urlscan.io logo urlscan.io
SecurityTrails logo

www.google.com Open in urlscan Pro
2404:6800:4004:813::2004  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://tinyurl.com/alljp-2022
Effective URL: https://www.google.com/?src=mb&gws_rd=ssl
Submission: On October 04 via manual from JP — Scanned from JP
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 5 countries across 22 domains to perform 39 HTTP transactions. The main IP is 2404:6800:4004:813::2004, located in and belongs to . The main domain is www.google.com.
TLS certificate: Issued by GTS CA 1C3 on September 12th 2022. Valid for: 3 months.
This is the only time www.google.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
2 3 35.201.70.46 15169 (GOOGLE)
1 1 3.0.220.200 16509 (AMAZON-02)
1 1 2603:1040:a01... 8075 (MICROSOFT...)
1 9 213.227.145.147 60781 (LEASEWEB-...)
12 85.17.79.154 60781 (LEASEWEB-...)
13 13 83.149.73.233 60781 (LEASEWEB-...)
4 4 108.168.193.186 36351 (SOFTLAYER)
7 2606:4700:303... 13335 (CLOUDFLAR...)
3 3 108.168.193.183 36351 (SOFTLAYER)
3 6 2606:4700:1::... 13335 (CLOUDFLAR...)
1 1 2603:1040:a01... 8075 (MICROSOFT...)
1 1 85.17.31.90 60781 (LEASEWEB-...)
1 2 108.168.193.189 36351 (SOFTLAYER)
1 185.239.173.82 55081 (24SHELLS)
3 4 2606:4700::68... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 1 209.87.159.121 36444 (NEXCESS-NET)
2 2 69.172.200.185 ()
1 2 2404:6800:400... ()
39 11
1    2606:4700:10::6814:8b41 (United States)

ASN13335 (CLOUDFLARENET, US)
tinyurl.com
1    2606:4700:10::ac43:162d (United States)

ASN13335 (CLOUDFLARENET, US)
www.affforce.com
1    2606:4700:3037::6815:4ce0 (United States)

ASN13335 (CLOUDFLARENET, US)
mcmo22.com
1    2606:4700:3032::6815:4480 (United States)

ASN13335 (CLOUDFLARENET, US)
go.tffkroute.com
3    35.201.70.46 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 46.70.201.35.bc.googleusercontent.com
directdexchange.com
1    3.0.220.200 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-0-220-200.ap-southeast-1.compute.amazonaws.com
marially-watears.icu
1    2603:1040:a01:2::1e (Pune, India)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
go.ts-tracker.me
9    213.227.145.147 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
celeb-hot-treands.com
12    85.17.79.154 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
wbidder2.com
13    83.149.73.233 (Rotterdam, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
crtv.wboptim.online
4    108.168.193.186 (Dallas, United States)

ASN36351 (SOFTLAYER, US)
PTR: ba.c1.a86c.ip4.static.sl-reverse.com
ngp2.picinow.com
7    2606:4700:3038::6815:ebce (United States)

ASN13335 (CLOUDFLARENET, US)
www.ssaimg.com
3    108.168.193.183 (Dallas, United States)

ASN36351 (SOFTLAYER, US)
PTR: b7.c1.a86c.ip4.static.sl-reverse.com
ngp1.picinow.com
6    2606:4700:1::6813:864e (United States)

ASN13335 (CLOUDFLARENET, US)
c.mgid.com
s-img.mgid.com
1    2603:1040:a01:2::2f (Pune, India)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
trk.cpvlabtrk.online
1    85.17.31.90 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
clk.wbidder2.com
2    108.168.193.189 (Dallas, United States)

ASN36351 (SOFTLAYER, US)
PTR: bd.c1.a86c.ip4.static.sl-reverse.com
ngp2.mybetterck.com
p415946.mybetterck.com
1    185.239.173.82 (United Kingdom)

ASN55081 (24SHELLS, US)
abc50.feed-xml.com
4    2606:4700::6812:1bae (United States)

ASN13335 (CLOUDFLARENET, US)
c.adskeeper.co.uk
s-img.adskeeper.co.uk
2    2606:4700::6812:1aae (United States)

ASN13335 (CLOUDFLARENET, US)
s-img.adskeeper.co.uk
1    209.87.159.121 (United States)

ASN36444 (NEXCESS-NET, US)
PTR: host.offers-review.com
offers-reviews.com
2    69.172.200.185 (None, )

ASN- ()
afflat3a1.com
ffatric1.com
2    2404:6800:4004:813::2004 (None, )

ASN- ()
www.google.com
Apex Domain
Subdomains		 Transfer
13 wboptim.online
crtv.wboptim.online — Cisco Umbrella Rank: 9008
9 KB
13 wbidder2.com
wbidder2.com — Cisco Umbrella Rank: 45584
clk.wbidder2.com — Cisco Umbrella Rank: 73112
28 KB
9 celeb-hot-treands.com
celeb-hot-treands.com — Cisco Umbrella Rank: 173699
172 KB
7 ssaimg.com
www.ssaimg.com — Cisco Umbrella Rank: 67156
73 KB
7 picinow.com
ngp2.picinow.com — Cisco Umbrella Rank: 47077
ngp1.picinow.com — Cisco Umbrella Rank: 47533
1 KB
6 adskeeper.co.uk
c.adskeeper.co.uk — Cisco Umbrella Rank: 21801
s-img.adskeeper.co.uk — Cisco Umbrella Rank: 21213
41 KB
6 mgid.com
c.mgid.com — Cisco Umbrella Rank: 4699
s-img.mgid.com — Cisco Umbrella Rank: 4416
50 KB
3 directdexchange.com
directdexchange.com
3 KB
2 google.com
www.google.com
584 B
2 mybetterck.com
ngp2.mybetterck.com — Cisco Umbrella Rank: 528060
p415946.mybetterck.com
2 KB
1 ffatric1.com
ffatric1.com
458 B
1 afflat3a1.com
afflat3a1.com
426 B
1 offers-reviews.com
offers-reviews.com
386 B
1 feed-xml.com
abc50.feed-xml.com — Cisco Umbrella Rank: 75628
412 B
1 cpvlabtrk.online
trk.cpvlabtrk.online — Cisco Umbrella Rank: 71904
2 KB
1 ts-tracker.me
go.ts-tracker.me — Cisco Umbrella Rank: 67581
956 B
1 marially-watears.icu
marially-watears.icu — Cisco Umbrella Rank: 433319
666 B
1 tffkroute.com
go.tffkroute.com — Cisco Umbrella Rank: 256937
503 B
1 mcmo22.com
mcmo22.com — Cisco Umbrella Rank: 237935
755 B
1 affforce.com
www.affforce.com — Cisco Umbrella Rank: 389782
593 B
1 tinyurl.com
tinyurl.com — Cisco Umbrella Rank: 26975
382 B
0 adskeeper.com Failed
c.adskeeper.com Failed
39 22
Domain Requested by
13 crtv.wboptim.online 13 redirects
12 wbidder2.com celeb-hot-treands.com
9 celeb-hot-treands.com 1 redirects directdexchange.com
celeb-hot-treands.com
7 www.ssaimg.com
4 ngp2.picinow.com 4 redirects
3 s-img.adskeeper.co.uk
3 c.adskeeper.co.uk 3 redirects
3 s-img.mgid.com
3 c.mgid.com 3 redirects
3 ngp1.picinow.com 3 redirects
3 directdexchange.com 2 redirects
2 www.google.com 1 redirects p415946.mybetterck.com
1 ffatric1.com 1 redirects
1 afflat3a1.com 1 redirects
1 offers-reviews.com 1 redirects
1 abc50.feed-xml.com
1 p415946.mybetterck.com celeb-hot-treands.com
1 ngp2.mybetterck.com 1 redirects
1 clk.wbidder2.com 1 redirects
1 trk.cpvlabtrk.online 1 redirects
1 go.ts-tracker.me 1 redirects
1 marially-watears.icu 1 redirects
1 go.tffkroute.com 1 redirects
1 mcmo22.com 1 redirects
1 www.affforce.com 1 redirects
1 tinyurl.com 1 redirects
0 c.adskeeper.com Failed
39 27

This site contains no links.

Subject Issuer Validity Valid
directdexchange.com
Sectigo RSA Domain Validation Secure Server CA		 2022-02-16 -
2023-02-16		 a year crt.sh
*.celeb-hot-treands.com
AlphaSSL CA - SHA256 - G2		 2022-03-19 -
2023-04-20		 a year crt.sh
*.wbidder2.com
AlphaSSL CA - SHA256 - G2		 2021-11-12 -
2022-12-14		 a year crt.sh
abc50.feed-xml.com
ZeroSSL ECC Domain Secure Site CA		 2022-10-03 -
2023-01-01		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://www.google.com/?src=mb&gws_rd=ssl
Frame ID: 0AB830FE9F00D094E3CFC909C2F753E8
Requests: 40 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://tinyurl.com/alljp-2022 HTTP 301
    https://www.affforce.com/scripts/un981c6l?a_aid=5bc3eb59&a_bid=70577853&chan=code14 HTTP 301
    https://mcmo22.com/g?visitorid=d1145b926ac1100c7d36a9f3fSAC3y0i&refid=5bc3eb59&bannerid=7057785... HTTP 302
    https://go.tffkroute.com/click?pid=6&offer_id=610&ref_id=d1145b926ac1100c7d36a9f3fSAC3y0i_5bc3eb59_70... HTTP 302
    https://directdexchange.com/jump/next.php?r=3052727&sub1=pcpa1-65bc3eb59-610-5bb69849cab62e50008b4568 Page URL
  2. https://directdexchange.com/jump/next.php?stamat=m%257CL6Y3I2YjaQdH8AH0dEdHP3xP.959%252CS0kXXHXf2ck-DOZ9... HTTP 302
    https://directdexchange.com/script/i.php?stamat=m%257C%252C%252Cg2Z3tjentGU3BJ-GH0dEdHP3xP.ad9%252CIjMIw... HTTP 302
    https://marially-watears.icu/aa9ec921-1a49-4a85-8a21-c0b96a515904?pubid=3052727-4008040375-0&creative=235... HTTP 302
    https://go.ts-tracker.me/15GIEB?subid=aa9ec921-1a49-4a85-8a21-c0b96a515904_3052727-4008040375-0&curre... HTTP 302
    https://celeb-hot-treands.com/lp/y-arrow?cp=8&tag=202021&tag1=musicplayer&tag2=aa9ec921-1a49-4a85-8a21-c0b... HTTP 301
    https://celeb-hot-treands.com/lp/y-arrow/?cp=8&tag=202021&tag1=musicplayer&tag2=aa9ec921-1a49-4a85-8a21-c0... Page URL
  3. https://trk.cpvlabtrk.online/15GtmV?cp=8&tag=202021&tag1=musicplayer&tag2=aa9ec921-1a49-4a85-8a21-c0b96a5... HTTP 302
    https://clk.wbidder2.com/redirect?url=%2F%2Fngp2.mybetterck.com%2FadServe%2FwpnFeed%2FdoClick%3Faucti... HTTP 302
    https://ngp2.mybetterck.com/adServe/wpnFeed/doClick?auctionId=beed0e3f-defe-4964-b619-176403e50419_560_5... HTTP 302
    http://p415946.mybetterck.com/adServe/wpnAdClick?ai=eHdHhnjefhySLXJTUAaXKG4821fGryE7pHfSmpLYG7qliqFZVf5u_9... Page URL
  4. https://offers-reviews.com/tracking202/redirect/dl.php?t202id=939816&t202kw=JP-0.0001-1076553-443034786... HTTP 302
    https://afflat3a1.com/lnk.asp?o=13260&c=918271&a=370597&k=97B9422D65397CB8962ABABC5F3EC9B2&l=16928... HTTP 302
    https://ffatric1.com/def.cfm?i=370597&o=13260&c=JP&d=D&z=0 HTTP 302
    http://www.google.com/?src=mb HTTP 302
    https://www.google.com/?src=mb&gws_rd=ssl Page URL

Page Statistics

39
Requests

59 %
HTTPS

48 %
IPv6

22
Domains

27
Subdomains

11
IPs

5
Countries

364 kB
Transfer

489 kB
Size

15
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://tinyurl.com/alljp-2022 HTTP 301
    https://www.affforce.com/scripts/un981c6l?a_aid=5bc3eb59&a_bid=70577853&chan=code14 HTTP 301
    https://mcmo22.com/g?visitorid=d1145b926ac1100c7d36a9f3fSAC3y0i&refid=5bc3eb59&bannerid=70577853&extra_data1=&extra_data2= HTTP 302
    https://go.tffkroute.com/click?pid=6&offer_id=610&ref_id=d1145b926ac1100c7d36a9f3fSAC3y0i_5bc3eb59_70577853&sub1=5bc3eb59&sub8= HTTP 302
    https://directdexchange.com/jump/next.php?r=3052727&sub1=pcpa1-65bc3eb59-610-5bb69849cab62e50008b4568 Page URL
  2. https://directdexchange.com/jump/next.php?stamat=m%257CL6Y3I2YjaQdH8AH0dEdHP3xP.959%252CS0kXXHXf2ck-DOZ9HRvwuM9aL_G46JdZU-2oa3bmXM-jNynSUdHe-QzhcsxloyCG3vDkJbcIxBTVr2KMhPUwlR7Ro5jmoSIQYUfsbvvr1OwjMUI1Qh_wpkgGcbcHXwmw&cbpage=https://directdexchange.com/jump/next.php?r=3052727&sub1=pcpa1-65bc3eb59-610-5bb69849cab62e50008b4568&cbur=0.45653413053714553&cbtitle=&cbiframe=0&cbWidth=1600&cbHeight=1200&cbdescription=&cbkeywords=&cbref= HTTP 302
    https://directdexchange.com/script/i.php?stamat=m%257C%252C%252Cg2Z3tjentGU3BJ-GH0dEdHP3xP.ad9%252CIjMIwBwnoB0ku9PHF54myY5H0AapN-kFiGHN9ZLAiyrGwovwQR5knS18AwmB-mYhSrDYBbSo2Y0QIEGWHtqtpPVXG48zGIdcmzZSmur2HXczqJL4Ihi0wADEJAR_RDOsn-pmCoVi52c2ePAvgPKWEafcfNngXVkkgK4xyA31MQpaOfOSMx4ag_TaVfsM7La_BgArDFJ9BA6vAwVWfXDb5wb4iePDhb9wwR56uuAO1rD0zJID8b0D9rkJKKuahYfrGATSCUtKb_sf39yUOTrXkLgIJW4bFxU66HDzwF5aFtqhBaGv_8bvttGoOT666zteX6Z5PD2RWyc9wR-R8bjvX0P59zxEP8vDBoGvystwfrpuZxutznURQMhQX9kXVmTwS23FyfJRX6k5wlQil3OMOLJH3xLthG77gjTyH83Uzplpw73C9Z0GP_10Si_PPomYqhKHr7nrKeUZZmL0ix6ZXQ3U-lTVaR_nxxF1xmV2DSFAqvhC-hY5nogECe0NyqwBdg2SIYhbjgfI-MUQ6x_jGbO3aUEk0l8ZcqWHIGOaA8-KbUHcUDoYCzywOJultpSY_AoqHb5eWG-bTZW38LGdqh6Lv_YG1nxblpdk7SLZuYGNZ-j4m7xGG8sm5vhhQEYz1I_zwdq8CSsQLE1_C7tEIg%252C%252C HTTP 302
    https://marially-watears.icu/aa9ec921-1a49-4a85-8a21-c0b96a515904?pubid=3052727-4008040375-0&creative=23518794&ISP=M247%20Ltd&camapignid=308459820&lang=JP&browser=Chrome&platform=Mac%20OS%20X&SSP=&mzone=3052727&IDFA=&cost=&clickid=166487146010000TJPTV436497645654V3f HTTP 302
    https://go.ts-tracker.me/15GIEB?subid=aa9ec921-1a49-4a85-8a21-c0b96a515904_3052727-4008040375-0&currency=&affid=202021&cost=&external_id=APAP02_w3hfssnb9fmc8ggj2a95p802 HTTP 302
    https://celeb-hot-treands.com/lp/y-arrow?cp=8&tag=202021&tag1=musicplayer&tag2=aa9ec921-1a49-4a85-8a21-c0b96a515904_3052727-4008040375-0&tag3=202021&tag4=dating&clickid=6d1516e85900190f0a13f8e899c4dab8-4888-1004&device=Desktop&brand=Desktop&model=Desktop&country=JP&affid=202021&subid=aa9ec921-1a49-4a85-8a21-c0b96a515904_3052727-4008040375-0&ln=Unknown&cid=&useragent={var:useragent}&ip=2001:ac8:40:b5::5e&bv=Chrome%20106&as=pc&gf=12 HTTP 301
    https://celeb-hot-treands.com/lp/y-arrow/?cp=8&tag=202021&tag1=musicplayer&tag2=aa9ec921-1a49-4a85-8a21-c0b96a515904_3052727-4008040375-0&tag3=202021&tag4=dating&clickid=6d1516e85900190f0a13f8e899c4dab8-4888-1004&device=Desktop&brand=Desktop&model=Desktop&country=JP&affid=202021&subid=aa9ec921-1a49-4a85-8a21-c0b96a515904_3052727-4008040375-0&ln=Unknown&cid=&useragent={var:useragent}&ip=2001:ac8:40:b5::5e&bv=Chrome%20106&as=pc&gf=12 Page URL
  3. https://trk.cpvlabtrk.online/15GtmV?cp=8&tag=202021&tag1=musicplayer&tag2=aa9ec921-1a49-4a85-8a21-c0b96a515904_3052727-4008040375-0&tag3=202021&tag4=dating&clickid=6d1516e85900190f0a13f8e899c4dab8-4888-1004&device=Desktop&brand=Desktop&model=Desktop&country=JP&affid=202021&subid=aa9ec921-1a49-4a85-8a21-c0b96a515904_3052727-4008040375-0&ln=Unknown&cid=&useragent=%7Bvar%3Auseragent%7D&ip=2001%3Aac8%3A40%3Ab5%3A%3A5e&bv=Chrome%20106&as=pc&gf=12&onw=1&link=url%3D%252F%252Fngp2.mybetterck.com%252FadServe%252FwpnFeed%252FdoClick%253FauctionId%253Dbeed0e3f-defe-4964-b619-176403e50419_560_525424%2526ai%253D4CybT-qmF3USdQMGrALvtDxZ5446WWdJzmnwzuOt1RE3H-ZABuv0PpxqXWCLGW1VpQOY2oopXohTyYj1rn0tcauJNBBTV-08k4LrxaZm9cy_oBOTDOF2PSvINCjq59V_I1CXm39Us_z7eELTq_yTVHGIMcDk6E1GKaVK4HQzP5A_xxKVSZuRhpsry8d_0fiGUL7aunEnnkQl5n-H2rReAyq4qm_piKVw7_2lWX32UT5M8OGppnYXIjQfPVQJadqwAynEFoqHxWynbznZAT6tNL-ojrwBVaqZ_3KOaG29OdeP5JxnLiEMf69QJALdvNTLtCfusfMtnlkiNCrO5YLjyAHSF8RkVIn8duyxueWqXMHi-K4xdmZeYZnjLvhiTyso2LRq78d80Kg2uPzIu-bjMgEGN2Zk8_VQ2q45u5rsapdcS-8BOvi99uF62pXiSE8B7Uac_Ho06j_NDhaOVMxZyYwN4uFjbIo4XeK_JaMKBehu3Fo_s-omz3J97jQVf9hRFoII2Mxq9bwNtnh233TmJtcl4h-Hp-Y403-2tH9y-wd8KtP81X03R3kr7Hg7H5Xbr-A4yDxIactpUMg6ij8XfHNr0SCj2YFBP8sUppB90IhXvMYORdOEXp_FHNfEhKooIbr4ScI-uON36n1-VC-CuKifHwHvWXoIxb8tkShtl8myBJmW7EcHPTumAeTpY7x42mqi9EcDwDmFCjhA5kocz4dfzLroTowgOMWmM7434roW_rblTMev7BnDgvP9wI_fUdpq6JK-2zj34us1ypuklil9XRSx_gibWnOf0VPlynu_vQApcHdYSlMe5IAvj6TXlj18U6KSPbAIs8ayGIieKRutO5oIZOWv%26s%3D2047%26a%3Dbid_onw_202021%26uA%3Dbid_202021%26sub%3Daa9ec921-1a49-4a85-8a21-c0b96a515904_3052727-4008040375-0%26ts%3D1664871465%26d%3D79%26i%3D4065a1uml8txhfs1%26t%3Dclient%26cbjs%3D%26c%3D8227270100 HTTP 302
    https://clk.wbidder2.com/redirect?url=%2F%2Fngp2.mybetterck.com%2FadServe%2FwpnFeed%2FdoClick%3FauctionId%3Dbeed0e3f-defe-4964-b619-176403e50419_560_525424%26ai%3D4CybT-qmF3USdQMGrALvtDxZ5446WWdJzmnwzuOt1RE3H-ZABuv0PpxqXWCLGW1VpQOY2oopXohTyYj1rn0tcauJNBBTV-08k4LrxaZm9cy_oBOTDOF2PSvINCjq59V_I1CXm39Us_z7eELTq_yTVHGIMcDk6E1GKaVK4HQzP5A_xxKVSZuRhpsry8d_0fiGUL7aunEnnkQl5n-H2rReAyq4qm_piKVw7_2lWX32UT5M8OGppnYXIjQfPVQJadqwAynEFoqHxWynbznZAT6tNL-ojrwBVaqZ_3KOaG29OdeP5JxnLiEMf69QJALdvNTLtCfusfMtnlkiNCrO5YLjyAHSF8RkVIn8duyxueWqXMHi-K4xdmZeYZnjLvhiTyso2LRq78d80Kg2uPzIu-bjMgEGN2Zk8_VQ2q45u5rsapdcS-8BOvi99uF62pXiSE8B7Uac_Ho06j_NDhaOVMxZyYwN4uFjbIo4XeK_JaMKBehu3Fo_s-omz3J97jQVf9hRFoII2Mxq9bwNtnh233TmJtcl4h-Hp-Y403-2tH9y-wd8KtP81X03R3kr7Hg7H5Xbr-A4yDxIactpUMg6ij8XfHNr0SCj2YFBP8sUppB90IhXvMYORdOEXp_FHNfEhKooIbr4ScI-uON36n1-VC-CuKifHwHvWXoIxb8tkShtl8myBJmW7EcHPTumAeTpY7x42mqi9EcDwDmFCjhA5kocz4dfzLroTowgOMWmM7434roW_rblTMev7BnDgvP9wI_fUdpq6JK-2zj34us1ypuklil9XRSx_gibWnOf0VPlynu_vQApcHdYSlMe5IAvj6TXlj18U6KSPbAIs8ayGIieKRutO5oIZOWv&s=2047&a=bid_onw_202021&uA=bid_202021&sub=aa9ec921-1a49-4a85-8a21-c0b96a515904_3052727-4008040375-0&ts=1664871465&d=79&i=4065a1uml8txhfs1&t=client&cbjs=&c=8227270100 HTTP 302
    https://ngp2.mybetterck.com/adServe/wpnFeed/doClick?auctionId=beed0e3f-defe-4964-b619-176403e50419_560_525424&ai=4CybT-qmF3USdQMGrALvtDxZ5446WWdJzmnwzuOt1RE3H-ZABuv0PpxqXWCLGW1VpQOY2oopXohTyYj1rn0tcauJNBBTV-08k4LrxaZm9cy_oBOTDOF2PSvINCjq59V_I1CXm39Us_z7eELTq_yTVHGIMcDk6E1GKaVK4HQzP5A_xxKVSZuRhpsry8d_0fiGUL7aunEnnkQl5n-H2rReAyq4qm_piKVw7_2lWX32UT5M8OGppnYXIjQfPVQJadqwAynEFoqHxWynbznZAT6tNL-ojrwBVaqZ_3KOaG29OdeP5JxnLiEMf69QJALdvNTLtCfusfMtnlkiNCrO5YLjyAHSF8RkVIn8duyxueWqXMHi-K4xdmZeYZnjLvhiTyso2LRq78d80Kg2uPzIu-bjMgEGN2Zk8_VQ2q45u5rsapdcS-8BOvi99uF62pXiSE8B7Uac_Ho06j_NDhaOVMxZyYwN4uFjbIo4XeK_JaMKBehu3Fo_s-omz3J97jQVf9hRFoII2Mxq9bwNtnh233TmJtcl4h-Hp-Y403-2tH9y-wd8KtP81X03R3kr7Hg7H5Xbr-A4yDxIactpUMg6ij8XfHNr0SCj2YFBP8sUppB90IhXvMYORdOEXp_FHNfEhKooIbr4ScI-uON36n1-VC-CuKifHwHvWXoIxb8tkShtl8myBJmW7EcHPTumAeTpY7x42mqi9EcDwDmFCjhA5kocz4dfzLroTowgOMWmM7434roW_rblTMev7BnDgvP9wI_fUdpq6JK-2zj34us1ypuklil9XRSx_gibWnOf0VPlynu_vQApcHdYSlMe5IAvj6TXlj18U6KSPbAIs8ayGIieKRutO5oIZOWv HTTP 302
    http://p415946.mybetterck.com/adServe/wpnAdClick?ai=eHdHhnjefhySLXJTUAaXKG4821fGryE7pHfSmpLYG7qliqFZVf5u_9P-IktRN2sktaBa_pX3DBtiE2Ew9YIiXdepv38QUmTbfCIUPlyaY5RD-IoRiWjmF-kTNyeQmn1NgmGw-kTpOBIPAe_L4WAxrSPMP7Kf2jK2E4Up4F0rxvIA6I4B8spzdfq1VQcFG0q_7cxV8pdl6qd_KczlyjZZuZ6zlSswW_R6FjuED_lYu83SkbnF2ZZTSTOLXBkCsQ1cwdqzLjhhG1WRFmgORM3pNLemXBsUGDaFwZ-ZpHFvH5wqbdo8nAeBMyKsg4OTUwVvff6jBjvVOkMpfV0Usf4Im1pzn9FT5cp7v70AKXB3WEpTHuSAL4-k15Y9fFOikj2wzoaHkUrUW4a5hFb9pGZF8GKzMCbo0inuKUp18T99ijALxdTk72VP09sMkACYP8GijhzaAHtpe_2AH4MJyCgMDGLMX_RFAVuc4mOnJd67jI1QIdxRkmEpU8X0XqtOSLnKdXXexsw_Zw3XJeIfh6fmOEuKbmg6ulf7YruEab8qko7ONJN9yS9DXbwztVY_lrnt_DH1YyhqGN7G-g2gWt8lqAXVfzivY18rb-FdWyjBuVMbegmPq__XE0zw4ammdhci9WaGCOKTlXG99CGOJ-MondPZfS2H2Vmyvzx34vFaVJo&ui=IKaS41W5VyZH2DGTLWTMdlh2V8-nxiox5BqBrDJxXOFv4V1bKMG5Uyi7bzCY-CvIhq2A1ADGJKo&awpm=iYJr_Xlzi3jJVQYaYAGzzA Page URL
  4. https://offers-reviews.com/tracking202/redirect/dl.php?t202id=939816&t202kw=JP-0.0001-1076553-443034786--89438491029-Desktop-Windows+10-Chrome+106-UNKNOWN HTTP 302
    https://afflat3a1.com/lnk.asp?o=13260&c=918271&a=370597&k=97B9422D65397CB8962ABABC5F3EC9B2&l=16928&s2=20715685 HTTP 302
    https://ffatric1.com/def.cfm?i=370597&o=13260&c=JP&d=D&z=0 HTTP 302
    http://www.google.com/?src=mb HTTP 302
    https://www.google.com/?src=mb&gws_rd=ssl Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://tinyurl.com/alljp-2022 HTTP 301
  • https://www.affforce.com/scripts/un981c6l?a_aid=5bc3eb59&a_bid=70577853&chan=code14 HTTP 301
  • https://mcmo22.com/g?visitorid=d1145b926ac1100c7d36a9f3fSAC3y0i&refid=5bc3eb59&bannerid=70577853&extra_data1=&extra_data2= HTTP 302
  • https://go.tffkroute.com/click?pid=6&offer_id=610&ref_id=d1145b926ac1100c7d36a9f3fSAC3y0i_5bc3eb59_70577853&sub1=5bc3eb59&sub8= HTTP 302
  • https://directdexchange.com/jump/next.php?r=3052727&sub1=pcpa1-65bc3eb59-610-5bb69849cab62e50008b4568
Request Chain 1
  • https://directdexchange.com/jump/next.php?stamat=m%257CL6Y3I2YjaQdH8AH0dEdHP3xP.959%252CS0kXXHXf2ck-DOZ9HRvwuM9aL_G46JdZU-2oa3bmXM-jNynSUdHe-QzhcsxloyCG3vDkJbcIxBTVr2KMhPUwlR7Ro5jmoSIQYUfsbvvr1OwjMUI1Qh_wpkgGcbcHXwmw&cbpage=https://directdexchange.com/jump/next.php?r=3052727&sub1=pcpa1-65bc3eb59-610-5bb69849cab62e50008b4568&cbur=0.45653413053714553&cbtitle=&cbiframe=0&cbWidth=1600&cbHeight=1200&cbdescription=&cbkeywords=&cbref= HTTP 302
  • https://directdexchange.com/script/i.php?stamat=m%257C%252C%252Cg2Z3tjentGU3BJ-GH0dEdHP3xP.ad9%252CIjMIwBwnoB0ku9PHF54myY5H0AapN-kFiGHN9ZLAiyrGwovwQR5knS18AwmB-mYhSrDYBbSo2Y0QIEGWHtqtpPVXG48zGIdcmzZSmur2HXczqJL4Ihi0wADEJAR_RDOsn-pmCoVi52c2ePAvgPKWEafcfNngXVkkgK4xyA31MQpaOfOSMx4ag_TaVfsM7La_BgArDFJ9BA6vAwVWfXDb5wb4iePDhb9wwR56uuAO1rD0zJID8b0D9rkJKKuahYfrGATSCUtKb_sf39yUOTrXkLgIJW4bFxU66HDzwF5aFtqhBaGv_8bvttGoOT666zteX6Z5PD2RWyc9wR-R8bjvX0P59zxEP8vDBoGvystwfrpuZxutznURQMhQX9kXVmTwS23FyfJRX6k5wlQil3OMOLJH3xLthG77gjTyH83Uzplpw73C9Z0GP_10Si_PPomYqhKHr7nrKeUZZmL0ix6ZXQ3U-lTVaR_nxxF1xmV2DSFAqvhC-hY5nogECe0NyqwBdg2SIYhbjgfI-MUQ6x_jGbO3aUEk0l8ZcqWHIGOaA8-KbUHcUDoYCzywOJultpSY_AoqHb5eWG-bTZW38LGdqh6Lv_YG1nxblpdk7SLZuYGNZ-j4m7xGG8sm5vhhQEYz1I_zwdq8CSsQLE1_C7tEIg%252C%252C HTTP 302
  • https://marially-watears.icu/aa9ec921-1a49-4a85-8a21-c0b96a515904?pubid=3052727-4008040375-0&creative=23518794&ISP=M247%20Ltd&camapignid=308459820&lang=JP&browser=Chrome&platform=Mac%20OS%20X&SSP=&mzone=3052727&IDFA=&cost=&clickid=166487146010000TJPTV436497645654V3f HTTP 302
  • https://go.ts-tracker.me/15GIEB?subid=aa9ec921-1a49-4a85-8a21-c0b96a515904_3052727-4008040375-0&currency=&affid=202021&cost=&external_id=APAP02_w3hfssnb9fmc8ggj2a95p802 HTTP 302
  • https://celeb-hot-treands.com/lp/y-arrow?cp=8&tag=202021&tag1=musicplayer&tag2=aa9ec921-1a49-4a85-8a21-c0b96a515904_3052727-4008040375-0&tag3=202021&tag4=dating&clickid=6d1516e85900190f0a13f8e899c4dab8-4888-1004&device=Desktop&brand=Desktop&model=Desktop&country=JP&affid=202021&subid=aa9ec921-1a49-4a85-8a21-c0b96a515904_3052727-4008040375-0&ln=Unknown&cid=&useragent={var:useragent}&ip=2001:ac8:40:b5::5e&bv=Chrome%20106&as=pc&gf=12 HTTP 301
  • https://celeb-hot-treands.com/lp/y-arrow/?cp=8&tag=202021&tag1=musicplayer&tag2=aa9ec921-1a49-4a85-8a21-c0b96a515904_3052727-4008040375-0&tag3=202021&tag4=dating&clickid=6d1516e85900190f0a13f8e899c4dab8-4888-1004&device=Desktop&brand=Desktop&model=Desktop&country=JP&affid=202021&subid=aa9ec921-1a49-4a85-8a21-c0b96a515904_3052727-4008040375-0&ln=Unknown&cid=&useragent={var:useragent}&ip=2001:ac8:40:b5::5e&bv=Chrome%20106&as=pc&gf=12
Request Chain 16
  • https://crtv.wboptim.online/icon?url=%2F%2Fngp2.picinow.com%2FadServe%2FwpnFeed%2FgetImage%3FauctionId%3Db955be33-3aaa-410e-973c-aa0f384d1eb8_560_525424%26ai%3D4CybT-qmF3USdQMGrALvtDxZ5446WWdJzmnwzuOt1RE3H-ZABuv0PpxqXWCLGW1VpQOY2oopXohTyYj1rn0tcauJNBBTV-08k4LrxaZm9cy_oBOTDOF2PSvINCjq59V_I1CXm39Us_z7eELTq_yTVHGIMcDk6E1GKaVK4HQzP5A_xxKVSZuRhuc7lnhD3-li-071ecMTSIzfVHbC3kR39c1F32dT0cACJl8mMetby4w7bofOOLh00olgetVytfYzHsORbnUoAyIRvH59C4H2NqX4MnDS15EgsKTI47RoQ0u9SrCEKYE662C7WFHxUiCIF_P9gFdU9dGnYkO0SQ5-aQgpCBPYtKlm_PQQQ2rV7BjsQiqjXX1i1jAfylq-UhqJz05ZqgiRrWH182PunBNIiniR6FUpaphm3HPyqBQ52WwEsZaaAwenuGFPQ2pc4sC6ceIPjC_t3woByGYMpX6usQMoqXDG66DfrrsbFb5XHPfUquSsniViukvwS0Av_VRRGa2q_RldfB5fqD1xt_nysRBHhVMtGph432T3MmdmX_kFaf0jo582hhUFKbHxUs1ijluGm5ikmGkARem2j8d32CYNb-iWwdA0&s=2047&a=bid_onw_202021&uA=bid_202021&sub=aa9ec921-1a49-4a85-8a21-c0b96a515904_3052727-4008040375-0&d=30&ic=1 HTTP 302
  • https://ngp2.picinow.com/adServe/wpnFeed/getImage?auctionId=b955be33-3aaa-410e-973c-aa0f384d1eb8_560_525424&ai=4CybT-qmF3USdQMGrALvtDxZ5446WWdJzmnwzuOt1RE3H-ZABuv0PpxqXWCLGW1VpQOY2oopXohTyYj1rn0tcauJNBBTV-08k4LrxaZm9cy_oBOTDOF2PSvINCjq59V_I1CXm39Us_z7eELTq_yTVHGIMcDk6E1GKaVK4HQzP5A_xxKVSZuRhuc7lnhD3-li-071ecMTSIzfVHbC3kR39c1F32dT0cACJl8mMetby4w7bofOOLh00olgetVytfYzHsORbnUoAyIRvH59C4H2NqX4MnDS15EgsKTI47RoQ0u9SrCEKYE662C7WFHxUiCIF_P9gFdU9dGnYkO0SQ5-aQgpCBPYtKlm_PQQQ2rV7BjsQiqjXX1i1jAfylq-UhqJz05ZqgiRrWH182PunBNIiniR6FUpaphm3HPyqBQ52WwEsZaaAwenuGFPQ2pc4sC6ceIPjC_t3woByGYMpX6usQMoqXDG66DfrrsbFb5XHPfUquSsniViukvwS0Av_VRRGa2q_RldfB5fqD1xt_nysRBHhVMtGph432T3MmdmX_kFaf0jo582hhUFKbHxUs1ijluGm5ikmGkARem2j8d32CYNb-iWwdA0 HTTP 302
  • https://www.ssaimg.com/~OtpGYSWSGuU/49dd8191db04efc3122093ec7903717461341c6ed1a1c1f520c8436b03859f2d.png
Request Chain 17
  • https://crtv.wboptim.online/icon?url=%2F%2Fngp1.picinow.com%2FadServe%2FwpnFeed%2FgetImage%3FauctionId%3D3b6a1ce4-61ff-4cef-95bd-bdf6d4369d1c_560_525424%26ai%3D4CybT-qmF3USdQMGrALvtDxZ5446WWdJzmnwzuOt1RE3H-ZABuv0PpxqXWCLGW1VpQOY2oopXohTyYj1rn0tcS43FQccFwcV0WCERfS8SSv0_0TpO0JyASjpNh7HtwBaepUzbdFP5x-dagyyljyn_Ln7TJmbkR-B7fSgDUcqdGsti9GpwaR4RG0vLDCrIkWkd57OmjwbFiNDrjTNyjo1uys0_VviGQKCfvYbWU1xp2upaxcBf6LIVkKbl3IHxc9AVcBPT8HrdHN27WIoxgnGR-QvylW8PlAZvLOt_0nGenJ7UZcl04A51hicEVlQSt49BdV_OK9jXytv4V1bKMG5U-O9Dj0J43yuIkd67FiA80djDG5YEm8kRx-cCRcbdE15iASx7UpY1uJ1-shC3pulgIR7df6brEBe74iacnLZzhsTEaHG6E4JkYiEzwABBR1_iVZu5p9K4X-oJXV2T9NQMdCivSKAjto3wrWlNhsaXq0774Q9CRtYJauQTlxmUPFA2laugkw__W9Czy-O2Q_7_98wDeyqnKmEJU2iRvXsmsytG1WfQp-16IMkSOz8ICiz&s=2047&a=bid_onw_202021&uA=bid_202337&sub=aa9ec921-1a49-4a85-8a21-c0b96a515904_3052727-4008040375-0&d=72&ic=1 HTTP 302
  • https://ngp1.picinow.com/adServe/wpnFeed/getImage?auctionId=3b6a1ce4-61ff-4cef-95bd-bdf6d4369d1c_560_525424&ai=4CybT-qmF3USdQMGrALvtDxZ5446WWdJzmnwzuOt1RE3H-ZABuv0PpxqXWCLGW1VpQOY2oopXohTyYj1rn0tcS43FQccFwcV0WCERfS8SSv0_0TpO0JyASjpNh7HtwBaepUzbdFP5x-dagyyljyn_Ln7TJmbkR-B7fSgDUcqdGsti9GpwaR4RG0vLDCrIkWkd57OmjwbFiNDrjTNyjo1uys0_VviGQKCfvYbWU1xp2upaxcBf6LIVkKbl3IHxc9AVcBPT8HrdHN27WIoxgnGR-QvylW8PlAZvLOt_0nGenJ7UZcl04A51hicEVlQSt49BdV_OK9jXytv4V1bKMG5U-O9Dj0J43yuIkd67FiA80djDG5YEm8kRx-cCRcbdE15iASx7UpY1uJ1-shC3pulgIR7df6brEBe74iacnLZzhsTEaHG6E4JkYiEzwABBR1_iVZu5p9K4X-oJXV2T9NQMdCivSKAjto3wrWlNhsaXq0774Q9CRtYJauQTlxmUPFA2laugkw__W9Czy-O2Q_7_98wDeyqnKmEJU2iRvXsmsytG1WfQp-16IMkSOz8ICiz HTTP 302
  • https://www.ssaimg.com/~OtpGYSWSGuU/49dd8191db04efc3122093ec7903717461341c6ed1a1c1f520c8436b03859f2d.png
Request Chain 18
  • https://crtv.wboptim.online/icon?url=%2F%2Fngp2.picinow.com%2FadServe%2FwpnFeed%2FgetImage%3FauctionId%3D73269dd8-0f92-4b25-9f6e-00e95fd23de5_560_525424%26ai%3D4CybT-qmF3USdQMGrALvtDxZ5446WWdJzmnwzuOt1RE3H-ZABuv0PpxqXWCLGW1VpQOY2oopXohTyYj1rn0tcauJNBBTV-08k4LrxaZm9cy_oBOTDOF2PSvINCjq59V_I1CXm39Us_z7eELTq_yTVHGIMcDk6E1GKaVK4HQzP5A_xxKVSZuRhqXSTnli9YiaJF49EHyJmObfVHbC3kR39c1F32dT0cACJl8mMetby4w7bofOOLh00olgetVytfYzRI1iIQJN1kwZhTxZP2PMLWkX5ec9NIEz3Qq69Fu5YxiG8ZskVeQ8zWC7WFHxUiCIF_P9gFdU9dGnYkO0SQ5-aQgpCBPYtKlm_PQQQ2rV7BjjdmELcuzIGDAfylq-UhqJz05ZqgiRrWH182PunBNIiniR6FUpaphm3HPyqBQ52WwEsZaaAwenuGFPQ2pc4sC6ceIPjC_t3woByGYMpX6usQMoqXDG66DfrrsbFb5XHPfUquSsniViukvwS0Av_VRRxnrQqAfTzjLZ1UyT-F3Nx9VVt4UD2cU932T3MmdmX_kFaf0jo582hhUFKbHxUs1ijluGm5ikmGkARem2j8d32CYNb-iWwdA0&s=2047&a=bid_onw_202021&uA=bid_202021&sub=aa9ec921-1a49-4a85-8a21-c0b96a515904_3052727-4008040375-0&d=40&ic=1 HTTP 302
  • https://ngp2.picinow.com/adServe/wpnFeed/getImage?auctionId=73269dd8-0f92-4b25-9f6e-00e95fd23de5_560_525424&ai=4CybT-qmF3USdQMGrALvtDxZ5446WWdJzmnwzuOt1RE3H-ZABuv0PpxqXWCLGW1VpQOY2oopXohTyYj1rn0tcauJNBBTV-08k4LrxaZm9cy_oBOTDOF2PSvINCjq59V_I1CXm39Us_z7eELTq_yTVHGIMcDk6E1GKaVK4HQzP5A_xxKVSZuRhqXSTnli9YiaJF49EHyJmObfVHbC3kR39c1F32dT0cACJl8mMetby4w7bofOOLh00olgetVytfYzRI1iIQJN1kwZhTxZP2PMLWkX5ec9NIEz3Qq69Fu5YxiG8ZskVeQ8zWC7WFHxUiCIF_P9gFdU9dGnYkO0SQ5-aQgpCBPYtKlm_PQQQ2rV7BjjdmELcuzIGDAfylq-UhqJz05ZqgiRrWH182PunBNIiniR6FUpaphm3HPyqBQ52WwEsZaaAwenuGFPQ2pc4sC6ceIPjC_t3woByGYMpX6usQMoqXDG66DfrrsbFb5XHPfUquSsniViukvwS0Av_VRRxnrQqAfTzjLZ1UyT-F3Nx9VVt4UD2cU932T3MmdmX_kFaf0jo582hhUFKbHxUs1ijluGm5ikmGkARem2j8d32CYNb-iWwdA0 HTTP 302
  • https://www.ssaimg.com/~OtpGYSWSGuU/49dd8191db04efc3122093ec7903717461341c6ed1a1c1f520c8436b03859f2d.png
Request Chain 19
  • https://crtv.wboptim.online/icon?url=https%3A%2F%2Fc.mgid.com%2Fc%3Fpv%3D2%26v%3D0%7C0%7C0%7C7CMDQpzkUlJdIJYyw2ci9XEYuWed2-JsqoK6vnFxUbW8AI8jwUKFgpqZC8IrI9ZQIauWhxzbWfJ0KGubMf4s_g**%26cid%3D383523%26f%3D1%26h2%3DciSw8JPaNooaj3aQCyVsBmwL_qLa1UqE-T3N8vOgPVU*%26rid%3D05c1fa9e-43bd-11ed-8a30-e4434b374c12%26psid%3Dbid_202021%26iub%3DaHR0cHM6Ly9zLWltZy5tZ2lkLmNvbS9nLzEyNTc4MTg2LzMyOHgzMjgvLS9hSFIwY0RvdkwyTnNMbWx0WjJodmMzUnpMbU52YlM5cGJXZG9MMmx0WVdkbEwyWmxkR05vTDJGeVh6RTZNU3hqWDJacGJHd3NaVjl6YUdGeWNHVnVPakV3TUN4bVgycHdaeXhuWDJaaFkyVnpPbUYxZEc4c2QxODVOakF2YUhSMGNEb3ZMMmx0WjJodmMzUnpMbU52YlM5MEx6SXdNakl0TURFdk1UQXhPVEkwTHpjd01EWmtObUZoTXpBM09ESTNNVFZpWWprM1lXSmxZelUyWW1JM1pHVmhMbXB3WldjLndlYnA_dj0xNjY0ODcxNDY0LVNVTncwTU5nYjZibG1fNEZBZ3VmQ1NBWFpSeDZQNDZDQVBwSU94RWVuejA%3D&s=1000&a=bid_onw_202021&uA=bid_202021&sub=aa9ec921-1a49-4a85-8a21-c0b96a515904_3052727-4008040375-0&d=42&ic=1 HTTP 302
  • https://c.mgid.com/c?pv=2&v=0|0|0|7CMDQpzkUlJdIJYyw2ci9XEYuWed2-JsqoK6vnFxUbW8AI8jwUKFgpqZC8IrI9ZQIauWhxzbWfJ0KGubMf4s_g**&cid=383523&f=1&h2=ciSw8JPaNooaj3aQCyVsBmwL_qLa1UqE-T3N8vOgPVU*&rid=05c1fa9e-43bd-11ed-8a30-e4434b374c12&psid=bid_202021&iub=aHR0cHM6Ly9zLWltZy5tZ2lkLmNvbS9nLzEyNTc4MTg2LzMyOHgzMjgvLS9hSFIwY0RvdkwyTnNMbWx0WjJodmMzUnpMbU52YlM5cGJXZG9MMmx0WVdkbEwyWmxkR05vTDJGeVh6RTZNU3hqWDJacGJHd3NaVjl6YUdGeWNHVnVPakV3TUN4bVgycHdaeXhuWDJaaFkyVnpPbUYxZEc4c2QxODVOakF2YUhSMGNEb3ZMMmx0WjJodmMzUnpMbU52YlM5MEx6SXdNakl0TURFdk1UQXhPVEkwTHpjd01EWmtObUZoTXpBM09ESTNNVFZpWWprM1lXSmxZelUyWW1JM1pHVmhMbXB3WldjLndlYnA_dj0xNjY0ODcxNDY0LVNVTncwTU5nYjZibG1fNEZBZ3VmQ1NBWFpSeDZQNDZDQVBwSU94RWVuejA= HTTP 301
  • https://s-img.mgid.com/g/12578186/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjItMDEvMTAxOTI0LzcwMDZkNmFhMzA3ODI3MTViYjk3YWJlYzU2YmI3ZGVhLmpwZWc.webp?v=1664871464-SUNw0MNgb6blm_4FAgufCSAXZRx6P46CAPpIOxEenz0
Request Chain 20
  • https://crtv.wboptim.online/icon?url=%2F%2Fngp2.picinow.com%2FadServe%2FwpnFeed%2FgetImage%3FauctionId%3Dbeed0e3f-defe-4964-b619-176403e50419_560_525424%26ai%3D4CybT-qmF3USdQMGrALvtDxZ5446WWdJzmnwzuOt1RE3H-ZABuv0PpxqXWCLGW1VpQOY2oopXohTyYj1rn0tcauJNBBTV-08k4LrxaZm9cy_oBOTDOF2PSvINCjq59V_I1CXm39Us_z7eELTq_yTVHGIMcDk6E1GKaVK4HQzP5A_xxKVSZuRhpsry8d_0fiGUL7aunEnnkQl5n-H2rReAyq4qm_piKVw7_2lWX32UT5M8OGppnYXIjQfPVQJadqwAynEFoqHxWynbznZAT6tNL-ojrwBVaqZ_3KOaG29OdeP5JxnLiEMf69QJALdvNTLtCfusfMtnlkiNCrO5YLjyAHSF8RkVIn8duyxueWqXMHi-K4xdmZeYZnjLvhiTyso2LRq78d80Kg2uPzIu-bjMgEGN2Zk8_VQ2q45u5rsapdcS-8BOvi99uF62pXiSE8B7Uac_Ho06j_NDhaOVMxZyYwN4uFjbIo4XeK_JaMKBehu3Fo_s-omz3J97jQVf9hRFoII2Mxq9bwNtnh233TmJtcl4h-Hp-Y403-2tH9y-wd8KtP81X03R3kr7Hg7H5Xbr-A4yDxIacutDcRIs78ujt0Azp-j8QGh&s=2047&a=bid_onw_202021&uA=bid_202021&sub=aa9ec921-1a49-4a85-8a21-c0b96a515904_3052727-4008040375-0&d=79&ic=1 HTTP 302
  • https://ngp2.picinow.com/adServe/wpnFeed/getImage?auctionId=beed0e3f-defe-4964-b619-176403e50419_560_525424&ai=4CybT-qmF3USdQMGrALvtDxZ5446WWdJzmnwzuOt1RE3H-ZABuv0PpxqXWCLGW1VpQOY2oopXohTyYj1rn0tcauJNBBTV-08k4LrxaZm9cy_oBOTDOF2PSvINCjq59V_I1CXm39Us_z7eELTq_yTVHGIMcDk6E1GKaVK4HQzP5A_xxKVSZuRhpsry8d_0fiGUL7aunEnnkQl5n-H2rReAyq4qm_piKVw7_2lWX32UT5M8OGppnYXIjQfPVQJadqwAynEFoqHxWynbznZAT6tNL-ojrwBVaqZ_3KOaG29OdeP5JxnLiEMf69QJALdvNTLtCfusfMtnlkiNCrO5YLjyAHSF8RkVIn8duyxueWqXMHi-K4xdmZeYZnjLvhiTyso2LRq78d80Kg2uPzIu-bjMgEGN2Zk8_VQ2q45u5rsapdcS-8BOvi99uF62pXiSE8B7Uac_Ho06j_NDhaOVMxZyYwN4uFjbIo4XeK_JaMKBehu3Fo_s-omz3J97jQVf9hRFoII2Mxq9bwNtnh233TmJtcl4h-Hp-Y403-2tH9y-wd8KtP81X03R3kr7Hg7H5Xbr-A4yDxIacutDcRIs78ujt0Azp-j8QGh HTTP 302
  • https://www.ssaimg.com/~OtpGYSWSGuU/49dd8191db04efc3122093ec7903717461341c6ed1a1c1f520c8436b03859f2d.png
Request Chain 21
  • https://trk.cpvlabtrk.online/15GtmV?cp=8&tag=202021&tag1=musicplayer&tag2=aa9ec921-1a49-4a85-8a21-c0b96a515904_3052727-4008040375-0&tag3=202021&tag4=dating&clickid=6d1516e85900190f0a13f8e899c4dab8-4888-1004&device=Desktop&brand=Desktop&model=Desktop&country=JP&affid=202021&subid=aa9ec921-1a49-4a85-8a21-c0b96a515904_3052727-4008040375-0&ln=Unknown&cid=&useragent=%7Bvar%3Auseragent%7D&ip=2001%3Aac8%3A40%3Ab5%3A%3A5e&bv=Chrome%20106&as=pc&gf=12&onw=1&link=url%3D%252F%252Fngp2.mybetterck.com%252FadServe%252FwpnFeed%252FdoClick%253FauctionId%253Dbeed0e3f-defe-4964-b619-176403e50419_560_525424%2526ai%253D4CybT-qmF3USdQMGrALvtDxZ5446WWdJzmnwzuOt1RE3H-ZABuv0PpxqXWCLGW1VpQOY2oopXohTyYj1rn0tcauJNBBTV-08k4LrxaZm9cy_oBOTDOF2PSvINCjq59V_I1CXm39Us_z7eELTq_yTVHGIMcDk6E1GKaVK4HQzP5A_xxKVSZuRhpsry8d_0fiGUL7aunEnnkQl5n-H2rReAyq4qm_piKVw7_2lWX32UT5M8OGppnYXIjQfPVQJadqwAynEFoqHxWynbznZAT6tNL-ojrwBVaqZ_3KOaG29OdeP5JxnLiEMf69QJALdvNTLtCfusfMtnlkiNCrO5YLjyAHSF8RkVIn8duyxueWqXMHi-K4xdmZeYZnjLvhiTyso2LRq78d80Kg2uPzIu-bjMgEGN2Zk8_VQ2q45u5rsapdcS-8BOvi99uF62pXiSE8B7Uac_Ho06j_NDhaOVMxZyYwN4uFjbIo4XeK_JaMKBehu3Fo_s-omz3J97jQVf9hRFoII2Mxq9bwNtnh233TmJtcl4h-Hp-Y403-2tH9y-wd8KtP81X03R3kr7Hg7H5Xbr-A4yDxIactpUMg6ij8XfHNr0SCj2YFBP8sUppB90IhXvMYORdOEXp_FHNfEhKooIbr4ScI-uON36n1-VC-CuKifHwHvWXoIxb8tkShtl8myBJmW7EcHPTumAeTpY7x42mqi9EcDwDmFCjhA5kocz4dfzLroTowgOMWmM7434roW_rblTMev7BnDgvP9wI_fUdpq6JK-2zj34us1ypuklil9XRSx_gibWnOf0VPlynu_vQApcHdYSlMe5IAvj6TXlj18U6KSPbAIs8ayGIieKRutO5oIZOWv%26s%3D2047%26a%3Dbid_onw_202021%26uA%3Dbid_202021%26sub%3Daa9ec921-1a49-4a85-8a21-c0b96a515904_3052727-4008040375-0%26ts%3D1664871465%26d%3D79%26i%3D4065a1uml8txhfs1%26t%3Dclient%26cbjs%3D%26c%3D8227270100 HTTP 302
  • https://clk.wbidder2.com/redirect?url=%2F%2Fngp2.mybetterck.com%2FadServe%2FwpnFeed%2FdoClick%3FauctionId%3Dbeed0e3f-defe-4964-b619-176403e50419_560_525424%26ai%3D4CybT-qmF3USdQMGrALvtDxZ5446WWdJzmnwzuOt1RE3H-ZABuv0PpxqXWCLGW1VpQOY2oopXohTyYj1rn0tcauJNBBTV-08k4LrxaZm9cy_oBOTDOF2PSvINCjq59V_I1CXm39Us_z7eELTq_yTVHGIMcDk6E1GKaVK4HQzP5A_xxKVSZuRhpsry8d_0fiGUL7aunEnnkQl5n-H2rReAyq4qm_piKVw7_2lWX32UT5M8OGppnYXIjQfPVQJadqwAynEFoqHxWynbznZAT6tNL-ojrwBVaqZ_3KOaG29OdeP5JxnLiEMf69QJALdvNTLtCfusfMtnlkiNCrO5YLjyAHSF8RkVIn8duyxueWqXMHi-K4xdmZeYZnjLvhiTyso2LRq78d80Kg2uPzIu-bjMgEGN2Zk8_VQ2q45u5rsapdcS-8BOvi99uF62pXiSE8B7Uac_Ho06j_NDhaOVMxZyYwN4uFjbIo4XeK_JaMKBehu3Fo_s-omz3J97jQVf9hRFoII2Mxq9bwNtnh233TmJtcl4h-Hp-Y403-2tH9y-wd8KtP81X03R3kr7Hg7H5Xbr-A4yDxIactpUMg6ij8XfHNr0SCj2YFBP8sUppB90IhXvMYORdOEXp_FHNfEhKooIbr4ScI-uON36n1-VC-CuKifHwHvWXoIxb8tkShtl8myBJmW7EcHPTumAeTpY7x42mqi9EcDwDmFCjhA5kocz4dfzLroTowgOMWmM7434roW_rblTMev7BnDgvP9wI_fUdpq6JK-2zj34us1ypuklil9XRSx_gibWnOf0VPlynu_vQApcHdYSlMe5IAvj6TXlj18U6KSPbAIs8ayGIieKRutO5oIZOWv&s=2047&a=bid_onw_202021&uA=bid_202021&sub=aa9ec921-1a49-4a85-8a21-c0b96a515904_3052727-4008040375-0&ts=1664871465&d=79&i=4065a1uml8txhfs1&t=client&cbjs=&c=8227270100 HTTP 302
  • https://ngp2.mybetterck.com/adServe/wpnFeed/doClick?auctionId=beed0e3f-defe-4964-b619-176403e50419_560_525424&ai=4CybT-qmF3USdQMGrALvtDxZ5446WWdJzmnwzuOt1RE3H-ZABuv0PpxqXWCLGW1VpQOY2oopXohTyYj1rn0tcauJNBBTV-08k4LrxaZm9cy_oBOTDOF2PSvINCjq59V_I1CXm39Us_z7eELTq_yTVHGIMcDk6E1GKaVK4HQzP5A_xxKVSZuRhpsry8d_0fiGUL7aunEnnkQl5n-H2rReAyq4qm_piKVw7_2lWX32UT5M8OGppnYXIjQfPVQJadqwAynEFoqHxWynbznZAT6tNL-ojrwBVaqZ_3KOaG29OdeP5JxnLiEMf69QJALdvNTLtCfusfMtnlkiNCrO5YLjyAHSF8RkVIn8duyxueWqXMHi-K4xdmZeYZnjLvhiTyso2LRq78d80Kg2uPzIu-bjMgEGN2Zk8_VQ2q45u5rsapdcS-8BOvi99uF62pXiSE8B7Uac_Ho06j_NDhaOVMxZyYwN4uFjbIo4XeK_JaMKBehu3Fo_s-omz3J97jQVf9hRFoII2Mxq9bwNtnh233TmJtcl4h-Hp-Y403-2tH9y-wd8KtP81X03R3kr7Hg7H5Xbr-A4yDxIactpUMg6ij8XfHNr0SCj2YFBP8sUppB90IhXvMYORdOEXp_FHNfEhKooIbr4ScI-uON36n1-VC-CuKifHwHvWXoIxb8tkShtl8myBJmW7EcHPTumAeTpY7x42mqi9EcDwDmFCjhA5kocz4dfzLroTowgOMWmM7434roW_rblTMev7BnDgvP9wI_fUdpq6JK-2zj34us1ypuklil9XRSx_gibWnOf0VPlynu_vQApcHdYSlMe5IAvj6TXlj18U6KSPbAIs8ayGIieKRutO5oIZOWv HTTP 302
  • http://p415946.mybetterck.com/adServe/wpnAdClick?ai=eHdHhnjefhySLXJTUAaXKG4821fGryE7pHfSmpLYG7qliqFZVf5u_9P-IktRN2sktaBa_pX3DBtiE2Ew9YIiXdepv38QUmTbfCIUPlyaY5RD-IoRiWjmF-kTNyeQmn1NgmGw-kTpOBIPAe_L4WAxrSPMP7Kf2jK2E4Up4F0rxvIA6I4B8spzdfq1VQcFG0q_7cxV8pdl6qd_KczlyjZZuZ6zlSswW_R6FjuED_lYu83SkbnF2ZZTSTOLXBkCsQ1cwdqzLjhhG1WRFmgORM3pNLemXBsUGDaFwZ-ZpHFvH5wqbdo8nAeBMyKsg4OTUwVvff6jBjvVOkMpfV0Usf4Im1pzn9FT5cp7v70AKXB3WEpTHuSAL4-k15Y9fFOikj2wzoaHkUrUW4a5hFb9pGZF8GKzMCbo0inuKUp18T99ijALxdTk72VP09sMkACYP8GijhzaAHtpe_2AH4MJyCgMDGLMX_RFAVuc4mOnJd67jI1QIdxRkmEpU8X0XqtOSLnKdXXexsw_Zw3XJeIfh6fmOEuKbmg6ulf7YruEab8qko7ONJN9yS9DXbwztVY_lrnt_DH1YyhqGN7G-g2gWt8lqAXVfzivY18rb-FdWyjBuVMbegmPq__XE0zw4ammdhci9WaGCOKTlXG99CGOJ-MondPZfS2H2Vmyvzx34vFaVJo&ui=IKaS41W5VyZH2DGTLWTMdlh2V8-nxiox5BqBrDJxXOFv4V1bKMG5Uyi7bzCY-CvIhq2A1ADGJKo&awpm=iYJr_Xlzi3jJVQYaYAGzzA
Request Chain 28
  • https://crtv.wboptim.online/icon?url=https%3A%2F%2Fc.mgid.com%2Fc%3Fpv%3D2%26v%3D0%7C0%7C0%7C97aFAF0_VzwFL3_ZsWIpwLye7JREsayNOA8z-D13NYOTbQ6_0oqn7omUIQ2nVurWmADt2ilLdPc-XL2-QULHQg**%26cid%3D383523%26f%3D1%26h2%3DciSw8JPaNooaj3aQCyVsBmwL_qLa1UqE-T3N8vOgPVU*%26rid%3D073b03c9-43bd-11ed-83a2-e4434b374bc6%26psid%3Dbid_202021%26iub%3DaHR0cHM6Ly9zLWltZy5tZ2lkLmNvbS9nLzgxOTM1MTkvMzI4eDMyOC8xMDV4MHg0MjF4NDIxL2FIUjBjRG92TDJsdFoyaHZjM1J6TG1OdmJTOTBMekl3TWpFdE1ERXZNVEF4T1RJMEx6azJaRGhpTmpCbU5HSmxZV0V4WVdFNFlXSm1OalU1TTJFd05XVXpNV0l5TG1wd1pXYy53ZWJwP3Y9MTY2NDg3MTQ2Ni1HXy1JUFJBRHlxMXpiS2NNd2VIUVhkUl9HeXBZS20zTUU1VGR5ekkzelpz&s=1000&a=bid_onw_202021&uA=bid_202021&sub=aa9ec921-1a49-4a85-8a21-c0b96a515904_3052727-4008040375-0&d=56&ic=1 HTTP 302
  • https://c.mgid.com/c?pv=2&v=0|0|0|97aFAF0_VzwFL3_ZsWIpwLye7JREsayNOA8z-D13NYOTbQ6_0oqn7omUIQ2nVurWmADt2ilLdPc-XL2-QULHQg**&cid=383523&f=1&h2=ciSw8JPaNooaj3aQCyVsBmwL_qLa1UqE-T3N8vOgPVU*&rid=073b03c9-43bd-11ed-83a2-e4434b374bc6&psid=bid_202021&iub=aHR0cHM6Ly9zLWltZy5tZ2lkLmNvbS9nLzgxOTM1MTkvMzI4eDMyOC8xMDV4MHg0MjF4NDIxL2FIUjBjRG92TDJsdFoyaHZjM1J6TG1OdmJTOTBMekl3TWpFdE1ERXZNVEF4T1RJMEx6azJaRGhpTmpCbU5HSmxZV0V4WVdFNFlXSm1OalU1TTJFd05XVXpNV0l5TG1wd1pXYy53ZWJwP3Y9MTY2NDg3MTQ2Ni1HXy1JUFJBRHlxMXpiS2NNd2VIUVhkUl9HeXBZS20zTUU1VGR5ekkzelpz HTTP 301
  • https://s-img.mgid.com/g/8193519/328x328/105x0x421x421/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjEtMDEvMTAxOTI0Lzk2ZDhiNjBmNGJlYWExYWE4YWJmNjU5M2EwNWUzMWIyLmpwZWc.webp?v=1664871466-G_-IPRADyq1zbKcMweHQXdR_GypYKm3ME5TdyzI3zZs
Request Chain 30
  • https://crtv.wboptim.online/icon?url=https%3A%2F%2Fabc50.feed-xml.com%2Ftracking%2Ficon%3Fadid%3DT1664871466U320E542678E80C3A_557709_582308&s=2055&a=bid_onw_202021&uA=a_233397&sub=aa9ec921-1a49-4a85-8a21-c0b96a515904_3052727-4008040375-0&d=56&ic=1 HTTP 302
  • https://abc50.feed-xml.com/tracking/icon?adid=T1664871466U320E542678E80C3A_557709_582308 HTTP 302
  • https://c.adskeeper.com/c?pv=2&v=0|0|0|97aFAF0_VzwFL3_ZsWIpwH6_pIUcwglBE5smFdvMgmqPT1Jlx244IIa-wQcTsbyFIYiZXoOiM_1x8Zmu2uZvMg**&cid=1149008&f=1&h2=ciSw8JPaNooaj3aQCyVsBmwL_qLa1UqE-T3N8vOgPVU*&rid=073aac49-43bd-11ed-a196-e4434b151302&psid=a_233397&iub=aHR0cHM6Ly9zLWltZy5hZHNrZWVwZXIuY29tL2cvMTM3ODA2MjcvMzI4eDMyOC8tL2FIUjBjRG92TDJOc0xtbHRaMmh2YzNSekxtTnZiUzlwYldkb0wybHRZV2RsTDJabGRHTm9MMkZ5WHpFNk1TeGpYMlpwYkd3c1pWOXphR0Z5Y0dWdU9qRXdNQ3htWDJwd1p5eG5YMlpoWTJWek9tRjFkRzhzY1Y5aGRYUnZPbWR2YjJRc2QxODVOakF2YUhSMGNEb3ZMMmx0WjJodmMzUnpMbU52YlM5MEx6SXdNakl0TURjdk1UQXhPVEkwTHpsbE1Ea3dNMlkwT1RjM00yVmxNbU5sWXpFd056bGpOalV3TVRrNVlXUXlMbXB3WldjLndlYnA_dj0xNjY0ODcxNDY2LS02QW5nZFNPUURTOEtDcUd5T3ZSZHE0UksweUd1QmhfbGNWOEJVZXQ4V1E=
Request Chain 31
  • https://crtv.wboptim.online/icon?url=%2F%2Fngp2.picinow.com%2FadServe%2FwpnFeed%2FgetImage%3FauctionId%3Dfd33eea8-3e7b-4616-b232-a925e7fcd242_560_525424%26ai%3D4CybT-qmF3USdQMGrALvtDxZ5446WWdJzmnwzuOt1RE3H-ZABuv0PpxqXWCLGW1VpQOY2oopXohTyYj1rn0tcauJNBBTV-08k4LrxaZm9cy_oBOTDOF2PSvINCjq59V_I1CXm39Us_z7eELTq_yTVHGIMcDk6E1GKaVK4HQzP5A_xxKVSZuRhhysKjQOSNV1S4puaDq6V_vfVHbC3kR39c1F32dT0cACJl8mMetby4w7bofOOLh00olgetVytfYzfZf_qgvPM7Lnjba6kgOo1BakYi8iUHTrEc3wBkWiTlpKa2RBQVqrGGC7WFHxUiCIF_P9gFdU9dGnYkO0SQ5-aQgpCBPYtKlm_PQQQ2rV7BgrHpkcWpI5cDAfylq-UhqJz05ZqgiRrWH182PunBNIiniR6FUpaphm3HPyqBQ52WwEsZaaAwenuGFPQ2pc4sC6ceIPjC_t3woByGYMpX6usQMoqXDG66DfrrsbFb5XHPfUquSsniViukvwS0Av_VRRxnrQqAfTzjLUIG1Olq5-nB4yszvkizSK32T3MmdmX_kFaf0jo582hhUFKbHxUs1ijluGm5ikmGkARem2j8d32CYNb-iWwdA0&s=2047&a=bid_onw_202021&uA=bid_202021&sub=aa9ec921-1a49-4a85-8a21-c0b96a515904_3052727-4008040375-0&d=56&ic=1 HTTP 302
  • https://ngp2.picinow.com/adServe/wpnFeed/getImage?auctionId=fd33eea8-3e7b-4616-b232-a925e7fcd242_560_525424&ai=4CybT-qmF3USdQMGrALvtDxZ5446WWdJzmnwzuOt1RE3H-ZABuv0PpxqXWCLGW1VpQOY2oopXohTyYj1rn0tcauJNBBTV-08k4LrxaZm9cy_oBOTDOF2PSvINCjq59V_I1CXm39Us_z7eELTq_yTVHGIMcDk6E1GKaVK4HQzP5A_xxKVSZuRhhysKjQOSNV1S4puaDq6V_vfVHbC3kR39c1F32dT0cACJl8mMetby4w7bofOOLh00olgetVytfYzfZf_qgvPM7Lnjba6kgOo1BakYi8iUHTrEc3wBkWiTlpKa2RBQVqrGGC7WFHxUiCIF_P9gFdU9dGnYkO0SQ5-aQgpCBPYtKlm_PQQQ2rV7BgrHpkcWpI5cDAfylq-UhqJz05ZqgiRrWH182PunBNIiniR6FUpaphm3HPyqBQ52WwEsZaaAwenuGFPQ2pc4sC6ceIPjC_t3woByGYMpX6usQMoqXDG66DfrrsbFb5XHPfUquSsniViukvwS0Av_VRRxnrQqAfTzjLUIG1Olq5-nB4yszvkizSK32T3MmdmX_kFaf0jo582hhUFKbHxUs1ijluGm5ikmGkARem2j8d32CYNb-iWwdA0 HTTP 302
  • https://www.ssaimg.com/~OtpGYSWSGuU/49dd8191db04efc3122093ec7903717461341c6ed1a1c1f520c8436b03859f2d.png
Request Chain 32
  • https://crtv.wboptim.online/icon?url=https%3A%2F%2Fc.mgid.com%2Fc%3Fpv%3D2%26v%3D0%7C0%7C0%7C97aFAF0_VzwFL3_ZsWIpwCXq2ff0W8Nw0RllLCnsvEC8AI8jwUKFgpqZC8IrI9ZQey_5SYfYsY6J7x6gRxjA_g**%26cid%3D383523%26f%3D1%26h2%3DciSw8JPaNooaj3aQCyVsBmwL_qLa1UqE-T3N8vOgPVU*%26rid%3D07379ead-43bd-11ed-8139-e4434b151356%26psid%3Dbid_202846%26iub%3DaHR0cHM6Ly9zLWltZy5tZ2lkLmNvbS9nLzEzNDA0Nzg4LzMyOHgzMjgvLS9hSFIwY0RvdkwyTnNMbWx0WjJodmMzUnpMbU52YlM5cGJXZG9MMmx0WVdkbEwyWmxkR05vTDJGeVh6RTZNU3hqWDJacGJHd3NaVjl6YUdGeWNHVnVPakV3TUN4bVgycHdaeXhuWDJaaFkyVnpPbUYxZEc4c2NWOWhkWFJ2T21kdmIyUXNkMTg1TmpBdmFIUjBjRG92TDJsdFoyaHZjM1J6TG1OdmJTOTBMekl3TWpJdE1EWXZNVEF4T1RJMEwyVTNOekk0WVRCa05UUXpZV0ZsTmpneU0yUmhObVptTkdObE9ETTJNR05rTG1wd1pXYy53ZWJwP3Y9MTY2NDg3MTQ2Ni15VEpvWktJRDY4REVXaURHVHNfV0gta0w1RWpFbVlhZlZ6THhXcmZ4eVFR&s=1000&a=bid_onw_202021&uA=bid_202846&sub=aa9ec921-1a49-4a85-8a21-c0b96a515904_3052727-4008040375-0&d=55&ic=1 HTTP 302
  • https://c.mgid.com/c?pv=2&v=0|0|0|97aFAF0_VzwFL3_ZsWIpwCXq2ff0W8Nw0RllLCnsvEC8AI8jwUKFgpqZC8IrI9ZQey_5SYfYsY6J7x6gRxjA_g**&cid=383523&f=1&h2=ciSw8JPaNooaj3aQCyVsBmwL_qLa1UqE-T3N8vOgPVU*&rid=07379ead-43bd-11ed-8139-e4434b151356&psid=bid_202846&iub=aHR0cHM6Ly9zLWltZy5tZ2lkLmNvbS9nLzEzNDA0Nzg4LzMyOHgzMjgvLS9hSFIwY0RvdkwyTnNMbWx0WjJodmMzUnpMbU52YlM5cGJXZG9MMmx0WVdkbEwyWmxkR05vTDJGeVh6RTZNU3hqWDJacGJHd3NaVjl6YUdGeWNHVnVPakV3TUN4bVgycHdaeXhuWDJaaFkyVnpPbUYxZEc4c2NWOWhkWFJ2T21kdmIyUXNkMTg1TmpBdmFIUjBjRG92TDJsdFoyaHZjM1J6TG1OdmJTOTBMekl3TWpJdE1EWXZNVEF4T1RJMEwyVTNOekk0WVRCa05UUXpZV0ZsTmpneU0yUmhObVptTkdObE9ETTJNR05rTG1wd1pXYy53ZWJwP3Y9MTY2NDg3MTQ2Ni15VEpvWktJRDY4REVXaURHVHNfV0gta0w1RWpFbVlhZlZ6THhXcmZ4eVFR HTTP 301
  • https://s-img.mgid.com/g/13404788/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjItMDYvMTAxOTI0L2U3NzI4YTBkNTQzYWFlNjgyM2RhNmZmNGNlODM2MGNkLmpwZWc.webp?v=1664871466-yTJoZKID68DEWiDGTs_WH-kL5EjEmYafVzLxWrfxyQQ
Request Chain 33
  • https://crtv.wboptim.online/icon?url=%2F%2Fngp1.picinow.com%2FadServe%2FwpnFeed%2FgetImage%3FauctionId%3D2206e3e9-ccb8-476e-a291-19a945b28dc4_560_525424%26ai%3D4CybT-qmF3USdQMGrALvtDxZ5446WWdJzmnwzuOt1RE3H-ZABuv0PpxqXWCLGW1VpQOY2oopXohTyYj1rn0tcauJNBBTV-08k4LrxaZm9cy_oBOTDOF2PSvINCjq59V_I1CXm39Us_z7eELTq_yTVHGIMcDk6E1GKaVK4HQzP5A_xxKVSZuRhiVC-BfzccxnppExO1ck-1Ul5n-H2rReAyq4qm_piKVw7_2lWX32UT5M8OGppnYXIjQfPVQJadqwhp23pA5xD-DxaMeVf_kUldWAvnWhNZ6dnsjFfGI7oBLFVHimX_hYSbMykVp6NxNgtCfusfMtnlkiNCrO5YLjyAHSF8RkVIn8duyxueWqXMG6Z-a60EtKQJnjLvhiTyso2LRq78d80Kg2uPzIu-bjMgEGN2Zk8_VQ2q45u5rsapdcS-8BOvi99uF62pXiSE8B7Uac_Ho06j_NDhaOVMxZyYwN4uFjbIo4XeK_JaMKBehu3Fo_s-omz3J97jQVf9hRFoII2Mxq9bw1IwYpIDiWv4nN_dhASy0nT6sEl_O-_y98KtP81X03R3kr7Hg7H5Xbr-A4yDxIacutDcRIs78ujt0Azp-j8QGh&s=2047&a=bid_onw_202021&uA=bid_202021&sub=aa9ec921-1a49-4a85-8a21-c0b96a515904_3052727-4008040375-0&d=24&ic=1 HTTP 302
  • https://ngp1.picinow.com/adServe/wpnFeed/getImage?auctionId=2206e3e9-ccb8-476e-a291-19a945b28dc4_560_525424&ai=4CybT-qmF3USdQMGrALvtDxZ5446WWdJzmnwzuOt1RE3H-ZABuv0PpxqXWCLGW1VpQOY2oopXohTyYj1rn0tcauJNBBTV-08k4LrxaZm9cy_oBOTDOF2PSvINCjq59V_I1CXm39Us_z7eELTq_yTVHGIMcDk6E1GKaVK4HQzP5A_xxKVSZuRhiVC-BfzccxnppExO1ck-1Ul5n-H2rReAyq4qm_piKVw7_2lWX32UT5M8OGppnYXIjQfPVQJadqwhp23pA5xD-DxaMeVf_kUldWAvnWhNZ6dnsjFfGI7oBLFVHimX_hYSbMykVp6NxNgtCfusfMtnlkiNCrO5YLjyAHSF8RkVIn8duyxueWqXMG6Z-a60EtKQJnjLvhiTyso2LRq78d80Kg2uPzIu-bjMgEGN2Zk8_VQ2q45u5rsapdcS-8BOvi99uF62pXiSE8B7Uac_Ho06j_NDhaOVMxZyYwN4uFjbIo4XeK_JaMKBehu3Fo_s-omz3J97jQVf9hRFoII2Mxq9bw1IwYpIDiWv4nN_dhASy0nT6sEl_O-_y98KtP81X03R3kr7Hg7H5Xbr-A4yDxIacutDcRIs78ujt0Azp-j8QGh HTTP 302
  • https://www.ssaimg.com/~OtpGYSWSGuU/49dd8191db04efc3122093ec7903717461341c6ed1a1c1f520c8436b03859f2d.png
Request Chain 34
  • https://crtv.wboptim.online/icon?url=https%3A%2F%2Fc.adskeeper.co.uk%2Fc%3Fpv%3D2%26v%3D0%7C0%7C0%7C97aFAF0_VzwFL3_ZsWIpwPr0W9hNS1tfH17AaiKQQsdJmxTOWb8NiXz9CZyJO0vu-rUwrRpqTSPlw4R5YTKMkg**%26cid%3D721392%26f%3D1%26h2%3DciSw8JPaNooaj3aQCyVsBmwL_qLa1UqE-T3N8vOgPVU*%26rid%3D0736d810-43bd-11ed-9a13-e4434b374cb2%26psid%3Dbid_202021%26iub%3DaHR0cHM6Ly9zLWltZy5hZHNrZWVwZXIuY28udWsvZy8xNDEzNzQxNy8zMjh4MzI4Ly0vYUhSMGNEb3ZMMk5zTG1sdFoyaHZjM1J6TG1OdmJTOXBiV2RvTDJsdFlXZGxMMlpsZEdOb0wyRnlYekU2TVN4algyWnBiR3dzWlY5emFHRnljR1Z1T2pFd01DeG1YMnB3Wnl4blgyWmhZMlZ6T21GMWRHOHNjVjloZFhSdk9tZHZiMlFzZDE4NU5qQXZhSFIwY0RvdkwybHRaMmh2YzNSekxtTnZiUzkwTHpJd01qSXRNRGd2TVRBeE9USTBMek5tWldWak1XSmhObUZpTkdNME9ERm1OMkl3WXpNMll6UTVaR1UxTmpsaUxtcHdaV2Mud2VicD92PTE2NjQ4NzE0NjYtT0lERm1QbFhjMWFUejltWjJ1Vndadzd2TUd1VUpXR2E1TzVYamZhc1RQUQ%3D%3D&s=1060&a=bid_onw_202021&uA=bid_202021&sub=aa9ec921-1a49-4a85-8a21-c0b96a515904_3052727-4008040375-0&d=5&ic=1 HTTP 302
  • https://c.adskeeper.co.uk/c?pv=2&v=0|0|0|97aFAF0_VzwFL3_ZsWIpwPr0W9hNS1tfH17AaiKQQsdJmxTOWb8NiXz9CZyJO0vu-rUwrRpqTSPlw4R5YTKMkg**&cid=721392&f=1&h2=ciSw8JPaNooaj3aQCyVsBmwL_qLa1UqE-T3N8vOgPVU*&rid=0736d810-43bd-11ed-9a13-e4434b374cb2&psid=bid_202021&iub=aHR0cHM6Ly9zLWltZy5hZHNrZWVwZXIuY28udWsvZy8xNDEzNzQxNy8zMjh4MzI4Ly0vYUhSMGNEb3ZMMk5zTG1sdFoyaHZjM1J6TG1OdmJTOXBiV2RvTDJsdFlXZGxMMlpsZEdOb0wyRnlYekU2TVN4algyWnBiR3dzWlY5emFHRnljR1Z1T2pFd01DeG1YMnB3Wnl4blgyWmhZMlZ6T21GMWRHOHNjVjloZFhSdk9tZHZiMlFzZDE4NU5qQXZhSFIwY0RvdkwybHRaMmh2YzNSekxtTnZiUzkwTHpJd01qSXRNRGd2TVRBeE9USTBMek5tWldWak1XSmhObUZpTkdNME9ERm1OMkl3WXpNMll6UTVaR1UxTmpsaUxtcHdaV2Mud2VicD92PTE2NjQ4NzE0NjYtT0lERm1QbFhjMWFUejltWjJ1Vndadzd2TUd1VUpXR2E1TzVYamZhc1RQUQ== HTTP 301
  • https://s-img.adskeeper.co.uk/g/14137417/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjItMDgvMTAxOTI0LzNmZWVjMWJhNmFiNGM0ODFmN2IwYzM2YzQ5ZGU1NjliLmpwZWc.webp?v=1664871466-OIDFmPlXc1aTz9mZ2uVwZw7vMGuUJWGa5O5XjfasTPQ
Request Chain 35
  • https://crtv.wboptim.online/icon?url=https%3A%2F%2Fc.adskeeper.co.uk%2Fc%3Fpv%3D2%26v%3D0%7C0%7C0%7C97aFAF0_VzwFL3_ZsWIpwK-VsWSUP1xBOPfwNiQhBOO1JsBd6fqzHYKNKj0pfIj1nKNQFB4_RaIbYXW-omsH9g**%26cid%3D327360%26f%3D1%26h2%3DciSw8JPaNooaj3aQCyVsBmwL_qLa1UqE-T3N8vOgPVU*%26rid%3D073b466c-43bd-11ed-8139-e4434b151356%26psid%3Dbid_202021%26iub%3DaHR0cHM6Ly9zLWltZy5hZHNrZWVwZXIuY28udWsvZy8xNDEzNzQ0NC8zMjh4MzI4Ly0vYUhSMGNEb3ZMMk5zTG1sdFoyaHZjM1J6TG1OdmJTOXBiV2RvTDJsdFlXZGxMMlpsZEdOb0wyRnlYekU2TVN4algyWnBiR3dzWlY5emFHRnljR1Z1T2pFd01DeG1YMnB3Wnl4blgyWmhZMlZ6T21GMWRHOHNjVjloZFhSdk9tZHZiMlFzZDE4NU5qQXZhSFIwY0RvdkwybHRaMmh2YzNSekxtTnZiUzkwTHpJd01qSXRNRGt2TVRBeE9USTBMMlE0TnpSbFlUWmlabUkzTldVMU1UWTVOekZrT0RoaFpEQXlObUV3TkdObExtcHdaV2Mud2VicD92PTE2NjQ4NzE0NjYtVzl2Y3F1SFdZMHVKZXJ4RUpaWkpUekZKalJOUWFrc0c1Ul9BYzZZNVByOA%3D%3D&s=1003&a=bid_onw_202021&uA=bid_202021&sub=aa9ec921-1a49-4a85-8a21-c0b96a515904_3052727-4008040375-0&d=21&ic=1 HTTP 302
  • https://c.adskeeper.co.uk/c?pv=2&v=0|0|0|97aFAF0_VzwFL3_ZsWIpwK-VsWSUP1xBOPfwNiQhBOO1JsBd6fqzHYKNKj0pfIj1nKNQFB4_RaIbYXW-omsH9g**&cid=327360&f=1&h2=ciSw8JPaNooaj3aQCyVsBmwL_qLa1UqE-T3N8vOgPVU*&rid=073b466c-43bd-11ed-8139-e4434b151356&psid=bid_202021&iub=aHR0cHM6Ly9zLWltZy5hZHNrZWVwZXIuY28udWsvZy8xNDEzNzQ0NC8zMjh4MzI4Ly0vYUhSMGNEb3ZMMk5zTG1sdFoyaHZjM1J6TG1OdmJTOXBiV2RvTDJsdFlXZGxMMlpsZEdOb0wyRnlYekU2TVN4algyWnBiR3dzWlY5emFHRnljR1Z1T2pFd01DeG1YMnB3Wnl4blgyWmhZMlZ6T21GMWRHOHNjVjloZFhSdk9tZHZiMlFzZDE4NU5qQXZhSFIwY0RvdkwybHRaMmh2YzNSekxtTnZiUzkwTHpJd01qSXRNRGt2TVRBeE9USTBMMlE0TnpSbFlUWmlabUkzTldVMU1UWTVOekZrT0RoaFpEQXlObUV3TkdObExtcHdaV2Mud2VicD92PTE2NjQ4NzE0NjYtVzl2Y3F1SFdZMHVKZXJ4RUpaWkpUekZKalJOUWFrc0c1Ul9BYzZZNVByOA== HTTP 301
  • https://s-img.adskeeper.co.uk/g/14137444/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjItMDkvMTAxOTI0L2Q4NzRlYTZiZmI3NWU1MTY5NzFkODhhZDAyNmEwNGNlLmpwZWc.webp?v=1664871466-W9vcquHWY0uJerxEJZZJTzFJjRNQaksG5R_Ac6Y5Pr8
Request Chain 36
  • https://crtv.wboptim.online/icon?url=https%3A%2F%2Fc.adskeeper.co.uk%2Fc%3Fpv%3D2%26v%3D0%7C0%7C0%7C97aFAF0_VzwFL3_ZsWIpwKZupy1wTDIS1oVXELM9bsC1JsBd6fqzHYKNKj0pfIj1sT-M0D5iOUcAwiSpGHKVgw**%26cid%3D721394%26f%3D1%26h2%3DciSw8JPaNooaj3aQCyVsBmwL_qLa1UqE-T3N8vOgPVU*%26rid%3D073bcbce-43bd-11ed-a196-e4434b151302%26psid%3Dbid_202421%26iub%3DaHR0cHM6Ly9zLWltZy5hZHNrZWVwZXIuY28udWsvZy8xMjU3ODIwMi8zMjh4MzI4LzE0eDB4NDE5eDQxOS9hSFIwY0RvdkwybHRaMmh2YzNSekxtTnZiUzkwTHpJd01Ua3RNRGd2TVRBeE9USTBMemt4WW1WbFltRmlOakk0TWpSaFptWXlOV00wTWpnNE1UTTRZbU0yWWpReExtcHdaV2Mud2VicD92PTE2NjQ4NzE0NjYtVHQ0al9Sc1UtQTEtNnpNYmNBZE05SERYN2UyZGd0R0t0cFdKREtjTEVlQQ%3D%3D&s=1060&a=bid_onw_202021&uA=bid_202421&sub=aa9ec921-1a49-4a85-8a21-c0b96a515904_3052727-4008040375-0&d=21&ic=1 HTTP 302
  • https://c.adskeeper.co.uk/c?pv=2&v=0|0|0|97aFAF0_VzwFL3_ZsWIpwKZupy1wTDIS1oVXELM9bsC1JsBd6fqzHYKNKj0pfIj1sT-M0D5iOUcAwiSpGHKVgw**&cid=721394&f=1&h2=ciSw8JPaNooaj3aQCyVsBmwL_qLa1UqE-T3N8vOgPVU*&rid=073bcbce-43bd-11ed-a196-e4434b151302&psid=bid_202421&iub=aHR0cHM6Ly9zLWltZy5hZHNrZWVwZXIuY28udWsvZy8xMjU3ODIwMi8zMjh4MzI4LzE0eDB4NDE5eDQxOS9hSFIwY0RvdkwybHRaMmh2YzNSekxtTnZiUzkwTHpJd01Ua3RNRGd2TVRBeE9USTBMemt4WW1WbFltRmlOakk0TWpSaFptWXlOV00wTWpnNE1UTTRZbU0yWWpReExtcHdaV2Mud2VicD92PTE2NjQ4NzE0NjYtVHQ0al9Sc1UtQTEtNnpNYmNBZE05SERYN2UyZGd0R0t0cFdKREtjTEVlQQ== HTTP 301
  • https://s-img.adskeeper.co.uk/g/12578202/328x328/14x0x419x419/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0LzkxYmVlYmFiNjI4MjRhZmYyNWM0Mjg4MTM4YmM2YjQxLmpwZWc.webp?v=1664871466-Tt4j_RsU-A1-6zMbcAdM9HDX7e2dgtGKtpWJDKcLEeA
Request Chain 37
  • https://crtv.wboptim.online/icon?url=%2F%2Fngp1.picinow.com%2FadServe%2FwpnFeed%2FgetImage%3FauctionId%3Da9dbabc7-b96c-45ee-91b4-3d79514aefa2_560_525424%26ai%3D4CybT-qmF3USdQMGrALvtDxZ5446WWdJzmnwzuOt1RE3H-ZABuv0PpxqXWCLGW1VpQOY2oopXohTyYj1rn0tcS43FQccFwcVpAnGtbKbXi_0_0TpO0JyASjpNh7HtwBaepUzbdFP5x-dagyyljyn_P18ZpmU988_J3U2Fqjk0Wa1ZD8OEZIKu7_azjbSTPbrw-Od3EBOHzm6629zAQjMZ7XSBCe8wx9yscN86DJhVs-CPMPt9o4QynqGbXMy-HqPvnwifwK6dGtLVOSLQH0zgPFYZUO6xIrMhFx_rNLuWIF1eAIOs5oM4B5asLpCuZdu9E0d2us66WvKSngZGoO8OhLHZ7DlnBHaARLacfB7gT9UZKMn-y5DwmQotdRhi2_1Jp2pZ3wM0-r9pRNqmLuROC7PCf8K6nKpawP2M47HCpNw1dg6FomxRguToAxy6Bh_hBiP2EVSvC0reTEH-Qrgw0dh0-CJJGBCLDYLqAmGQp7X8PFevWB8BhWnouP-vKQqkLoFPp2xA1hMuRUvfJQ28hDYMJLPaDcaJBBlmgX1YzoJLterUzO5tNiAbtp9NeTI&s=2047&a=bid_onw_202021&uA=bid_202910&sub=aa9ec921-1a49-4a85-8a21-c0b96a515904_3052727-4008040375-0&d=21&ic=1 HTTP 302
  • https://ngp1.picinow.com/adServe/wpnFeed/getImage?auctionId=a9dbabc7-b96c-45ee-91b4-3d79514aefa2_560_525424&ai=4CybT-qmF3USdQMGrALvtDxZ5446WWdJzmnwzuOt1RE3H-ZABuv0PpxqXWCLGW1VpQOY2oopXohTyYj1rn0tcS43FQccFwcVpAnGtbKbXi_0_0TpO0JyASjpNh7HtwBaepUzbdFP5x-dagyyljyn_P18ZpmU988_J3U2Fqjk0Wa1ZD8OEZIKu7_azjbSTPbrw-Od3EBOHzm6629zAQjMZ7XSBCe8wx9yscN86DJhVs-CPMPt9o4QynqGbXMy-HqPvnwifwK6dGtLVOSLQH0zgPFYZUO6xIrMhFx_rNLuWIF1eAIOs5oM4B5asLpCuZdu9E0d2us66WvKSngZGoO8OhLHZ7DlnBHaARLacfB7gT9UZKMn-y5DwmQotdRhi2_1Jp2pZ3wM0-r9pRNqmLuROC7PCf8K6nKpawP2M47HCpNw1dg6FomxRguToAxy6Bh_hBiP2EVSvC0reTEH-Qrgw0dh0-CJJGBCLDYLqAmGQp7X8PFevWB8BhWnouP-vKQqkLoFPp2xA1hMuRUvfJQ28hDYMJLPaDcaJBBlmgX1YzoJLterUzO5tNiAbtp9NeTI HTTP 302
  • https://www.ssaimg.com/~OtpGYSWSGuU/49dd8191db04efc3122093ec7903717461341c6ed1a1c1f520c8436b03859f2d.png

39 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
next.php
directdexchange.com/jump/
Redirect Chain
  • https://tinyurl.com/alljp-2022
  • https://www.affforce.com/scripts/un981c6l?a_aid=5bc3eb59&a_bid=70577853&chan=code14
  • https://mcmo22.com/g?visitorid=d1145b926ac1100c7d36a9f3fSAC3y0i&refid=5bc3eb59&bannerid=70577853&extra_data1=&extra_data2=
  • https://go.tffkroute.com/click?pid=6&offer_id=610&ref_id=d1145b926ac1100c7d36a9f3fSAC3y0i_5bc3eb59_70577853&sub1=5bc3eb59&sub8=
  • https://directdexchange.com/jump/next.php?r=3052727&sub1=pcpa1-65bc3eb59-610-5bb69849cab62e50008b4568
7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://directdexchange.com/jump/next.php?r=3052727&sub1=pcpa1-65bc3eb59-610-5bb69849cab62e50008b4568
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.70.46 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
46.70.201.35.bc.googleusercontent.com
Software
openresty /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 04 Oct 2022 08:17:40 GMT
server
openresty
via
1.1 google

Redirect headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
754c7b7d687e80ff-NRT
content-length
0
date
Tue, 04 Oct 2022 08:17:40 GMT
location
https://directdexchange.com/jump/next.php?r=3052727&sub1=pcpa1-65bc3eb59-610-5bb69849cab62e50008b4568
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F44VsMie57SkXpnHuUQIk9F1PEwxudbgGzasCxrUVKWXL1ga5XB%2BYRH%2FK2zxtCM%2Fkt5jNb6HdxmG5j7yjlLFMVEXjDpwIvQF83BKP5nRiLrJc97qvymLE0x3MzKN7Eov%2BYpoxafaTLTrLY98uAiO"}],"group":"cf-nel","max_age":604800}
server
cloudflare
/
celeb-hot-treands.com/lp/y-arrow/
Redirect Chain
  • https://directdexchange.com/jump/next.php?stamat=m%257CL6Y3I2YjaQdH8AH0dEdHP3xP.959%252CS0kXXHXf2ck-DOZ9HRvwuM9aL_G46JdZU-2oa3bmXM-jNynSUdHe-QzhcsxloyCG3vDkJbcIxBTVr2KMhPUwlR7Ro5jmoSIQYUfsbvvr1OwjM...
  • https://directdexchange.com/script/i.php?stamat=m%257C%252C%252Cg2Z3tjentGU3BJ-GH0dEdHP3xP.ad9%252CIjMIwBwnoB0ku9PHF54myY5H0AapN-kFiGHN9ZLAiyrGwovwQR5knS18AwmB-mYhSrDYBbSo2Y0QIEGWHtqtpPVXG48zGIdcmz...
  • https://marially-watears.icu/aa9ec921-1a49-4a85-8a21-c0b96a515904?pubid=3052727-4008040375-0&creative=23518794&ISP=M247%20Ltd&camapignid=308459820&lang=JP&browser=Chrome&platform=Mac%20OS%20X&SSP=&...
  • https://go.ts-tracker.me/15GIEB?subid=aa9ec921-1a49-4a85-8a21-c0b96a515904_3052727-4008040375-0&currency=&affid=202021&cost=&external_id=APAP02_w3hfssnb9fmc8ggj2a95p802
  • https://celeb-hot-treands.com/lp/y-arrow?cp=8&tag=202021&tag1=musicplayer&tag2=aa9ec921-1a49-4a85-8a21-c0b96a515904_3052727-4008040375-0&tag3=202021&tag4=dating&clickid=6d1516e85900190f0a13f8e899c4...
  • https://celeb-hot-treands.com/lp/y-arrow/?cp=8&tag=202021&tag1=musicplayer&tag2=aa9ec921-1a49-4a85-8a21-c0b96a515904_3052727-4008040375-0&tag3=202021&tag4=dating&clickid=6d1516e85900190f0a13f8e899c...
29 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://celeb-hot-treands.com/lp/y-arrow/?cp=8&tag=202021&tag1=musicplayer&tag2=aa9ec921-1a49-4a85-8a21-c0b96a515904_3052727-4008040375-0&tag3=202021&tag4=dating&clickid=6d1516e85900190f0a13f8e899c4dab8-4888-1004&device=Desktop&brand=Desktop&model=Desktop&country=JP&affid=202021&subid=aa9ec921-1a49-4a85-8a21-c0b96a515904_3052727-4008040375-0&ln=Unknown&cid=&useragent={var:useragent}&ip=2001:ac8:40:b5::5e&bv=Chrome%20106&as=pc&gf=12
Requested by
Host: directdexchange.com
URL: https://directdexchange.com/jump/next.php?r=3052727&sub1=pcpa1-65bc3eb59-610-5bb69849cab62e50008b4568
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.227.145.147 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
0c1ec20cebee238e4fa9aa825a6d5005a429fb7fcd3ef4c741c9e85e748adfc7
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://directdexchange.com/jump/next.php?r=3052727&sub1=pcpa1-65bc3eb59-610-5bb69849cab62e50008b4568
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

content-encoding
gzip
content-type
text/html
date
Tue, 04 Oct 2022 08:17:42 GMT
etag
W/"62341cea-729d"
last-modified
Fri, 18 Mar 2022 05:47:22 GMT
server
nginx
vary
Accept-Encoding
x-frame-options
SAMEORIGIN

Redirect headers

content-length
162
content-type
text/html
date
Tue, 04 Oct 2022 08:17:42 GMT
location
https://celeb-hot-treands.com/lp/y-arrow/?cp=8&tag=202021&tag1=musicplayer&tag2=aa9ec921-1a49-4a85-8a21-c0b96a515904_3052727-4008040375-0&tag3=202021&tag4=dating&clickid=6d1516e85900190f0a13f8e899c4dab8-4888-1004&device=Desktop&brand=Desktop&model=Desktop&country=JP&affid=202021&subid=aa9ec921-1a49-4a85-8a21-c0b96a515904_3052727-4008040375-0&ln=Unknown&cid=&useragent={var:useragent}&ip=2001:ac8:40:b5::5e&bv=Chrome%20106&as=pc&gf=12
server
nginx
x-frame-options
SAMEORIGIN
client.new.js
celeb-hot-treands.com/plugin/js/ 		26 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://celeb-hot-treands.com/plugin/js/client.new.js
Requested by
Host: celeb-hot-treands.com
URL: https://celeb-hot-treands.com/lp/y-arrow/?cp=8&tag=202021&tag1=musicplayer&tag2=aa9ec921-1a49-4a85-8a21-c0b96a515904_3052727-4008040375-0&tag3=202021&tag4=dating&clickid=6d1516e85900190f0a13f8e899c4dab8-4888-1004&device=Desktop&brand=Desktop&model=Desktop&country=JP&affid=202021&subid=aa9ec921-1a49-4a85-8a21-c0b96a515904_3052727-4008040375-0&ln=Unknown&cid=&useragent={var:useragent}&ip=2001:ac8:40:b5::5e&bv=Chrome%20106&as=pc&gf=12
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.227.145.147 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
ea8d074475a237fc34ae2ed9415f0faa805968e5747b685873841dca68c9042a
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://celeb-hot-treands.com/lp/y-arrow/?cp=8&tag=202021&tag1=musicplayer&tag2=aa9ec921-1a49-4a85-8a21-c0b96a515904_3052727-4008040375-0&tag3=202021&tag4=dating&clickid=6d1516e85900190f0a13f8e899c4dab8-4888-1004&device=Desktop&brand=Desktop&model=Desktop&country=JP&affid=202021&subid=aa9ec921-1a49-4a85-8a21-c0b96a515904_3052727-4008040375-0&ln=Unknown&cid=&useragent={var:useragent}&ip=2001:ac8:40:b5::5e&bv=Chrome%20106&as=pc&gf=12
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 08:17:43 GMT
content-encoding
gzip
last-modified
Mon, 04 Jul 2022 17:04:55 GMT
server
nginx
etag
W/"62c31db7-692e"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=2592000
expires
Thu, 03 Nov 2022 08:17:43 GMT
bidder.js
celeb-hot-treands.com/plugin/js/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://celeb-hot-treands.com/plugin/js/bidder.js
Requested by
Host: celeb-hot-treands.com
URL: https://celeb-hot-treands.com/lp/y-arrow/?cp=8&tag=202021&tag1=musicplayer&tag2=aa9ec921-1a49-4a85-8a21-c0b96a515904_3052727-4008040375-0&tag3=202021&tag4=dating&clickid=6d1516e85900190f0a13f8e899c4dab8-4888-1004&device=Desktop&brand=Desktop&model=Desktop&country=JP&affid=202021&subid=aa9ec921-1a49-4a85-8a21-c0b96a515904_3052727-4008040375-0&ln=Unknown&cid=&useragent={var:useragent}&ip=2001:ac8:40:b5::5e&bv=Chrome%20106&as=pc&gf=12
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.227.145.147 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
de7247f0e7c5687fdd99324fa8b9491922768893a24d5d64af7989df06c386e9
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://celeb-hot-treands.com/lp/y-arrow/?cp=8&tag=202021&tag1=musicplayer&tag2=aa9ec921-1a49-4a85-8a21-c0b96a515904_3052727-4008040375-0&tag3=202021&tag4=dating&clickid=6d1516e85900190f0a13f8e899c4dab8-4888-1004&device=Desktop&brand=Desktop&model=Desktop&country=JP&affid=202021&subid=aa9ec921-1a49-4a85-8a21-c0b96a515904_3052727-4008040375-0&ln=Unknown&cid=&useragent={var:useragent}&ip=2001:ac8:40:b5::5e&bv=Chrome%20106&as=pc&gf=12
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 08:17:43 GMT
content-encoding
gzip
last-modified
Tue, 04 Oct 2022 08:05:40 GMT
server
nginx
etag
W/"633be954-454e"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=2592000
expires
Thu, 03 Nov 2022 08:17:43 GMT
bidder-interval.js
celeb-hot-treands.com/plugin/js/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://celeb-hot-treands.com/plugin/js/bidder-interval.js
Requested by
Host: celeb-hot-treands.com
URL: https://celeb-hot-treands.com/lp/y-arrow/?cp=8&tag=202021&tag1=musicplayer&tag2=aa9ec921-1a49-4a85-8a21-c0b96a515904_3052727-4008040375-0&tag3=202021&tag4=dating&clickid=6d1516e85900190f0a13f8e899c4dab8-4888-1004&device=Desktop&brand=Desktop&model=Desktop&country=JP&affid=202021&subid=aa9ec921-1a49-4a85-8a21-c0b96a515904_3052727-4008040375-0&ln=Unknown&cid=&useragent={var:useragent}&ip=2001:ac8:40:b5::5e&bv=Chrome%20106&as=pc&gf=12
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.227.145.147 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
4fcf63aeecc00b000351d5b887fb4cc3dc9b6bc97cb7852734864852b7797226
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://celeb-hot-treands.com/lp/y-arrow/?cp=8&tag=202021&tag1=musicplayer&tag2=aa9ec921-1a49-4a85-8a21-c0b96a515904_3052727-4008040375-0&tag3=202021&tag4=dating&clickid=6d1516e85900190f0a13f8e899c4dab8-4888-1004&device=Desktop&brand=Desktop&model=Desktop&country=JP&affid=202021&subid=aa9ec921-1a49-4a85-8a21-c0b96a515904_3052727-4008040375-0&ln=Unknown&cid=&useragent={var:useragent}&ip=2001:ac8:40:b5::5e&bv=Chrome%20106&as=pc&gf=12
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 08:17:43 GMT
content-encoding
gzip
last-modified
Thu, 16 Jun 2022 13:19:20 GMT
server
nginx
etag
W/"62ab2dd8-1f27"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=2592000
expires
Thu, 03 Nov 2022 08:17:43 GMT
e-client.v2.js
celeb-hot-treands.com/plugin/js/ 		33 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://celeb-hot-treands.com/plugin/js/e-client.v2.js
Requested by
Host: celeb-hot-treands.com
URL: https://celeb-hot-treands.com/lp/y-arrow/?cp=8&tag=202021&tag1=musicplayer&tag2=aa9ec921-1a49-4a85-8a21-c0b96a515904_3052727-4008040375-0&tag3=202021&tag4=dating&clickid=6d1516e85900190f0a13f8e899c4dab8-4888-1004&device=Desktop&brand=Desktop&model=Desktop&country=JP&affid=202021&subid=aa9ec921-1a49-4a85-8a21-c0b96a515904_3052727-4008040375-0&ln=Unknown&cid=&useragent={var:useragent}&ip=2001:ac8:40:b5::5e&bv=Chrome%20106&as=pc&gf=12
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.227.145.147 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
3e0c01a6c467139034e28e06b14cfe72288008d377ef4c02219210058973a72a
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://celeb-hot-treands.com/lp/y-arrow/?cp=8&tag=202021&tag1=musicplayer&tag2=aa9ec921-1a49-4a85-8a21-c0b96a515904_3052727-4008040375-0&tag3=202021&tag4=dating&clickid=6d1516e85900190f0a13f8e899c4dab8-4888-1004&device=Desktop&brand=Desktop&model=Desktop&country=JP&affid=202021&subid=aa9ec921-1a49-4a85-8a21-c0b96a515904_3052727-4008040375-0&ln=Unknown&cid=&useragent={var:useragent}&ip=2001:ac8:40:b5::5e&bv=Chrome%20106&as=pc&gf=12
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 08:17:43 GMT
content-encoding
gzip
last-modified
Thu, 07 Jul 2022 08:43:02 GMT
server
nginx
etag
W/"62c69c96-82de"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=2592000
expires
Thu, 03 Nov 2022 08:17:43 GMT
truncated
/ 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4261f5b9b560c04a5b01559c45547e64f80f412e364d11520e2f8e70bdfc3978

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type
image/png
client
wbidder2.com/offer/ 		5 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://wbidder2.com/offer/client?affid=onw_202021&subid=aa9ec921-1a49-4a85-8a21-c0b96a515904_3052727-4008040375-0&days=8&count=1
Requested by
Host: celeb-hot-treands.com
URL: https://celeb-hot-treands.com/plugin/js/client.new.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
85.17.79.154 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
b6a268ee13280fb9c22169749644b9c8e84df3a1c25698d42b1a0a271ebe9526

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 04 Oct 2022 08:17:44 GMT
content-encoding
gzip
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
client
wbidder2.com/offer/ 		5 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://wbidder2.com/offer/client?affid=onw_202021&subid=aa9ec921-1a49-4a85-8a21-c0b96a515904_3052727-4008040375-0&days=8&count=1
Requested by
Host: celeb-hot-treands.com
URL: https://celeb-hot-treands.com/plugin/js/client.new.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
85.17.79.154 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
fa3b3226d479e41718e5071140a65f690f68001e8e38cb56a228679b3209d9b8

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 04 Oct 2022 08:17:44 GMT
content-encoding
gzip
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
client
wbidder2.com/offer/ 		5 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://wbidder2.com/offer/client?affid=onw_202021&subid=aa9ec921-1a49-4a85-8a21-c0b96a515904_3052727-4008040375-0&days=8&count=1
Requested by
Host: celeb-hot-treands.com
URL: https://celeb-hot-treands.com/plugin/js/client.new.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
85.17.79.154 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
b5c45613c4528fb4785b9cffb2cd689e99edef21dff38b83832a7df2ebfed471

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 04 Oct 2022 08:17:44 GMT
content-encoding
gzip
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
newB1modal.png
celeb-hot-treands.com/pluginstuff/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://celeb-hot-treands.com/pluginstuff/newB1modal.png
Requested by
Host: celeb-hot-treands.com
URL: https://celeb-hot-treands.com/lp/y-arrow/?cp=8&tag=202021&tag1=musicplayer&tag2=aa9ec921-1a49-4a85-8a21-c0b96a515904_3052727-4008040375-0&tag3=202021&tag4=dating&clickid=6d1516e85900190f0a13f8e899c4dab8-4888-1004&device=Desktop&brand=Desktop&model=Desktop&country=JP&affid=202021&subid=aa9ec921-1a49-4a85-8a21-c0b96a515904_3052727-4008040375-0&ln=Unknown&cid=&useragent={var:useragent}&ip=2001:ac8:40:b5::5e&bv=Chrome%20106&as=pc&gf=12
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.227.145.147 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
3f0014f83976d1cf838ba0bb0dd7b9150457ebc601c4f6840d8e16620c12ad5b
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 08:17:43 GMT
last-modified
Fri, 14 May 2021 16:13:10 GMT
server
nginx
etag
"609ea196-2359"
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
9049
expires
Thu, 03 Nov 2022 08:17:43 GMT
client
wbidder2.com/offer/ 		3 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://wbidder2.com/offer/client?affid=onw_202021&subid=aa9ec921-1a49-4a85-8a21-c0b96a515904_3052727-4008040375-0&days=8&cbjs=
Requested by
Host: celeb-hot-treands.com
URL: https://celeb-hot-treands.com/plugin/js/bidder.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
85.17.79.154 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
04d52b68b6ff6426c3c993fe6459eb08052aeb1f611e4519a4e6c7c0e60495ca

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 04 Oct 2022 08:17:44 GMT
content-encoding
gzip
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
client
wbidder2.com/offer/ 		12 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://wbidder2.com/offer/client?affid=onw_202021&subid=aa9ec921-1a49-4a85-8a21-c0b96a515904_3052727-4008040375-0&days=8&count=5&adult=undefined
Requested by
Host: celeb-hot-treands.com
URL: https://celeb-hot-treands.com/plugin/js/e-client.v2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
85.17.79.154 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
6e2b8dc19237c42b521d6376c54108bd23bd1e4691c21d98d4e31800d4f3a558

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 04 Oct 2022 08:17:44 GMT
content-encoding
gzip
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
eclientclick
wbidder2.com/offer/ 		2 KB
768 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://wbidder2.com/offer/eclientclick?affid=onw_202021&subid=aa9ec921-1a49-4a85-8a21-c0b96a515904_3052727-4008040375-0&days=8&count=1&adult=undefined
Requested by
Host: celeb-hot-treands.com
URL: https://celeb-hot-treands.com/plugin/js/e-client.v2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
85.17.79.154 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
bdb2359ec80c411ef58b64a084af23d1326211fceec0e828cd8139dc6eba3a81

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 04 Oct 2022 08:17:44 GMT
content-encoding
gzip
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
youtube-eclient.png
celeb-hot-treands.com/icons/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://celeb-hot-treands.com/icons/youtube-eclient.png
Requested by
Host: celeb-hot-treands.com
URL: https://celeb-hot-treands.com/lp/y-arrow/?cp=8&tag=202021&tag1=musicplayer&tag2=aa9ec921-1a49-4a85-8a21-c0b96a515904_3052727-4008040375-0&tag3=202021&tag4=dating&clickid=6d1516e85900190f0a13f8e899c4dab8-4888-1004&device=Desktop&brand=Desktop&model=Desktop&country=JP&affid=202021&subid=aa9ec921-1a49-4a85-8a21-c0b96a515904_3052727-4008040375-0&ln=Unknown&cid=&useragent={var:useragent}&ip=2001:ac8:40:b5::5e&bv=Chrome%20106&as=pc&gf=12
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.227.145.147 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
44732c891c3fffbf3ec24e05f43fb59908ed9e467f35f424f71a45a649f78f01
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 08:17:43 GMT
last-modified
Tue, 15 Mar 2022 16:54:11 GMT
server
nginx
etag
"6230c4b3-57c"
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
1404
expires
Thu, 03 Nov 2022 08:17:43 GMT
spinner.gif
celeb-hot-treands.com/flow-lp/porsche-1/img/ 		113 KB
113 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://celeb-hot-treands.com/flow-lp/porsche-1/img/spinner.gif
Requested by
Host: celeb-hot-treands.com
URL: https://celeb-hot-treands.com/lp/y-arrow/?cp=8&tag=202021&tag1=musicplayer&tag2=aa9ec921-1a49-4a85-8a21-c0b96a515904_3052727-4008040375-0&tag3=202021&tag4=dating&clickid=6d1516e85900190f0a13f8e899c4dab8-4888-1004&device=Desktop&brand=Desktop&model=Desktop&country=JP&affid=202021&subid=aa9ec921-1a49-4a85-8a21-c0b96a515904_3052727-4008040375-0&ln=Unknown&cid=&useragent={var:useragent}&ip=2001:ac8:40:b5::5e&bv=Chrome%20106&as=pc&gf=12
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.227.145.147 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
7ffbc5613ad711543dc07ae92ea8a151ed27fa356f0a591181910f4270b2e908
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 08:17:43 GMT
last-modified
Fri, 01 Nov 2019 13:26:09 GMT
server
nginx
etag
"5dbc3271-1c3fd"
x-frame-options
SAMEORIGIN
content-type
image/gif
cache-control
max-age=2592000
accept-ranges
bytes
content-length
115709
expires
Thu, 03 Nov 2022 08:17:43 GMT
49dd8191db04efc3122093ec7903717461341c6ed1a1c1f520c8436b03859f2d.png
www.ssaimg.com/~OtpGYSWSGuU/
Redirect Chain
  • https://crtv.wboptim.online/icon?url=%2F%2Fngp2.picinow.com%2FadServe%2FwpnFeed%2FgetImage%3FauctionId%3Db955be33-3aaa-410e-973c-aa0f384d1eb8_560_525424%26ai%3D4CybT-qmF3USdQMGrALvtDxZ5446WWdJzmnwz...
  • https://ngp2.picinow.com/adServe/wpnFeed/getImage?auctionId=b955be33-3aaa-410e-973c-aa0f384d1eb8_560_525424&ai=4CybT-qmF3USdQMGrALvtDxZ5446WWdJzmnwzuOt1RE3H-ZABuv0PpxqXWCLGW1VpQOY2oopXohTyYj1rn0tca...
  • https://www.ssaimg.com/~OtpGYSWSGuU/49dd8191db04efc3122093ec7903717461341c6ed1a1c1f520c8436b03859f2d.png
10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ssaimg.com/~OtpGYSWSGuU/49dd8191db04efc3122093ec7903717461341c6ed1a1c1f520c8436b03859f2d.png
Protocol
H2
Server
2606:4700:3038::6815:ebce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 08:17:45 GMT
cf-cache-status
HIT
last-modified
Thu, 29 Oct 2020 16:25:36 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
5676
etag
"5f9aed00-27d8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WJg2jQl%2FXBH4V67wbnAqiZLPBsQrGRvDH%2FU6zR%2B7zRx6M1OD5Wwn44f3%2BY4qFIlWFdOxFkuM02%2F7qTvbpYKmdxwjf3nWQZaMBbpu3dE%2Blkve6y2MLWpoBXs6Euu6pCnPClAn7KnAK7wq7mrYxA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
754c7ba4d825afd3-NRT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10200

Redirect headers

access-control-allow-origin
*
location
https://www.ssaimg.com/~OtpGYSWSGuU/49dd8191db04efc3122093ec7903717461341c6ed1a1c1f520c8436b03859f2d.png
date
Tue, 04 Oct 2022 08:17:45 GMT
server
nginx
content-length
0
access-control-allow-methods
POST
49dd8191db04efc3122093ec7903717461341c6ed1a1c1f520c8436b03859f2d.png
www.ssaimg.com/~OtpGYSWSGuU/
Redirect Chain
  • https://crtv.wboptim.online/icon?url=%2F%2Fngp1.picinow.com%2FadServe%2FwpnFeed%2FgetImage%3FauctionId%3D3b6a1ce4-61ff-4cef-95bd-bdf6d4369d1c_560_525424%26ai%3D4CybT-qmF3USdQMGrALvtDxZ5446WWdJzmnwz...
  • https://ngp1.picinow.com/adServe/wpnFeed/getImage?auctionId=3b6a1ce4-61ff-4cef-95bd-bdf6d4369d1c_560_525424&ai=4CybT-qmF3USdQMGrALvtDxZ5446WWdJzmnwzuOt1RE3H-ZABuv0PpxqXWCLGW1VpQOY2oopXohTyYj1rn0tcS...
  • https://www.ssaimg.com/~OtpGYSWSGuU/49dd8191db04efc3122093ec7903717461341c6ed1a1c1f520c8436b03859f2d.png
10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ssaimg.com/~OtpGYSWSGuU/49dd8191db04efc3122093ec7903717461341c6ed1a1c1f520c8436b03859f2d.png
Protocol
H3
Server
2606:4700:3038::6815:ebce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 08:17:46 GMT
cf-cache-status
HIT
last-modified
Thu, 29 Oct 2020 16:25:36 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
5677
etag
"5f9aed00-27d8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DGqgVi0S1k4pqoGcm74RUkLBON3KKi%2BDtZGEys8NZYZgFOZw4sgihmLTg8XYNQRvAfu4Em%2FCtadJS%2Bdf6xQnEaWmAWpsTb0kPNfNLsNptRX5TzuRWUCS%2FmciK8nD8ROgFguxugUpbEHPv5s%2BDA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
754c7ba7be14afac-NRT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10200

Redirect headers

access-control-allow-origin
*
location
https://www.ssaimg.com/~OtpGYSWSGuU/49dd8191db04efc3122093ec7903717461341c6ed1a1c1f520c8436b03859f2d.png
date
Tue, 04 Oct 2022 08:17:46 GMT
server
nginx
content-length
0
access-control-allow-methods
POST
49dd8191db04efc3122093ec7903717461341c6ed1a1c1f520c8436b03859f2d.png
www.ssaimg.com/~OtpGYSWSGuU/
Redirect Chain
  • https://crtv.wboptim.online/icon?url=%2F%2Fngp2.picinow.com%2FadServe%2FwpnFeed%2FgetImage%3FauctionId%3D73269dd8-0f92-4b25-9f6e-00e95fd23de5_560_525424%26ai%3D4CybT-qmF3USdQMGrALvtDxZ5446WWdJzmnwz...
  • https://ngp2.picinow.com/adServe/wpnFeed/getImage?auctionId=73269dd8-0f92-4b25-9f6e-00e95fd23de5_560_525424&ai=4CybT-qmF3USdQMGrALvtDxZ5446WWdJzmnwzuOt1RE3H-ZABuv0PpxqXWCLGW1VpQOY2oopXohTyYj1rn0tca...
  • https://www.ssaimg.com/~OtpGYSWSGuU/49dd8191db04efc3122093ec7903717461341c6ed1a1c1f520c8436b03859f2d.png
10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ssaimg.com/~OtpGYSWSGuU/49dd8191db04efc3122093ec7903717461341c6ed1a1c1f520c8436b03859f2d.png
Protocol
H2
Server
2606:4700:3038::6815:ebce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 08:17:45 GMT
cf-cache-status
HIT
last-modified
Thu, 29 Oct 2020 16:25:36 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
5676
etag
"5f9aed00-27d8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w%2FXg3BR8UDcFyFki%2BWDnNYtyffD624gX7dJi77FkiOUZeMTqMB%2FNTpQhvdJYp7D11i21O8BP%2BAc8MsOl9ivqGYq8NitsMzhhJi85chIffn2lJRjeas8bRon%2F0R7vq95Cd2IdzMCeekSyqm%2BI5w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
754c7ba4d826afd3-NRT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10200

Redirect headers

access-control-allow-origin
*
location
https://www.ssaimg.com/~OtpGYSWSGuU/49dd8191db04efc3122093ec7903717461341c6ed1a1c1f520c8436b03859f2d.png
date
Tue, 04 Oct 2022 08:17:45 GMT
server
nginx
content-length
0
access-control-allow-methods
POST
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjItMDEvMTAxOTI0LzcwMDZkNmFhMzA3ODI3MTViY...
s-img.mgid.com/g/12578186/328x328/-/
Redirect Chain
  • https://crtv.wboptim.online/icon?url=https%3A%2F%2Fc.mgid.com%2Fc%3Fpv%3D2%26v%3D0%7C0%7C0%7C7CMDQpzkUlJdIJYyw2ci9XEYuWed2-JsqoK6vnFxUbW8AI8jwUKFgpqZC8IrI9ZQIauWhxzbWfJ0KGubMf4s_g**%26cid%3D383523%...
  • https://c.mgid.com/c?pv=2&v=0|0|0|7CMDQpzkUlJdIJYyw2ci9XEYuWed2-JsqoK6vnFxUbW8AI8jwUKFgpqZC8IrI9ZQIauWhxzbWfJ0KGubMf4s_g**&cid=383523&f=1&h2=ciSw8JPaNooaj3aQCyVsBmwL_qLa1UqE-T3N8vOgPVU*&rid=05c1fa9...
  • https://s-img.mgid.com/g/12578186/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90L...
16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/12578186/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjItMDEvMTAxOTI0LzcwMDZkNmFhMzA3ODI3MTViYjk3YWJlYzU2YmI3ZGVhLmpwZWc.webp?v=1664871464-SUNw0MNgb6blm_4FAgufCSAXZRx6P46CAPpIOxEenz0
Protocol
H2
Server
2606:4700:1::6813:864e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
412b5a18360dcd8eccc1ef45f7d8b541bdc4fab11f1b10685a7b9916a509ef4a

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 08:17:45 GMT
cf-cache-status
HIT
last-modified
Tue, 29 Mar 2022 06:55:00 GMT
x-mg-request-uuid
df8db38d-febf-4f31-a47e-de19b09db412
server
cloudflare
age
1356325
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
754c7ba4bf5be025-NRT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
16166

Redirect headers

date
Tue, 04 Oct 2022 08:17:45 GMT
cf-cache-status
DYNAMIC
x-mg-request-uuid
9a40d35c-d797-483d-8121-4e6f7be54f69
server
cloudflare
location
https://s-img.mgid.com/g/12578186/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjItMDEvMTAxOTI0LzcwMDZkNmFhMzA3ODI3MTViYjk3YWJlYzU2YmI3ZGVhLmpwZWc.webp?v=1664871464-SUNw0MNgb6blm_4FAgufCSAXZRx6P46CAPpIOxEenz0
cf-ray
754c7ba36dece025-NRT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
49dd8191db04efc3122093ec7903717461341c6ed1a1c1f520c8436b03859f2d.png
www.ssaimg.com/~OtpGYSWSGuU/
Redirect Chain
  • https://crtv.wboptim.online/icon?url=%2F%2Fngp2.picinow.com%2FadServe%2FwpnFeed%2FgetImage%3FauctionId%3Dbeed0e3f-defe-4964-b619-176403e50419_560_525424%26ai%3D4CybT-qmF3USdQMGrALvtDxZ5446WWdJzmnwz...
  • https://ngp2.picinow.com/adServe/wpnFeed/getImage?auctionId=beed0e3f-defe-4964-b619-176403e50419_560_525424&ai=4CybT-qmF3USdQMGrALvtDxZ5446WWdJzmnwzuOt1RE3H-ZABuv0PpxqXWCLGW1VpQOY2oopXohTyYj1rn0tca...
  • https://www.ssaimg.com/~OtpGYSWSGuU/49dd8191db04efc3122093ec7903717461341c6ed1a1c1f520c8436b03859f2d.png
10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ssaimg.com/~OtpGYSWSGuU/49dd8191db04efc3122093ec7903717461341c6ed1a1c1f520c8436b03859f2d.png
Protocol
H2
Server
2606:4700:3038::6815:ebce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 08:17:45 GMT
cf-cache-status
HIT
last-modified
Thu, 29 Oct 2020 16:25:36 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
5676
etag
"5f9aed00-27d8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bN8UIurPVSU89gJu4d3jrlHzbJI%2FJlD8YWCUeFTYzPqHD6g2y%2BSdjQPmkc98qYo8dSqNsCSLoUb3ew8BXfu4s07nI0TYhieBQCwJDd8ox9q02Yu0zAe%2FPU0ZSBpz4g99k0v4bGJyTgCKhIG5Kw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
754c7ba4c823afd3-NRT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10200

Redirect headers

access-control-allow-origin
*
location
https://www.ssaimg.com/~OtpGYSWSGuU/49dd8191db04efc3122093ec7903717461341c6ed1a1c1f520c8436b03859f2d.png
date
Tue, 04 Oct 2022 08:17:45 GMT
server
nginx
content-length
0
access-control-allow-methods
POST
wpnAdClick
p415946.mybetterck.com/adServe/
Redirect Chain
  • https://trk.cpvlabtrk.online/15GtmV?cp=8&tag=202021&tag1=musicplayer&tag2=aa9ec921-1a49-4a85-8a21-c0b96a515904_3052727-4008040375-0&tag3=202021&tag4=dating&clickid=6d1516e85900190f0a13f8e899c4dab8-...
  • https://clk.wbidder2.com/redirect?url=%2F%2Fngp2.mybetterck.com%2FadServe%2FwpnFeed%2FdoClick%3FauctionId%3Dbeed0e3f-defe-4964-b619-176403e50419_560_525424%26ai%3D4CybT-qmF3USdQMGrALvtDxZ5446WWdJzm...
  • https://ngp2.mybetterck.com/adServe/wpnFeed/doClick?auctionId=beed0e3f-defe-4964-b619-176403e50419_560_525424&ai=4CybT-qmF3USdQMGrALvtDxZ5446WWdJzmnwzuOt1RE3H-ZABuv0PpxqXWCLGW1VpQOY2oopXohTyYj1rn0t...
  • http://p415946.mybetterck.com/adServe/wpnAdClick?ai=eHdHhnjefhySLXJTUAaXKG4821fGryE7pHfSmpLYG7qliqFZVf5u_9P-IktRN2sktaBa_pX3DBtiE2Ew9YIiXdepv38QUmTbfCIUPlyaY5RD-IoRiWjmF-kTNyeQmn1NgmGw-kTpOBIPAe_L4...
374 B
880 B 		Document
General
Check archive.org
Download Go to
Full URL
http://p415946.mybetterck.com/adServe/wpnAdClick?ai=eHdHhnjefhySLXJTUAaXKG4821fGryE7pHfSmpLYG7qliqFZVf5u_9P-IktRN2sktaBa_pX3DBtiE2Ew9YIiXdepv38QUmTbfCIUPlyaY5RD-IoRiWjmF-kTNyeQmn1NgmGw-kTpOBIPAe_L4WAxrSPMP7Kf2jK2E4Up4F0rxvIA6I4B8spzdfq1VQcFG0q_7cxV8pdl6qd_KczlyjZZuZ6zlSswW_R6FjuED_lYu83SkbnF2ZZTSTOLXBkCsQ1cwdqzLjhhG1WRFmgORM3pNLemXBsUGDaFwZ-ZpHFvH5wqbdo8nAeBMyKsg4OTUwVvff6jBjvVOkMpfV0Usf4Im1pzn9FT5cp7v70AKXB3WEpTHuSAL4-k15Y9fFOikj2wzoaHkUrUW4a5hFb9pGZF8GKzMCbo0inuKUp18T99ijALxdTk72VP09sMkACYP8GijhzaAHtpe_2AH4MJyCgMDGLMX_RFAVuc4mOnJd67jI1QIdxRkmEpU8X0XqtOSLnKdXXexsw_Zw3XJeIfh6fmOEuKbmg6ulf7YruEab8qko7ONJN9yS9DXbwztVY_lrnt_DH1YyhqGN7G-g2gWt8lqAXVfzivY18rb-FdWyjBuVMbegmPq__XE0zw4ammdhci9WaGCOKTlXG99CGOJ-MondPZfS2H2Vmyvzx34vFaVJo&ui=IKaS41W5VyZH2DGTLWTMdlh2V8-nxiox5BqBrDJxXOFv4V1bKMG5Uyi7bzCY-CvIhq2A1ADGJKo&awpm=iYJr_Xlzi3jJVQYaYAGzzA
Requested by
Host: celeb-hot-treands.com
URL: https://celeb-hot-treands.com/plugin/js/client.new.js
Protocol
HTTP/1.1
Server
108.168.193.189 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
bd.c1.a86c.ip4.static.sl-reverse.com
Software
nginx /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html;charset=ISO-8859-1
Date
Tue, 04 Oct 2022 08:17:47 GMT
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding

Redirect headers

access-control-allow-methods
POST
access-control-allow-origin
*
content-length
0
date
Tue, 04 Oct 2022 08:17:47 GMT
location
http://p415946.mybetterck.com/adServe/wpnAdClick?ai=eHdHhnjefhySLXJTUAaXKG4821fGryE7pHfSmpLYG7qliqFZVf5u_9P-IktRN2sktaBa_pX3DBtiE2Ew9YIiXdepv38QUmTbfCIUPlyaY5RD-IoRiWjmF-kTNyeQmn1NgmGw-kTpOBIPAe_L4WAxrSPMP7Kf2jK2E4Up4F0rxvIA6I4B8spzdfq1VQcFG0q_7cxV8pdl6qd_KczlyjZZuZ6zlSswW_R6FjuED_lYu83SkbnF2ZZTSTOLXBkCsQ1cwdqzLjhhG1WRFmgORM3pNLemXBsUGDaFwZ-ZpHFvH5wqbdo8nAeBMyKsg4OTUwVvff6jBjvVOkMpfV0Usf4Im1pzn9FT5cp7v70AKXB3WEpTHuSAL4-k15Y9fFOikj2wzoaHkUrUW4a5hFb9pGZF8GKzMCbo0inuKUp18T99ijALxdTk72VP09sMkACYP8GijhzaAHtpe_2AH4MJyCgMDGLMX_RFAVuc4mOnJd67jI1QIdxRkmEpU8X0XqtOSLnKdXXexsw_Zw3XJeIfh6fmOEuKbmg6ulf7YruEab8qko7ONJN9yS9DXbwztVY_lrnt_DH1YyhqGN7G-g2gWt8lqAXVfzivY18rb-FdWyjBuVMbegmPq__XE0zw4ammdhci9WaGCOKTlXG99CGOJ-MondPZfS2H2Vmyvzx34vFaVJo&ui=IKaS41W5VyZH2DGTLWTMdlh2V8-nxiox5BqBrDJxXOFv4V1bKMG5Uyi7bzCY-CvIhq2A1ADGJKo&awpm=iYJr_Xlzi3jJVQYaYAGzzA
server
nginx
client
wbidder2.com/offer/ 		3 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://wbidder2.com/offer/client?affid=onw_202021&subid=aa9ec921-1a49-4a85-8a21-c0b96a515904_3052727-4008040375-0&days=8&count=1
Requested by
Host: celeb-hot-treands.com
URL: https://celeb-hot-treands.com/plugin/js/client.new.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
85.17.79.154 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 04 Oct 2022 08:17:46 GMT
content-encoding
gzip
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
client
wbidder2.com/offer/ 		5 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://wbidder2.com/offer/client?affid=onw_202021&subid=aa9ec921-1a49-4a85-8a21-c0b96a515904_3052727-4008040375-0&days=8&count=1
Requested by
Host: celeb-hot-treands.com
URL: https://celeb-hot-treands.com/plugin/js/client.new.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
85.17.79.154 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 04 Oct 2022 08:17:47 GMT
content-encoding
gzip
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
client
wbidder2.com/offer/ 		3 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://wbidder2.com/offer/client?affid=onw_202021&subid=aa9ec921-1a49-4a85-8a21-c0b96a515904_3052727-4008040375-0&days=8&count=1
Requested by
Host: celeb-hot-treands.com
URL: https://celeb-hot-treands.com/plugin/js/client.new.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
85.17.79.154 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 04 Oct 2022 08:17:47 GMT
content-encoding
gzip
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
client
wbidder2.com/offer/ 		9 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://wbidder2.com/offer/client?affid=onw_202021&subid=aa9ec921-1a49-4a85-8a21-c0b96a515904_3052727-4008040375-0&days=8&count=3&adult=undefined&cbjs=
Requested by
Host: celeb-hot-treands.com
URL: https://celeb-hot-treands.com/plugin/js/bidder.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
85.17.79.154 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 04 Oct 2022 08:17:46 GMT
content-encoding
gzip
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
client
wbidder2.com/offer/ 		12 KB
5 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://wbidder2.com/offer/client?affid=onw_202021&subid=aa9ec921-1a49-4a85-8a21-c0b96a515904_3052727-4008040375-0&days=8&count=4&adult=undefined
Requested by
Host: celeb-hot-treands.com
URL: https://celeb-hot-treands.com/plugin/js/bidder-interval.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
85.17.79.154 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 04 Oct 2022 08:17:47 GMT
content-encoding
gzip
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
client
wbidder2.com/offer/ 		10 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://wbidder2.com/offer/client?affid=onw_202021&subid=aa9ec921-1a49-4a85-8a21-c0b96a515904_3052727-4008040375-0&days=8&count=4&adult=undefined
Requested by
Host: celeb-hot-treands.com
URL: https://celeb-hot-treands.com/plugin/js/bidder-interval.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
85.17.79.154 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 04 Oct 2022 08:17:47 GMT
content-encoding
gzip
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjEtMDEvMTAxOTI0Lzk2ZDhiNjBmNGJlYWExYWE4YWJmNjU5M2EwNWUzMWIyLmpwZWc.webp
s-img.mgid.com/g/8193519/328x328/105x0x421x421/
Redirect Chain
  • https://crtv.wboptim.online/icon?url=https%3A%2F%2Fc.mgid.com%2Fc%3Fpv%3D2%26v%3D0%7C0%7C0%7C97aFAF0_VzwFL3_ZsWIpwLye7JREsayNOA8z-D13NYOTbQ6_0oqn7omUIQ2nVurWmADt2ilLdPc-XL2-QULHQg**%26cid%3D383523%...
  • https://c.mgid.com/c?pv=2&v=0|0|0|97aFAF0_VzwFL3_ZsWIpwLye7JREsayNOA8z-D13NYOTbQ6_0oqn7omUIQ2nVurWmADt2ilLdPc-XL2-QULHQg**&cid=383523&f=1&h2=ciSw8JPaNooaj3aQCyVsBmwL_qLa1UqE-T3N8vOgPVU*&rid=073b03c...
  • https://s-img.mgid.com/g/8193519/328x328/105x0x421x421/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjEtMDEvMTAxOTI0Lzk2ZDhiNjBmNGJlYWExYWE4YWJmNjU5M2EwNWUzMWIyLmpwZWc.webp?v=1664871466-G_-IPRADyq1zbKcMweHQXdR_...
17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/8193519/328x328/105x0x421x421/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjEtMDEvMTAxOTI0Lzk2ZDhiNjBmNGJlYWExYWE4YWJmNjU5M2EwNWUzMWIyLmpwZWc.webp?v=1664871466-G_-IPRADyq1zbKcMweHQXdR_GypYKm3ME5TdyzI3zZs
Protocol
H3
Server
2606:4700:1::6813:864e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 08:17:47 GMT
cf-cache-status
HIT
last-modified
Wed, 10 Aug 2022 15:29:12 GMT
x-mg-request-uuid
3d3f5b97-c0fb-4093-86dc-1ba4bd663a87
server
cloudflare
age
1356318
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
754c7baf6fee8096-NRT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
17246

Redirect headers

date
Tue, 04 Oct 2022 08:17:47 GMT
cf-cache-status
DYNAMIC
x-mg-request-uuid
49645ee9-67f4-45d6-830f-0a2a5c707b54
server
cloudflare
location
https://s-img.mgid.com/g/8193519/328x328/105x0x421x421/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjEtMDEvMTAxOTI0Lzk2ZDhiNjBmNGJlYWExYWE4YWJmNjU5M2EwNWUzMWIyLmpwZWc.webp?v=1664871466-G_-IPRADyq1zbKcMweHQXdR_GypYKm3ME5TdyzI3zZs
cf-ray
754c7bae2ea98096-NRT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
win
abc50.feed-xml.com/tracking/ 		43 B
412 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://abc50.feed-xml.com/tracking/win?adid=320E542678E80C3A_557709&aid=582308&event=nurl&without_adm=true
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.239.173.82 , United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Tue, 04 Oct 2022 08:17:47 GMT
Server
Adtelligent
Content-Type
image/gif
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
43
c
c.adskeeper.com/
Redirect Chain
  • https://crtv.wboptim.online/icon?url=https%3A%2F%2Fabc50.feed-xml.com%2Ftracking%2Ficon%3Fadid%3DT1664871466U320E542678E80C3A_557709_582308&s=2055&a=bid_onw_202021&uA=a_233397&sub=aa9ec921-1a49-4a8...
  • https://abc50.feed-xml.com/tracking/icon?adid=T1664871466U320E542678E80C3A_557709_582308
  • https://c.adskeeper.com/c?pv=2&v=0|0|0|97aFAF0_VzwFL3_ZsWIpwH6_pIUcwglBE5smFdvMgmqPT1Jlx244IIa-wQcTsbyFIYiZXoOiM_1x8Zmu2uZvMg**&cid=1149008&f=1&h2=ciSw8JPaNooaj3aQCyVsBmwL_qLa1UqE-T3N8vOgPVU*&rid=0...
0
0
49dd8191db04efc3122093ec7903717461341c6ed1a1c1f520c8436b03859f2d.png
www.ssaimg.com/~OtpGYSWSGuU/
Redirect Chain
  • https://crtv.wboptim.online/icon?url=%2F%2Fngp2.picinow.com%2FadServe%2FwpnFeed%2FgetImage%3FauctionId%3Dfd33eea8-3e7b-4616-b232-a925e7fcd242_560_525424%26ai%3D4CybT-qmF3USdQMGrALvtDxZ5446WWdJzmnwz...
  • https://ngp2.picinow.com/adServe/wpnFeed/getImage?auctionId=fd33eea8-3e7b-4616-b232-a925e7fcd242_560_525424&ai=4CybT-qmF3USdQMGrALvtDxZ5446WWdJzmnwzuOt1RE3H-ZABuv0PpxqXWCLGW1VpQOY2oopXohTyYj1rn0tca...
  • https://www.ssaimg.com/~OtpGYSWSGuU/49dd8191db04efc3122093ec7903717461341c6ed1a1c1f520c8436b03859f2d.png
10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ssaimg.com/~OtpGYSWSGuU/49dd8191db04efc3122093ec7903717461341c6ed1a1c1f520c8436b03859f2d.png
Protocol
H3
Server
2606:4700:3038::6815:ebce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 08:17:47 GMT
cf-cache-status
HIT
last-modified
Thu, 29 Oct 2020 16:25:36 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
5678
etag
"5f9aed00-27d8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HJ4XcANm%2BpOF9CuOXxJY9PnC7OZJ7MIv7ua917Cax1KNyNO1ilfeMQae9hxTaY0cA2UKfyFcendYx58%2B04G6ozZrkJt9gtLml%2BPI60QBATQzoJXcha2eBI9SdVp45Pa%2FMCfDkrEHmspXQmT2mA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
754c7baf1dddafac-NRT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10200

Redirect headers

access-control-allow-origin
*
location
https://www.ssaimg.com/~OtpGYSWSGuU/49dd8191db04efc3122093ec7903717461341c6ed1a1c1f520c8436b03859f2d.png
date
Tue, 04 Oct 2022 08:17:47 GMT
server
nginx
content-length
0
access-control-allow-methods
POST
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjItMDYvMTAxOTI0L2U3NzI4Y...
s-img.mgid.com/g/13404788/328x328/-/
Redirect Chain
  • https://crtv.wboptim.online/icon?url=https%3A%2F%2Fc.mgid.com%2Fc%3Fpv%3D2%26v%3D0%7C0%7C0%7C97aFAF0_VzwFL3_ZsWIpwCXq2ff0W8Nw0RllLCnsvEC8AI8jwUKFgpqZC8IrI9ZQey_5SYfYsY6J7x6gRxjA_g**%26cid%3D383523%...
  • https://c.mgid.com/c?pv=2&v=0|0|0|97aFAF0_VzwFL3_ZsWIpwCXq2ff0W8Nw0RllLCnsvEC8AI8jwUKFgpqZC8IrI9ZQey_5SYfYsY6J7x6gRxjA_g**&cid=383523&f=1&h2=ciSw8JPaNooaj3aQCyVsBmwL_qLa1UqE-T3N8vOgPVU*&rid=07379ea...
  • https://s-img.mgid.com/g/13404788/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd185NjAvaHR0cDovL2ltZ...
16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/13404788/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjItMDYvMTAxOTI0L2U3NzI4YTBkNTQzYWFlNjgyM2RhNmZmNGNlODM2MGNkLmpwZWc.webp?v=1664871466-yTJoZKID68DEWiDGTs_WH-kL5EjEmYafVzLxWrfxyQQ
Protocol
H3
Server
2606:4700:1::6813:864e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 08:17:47 GMT
cf-cache-status
HIT
last-modified
Fri, 01 Jul 2022 07:14:11 GMT
x-mg-request-uuid
c3502744-946d-4c95-a003-d98879bf321e
server
cloudflare
age
1356452
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
754c7baf98258096-NRT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
16010

Redirect headers

date
Tue, 04 Oct 2022 08:17:47 GMT
cf-cache-status
DYNAMIC
x-mg-request-uuid
a8baf280-ff85-4b7e-a6d3-35afcd306d44
server
cloudflare
location
https://s-img.mgid.com/g/13404788/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjItMDYvMTAxOTI0L2U3NzI4YTBkNTQzYWFlNjgyM2RhNmZmNGNlODM2MGNkLmpwZWc.webp?v=1664871466-yTJoZKID68DEWiDGTs_WH-kL5EjEmYafVzLxWrfxyQQ
cf-ray
754c7bae6ed78096-NRT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
49dd8191db04efc3122093ec7903717461341c6ed1a1c1f520c8436b03859f2d.png
www.ssaimg.com/~OtpGYSWSGuU/
Redirect Chain
  • https://crtv.wboptim.online/icon?url=%2F%2Fngp1.picinow.com%2FadServe%2FwpnFeed%2FgetImage%3FauctionId%3D2206e3e9-ccb8-476e-a291-19a945b28dc4_560_525424%26ai%3D4CybT-qmF3USdQMGrALvtDxZ5446WWdJzmnwz...
  • https://ngp1.picinow.com/adServe/wpnFeed/getImage?auctionId=2206e3e9-ccb8-476e-a291-19a945b28dc4_560_525424&ai=4CybT-qmF3USdQMGrALvtDxZ5446WWdJzmnwzuOt1RE3H-ZABuv0PpxqXWCLGW1VpQOY2oopXohTyYj1rn0tca...
  • https://www.ssaimg.com/~OtpGYSWSGuU/49dd8191db04efc3122093ec7903717461341c6ed1a1c1f520c8436b03859f2d.png
10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ssaimg.com/~OtpGYSWSGuU/49dd8191db04efc3122093ec7903717461341c6ed1a1c1f520c8436b03859f2d.png
Protocol
H3
Server
2606:4700:3038::6815:ebce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 08:17:47 GMT
cf-cache-status
HIT
last-modified
Thu, 29 Oct 2020 16:25:36 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
5678
etag
"5f9aed00-27d8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kDgShoramesVPoJz3zY3V43r14HfSnFm0Kr1Ssr4%2BfLNNbQ1TKbDqDVaI1bd4d5aV8FiJPuxurlDY9yL2E1X49VPyEuwH%2FIQUJZURQWYirvwLWFWXLihBrzN0EaCdFxLhgEbJxlEUSX8dAuB2A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
754c7bb0c85aafac-NRT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10200

Redirect headers

access-control-allow-origin
*
location
https://www.ssaimg.com/~OtpGYSWSGuU/49dd8191db04efc3122093ec7903717461341c6ed1a1c1f520c8436b03859f2d.png
date
Tue, 04 Oct 2022 08:17:47 GMT
server
nginx
content-length
0
access-control-allow-methods
POST
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjItMDgvMTAxOTI0LzNmZWVjM...
s-img.adskeeper.co.uk/g/14137417/328x328/-/
Redirect Chain
  • https://crtv.wboptim.online/icon?url=https%3A%2F%2Fc.adskeeper.co.uk%2Fc%3Fpv%3D2%26v%3D0%7C0%7C0%7C97aFAF0_VzwFL3_ZsWIpwPr0W9hNS1tfH17AaiKQQsdJmxTOWb8NiXz9CZyJO0vu-rUwrRpqTSPlw4R5YTKMkg**%26cid%3D...
  • https://c.adskeeper.co.uk/c?pv=2&v=0|0|0|97aFAF0_VzwFL3_ZsWIpwPr0W9hNS1tfH17AaiKQQsdJmxTOWb8NiXz9CZyJO0vu-rUwrRpqTSPlw4R5YTKMkg**&cid=721392&f=1&h2=ciSw8JPaNooaj3aQCyVsBmwL_qLa1UqE-T3N8vOgPVU*&rid=...
  • https://s-img.adskeeper.co.uk/g/14137417/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd185NjAvaHR0cD...
11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.adskeeper.co.uk/g/14137417/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjItMDgvMTAxOTI0LzNmZWVjMWJhNmFiNGM0ODFmN2IwYzM2YzQ5ZGU1NjliLmpwZWc.webp?v=1664871466-OIDFmPlXc1aTz9mZ2uVwZw7vMGuUJWGa5O5XjfasTPQ
Protocol
H2
Server
2606:4700::6812:1bae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 08:17:47 GMT
cf-cache-status
HIT
last-modified
Thu, 22 Sep 2022 09:56:02 GMT
x-mg-request-uuid
f822158c-7eb8-42e4-8c34-0a6f6d71448b
server
cloudflare
age
1024625
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
754c7bb149f33408-NRT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
11086

Redirect headers

date
Tue, 04 Oct 2022 08:17:47 GMT
cf-cache-status
DYNAMIC
x-mg-request-uuid
78f8ef5b-4617-414e-a575-4c03a301e90c
server
cloudflare
location
https://s-img.adskeeper.co.uk/g/14137417/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjItMDgvMTAxOTI0LzNmZWVjMWJhNmFiNGM0ODFmN2IwYzM2YzQ5ZGU1NjliLmpwZWc.webp?v=1664871466-OIDFmPlXc1aTz9mZ2uVwZw7vMGuUJWGa5O5XjfasTPQ
cf-ray
754c7bb049073408-NRT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjItMDkvMTAxOTI0L2Q4NzRlY...
s-img.adskeeper.co.uk/g/14137444/328x328/-/
Redirect Chain
  • https://crtv.wboptim.online/icon?url=https%3A%2F%2Fc.adskeeper.co.uk%2Fc%3Fpv%3D2%26v%3D0%7C0%7C0%7C97aFAF0_VzwFL3_ZsWIpwK-VsWSUP1xBOPfwNiQhBOO1JsBd6fqzHYKNKj0pfIj1nKNQFB4_RaIbYXW-omsH9g**%26cid%3D...
  • https://c.adskeeper.co.uk/c?pv=2&v=0|0|0|97aFAF0_VzwFL3_ZsWIpwK-VsWSUP1xBOPfwNiQhBOO1JsBd6fqzHYKNKj0pfIj1nKNQFB4_RaIbYXW-omsH9g**&cid=327360&f=1&h2=ciSw8JPaNooaj3aQCyVsBmwL_qLa1UqE-T3N8vOgPVU*&rid=...
  • https://s-img.adskeeper.co.uk/g/14137444/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd185NjAvaHR0cD...
9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.adskeeper.co.uk/g/14137444/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjItMDkvMTAxOTI0L2Q4NzRlYTZiZmI3NWU1MTY5NzFkODhhZDAyNmEwNGNlLmpwZWc.webp?v=1664871466-W9vcquHWY0uJerxEJZZJTzFJjRNQaksG5R_Ac6Y5Pr8
Protocol
H3
Server
2606:4700::6812:1aae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 08:17:47 GMT
cf-cache-status
HIT
last-modified
Thu, 22 Sep 2022 09:57:24 GMT
x-mg-request-uuid
85869591-5fcd-438e-80b8-45b880b73a52
server
cloudflare
age
1026307
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
754c7bb1687580a1-NRT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9624

Redirect headers

date
Tue, 04 Oct 2022 08:17:47 GMT
cf-cache-status
DYNAMIC
x-mg-request-uuid
083e383d-e5cd-458a-8800-1d38d48446b4
server
cloudflare
location
https://s-img.adskeeper.co.uk/g/14137444/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjItMDkvMTAxOTI0L2Q4NzRlYTZiZmI3NWU1MTY5NzFkODhhZDAyNmEwNGNlLmpwZWc.webp?v=1664871466-W9vcquHWY0uJerxEJZZJTzFJjRNQaksG5R_Ac6Y5Pr8
cf-ray
754c7bb0691f3408-NRT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0LzkxYmVlYmFiNjI4MjRhZmYyNWM0Mjg4MTM4YmM2YjQxLmpwZWc.webp
s-img.adskeeper.co.uk/g/12578202/328x328/14x0x419x419/
Redirect Chain
  • https://crtv.wboptim.online/icon?url=https%3A%2F%2Fc.adskeeper.co.uk%2Fc%3Fpv%3D2%26v%3D0%7C0%7C0%7C97aFAF0_VzwFL3_ZsWIpwKZupy1wTDIS1oVXELM9bsC1JsBd6fqzHYKNKj0pfIj1sT-M0D5iOUcAwiSpGHKVgw**%26cid%3D...
  • https://c.adskeeper.co.uk/c?pv=2&v=0|0|0|97aFAF0_VzwFL3_ZsWIpwKZupy1wTDIS1oVXELM9bsC1JsBd6fqzHYKNKj0pfIj1sT-M0D5iOUcAwiSpGHKVgw**&cid=721394&f=1&h2=ciSw8JPaNooaj3aQCyVsBmwL_qLa1UqE-T3N8vOgPVU*&rid=...
  • https://s-img.adskeeper.co.uk/g/12578202/328x328/14x0x419x419/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0LzkxYmVlYmFiNjI4MjRhZmYyNWM0Mjg4MTM4YmM2YjQxLmpwZWc.webp?v=1664871466-Tt4j_RsU-A1-6zMbc...
19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.adskeeper.co.uk/g/12578202/328x328/14x0x419x419/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0LzkxYmVlYmFiNjI4MjRhZmYyNWM0Mjg4MTM4YmM2YjQxLmpwZWc.webp?v=1664871466-Tt4j_RsU-A1-6zMbcAdM9HDX7e2dgtGKtpWJDKcLEeA
Protocol
H3
Server
2606:4700::6812:1aae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 08:17:47 GMT
cf-cache-status
HIT
last-modified
Wed, 10 Aug 2022 17:31:37 GMT
x-mg-request-uuid
4f5f4428-5994-45d0-a0f6-f5fcb2805574
server
cloudflare
age
1348658
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
754c7bb1687680a1-NRT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
19460

Redirect headers

date
Tue, 04 Oct 2022 08:17:47 GMT
cf-cache-status
DYNAMIC
x-mg-request-uuid
e4fe08e7-e694-4bbf-bcb5-729c860507d4
server
cloudflare
location
https://s-img.adskeeper.co.uk/g/12578202/328x328/14x0x419x419/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0LzkxYmVlYmFiNjI4MjRhZmYyNWM0Mjg4MTM4YmM2YjQxLmpwZWc.webp?v=1664871466-Tt4j_RsU-A1-6zMbcAdM9HDX7e2dgtGKtpWJDKcLEeA
cf-ray
754c7bb069253408-NRT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
49dd8191db04efc3122093ec7903717461341c6ed1a1c1f520c8436b03859f2d.png
www.ssaimg.com/~OtpGYSWSGuU/
Redirect Chain
  • https://crtv.wboptim.online/icon?url=%2F%2Fngp1.picinow.com%2FadServe%2FwpnFeed%2FgetImage%3FauctionId%3Da9dbabc7-b96c-45ee-91b4-3d79514aefa2_560_525424%26ai%3D4CybT-qmF3USdQMGrALvtDxZ5446WWdJzmnwz...
  • https://ngp1.picinow.com/adServe/wpnFeed/getImage?auctionId=a9dbabc7-b96c-45ee-91b4-3d79514aefa2_560_525424&ai=4CybT-qmF3USdQMGrALvtDxZ5446WWdJzmnwzuOt1RE3H-ZABuv0PpxqXWCLGW1VpQOY2oopXohTyYj1rn0tcS...
  • https://www.ssaimg.com/~OtpGYSWSGuU/49dd8191db04efc3122093ec7903717461341c6ed1a1c1f520c8436b03859f2d.png
10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ssaimg.com/~OtpGYSWSGuU/49dd8191db04efc3122093ec7903717461341c6ed1a1c1f520c8436b03859f2d.png
Protocol
H3
Server
2606:4700:3038::6815:ebce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 08:17:47 GMT
cf-cache-status
HIT
last-modified
Thu, 29 Oct 2020 16:25:36 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
5678
etag
"5f9aed00-27d8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=azctIaeLqpXvkV8AmPCPlLn25BGxZSjZSO7nBcgOuqRwsRN9NVdtFZ7e8Dp0cLpuPbTxx7DT9Tl%2BQcBEsPqRhdVHgAE%2FC5hfrSidAaCjoV%2BhchdC4TeOb1fJTb%2BYZuHDYhS8TS2HA3dzLjQDhQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
754c7bb168d9afac-NRT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10200

Redirect headers

access-control-allow-origin
*
location
https://www.ssaimg.com/~OtpGYSWSGuU/49dd8191db04efc3122093ec7903717461341c6ed1a1c1f520c8436b03859f2d.png
date
Tue, 04 Oct 2022 08:17:47 GMT
server
nginx
content-length
0
access-control-allow-methods
POST
client
wbidder2.com/offer/ 		0
0
Primary Request /
www.google.com/
Redirect Chain
  • https://offers-reviews.com/tracking202/redirect/dl.php?t202id=939816&t202kw=JP-0.0001-1076553-443034786--89438491029-Desktop-Windows+10-Chrome+106-UNKNOWN
  • https://afflat3a1.com/lnk.asp?o=13260&c=918271&a=370597&k=97B9422D65397CB8962ABABC5F3EC9B2&l=16928&s2=20715685
  • https://ffatric1.com/def.cfm?i=370597&o=13260&c=JP&d=D&z=0
  • http://www.google.com/?src=mb
  • https://www.google.com/?src=mb&gws_rd=ssl
13 KB
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/?src=mb&gws_rd=ssl
Requested by
Host: p415946.mybetterck.com
URL: http://p415946.mybetterck.com/adServe/wpnAdClick?ai=eHdHhnjefhySLXJTUAaXKG4821fGryE7pHfSmpLYG7qliqFZVf5u_9P-IktRN2sktaBa_pX3DBtiE2Ew9YIiXdepv38QUmTbfCIUPlyaY5RD-IoRiWjmF-kTNyeQmn1NgmGw-kTpOBIPAe_L4WAxrSPMP7Kf2jK2E4Up4F0rxvIA6I4B8spzdfq1VQcFG0q_7cxV8pdl6qd_KczlyjZZuZ6zlSswW_R6FjuED_lYu83SkbnF2ZZTSTOLXBkCsQ1cwdqzLjhhG1WRFmgORM3pNLemXBsUGDaFwZ-ZpHFvH5wqbdo8nAeBMyKsg4OTUwVvff6jBjvVOkMpfV0Usf4Im1pzn9FT5cp7v70AKXB3WEpTHuSAL4-k15Y9fFOikj2wzoaHkUrUW4a5hFb9pGZF8GKzMCbo0inuKUp18T99ijALxdTk72VP09sMkACYP8GijhzaAHtpe_2AH4MJyCgMDGLMX_RFAVuc4mOnJd67jI1QIdxRkmEpU8X0XqtOSLnKdXXexsw_Zw3XJeIfh6fmOEuKbmg6ulf7YruEab8qko7ONJN9yS9DXbwztVY_lrnt_DH1YyhqGN7G-g2gWt8lqAXVfzivY18rb-FdWyjBuVMbegmPq__XE0zw4ammdhci9WaGCOKTlXG99CGOJ-MondPZfS2H2Vmyvzx34vFaVJo&ui=IKaS41W5VyZH2DGTLWTMdlh2V8-nxiox5BqBrDJxXOFv4V1bKMG5Uyi7bzCY-CvIhq2A1ADGJKo&awpm=iYJr_Xlzi3jJVQYaYAGzzA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:813::2004 -, , ASN (),
Reverse DNS
Software
gws /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
http://p415946.mybetterck.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

accept-ch
Sec-CH-UA-Platform Sec-CH-UA-Platform-Version Sec-CH-UA-Full-Version Sec-CH-UA-Arch Sec-CH-UA-Model Sec-CH-UA-Bitness Sec-CH-UA-Full-Version-List Sec-CH-UA-WoW64
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
bfcache-opt-in
unload
cache-control
private, max-age=0
content-encoding
br
content-length
45713
content-type
text/html; charset=UTF-8
date
Tue, 04 Oct 2022 08:17:50 GMT
expires
-1
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
server
gws
strict-transport-security
max-age=31536000
x-frame-options
SAMEORIGIN
x-xss-protection
0

Redirect headers

BFCache-Opt-In
unload
Cache-Control
private
Content-Length
242
Content-Type
text/html; charset=UTF-8
Date
Tue, 04 Oct 2022 08:17:50 GMT
Location
https://www.google.com/?src=mb&gws_rd=ssl
Server
gws
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
c.adskeeper.com
URL
https://c.adskeeper.com/c?pv=2&v=0|0|0|97aFAF0_VzwFL3_ZsWIpwH6_pIUcwglBE5smFdvMgmqPT1Jlx244IIa-wQcTsbyFIYiZXoOiM_1x8Zmu2uZvMg**&cid=1149008&f=1&h2=ciSw8JPaNooaj3aQCyVsBmwL_qLa1UqE-T3N8vOgPVU*&rid=073aac49-43bd-11ed-a196-e4434b151302&psid=a_233397&iub=aHR0cHM6Ly9zLWltZy5hZHNrZWVwZXIuY29tL2cvMTM3ODA2MjcvMzI4eDMyOC8tL2FIUjBjRG92TDJOc0xtbHRaMmh2YzNSekxtTnZiUzlwYldkb0wybHRZV2RsTDJabGRHTm9MMkZ5WHpFNk1TeGpYMlpwYkd3c1pWOXphR0Z5Y0dWdU9qRXdNQ3htWDJwd1p5eG5YMlpoWTJWek9tRjFkRzhzY1Y5aGRYUnZPbWR2YjJRc2QxODVOakF2YUhSMGNEb3ZMMmx0WjJodmMzUnpMbU52YlM5MEx6SXdNakl0TURjdk1UQXhPVEkwTHpsbE1Ea3dNMlkwT1RjM00yVmxNbU5sWXpFd056bGpOalV3TVRrNVlXUXlMbXB3WldjLndlYnA_dj0xNjY0ODcxNDY2LS02QW5nZFNPUURTOEtDcUd5T3ZSZHE0UksweUd1QmhfbGNWOEJVZXQ4V1E=
Domain
wbidder2.com
URL
https://wbidder2.com/offer/client?affid=onw_202021&subid=aa9ec921-1a49-4a85-8a21-c0b96a515904_3052727-4008040375-0&days=8&count=5&adult=undefined

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation

15 Cookies

Domain/Path Name / Value
www.affforce.com/ Name: PAPVisitorId
Value: d1145b926ac1100c7d36a9f3fSAC3y0i
.affforce.com/ Name: __cf_bm
Value: FK4KB2AhFWzFptzccXQC7Yb1KBM_e5MRCnRpVzNfdLo-1664871459-0-AcMfDTsTKSmlmmDOOwgAmbseJR5kjGc/lBKzWSd4wyNFGiDfPLbsSo1pa18NxntSfTeIb06rQ8WhCgnkY82nMFI=
.marially-watears.icu/ Name: aa9ec921-1a49-4a85-8a21-c0b96a515904-v4
Value: A2hbWsWm-vy7Na38HND0tobVpVWCt53fhhSMPWMYlHI
.marially-watears.icu/ Name: cc-v4
Value: wAkxnO0aivmUepmUeQm46Da0JM6Fv9zkGbigUq0x25H0rCyDuIgPQsa4HW6vp8ys8u6WtTg0%2F5u8WWnyGXQHzzdYSpQfluImxRaIsuF3UND8ne2AYoiIAxbOGW%2B4facy7xI4l08IiI5bmIO841CIsQ%3D%3D
.go.ts-tracker.me/ Name: 15GIEBo
Value: 1
.go.ts-tracker.me/ Name: pc-cid
Value: 6d1516e85900190f0a13f8e899c4dab8-4888-1004
.go.ts-tracker.me/ Name: pc-campaign
Value: 15GIEB
.mgid.com/ Name: __cf_bm
Value: Jyk.tiLZyNGzX9b.ItG8hLUoV7892_nN1uqZmceafro-1664871465-0-AdLbub8vvB8WwomLRP0f3be7LkwOUzvDK6ai5YMV3tWThxcZDpFWF9fJdXLnwKPyFZp+rZi3Ami5JIrdF5FH4Rc=
.trk.cpvlabtrk.online/ Name: 15GtmVo
Value: 1
.trk.cpvlabtrk.online/ Name: pc-cid
Value: 55b61673a49780e6d3b487a1b5ad974c-4888-1004
.trk.cpvlabtrk.online/ Name: pc-campaign
Value: 15GtmV
ngp2.mybetterck.com/ Name: rhid
Value: 82134486213
.feed-xml.com/ Name: vmuid
Value: 31a3c2af05d3beb1
.offers-reviews.com/ Name: tracking202subid
Value: 20715685
.offers-reviews.com/ Name: tracking202subid_a_3766
Value: 20715685

1 Console Messages

Source Level URL
Text
other error URL: https://celeb-hot-treands.com/lp/y-arrow/?cp=8&tag=202021&tag1=musicplayer&tag2=aa9ec921-1a49-4a85-8a21-c0b96a515904_3052727-4008040375-0&tag3=202021&tag4=dating&clickid=6d1516e85900190f0a13f8e899c4dab8-4888-1004&device=Desktop&brand=Desktop&model=Desktop&country=JP&affid=202021&subid=aa9ec921-1a49-4a85-8a21-c0b96a515904_3052727-4008040375-0&ln=Unknown&cid=&useragent={var:useragent}&ip=2001:ac8:40:b5::5e&bv=Chrome%20106&as=pc&gf=12
Message:
Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

abc50.feed-xml.com
afflat3a1.com
c.adskeeper.co.uk
c.adskeeper.com
c.mgid.com
celeb-hot-treands.com
clk.wbidder2.com
crtv.wboptim.online
directdexchange.com
ffatric1.com
go.tffkroute.com
go.ts-tracker.me
marially-watears.icu
mcmo22.com
ngp1.picinow.com
ngp2.mybetterck.com
ngp2.picinow.com
offers-reviews.com
p415946.mybetterck.com
s-img.adskeeper.co.uk
s-img.mgid.com
tinyurl.com
trk.cpvlabtrk.online
wbidder2.com
www.affforce.com
www.google.com
www.ssaimg.com
c.adskeeper.com
wbidder2.com
108.168.193.183
108.168.193.186
108.168.193.189
185.239.173.82
209.87.159.121
213.227.145.147
2404:6800:4004:813::2004
2603:1040:a01:2::1e
2603:1040:a01:2::2f
2606:4700:10::6814:8b41
2606:4700:10::ac43:162d
2606:4700:1::6813:864e
2606:4700:3032::6815:4480
2606:4700:3037::6815:4ce0
2606:4700:3038::6815:ebce
2606:4700::6812:1aae
2606:4700::6812:1bae
3.0.220.200
35.201.70.46
69.172.200.185
83.149.73.233
85.17.31.90
85.17.79.154
04d52b68b6ff6426c3c993fe6459eb08052aeb1f611e4519a4e6c7c0e60495ca
0c1ec20cebee238e4fa9aa825a6d5005a429fb7fcd3ef4c741c9e85e748adfc7
3e0c01a6c467139034e28e06b14cfe72288008d377ef4c02219210058973a72a
3f0014f83976d1cf838ba0bb0dd7b9150457ebc601c4f6840d8e16620c12ad5b
412b5a18360dcd8eccc1ef45f7d8b541bdc4fab11f1b10685a7b9916a509ef4a
4261f5b9b560c04a5b01559c45547e64f80f412e364d11520e2f8e70bdfc3978
44732c891c3fffbf3ec24e05f43fb59908ed9e467f35f424f71a45a649f78f01
4fcf63aeecc00b000351d5b887fb4cc3dc9b6bc97cb7852734864852b7797226
6e2b8dc19237c42b521d6376c54108bd23bd1e4691c21d98d4e31800d4f3a558
7ffbc5613ad711543dc07ae92ea8a151ed27fa356f0a591181910f4270b2e908
b5c45613c4528fb4785b9cffb2cd689e99edef21dff38b83832a7df2ebfed471
b6a268ee13280fb9c22169749644b9c8e84df3a1c25698d42b1a0a271ebe9526
bdb2359ec80c411ef58b64a084af23d1326211fceec0e828cd8139dc6eba3a81
de7247f0e7c5687fdd99324fa8b9491922768893a24d5d64af7989df06c386e9
ea8d074475a237fc34ae2ed9415f0faa805968e5747b685873841dca68c9042a
fa3b3226d479e41718e5071140a65f690f68001e8e38cb56a228679b3209d9b8