2hvc3RzLmNvbS90Yy8yMDE5LTA2LzEwMTkyNC9hY2JhYmRlMmRjNTkzODFkMzAyYzhkMmM4ODEyOWE2Ny5qcGc.webp?v=1630051423-WT_YZDo2NzlXe4YvjFW2DtOVoIjp6uHwcIOuMPM1Ufw
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 6853c901cb1ccc62-ZRH
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90Yy8yMDE5LTA2LzEwMTkyNC9hY2JhYmRlMmRjNTkzODFkMzAyYzhkMmM4ODEyOWE2Ny5qcGc.webp
s-img.adskeeper.co.uk/g/8164889/492x328/0x124x565x376/ 18 KB
18 KB 52ms
24ms Image
image/webp 104.19.130.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.adskeeper.co.uk/g/8164889/492x328/0x124x565x376/aHR0cDovL2ltZ2hvc3RzLmNvbS90Yy8yMDE5LTA2LzEwMTkyNC9hY2JhYmRlMmRjNTkzODFkMzAyYzhkMmM4ODEyOWE2Ny5qcGc.webp?v=1630051423-EBt3TpT99ruLWvF1Rtb12eSvVVuAk8DI_uhe_zRQqZk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.130.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9147e56702cac804cff4b646db96efe455be370caeba029965acd0f375d00da1

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 08:03:45 GMT
cf-cache-status: HIT
last-modified: Mon, 08 Feb 2021 10:20:16 GMT
x-mg-request-uuid: 1e8befca-c302-4144-9c8a-26f6374095c8
age: 9672734
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6853c9017b03cc62-ZRH
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 18200
server: cloudflare

GET
H/1.1 200
OK client Show response
wbidr.com/offer/ 6 KB
1 KB 1388ms
1388ms Fetch
application/json 5.79.69.65
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://wbidr.com/offer/client?affid=onw_999762&subid=2266483-2658448306-0&days=8&count=4&adult=undefined
Requested by: Host: click-on-this.art
URL: https://click-on-this.art/plugin/js/bidder.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 5.79.69.65 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: 32795840bf212400a162601a31892c9c08c8a818080870ead05fd11539b5a56b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 27 Aug 2021 08:03:48 GMT
content-encoding: gzip
vary: Origin, Accept-Encoding
keep-alive: timeout=5
transfer-encoding: chunked
content-type: application/json; charset=utf-8

GET
H/1.1 200
OK client Show response
wbidr.com/offer/ 8 KB
3 KB 1312ms
1312ms Fetch
application/json 5.79.69.65
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://wbidr.com/offer/client?affid=onw_999762&subid=2266483-2658448306-0&days=8&count=4&adult=undefined
Requested by: Host: click-on-this.art
URL: https://click-on-this.art/plugin/js/bidder.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 5.79.69.65 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: 789d84e0c80c36c1815959fe4296cfbcb4c2428c484619a44f64bc382f848f3a

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 27 Aug 2021 08:03:48 GMT
content-encoding: gzip
vary: Origin, Accept-Encoding
keep-alive: timeout=5
transfer-encoding: chunked
content-type: application/json; charset=utf-8

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90Yy8yMDE5LTA2LzEwMTkyNC9hY2JhYmRlMmRjNTkzODFkMzAyYzhkMmM4ODEyOWE2Ny5qcGc.webp
s-img.adskeeper.co.uk/g/8164889/492x328/0x124x565x376/ 18 KB
18 KB 19ms
18ms Image
image/webp 104.19.130.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.adskeeper.co.uk/g/8164889/492x328/0x124x565x376/aHR0cDovL2ltZ2hvc3RzLmNvbS90Yy8yMDE5LTA2LzEwMTkyNC9hY2JhYmRlMmRjNTkzODFkMzAyYzhkMmM4ODEyOWE2Ny5qcGc.webp?v=1630051423-EBt3TpT99ruLWvF1Rtb12eSvVVuAk8DI_uhe_zRQqZk
Requested by: Host: click-on-this.art
URL: https://click-on-this.art/plugin/js/bidder.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.130.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9147e56702cac804cff4b646db96efe455be370caeba029965acd0f375d00da1

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 08:03:48 GMT
cf-cache-status: HIT
last-modified: Mon, 08 Feb 2021 10:20:16 GMT
x-mg-request-uuid: 1e8befca-c302-4144-9c8a-26f6374095c8
age: 9672737
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6853c9114a0ecc62-ZRH
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 18200
server: cloudflare

GET
H3-29

200

aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMTEvMTAxOTI0Lzk5NGNjYTBlNjNmMWFkMjUxMThjNzVmOTI0NjkwYmI2LmpwZWc.webp
s-img.mgid.com/g/8164843/328x328/0x40x565x565/
Redirect Chain

https://crtv.wboptim.online/icon?url=https%3A%2F%2Fc.mgid.com%2Fc%3Fpv%3D2%26v%3D0%7C0%7C0%7C6FWh1VyLd73tX6TN_UpPgrlv2tQ9BeQ2VdRo04RzZIhK0lWYUBYtX4DItPN5bfIk%26cid%3D383523%26f%3D1%26h2%3DcU7iphL2H...
https://c.mgid.com/c?pv=2&v=0|0|0|6FWh1VyLd73tX6TN_UpPgrlv2tQ9BeQ2VdRo04RzZIhK0lWYUBYtX4DItPN5bfIk&cid=383523&f=1&h2=cU7iphL2HbpkqkDYVTq1HALXCaAxrDfrynEgoSUqjIU*&rid=4e1c0343-070d-11ec-81d8-e4434b3...
https://s-img.mgid.com/g/8164843/328x328/0x40x565x565/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMTEvMTAxOTI0Lzk5NGNjYTBlNjNmMWFkMjUxMThjNzVmOTI0NjkwYmI2LmpwZWc.webp?v=1630051426-7GmLAdxiYVRkVOBVylOmwK4V1...

6 KB
6 KB

34ms
19ms

Image
image/webp

104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/8164843/328x328/0x40x565x565/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMTEvMTAxOTI0Lzk5NGNjYTBlNjNmMWFkMjUxMThjNzVmOTI0NjkwYmI2LmpwZWc.webp?v=1630051426-7GmLAdxiYVRkVOBVylOmwK4V1ZfRvMuTAA68dbKPnHI
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1c0130d04d5aebf0d36864fd3918b432839da995583d7975d88dc1d9021d5138

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 08:03:48 GMT
cf-cache-status: HIT
last-modified: Mon, 08 Feb 2021 10:21:19 GMT
x-mg-request-uuid: cad2d077-5a1b-4131-a6e6-2ae0464042ed
age: 10112529
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6853c911fecc01fc-ZRH
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 5954
server: cloudflare

Redirect headers

pragma: no-cache
date: Fri, 27 Aug 2021 08:03:48 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: 70e815d5-94f6-4e2f-a7e4-bd960a900c5d
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
location: https://s-img.mgid.com/g/8164843/328x328/0x40x565x565/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMTEvMTAxOTI0Lzk5NGNjYTBlNjNmMWFkMjUxMThjNzVmOTI0NjkwYmI2LmpwZWc.webp?v=1630051426-7GmLAdxiYVRkVOBVylOmwK4V1ZfRvMuTAA68dbKPnHI
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 6853c9118d18cc42-ZRH
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMTEvMTAxOTI0Lzk5NGNjYTBlNjNmMWFkMjUxMThjNzVmOTI0NjkwYmI2LmpwZWc.webp
s-img.mgid.com/g/8164843/492x328/0x40x565x376/ 7 KB
8 KB 50ms
23ms Image
image/webp 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/8164843/492x328/0x40x565x376/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMTEvMTAxOTI0Lzk5NGNjYTBlNjNmMWFkMjUxMThjNzVmOTI0NjkwYmI2LmpwZWc.webp?v=1630051426-_XlWv-RzrolwQxSBsfCp0eZZXxxrjV0vSt_t4IPulKc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d2e711e64352c548f83487d7639a54f4a3d70e3f432117efd54abe88ef2348fc

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 08:03:48 GMT
cf-cache-status: HIT
last-modified: Mon, 08 Feb 2021 10:20:23 GMT
x-mg-request-uuid: e9351113-8d8a-48b1-9ad7-3995d23aa05e
age: 9672749
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6853c9117d12cc42-ZRH
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 7246
server: cloudflare

GET
H3-29

200

aHR0cDovL2ltZ2hvc3RzLmNvbS90Yy8yMDE5LTA2LzEwMTkyNC9hY2JhYmRlMmRjNTkzODFkMzAyYzhkMmM4ODEyOWE2Ny5qcGc.webp
s-img.adskeeper.co.uk/g/8164889/328x328/0x124x565x565/
Redirect Chain

https://crtv.wboptim.online/icon?url=https%3A%2F%2Fc.adskeeper.co.uk%2Fc%3Fpv%3D2%26v%3D0%7C0%7C0%7CTmcRDg-qQWsioMJNT1v2BnNBtKfNTYv10GqoNIDLI4aRBW6c0WOTxP_y0syydZuj%26cid%3D327361%26f%3D1%26h2%3DcU...
https://c.adskeeper.co.uk/c?pv=2&v=0|0|0|TmcRDg-qQWsioMJNT1v2BnNBtKfNTYv10GqoNIDLI4aRBW6c0WOTxP_y0syydZuj&cid=327361&f=1&h2=cU7iphL2HbpkqkDYVTq1HALXCaAxrDfrynEgoSUqjIU*&rid=4e5b56ab-070d-11ec-9e56-...
https://s-img.adskeeper.co.uk/g/8164889/328x328/0x124x565x565/aHR0cDovL2ltZ2hvc3RzLmNvbS90Yy8yMDE5LTA2LzEwMTkyNC9hY2JhYmRlMmRjNTkzODFkMzAyYzhkMmM4ODEyOWE2Ny5qcGc.webp?v=1630051423-WT_YZDo2NzlXe4Yvj...

15 KB
16 KB

18ms
18ms

Image
image/webp

104.19.130.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.adskeeper.co.uk/g/8164889/328x328/0x124x565x565/aHR0cDovL2ltZ2hvc3RzLmNvbS90Yy8yMDE5LTA2LzEwMTkyNC9hY2JhYmRlMmRjNTkzODFkMzAyYzhkMmM4ODEyOWE2Ny5qcGc.webp?v=1630051423-WT_YZDo2NzlXe4YvjFW2DtOVoIjp6uHwcIOuMPM1Ufw
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 104.19.130.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fbfabc91b64aa11c14ed6cfe66d6a9d04973d0b2172bb9f0fa08b13c4728f994

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 08:03:48 GMT
cf-cache-status: HIT
last-modified: Mon, 08 Feb 2021 10:20:30 GMT
x-mg-request-uuid: 08e0f2d5-47fe-49c2-915c-8b9d464babaa
age: 10113080
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6853c9128a3e01db-ZRH
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 15734
server: cloudflare

Redirect headers

pragma: no-cache
date: Fri, 27 Aug 2021 08:03:48 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: b16c444e-4da2-4db1-81b7-28cf0307abe2
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
location: https://s-img.adskeeper.co.uk/g/8164889/328x328/0x124x565x565/aHR0cDovL2ltZ2hvc3RzLmNvbS90Yy8yMDE5LTA2LzEwMTkyNC9hY2JhYmRlMmRjNTkzODFkMzAyYzhkMmM4ODEyOWE2Ny5qcGc.webp?v=1630051423-WT_YZDo2NzlXe4YvjFW2DtOVoIjp6uHwcIOuMPM1Ufw
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 6853c9119a30cc62-ZRH
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
server: cloudflare

GET
H/1.1 200
OK client Show response
wbidr.com/offer/ 6 KB
1 KB 1374ms
1374ms Fetch
application/json 5.79.69.65
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://wbidr.com/offer/client?affid=onw_999762&subid=2266483-2658448306-0&days=8&count=4&adult=undefined
Requested by: Host: click-on-this.art
URL: https://click-on-this.art/plugin/js/bidder.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 5.79.69.65 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: 1d960ed25fa039d2b7dcf595ce6325e1deeb7dad9e2349f0ba135a7f2ae56cd6

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 27 Aug 2021 08:03:51 GMT
content-encoding: gzip
vary: Origin, Accept-Encoding
keep-alive: timeout=5
transfer-encoding: chunked
content-type: application/json; charset=utf-8

GET
H/1.1 200
OK client Show response
wbidr.com/offer/ 6 KB
1 KB 1251ms
1251ms Fetch
application/json 5.79.69.65
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://wbidr.com/offer/client?affid=onw_999762&subid=2266483-2658448306-0&days=8&count=4&adult=undefined
Requested by: Host: click-on-this.art
URL: https://click-on-this.art/plugin/js/bidder.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 5.79.69.65 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: 32a3633d254c95e56758619a18f134a6a88dff40ca18a777c3f037eb4bee1849

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 27 Aug 2021 08:03:50 GMT
content-encoding: gzip
vary: Origin, Accept-Encoding
keep-alive: timeout=5
transfer-encoding: chunked
content-type: application/json; charset=utf-8

GET client
wbidr.com/offer/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: wbidr.com
URL: https://wbidr.com/offer/client?affid=onw_999762&subid=2266483-2658448306-0&days=8&count=4&adult=undefined

Domain: wbidr.com
URL: https://wbidr.com/offer/client?affid=onw_999762&subid=2266483-2658448306-0&days=8&count=4&adult=undefined

Verdicts & Comments Add Verdict or Comment

43 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

c.adskeeper.co.uk
c.mgid.com
cdn.special-offers.online
chat-grupwhatsapp-viral.se.ke
click-on-this.art
crtv.wboptim.online
dexchangeinc.com
elevisions.biz
free-coupons.network
s-img.adskeeper.co.uk
s-img.mgid.com
special-offers.online
tm-offers.gamingadult.com
track.free-coupons.network
wbidder.online
wbidr.com
www.trafyield.com
wbidr.com
104.19.130.80
104.19.136.78
13.225.87.117
2001:41d0:203:2511::3
213.227.149.216
213.227.152.225
2400:6180:100:d0::a68:1001
2a0b:1640:1:1:1:1:c45:4c4f
35.201.117.228
35.201.127.73
5.79.69.65
5.79.77.202
67.27.157.250
0e45e493acc08d474a85af518ccd96ed31c5b7beb7c91521c51b5b8c7611632c
16ce0f7d9635fcb57c2ce46a649d17c9cc7e32819161179f41eea29caf5d5223
1c0130d04d5aebf0d36864fd3918b432839da995583d7975d88dc1d9021d5138
1d960ed25fa039d2b7dcf595ce6325e1deeb7dad9e2349f0ba135a7f2ae56cd6
256e7c3613e9f9c09902bd52d6c3a2507127c0b0767211ab730cf41634075204
2ae833f4464565f0a42688dc6e386f1e2fdfd63ccafe93151404b4c27fa9f8f7
32795840bf212400a162601a31892c9c08c8a818080870ead05fd11539b5a56b
32a3633d254c95e56758619a18f134a6a88dff40ca18a777c3f037eb4bee1849
3ce184b37fa67643a5187da215368b033763615f1f3159b34fcf5983afc4d133
59bc9e5db12dc0b7b9f82471238db4990675b0f6f73bd3e5eb24d727882819b1
6695d270650865abfa1944df5d3bc0deae2b6e67f08a271a63aadfb2698e4faf
789d84e0c80c36c1815959fe4296cfbcb4c2428c484619a44f64bc382f848f3a
9147e56702cac804cff4b646db96efe455be370caeba029965acd0f375d00da1
9b490d5106fdd364fbc4a961cefda9b32cd9a061793b111ef0844aca6c177748
b126582a2dc15643553ecc896192ffe2b58858c39571411ef548013a0be9d258
d2e711e64352c548f83487d7639a54f4a3d70e3f432117efd54abe88ef2348fc
d45b5abed3cde47fe7558387c9dbcbc718628b9bb8b06feb3c83fe42e8c39375
e68a5fa473afa396b513a8a02c197417123b13dc4b0109af33de25d49da9e862
fbfabc91b64aa11c14ed6cfe66d6a9d04973d0b2172bb9f0fa08b13c4728f994

click-on-this.art Open in urlscan Pro 213.227.149.216 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

25 Requests

88 %HTTPS

23 %IPv6

13 Domains

17 Subdomains

8 IPs

5 Countries

608 kBTransfer

640 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

25 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

43 JavaScript Global Variables

0 Cookies

Indicators

click-on-this.art Open in urlscan Pro
213.227.149.216 Public Scan

Screenshot
Live screenshot

Full Image

25
Requests

88 %
HTTPS

23 %
IPv6

13
Domains

17
Subdomains

8
IPs

5
Countries

608 kB
Transfer

640 kB
Size

0
Cookies

25 HTTP transactions
0 data transactions