int.special-offers.online Open in urlscan Pro
213.227.145.136 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://track.special-promotions.online/15GcaK?tag=30051&tag1=blackplayer&tag2=72_&tag3=30051&tag4=dating&clickid=ef0758adcde99a99b20ff3...
Effective URL:
https://int.special-offers.online/common/content/contentforyou6.php
Submission: On May 25 via manual (May 25th 2020, 3:25:26 pm UTC) from IN

Summary HTTP 45 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 13 IPs in 8 countries across 22 domains to perform 45 HTTP transactions. The main IP is 213.227.145.136, located in Netherlands and belongs to LEASEWEB-NL-AMS-01 Netherlands, NL. The main domain is int.special-offers.online.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G2 on June 30th 2019. Valid for: a year.

This is the only time int.special-offers.online was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2a03:b0c0:3:d... 2a03:b0c0:3:d0::d13:7001	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1 1	5.79.72.207 5.79.72.207	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
3	213.227.145.136 213.227.145.136	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
27	104.19.134.78 104.19.134.78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	213.227.145.141 213.227.145.141	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1	2a00:1450:400... 2a00:1450:4001:820::2003	15169 (GOOGLE) (GOOGLE)
1 3	2.16.46.85 2.16.46.85	16625 (AKAMAI-AS) (AKAMAI-AS)
3	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 1	23.105.254.60 23.105.254.60	7979 (SERVERS) (SERVERS)
2	178.250.2.131 178.250.2.131	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 1	23.5.109.251 23.5.109.251	16625 (AKAMAI-AS) (AKAMAI-AS)
1	104.109.78.125 104.109.78.125	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	104.16.221.74 104.16.221.74	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	185.184.8.30 185.184.8.30	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
2 2	172.217.16.194 172.217.16.194	15169 (GOOGLE) (GOOGLE)
1 1	138.201.86.121 138.201.86.121	24940 (HETZNER-AS) (HETZNER-AS)
5 5	52.57.90.82 52.57.90.82	16509 (AMAZON-02) (AMAZON-02)
1	72.247.224.27 72.247.224.27	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	35.212.212.222 35.212.212.222	19527 (GOOGLE-2) (GOOGLE-2)
2 2	3.122.141.1 3.122.141.1	16509 (AMAZON-02) (AMAZON-02)
1	23.105.245.4 23.105.245.4	7979 (SERVERS) (SERVERS)
2 2	88.212.252.22 88.212.252.22	7979 (SERVERS) (SERVERS)
2 2	34.252.71.88 34.252.71.88	16509 (AMAZON-02) (AMAZON-02)
2	2600:1f18:40f... 2600:1f18:40f7:9703:c616:7210:773f:d93e	14618 (AMAZON-AES) (AMAZON-AES)
45	13

1 2a03:b0c0:3:d0::d13:7001 (Frankfurt am Main, Germany) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

track.special-promotions.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 5.79.72.207 (Netherlands) 1 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

clk.wbidder.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.227.145.136 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

int.special-offers.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 104.19.134.78 (United States)

ASN13335 (CLOUDFLARENET, US)

jsc.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
servicer.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s-img.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.227.145.141 (Netherlands) 1 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

wbidder.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:820::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2.16.46.85 (Ascension Island) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-16-46-85.deploy.static.akamaitechnologies.com

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.105.254.60 (Russian Federation) 1 redirects

ASN7979 (SERVERS, US)

udata.mixmarket.biz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.2.131 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.5.109.251 (Netherlands) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-5-109-251.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.109.78.125 (Netherlands)

ASN20940 (AKAMAI-ASN1, EU)
PTR: a104-109-78-125.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.221.74 (United States)

ASN13335 (CLOUDFLARENET, US)

cm.idealmedia.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.184.8.30 (Poland) 2 redirects

ASN204995 (RTB-HOUSE-AMS, NL)
PTR: ip-185-184-8-30.rtbhouse.net

creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ams.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.16.194 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 138.201.86.121 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.121.86.201.138.clients.your-server.de

csync.loopme.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.57.90.82 (Frankfurt am Main, Germany) 5 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-90-82.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 72.247.224.27 (United States)

ASN16625 (AKAMAI-AS, US)
PTR: a72-247-224-27.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.212.212.222 (Mountain View, United States) 2 redirects

ASN19527 (GOOGLE-2, US)
PTR: 222.212.212.35.bc.googleusercontent.com

rtb-usw.mfadsrvr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.122.141.1 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-141-1.eu-central-1.compute.amazonaws.com

prod.perf-serving.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.105.245.4 (Russian Federation)

ASN7979 (SERVERS, US)

cm.lentainform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.212.252.22 (Russian Federation) 2 redirects

ASN7979 (SERVERS, US)

ads.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.252.71.88 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-252-71-88.eu-west-1.compute.amazonaws.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1f18:40f7:9703:c616:7210:773f:d93e (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

shanta-jos.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
27	mgid.com jsc.mgid.com servicer.mgid.com cm.mgid.com cdn.mgid.com s-img.mgid.com c.mgid.com	221 KB
5	bidswitch.net 5 redirects x.bidswitch.net	2 KB
3	criteo.net static.criteo.net	30 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com	2 KB
3	special-offers.online int.special-offers.online	7 KB
3	wbidder.online 2 redirects clk.wbidder.online wbidder.online	2 KB
2	shanta-jos.com shanta-jos.com	10 KB
2	adsrvr.org 2 redirects match.adsrvr.org	905 B
2	betweendigital.com 2 redirects ads.betweendigital.com	934 B
2	perf-serving.com 2 redirects prod.perf-serving.com	1 KB
2	mfadsrvr.com 2 redirects rtb-usw.mfadsrvr.com	657 B
2	doubleclick.net 2 redirects cm.g.doubleclick.net	1 KB
2	creativecdn.com 2 redirects creativecdn.com ams.creativecdn.com	691 B
2	rubiconproject.com 1 redirects secure-assets.rubiconproject.com eus.rubiconproject.com	279 B
2	criteo.com bidder.criteo.com	310 B
1	lentainform.com cm.lentainform.com	329 B
1	media.net contextual.media.net	48 B
1	loopme.me 1 redirects csync.loopme.me	193 B
1	idealmedia.io cm.idealmedia.io	557 B
1	mixmarket.biz 1 redirects udata.mixmarket.biz	207 B
1	gstatic.com fonts.gstatic.com	19 KB
1	special-promotions.online 1 redirects track.special-promotions.online	983 B
45	22

	Domain	Requested by
12	s-img.mgid.com
10	cm.mgid.com	jsc.mgid.com
5	x.bidswitch.net	5 redirects
3	static.criteo.net	jsc.mgid.com
3	sb.scorecardresearch.com	1 redirects jsc.mgid.com
3	int.special-offers.online	int.special-offers.online
2	c.mgid.com
2	shanta-jos.com
2	match.adsrvr.org	2 redirects
2	ads.betweendigital.com	2 redirects
2	prod.perf-serving.com	2 redirects
2	rtb-usw.mfadsrvr.com	2 redirects
2	cm.g.doubleclick.net	2 redirects
2	bidder.criteo.com	static.criteo.net
2	wbidder.online	1 redirects int.special-offers.online
1	cm.lentainform.com
1	contextual.media.net
1	csync.loopme.me	1 redirects
1	ams.creativecdn.com	1 redirects
1	creativecdn.com	1 redirects
1	cm.idealmedia.io
1	eus.rubiconproject.com
1	secure-assets.rubiconproject.com	1 redirects
1	udata.mixmarket.biz	1 redirects
1	cdn.mgid.com
1	servicer.mgid.com	jsc.mgid.com
1	fonts.gstatic.com
1	jsc.mgid.com	int.special-offers.online
1	clk.wbidder.online	1 redirects
1	track.special-promotions.online	1 redirects
45	30

This site contains links to these domains. Also see Links.

Domain
widgets.mgid.com
dream-singles
dream-singles.com
asiame
gamesvidrshl
malehealth
be2

Subject Issuer	Validity	Valid
*.special-offers.online AlphaSSL CA - SHA256 - G2	`2019-06-30` - `2020-07-30`	a year	crt.sh
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2020-04-07` - `2020-10-09`	6 months	crt.sh
*.wbidder.online AlphaSSL CA - SHA256 - G2	`2020-03-05` - `2021-03-06`	a year	crt.sh
*.gstatic.com GTS CA 1O1	`2020-05-05` - `2020-07-28`	3 months	crt.sh
*.scorecardresearch.com Sectigo RSA Organization Validation Secure Server CA	`2019-12-16` - `2020-12-25`	a year	crt.sh
*.criteo.net DigiCert ECC Secure Server CA	`2020-03-30` - `2020-06-28`	3 months	crt.sh
*.criteo.com DigiCert ECC Secure Server CA	`2020-03-30` - `2020-06-28`	3 months	crt.sh
*.rubiconproject.com DigiCert SHA2 Secure Server CA	`2019-02-13` - `2021-02-17`	2 years	crt.sh
*.media.net DigiCert SHA2 Secure Server CA	`2020-02-25` - `2021-05-26`	a year	crt.sh
*.lentainform.com Go Daddy Secure Certificate Authority - G2	`2020-01-09` - `2021-01-20`	a year	crt.sh
shanta-jos.com Amazon	`2020-05-13` - `2021-06-13`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://int.special-offers.online/common/content/contentforyou6.php
Frame ID: 4EA64E4F36C2839DB51B8C8EBBC64263
Requests: 35 HTTP requests in this frame

Frame: https://jsc.mgid.com/c/l/click-push.com.273247.js?t=12042515
Frame ID: E3BB81D2D666B3C461C2ECE68D40BA87
Requests: 9 HTTP requests in this frame

Frame: https://cm.mgid.com/i-noref.js?cbuster=1590420305061562017300
Frame ID: DEF74AC9512D15576A584CF3233F561C
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://track.special-promotions.online/15GcaK?tag=30051&tag1=blackplayer&tag2=72_&tag3=30051&tag4=dating&clickid=ef... HTTP 302
https://clk.wbidder.online/redirect?url=https%3A%2F%2Fxml.fastdlr.com%2Fclick%3Fi%3D7B16PtYILKY_0%26p%3... HTTP 302
https://int.special-offers.online/common/content/contentforyou6.php Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

html /<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i
script /\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i

Page Statistics

45
Requests

100 %
HTTPS

17 %
IPv6

22
Domains

30
Subdomains

13
IPs

8
Countries

292 kB
Transfer

499 kB
Size

1
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://widgets.mgid.com/?utm_source=int.special-offers.online&utm_medium=referral&utm_campaign=widgets&utm_content=273247

Search URL Search Domain Scan URL

URL: https://dream-singles/Sexy_Russian_Babes_Looking_For_Men_Older_Than_30

Search URL Search Domain Scan URL

URL: https://dream-singles.com/Beautiful_Russian_Women_Looking_For_Men_Over_30._Actual_Profile

Search URL Search Domain Scan URL

URL: https://asiame/Gorgeous_Asian_Women_Are_Looking_For_You

Search URL Search Domain Scan URL

URL: https://gamesvidrshl/Realistic_Game_For_Men

Search URL Search Domain Scan URL

URL: https://malehealth/Ihre_Frau_wird_diesen_Trick_sicher_sch%C3%A4tzen_-_versuchen_Sie_es

Search URL Search Domain Scan URL

URL: https://be2/Reiche_einsame_Frauen_suchen_reife_M%C3%A4nner

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://track.special-promotions.online/15GcaK?tag=30051&tag1=blackplayer&tag2=72_&tag3=30051&tag4=dating&clickid=ef0758adcde99a99b20ff35172dfc2d4-4888-0524&device=Desktop&brand=Desktop&model=Desktop&country=CA&affid=30051&subid=72_&ln=en&cid=ef0758adcde99a99b20ff35172dfc2d4-4888-0524&useragent=%257Bvar%3Auseragent%257D&ip=67.71.74.239&bv=Chrome%252083&as=pc&onw=1&link=url%3Dhttps%253A%252F%252Fxml.fastdlr.com%252Fclick%253Fi%253D7B16PtYILKY_0%2526p%253D1590283975.209758%26s%3D1015%26a%3Dbid_onw_30051%26sub%3D72_%26ts%3D1590283976%26d%3D38%26c%3D9830521052227 HTTP 302
https://clk.wbidder.online/redirect?url=https%3A%2F%2Fxml.fastdlr.com%2Fclick%3Fi%3D7B16PtYILKY_0%26p%3D1590283975.209758&s=1015&a=bid_onw_30051&sub=72_&ts=1590283976&d=38&c=9830521052227 HTTP 302
https://int.special-offers.online/common/content/contentforyou6.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 23

https://udata.mixmarket.biz/tr.php?syncnet=28&cb=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D311971%26mode%3Dinverse%26c%3D%24UID HTTP 301
https://cm.mgid.com/m?cdsp=311971&mode=inverse&c=0

Request Chain 25

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=mgid&endpoint=eu HTTP 302
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu

Request Chain 27

https://creativecdn.com/cm-notify?pi=mgid HTTP 302
https://ams.creativecdn.com/cm-notify?pi=mgid&tc=1 HTTP 302
https://cm.mgid.com/m?cdsp=501037&c=mfg8l08LWy4HHzu0aCCd&pi=mgid&tc=1

Request Chain 28

https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=azRwNERxZ0tWZ3A4&muidn=k4p4DqgKVgp8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=azRwNERxZ0tWZ3A4&muidn=k4p4DqgKVgp8&google_tc= HTTP 302
https://cm.mgid.com/google?muidn=k4p4DqgKVgp8&google_ula={guid},5&google_gid=CAESEP4z7UCGwj5uCd-XJWgxAIs&google_cver=1

Request Chain 29

https://csync.loopme.me/?redirect=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D433143%26c%3D%7Bdevice_id%7D HTTP 307
https://cm.mgid.com/m?cdsp=433143&c=29fd55d5-4d1b-404f-9475-a4b2840f45f9

Request Chain 30

https://x.bidswitch.net/sync?dsp_id=303&user_id=k4p4DqgKVgp8 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=303&user_id=k4p4DqgKVgp8 HTTP 302
https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=0c21bf2a-0a23-4f79-97c0-c09a2cc222c0

Request Chain 31

https://rtb-usw.mfadsrvr.com/sync?ssp=mgid HTTP 302
https://rtb-usw.mfadsrvr.com/ul_cb/sync?ssp=mgid HTTP 302
https://cm.mgid.com/m?cdsp=287839&c=e634b28c-16ca-499a-8550-11e4e5b5fdc6

Request Chain 32

https://x.bidswitch.net/sync?ssp=mgid HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=mgid HTTP 302
https://prod.perf-serving.com/sync?ssp=bidswitch&bidswitch_ssp_id=mgid HTTP 302
https://prod.perf-serving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=mgid HTTP 302
https://x.bidswitch.net/sync?dsp_id=366&expires=14&user_id=9f0b6d41-8f0d-4998-9dfd-f31114af6884&ssp=mgid&user_group=1 HTTP 302
https://cm.mgid.com/m?cdsp=433145&c=0c21bf2a-0a23-4f79-97c0-c09a2cc222c0

Request Chain 34

https://ads.betweendigital.com/match?bidder_id=43263&callback_url=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D501036%26c%3D%24%7BUSER_ID%7D HTTP 302
https://ads.betweendigital.com/match?bidder_id=43263&callback_url=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D501036%26c%3D%24%7BUSER_ID%7D&crf=1 HTTP 302
https://cm.mgid.com/m?cdsp=501036&c=93599908-ae81-5192-9b95-745ec55e970f

Request Chain 35

https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP 302
https://cm.mgid.com/m?cdsp=371158&c=dcf0da68-79a3-4110-86a4-0bd56c68b6bf&ttl=1593012305

Request Chain 36

https://sb.scorecardresearch.com/b?c1=7&c2=15208452&c3=110&ns__t=1590420305196&ns_c=UTF-8&cv=3.5&c8=RECOMMENDED%20FOR%20YOU%3A&c7=https%3A%2F%2Fint.special-offers.online%2Fcommon%2Fcontent%2Fcontentforyou6.php&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=7&c2=15208452&c3=110&ns__t=1590420305196&ns_c=UTF-8&cv=3.5&c8=RECOMMENDED%20FOR%20YOU%3A&c7=https%3A%2F%2Fint.special-offers.online%2Fcommon%2Fcontent%2Fcontentforyou6.php&c9=

Request Chain 40

https://wbidder.online/icon?url=https%3A%2F%2Fshanta-jos.com%2Fimp%2Fe8b09eb7-9e9b-11ea-ac8d-0a8edb2d7df5%2F1%2FOzfdHWSFhmIoVxHKRCHpTwi0qCm9IPhgMp-Ejrq9idLjyTgkLY9QyVE9k-UpjMVnVtqVJPkJ12TpcZ7pSr1QAJWygrgePqa536NKPPgVw8-tKRyrnZOkoZ6kd9gfMJPtjMXY7hDbNXZ_T_zQKCx0MXJdC8s2A6Vk209OZ9HyzRY5xs-isKcKJNVEbM7iuNNYCeRaeEcHyXCjxwf4P9lR0aPWj967LbPbCssGgKz3R68hJKfk-Gty-uAKxsUhM5yN0l32GSZUBAK6_24fWxAFw4GsASnEIySLq0yNtW93O32_p0P1adgJq9X5-lqAinqqnbHJIxvQwpj2yT-V-ZJdf0cwuLcP5IlUG6Z36cl3rktV1BHNlhXJd5Fz8f_t694ffBq9yflgusxFVJMRqgy3lAKNPC8C26rdSlB6y56U7eaiwnGwO9NvnGxbWhB_uTTUSuqZEKueCXptOvdvOoVWcU4POyeyOu_484UGTb3ERLk-vRTQQuF_a8PtengthIBPEaL3uOy-o09sRJBLuhTP34z92Dg2bctMlSPXU5rTHW-21nEDGr1LHGA_1XqXISrkfwVEBD08SH-JLt4pc-mKRGBPG1TI6ZjvbBR_Oin0V9V7_cyIxM88cpNy2j5IFgf_kdIsG6auF4S5L7NRy6OpfWEJItYURVGxvX_0YLvAKUOVM6jLNhh6Z8zIWtn2r8yZIWuN4EiZQS2Aw_0-.ZPizyUMG3zL8ztKBCkcSnQ%3D%3D&s=1075&a=bid_5555&sub=10000&d=8&ic=1 HTTP 302
https://shanta-jos.com/imp/e8b09eb7-9e9b-11ea-ac8d-0a8edb2d7df5/1/OzfdHWSFhmIoVxHKRCHpTwi0qCm9IPhgMp-Ejrq9idLjyTgkLY9QyVE9k-UpjMVnVtqVJPkJ12TpcZ7pSr1QAJWygrgePqa536NKPPgVw8-tKRyrnZOkoZ6kd9gfMJPtjMXY7hDbNXZ_T_zQKCx0MXJdC8s2A6Vk209OZ9HyzRY5xs-isKcKJNVEbM7iuNNYCeRaeEcHyXCjxwf4P9lR0aPWj967LbPbCssGgKz3R68hJKfk-Gty-uAKxsUhM5yN0l32GSZUBAK6_24fWxAFw4GsASnEIySLq0yNtW93O32_p0P1adgJq9X5-lqAinqqnbHJIxvQwpj2yT-V-ZJdf0cwuLcP5IlUG6Z36cl3rktV1BHNlhXJd5Fz8f_t694ffBq9yflgusxFVJMRqgy3lAKNPC8C26rdSlB6y56U7eaiwnGwO9NvnGxbWhB_uTTUSuqZEKueCXptOvdvOoVWcU4POyeyOu_484UGTb3ERLk-vRTQQuF_a8PtengthIBPEaL3uOy-o09sRJBLuhTP34z92Dg2bctMlSPXU5rTHW-21nEDGr1LHGA_1XqXISrkfwVEBD08SH-JLt4pc-mKRGBPG1TI6ZjvbBR_Oin0V9V7_cyIxM88cpNy2j5IFgf_kdIsG6auF4S5L7NRy6OpfWEJItYURVGxvX_0YLvAKUOVM6jLNhh6Z8zIWtn2r8yZIWuN4EiZQS2Aw_0-.ZPizyUMG3zL8ztKBCkcSnQ==

45 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request contentforyou6.php Show response
int.special-offers.online/common/content/
Redirect Chain

http://track.special-promotions.online/15GcaK?tag=30051&tag1=blackplayer&tag2=72_&tag3=30051&tag4=dating&clickid=ef0758adcde99a99b20ff35172dfc2d4-4888-0524&device=Desktop&brand=Desktop&model=Deskto...
https://clk.wbidder.online/redirect?url=https%3A%2F%2Fxml.fastdlr.com%2Fclick%3Fi%3D7B16PtYILKY_0%26p%3D1590283975.209758&s=1015&a=bid_onw_30051&sub=72_&ts=1590283976&d=38&c=9830521052227
https://int.special-offers.online/common/content/contentforyou6.php

2 KB
3 KB

138ms
44ms

Document
text/html

213.227.145.136
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://int.special-offers.online/common/content/contentforyou6.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

213.227.145.136 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

Software

nginx /

Resource Hash

ebbd29cbf91adb41b054ec2c635dc57348e2067f468b40117540104c7f8bf49b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

:method: GET
:authority: int.special-offers.online
:scheme: https
:path: /common/content/contentforyou6.php
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
server: nginx
date: Mon, 25 May 2020 15:25:04 GMT
content-type: text/html; charset=UTF-8
set-cookie: pc=data_1; expires=Wed, 03-Apr-2030 15:25:04 GMT; Max-Age=311040000; path=/
x-frame-options: SAMEORIGIN

Redirect headers

vary: Origin
access-control-allow-origin: *
location: https://int.special-offers.online/common/content/contentforyou6.php
content-length: 0
date: Mon, 25 May 2020 15:25:04 GMT

GET
H2 200 rev.js Show response
int.special-offers.online/common/content/ 2 KB
2 KB 45ms
44ms Script
application/javascript 213.227.145.136
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://int.special-offers.online/common/content/rev.js

Requested by

Host: int.special-offers.online
URL: https://int.special-offers.online/common/content/contentforyou6.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

213.227.145.136 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

Software

nginx /

Resource Hash

eecd880876a08e8591f2e9bf2a8349b0d990cf479393458cb074755013abdd6b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://int.special-offers.online/common/content/contentforyou6.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 25 May 2020 15:25:04 GMT
last-modified: Fri, 20 Mar 2020 16:04:45 GMT
server: nginx
etag: "5e74e99d-841"
x-frame-options: SAMEORIGIN
content-type: application/javascript
status: 200
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 2113
expires: Wed, 24 Jun 2020 15:25:04 GMT

GET
H2 200 click-push.com.273247.js Show response
jsc.mgid.com/c/l/ Frame E3BB 182 KB
44 KB 85ms
33ms Script
text/javascript 104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/c/l/click-push.com.273247.js?t=12042515
Requested by: Host: int.special-offers.online
URL: https://int.special-offers.online/common/content/contentforyou6.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.134.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: df497567747427e9b33b10d25c85bc3e1ecb7247ddd99ebdde9b9ce6e03976df

Request headers

Referer: https://int.special-offers.online/common/content/contentforyou6.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 25 May 2020 15:25:04 GMT
content-encoding: br
cf-cache-status: HIT
age: 7110
cf-polished: origSize=267201
status: 200
last-modified: Fri, 08 May 2020 10:13:29 GMT
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
x-amz-request-id: 0267DCE4FD964CCF
x-amz-id-2: 04hLwK4NPJ1Ohb/6zT0LR/nN7O8K+8Ojd5WF/G7Oen03V+jINxwq/5++VoK3WRFPbVx5jf3FyVQ=
cf-bgj: minify
server: cloudflare
etag: W/"e91af21b5c4ba93f24f0f69cd4a7cb24"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cf-request-id: 02ee090ba30000cc4aeca7c200000001
cf-ray: 599044590ff7cc4a-ZRH
expires: Mon, 25 May 2020 16:25:04 GMT

GET
H/1.1 200
OK contentforyou Show response
wbidder.online/offer/ 5 KB
1 KB 1012ms
936ms Fetch
application/json 213.227.145.141
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://wbidder.online/offer/contentforyou?affid=5555&subid=10000
Requested by: Host: int.special-offers.online
URL: https://int.special-offers.online/common/content/rev.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.227.145.141 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: d8db4c462d36286b02471b9b3e1de04caaaa29182a9336efe1de0a6610917ee3

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 25 May 2020 15:25:05 GMT
content-encoding: gzip
vary: Origin, Accept-Encoding
transfer-encoding: chunked
content-type: application/json; charset=utf-8

GET
DATA 200
OK truncated
/ 632 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b31062abec9d4536524232f02801803517829af29b44c85b59696d52bc7107cc

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 mUdRVCMHGKUBOACHGTH1g-vvDin1pK8aKteLpeZ5c0A.woff
fonts.gstatic.com/s/roboto/v15/ 19 KB
19 KB 6ms
6ms Font
font/woff 2a00:1450:4001:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v15/mUdRVCMHGKUBOACHGTH1g-vvDin1pK8aKteLpeZ5c0A.woff

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1372ebaa0d371c6cbe8624b176d4ffbfc224abe9e3a2f3c6423910768a37d85c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
Origin: https://int.special-offers.online

Response headers

date: Mon, 18 May 2020 00:55:44 GMT
x-content-type-options: nosniff
last-modified: Wed, 14 Jan 2015 22:48:53 GMT
server: sffe
age: 656960
status: 200
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19684
x-xss-protection: 0
expires: Tue, 18 May 2021 00:55:44 GMT

GET
H2 200 1 Show response
servicer.mgid.com/273247/ 6 KB
3 KB 87ms
86ms Script
application/x-javascript 104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.mgid.com/273247/1?w=1584&h=1240&p3_w=776&p3_h=393&cols=2&pv=5&cbuster=1590420304958752962536&niet=4g&nisd=false&ref=&lu=https%3A%2F%2Fint.special-offers.online%2Fcommon%2Fcontent%2Fcontentforyou6.php&pageView=1&pvid=1724c6ff441a6675260&implVersion=10&dpr=1
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/c/l/click-push.com.273247.js?t=12042515
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.134.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 821a0ced3c784bc7b7ae3eeaa4a51040260f0a31675349aff2d24590dbc51e66

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 May 2020 15:25:05 GMT
content-encoding: br
cf-cache-status: DYNAMIC
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5990445a1ab6cc4a-ZRH
content-type: application/x-javascript; charset=utf-8
cf-request-id: 02ee090c4a0000cc4aeca89200000001

GET
H2 200 i.js Show response
cm.mgid.com/ 1 KB
705 B 96ms
95ms Script
application/javascript 104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i.js?cbuster=1590420305056978974655
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/c/l/click-push.com.273247.js?t=12042515
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.134.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 461a60bd2fe4e6d554cf3fcd980189ad38a2f8704898f7eaf0941af761b440e3

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 May 2020 15:25:05 GMT
content-encoding: br
cf-cache-status: DYNAMIC
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5990445aac04cc4a-ZRH
content-type: application/javascript
cf-request-id: 02ee090caa0000cc4aeca8e200000001

GET
H2 200 i-noref.js Show response
cm.mgid.com/ Frame DEF7 186 B
388 B 80ms
79ms Script
application/javascript 104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i-noref.js?cbuster=1590420305061562017300
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/c/l/click-push.com.273247.js?t=12042515
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.134.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7e83fc3dc542e7be4f58dea74a3d729956bf590acec4c8521de9dc8a74b276c6

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 May 2020 15:25:05 GMT
content-encoding: br
cf-cache-status: DYNAMIC
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5990445aac0fcc4a-ZRH
content-type: application/javascript
cf-request-id: 02ee090cad0000cc4aeca8f200000001

GET
H/1.1 200
OK beacon.js Show response
sb.scorecardresearch.com/ 1 KB
1 KB 124ms
37ms Script
application/x-javascript 2.16.46.85
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/c/l/click-push.com.273247.js?t=12042515
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.16.46.85 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-16-46-85.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 25 May 2020 15:25:05 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, no-transform, max-age=86400
Connection: keep-alive
Content-Length: 884
Expires: Tue, 26 May 2020 15:25:05 GMT

GET
H2 200 publishertag.js Show response
static.criteo.net/js/ld/ 97 KB
30 KB 67ms
30ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.js
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/c/l/click-push.com.273247.js?t=12042515
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 01793dfe25a8daa227696e0d8630591f4b774fcac7f257eba7296f081cb4dbaa

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 25 May 2020 15:25:05 GMT
content-encoding: gzip
last-modified: Thu, 23 Apr 2020 08:37:28 GMT
server: nginx
etag: W/"5ea153c8-18582"
status: 200
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
timing-allow-origin: *
expires: Tue, 26 May 2020 15:25:05 GMT

GET
H2 200 ByMGID.svg
cdn.mgid.com/images/logos/ 2 KB
1 KB 31ms
28ms Image
image/svg+xml 104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/logos/ByMGID.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.134.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aae80a8125affd8e33409d76e77ae2918d62c2028ee68e0d9fd6093d41ca0aad

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 25 May 2020 15:25:05 GMT
content-encoding: br
cf-cache-status: HIT
age: 3355
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
x-amz-request-id: EDD0957952C83C96
x-amz-id-2: 5KTvy9umK7Q9q7ayYfRhARbIRy2XVYo4Q/XpLliaGD20EGMrNCeynM9vzhfKBPhTvzrfw18tEFk=
last-modified: Thu, 07 May 2020 09:36:25 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1588844166/ctime:1588844166/gid:0/gname:root/md5:17534e4d893e6f9d5f70f8483530ae6e/mode:33206/mtime:1588844166/uid:0/uname:root
etag: W/"17534e4d893e6f9d5f70f8483530ae6e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cf-request-id: 02ee090cbf0000cc4aeca91200000001
cf-ray: 5990445acc41cc4a-ZRH

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTgtMDItMDYvMjc4NjAwLzU2ODJjNTNjM2IxNzU1ODhjM2ZiNzM2Yzc0NjI1ZjY3LmpwZz90PTE1MTc5MzM2OTE4OTA*.webp
s-img.mgid.com/g/5519168/492x328/32x45x492x328/ Frame E3BB 17 KB
18 KB 38ms
35ms Image
image/webp 104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/5519168/492x328/32x45x492x328/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTgtMDItMDYvMjc4NjAwLzU2ODJjNTNjM2IxNzU1ODhjM2ZiNzM2Yzc0NjI1ZjY3LmpwZz90PTE1MTc5MzM2OTE4OTA*.webp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.134.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: df67f4466b8e0083eb5c698e3aab6bb1e5b2dbd9a200266c93f25a4aec1ebc14

Request headers

Referer: https://int.special-offers.online/common/content/contentforyou6.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 25 May 2020 15:25:05 GMT
cf-cache-status: HIT
age: 3169263
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
content-length: 17796
cf-request-id: 02ee090cbf0000cc4aeca96200000001
last-modified: Tue, 07 Apr 2020 08:18:33 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 5990445acc4ccc4a-ZRH
cf-bgj: h2pri

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDQvMTE1NTI5LzI4OWUwZjc4ZWQzNzIwYTEwMzU2MGJiOGUwODE1Mzg2LmpwZw**.webp
s-img.mgid.com/g/5737694/492x328/0x0x492x328/ Frame E3BB 10 KB
10 KB 59ms
56ms Image
image/webp 104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/5737694/492x328/0x0x492x328/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDQvMTE1NTI5LzI4OWUwZjc4ZWQzNzIwYTEwMzU2MGJiOGUwODE1Mzg2LmpwZw**.webp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.134.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16823d193b11ce71c0a71c77fbbc658e19156bb1776134e2f389ad131291fd50

Request headers

Referer: https://int.special-offers.online/common/content/contentforyou6.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 25 May 2020 15:25:05 GMT
cf-cache-status: HIT
age: 220344
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
content-length: 9766
cf-request-id: 02ee090cbf0000cc4aeca92200000001
last-modified: Mon, 04 May 2020 21:06:57 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 5990445acc44cc4a-ZRH
cf-bgj: h2pri

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDYvMjI2MDQ0LzFiZDVjMWJjOWM1NmRmODFlZGM3MjNlNGQwY2RkNTI3LmpwZw**.webp
s-img.mgid.com/g/3743710/492x328/0x0x642x428/ Frame E3BB 15 KB
15 KB 42ms
39ms Image
image/webp 104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/3743710/492x328/0x0x642x428/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDYvMjI2MDQ0LzFiZDVjMWJjOWM1NmRmODFlZGM3MjNlNGQwY2RkNTI3LmpwZw**.webp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.134.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 961d154768dae0faa392445600d352146a47be440834a449d579b1166a16bfcd

Request headers

Referer: https://int.special-offers.online/common/content/contentforyou6.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 25 May 2020 15:25:05 GMT
cf-cache-status: HIT
age: 145455
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
content-length: 14918
cf-request-id: 02ee090cbf0000cc4aeca93200000001
last-modified: Thu, 16 Apr 2020 09:02:22 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 5990445acc46cc4a-ZRH
cf-bgj: h2pri

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTgtMDQtMTkvMjQ3MzE5LzcwYTI2NjA0NzQ1ODZlZDBhMGUyYzAxYmIxMGM1YzA1LmpwZWc_dD0xNTI0MTM0NDg2NzQw.webp
s-img.mgid.com/g/5781406/492x328/0x0x492x328/ Frame E3BB 14 KB
14 KB 46ms
44ms Image
image/webp 104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/5781406/492x328/0x0x492x328/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTgtMDQtMTkvMjQ3MzE5LzcwYTI2NjA0NzQ1ODZlZDBhMGUyYzAxYmIxMGM1YzA1LmpwZWc_dD0xNTI0MTM0NDg2NzQw.webp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.134.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9cf2f7cf6e696c0d13bb4a893d9efc1a16fd991d0e3bb5a6f7966d9718ec9993

Request headers

Referer: https://int.special-offers.online/common/content/contentforyou6.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 25 May 2020 15:25:05 GMT
cf-cache-status: HIT
age: 68708
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
content-length: 14582
cf-request-id: 02ee090cbf0000cc4aeca94200000001
last-modified: Sun, 10 May 2020 00:38:49 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 5990445acc47cc4a-ZRH

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDMvMjU3MDkzLzIyNGNjZmQ5N2FkZGUyNjBhMTA0MTc0YmJkMDA1OTg4LmpwZWc*.webp
s-img.mgid.com/g/3388942/492x328/0x0x492x328/ Frame E3BB 21 KB
21 KB 31ms
28ms Image
image/webp 104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/3388942/492x328/0x0x492x328/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDMvMjU3MDkzLzIyNGNjZmQ5N2FkZGUyNjBhMTA0MTc0YmJkMDA1OTg4LmpwZWc*.webp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.134.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 40adac4a5aa57fca79eb31c9bf7ca931d7402dcba7e15656892beba926633211

Request headers

Referer: https://int.special-offers.online/common/content/contentforyou6.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 25 May 2020 15:25:05 GMT
cf-cache-status: HIT
age: 1558695
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
content-length: 21292
cf-request-id: 02ee090cbf0000cc4aeca95200000001
last-modified: Thu, 07 May 2020 13:01:28 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 5990445acc4acc4a-ZRH

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMTIvNDQ5MTUzLzU0YTJkMzM1Mjc1MjFmZDViMWMxYzM1ZmJlMDUwMjEyLmpwZw**.webp
s-img.mgid.com/g/4788571/492x328/0x0x1070x713/ Frame E3BB 8 KB
8 KB 30ms
29ms Image
image/webp 104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/4788571/492x328/0x0x1070x713/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMTIvNDQ5MTUzLzU0YTJkMzM1Mjc1MjFmZDViMWMxYzM1ZmJlMDUwMjEyLmpwZw**.webp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.134.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 200bd56963adda22616ab7280f1463e11e3060e5987586729710f338f1a8df68

Request headers

Referer: https://int.special-offers.online/common/content/contentforyou6.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 25 May 2020 15:25:05 GMT
cf-cache-status: HIT
age: 1639218
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
content-length: 7690
cf-request-id: 02ee090ce00000cc4aeca9b200000001
last-modified: Sun, 12 Apr 2020 15:34:27 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 5990445b0ca5cc4a-ZRH
cf-bgj: h2pri

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTgtMDItMDYvMjc4NjAwLzU2ODJjNTNjM2IxNzU1ODhjM2ZiNzM2Yzc0NjI1ZjY3LmpwZz90PTE1MTc5MzM2OTE4OTA*.webp
s-img.mgid.com/g/5519168/492x328/32x45x492x328/ 17 KB
18 KB 52ms
52ms Image
image/webp 104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/5519168/492x328/32x45x492x328/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTgtMDItMDYvMjc4NjAwLzU2ODJjNTNjM2IxNzU1ODhjM2ZiNzM2Yzc0NjI1ZjY3LmpwZz90PTE1MTc5MzM2OTE4OTA*.webp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.134.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: df67f4466b8e0083eb5c698e3aab6bb1e5b2dbd9a200266c93f25a4aec1ebc14

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 25 May 2020 15:25:05 GMT
cf-cache-status: HIT
age: 3169263
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
content-length: 17796
cf-request-id: 02ee090cc10000cc4aeca98200000001
last-modified: Tue, 07 Apr 2020 08:18:33 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 5990445acc4fcc4a-ZRH
cf-bgj: h2pri

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDQvMTE1NTI5LzI4OWUwZjc4ZWQzNzIwYTEwMzU2MGJiOGUwODE1Mzg2LmpwZw**.webp
s-img.mgid.com/g/5737694/492x328/0x0x492x328/ 10 KB
10 KB 29ms
28ms Image
image/webp 104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/5737694/492x328/0x0x492x328/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDQvMTE1NTI5LzI4OWUwZjc4ZWQzNzIwYTEwMzU2MGJiOGUwODE1Mzg2LmpwZw**.webp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.134.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16823d193b11ce71c0a71c77fbbc658e19156bb1776134e2f389ad131291fd50

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 25 May 2020 15:25:05 GMT
cf-cache-status: HIT
age: 220344
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
content-length: 9766
cf-request-id: 02ee090ce60000cc4aeca9c200000001
last-modified: Mon, 04 May 2020 21:06:57 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 5990445b0ccdcc4a-ZRH
cf-bgj: h2pri

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDYvMjI2MDQ0LzFiZDVjMWJjOWM1NmRmODFlZGM3MjNlNGQwY2RkNTI3LmpwZw**.webp
s-img.mgid.com/g/3743710/492x328/0x0x642x428/ 15 KB
15 KB 30ms
29ms Image
image/webp 104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/3743710/492x328/0x0x642x428/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDYvMjI2MDQ0LzFiZDVjMWJjOWM1NmRmODFlZGM3MjNlNGQwY2RkNTI3LmpwZw**.webp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.134.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 961d154768dae0faa392445600d352146a47be440834a449d579b1166a16bfcd

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 25 May 2020 15:25:05 GMT
cf-cache-status: HIT
age: 145455
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
content-length: 14918
cf-request-id: 02ee090ceb0000cc4aeca9e200000001
last-modified: Thu, 16 Apr 2020 09:02:22 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 5990445b1cf5cc4a-ZRH
cf-bgj: h2pri

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTgtMDQtMTkvMjQ3MzE5LzcwYTI2NjA0NzQ1ODZlZDBhMGUyYzAxYmIxMGM1YzA1LmpwZWc_dD0xNTI0MTM0NDg2NzQw.webp
s-img.mgid.com/g/5781406/492x328/0x0x492x328/ 14 KB
14 KB 32ms
31ms Image
image/webp 104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/5781406/492x328/0x0x492x328/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTgtMDQtMTkvMjQ3MzE5LzcwYTI2NjA0NzQ1ODZlZDBhMGUyYzAxYmIxMGM1YzA1LmpwZWc_dD0xNTI0MTM0NDg2NzQw.webp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.134.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9cf2f7cf6e696c0d13bb4a893d9efc1a16fd991d0e3bb5a6f7966d9718ec9993

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 25 May 2020 15:25:05 GMT
cf-cache-status: HIT
age: 68708
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
content-length: 14582
cf-request-id: 02ee090cf00000cc4aeca9f200000001
last-modified: Sun, 10 May 2020 00:38:49 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 5990445b1d07cc4a-ZRH

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDMvMjU3MDkzLzIyNGNjZmQ5N2FkZGUyNjBhMTA0MTc0YmJkMDA1OTg4LmpwZWc*.webp
s-img.mgid.com/g/3388942/492x328/0x0x492x328/ 21 KB
21 KB 41ms
41ms Image
image/webp 104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/3388942/492x328/0x0x492x328/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDMvMjU3MDkzLzIyNGNjZmQ5N2FkZGUyNjBhMTA0MTc0YmJkMDA1OTg4LmpwZWc*.webp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.134.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 40adac4a5aa57fca79eb31c9bf7ca931d7402dcba7e15656892beba926633211

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 25 May 2020 15:25:05 GMT
cf-cache-status: HIT
age: 1558695
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
content-length: 21292
cf-request-id: 02ee090cf60000cc4aecaa0200000001
last-modified: Thu, 07 May 2020 13:01:28 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 5990445b2d28cc4a-ZRH

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMTIvNDQ5MTUzLzU0YTJkMzM1Mjc1MjFmZDViMWMxYzM1ZmJlMDUwMjEyLmpwZw**.webp
s-img.mgid.com/g/4788571/492x328/0x0x1070x713/ 8 KB
8 KB 29ms
28ms Image
image/webp 104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/4788571/492x328/0x0x1070x713/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMTIvNDQ5MTUzLzU0YTJkMzM1Mjc1MjFmZDViMWMxYzM1ZmJlMDUwMjEyLmpwZw**.webp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.134.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 200bd56963adda22616ab7280f1463e11e3060e5987586729710f338f1a8df68

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 25 May 2020 15:25:05 GMT
cf-cache-status: HIT
age: 1639218
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
content-length: 7690
cf-request-id: 02ee090cf90000cc4aecaa1200000001
last-modified: Sun, 12 Apr 2020 15:34:27 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 5990445b2d34cc4a-ZRH
cf-bgj: h2pri

GET
H2

200

m
cm.mgid.com/ Frame DEF7
Redirect Chain

https://udata.mixmarket.biz/tr.php?syncnet=28&cb=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D311971%26mode%3Dinverse%26c%3D%24UID
https://cm.mgid.com/m?cdsp=311971&mode=inverse&c=0

43 B
282 B

86ms
85ms

Image
image/gif

104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=311971&mode=inverse&c=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.134.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 May 2020 15:25:05 GMT
cf-cache-status: DYNAMIC
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5990445d6aaccc4a-ZRH
content-type: image/gif
cf-request-id: 02ee090e640000cc4aecacc200000001

Redirect headers

Location: https://cm.mgid.com/m?cdsp=311971&mode=inverse&c=0
Date: Mon, 25 May 2020 15:25:05 GMT
Server: nginx/1.14.2
Connection: keep-alive
Transfer-Encoding: chunked

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
155 B 172ms
54ms XHR
text/plain 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?ptv=89&profileId=206&cb=66532681655
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

status: 204
date: Mon, 25 May 2020 15:25:05 GMT
access-control-allow-credentials: true
server: Finatra
access-control-allow-origin: https://int.special-offers.online
timing-allow-origin: *
vary: Origin

GET
H/1.1

200
OK

usync.html
eus.rubiconproject.com/
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=mgid&endpoint=eu
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu

0
0

117ms
39ms

Image
text/html

104.109.78.125
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.109.78.125 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Redirect headers

Location: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Date: Mon, 25 May 2020 15:25:05 GMT
Access-Control-Allow-Credentials: true
Server: AkamaiGHost
Connection: keep-alive
Access-Control-Allow-Origin: *
Content-Length: 0

GET
H2 200 /
cm.idealmedia.io/setmuidn/ 0
557 B 136ms
82ms Image
image/gif 104.16.221.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.idealmedia.io/setmuidn/?muidf=k4p4DqgKVgp8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.221.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 May 2020 15:25:05 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5990445bb959cc56-ZRH
content-type: image/gif
cf-request-id: 02ee090d4f0000cc5694123200000001

GET
H2

200

m
cm.mgid.com/
Redirect Chain

https://creativecdn.com/cm-notify?pi=mgid
https://ams.creativecdn.com/cm-notify?pi=mgid&tc=1
https://cm.mgid.com/m?cdsp=501037&c=mfg8l08LWy4HHzu0aCCd&pi=mgid&tc=1

43 B
405 B

83ms
83ms

Image
image/gif

104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=501037&c=mfg8l08LWy4HHzu0aCCd&pi=mgid&tc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.134.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 May 2020 15:25:05 GMT
cf-cache-status: DYNAMIC
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5990445c7ff4cc4a-ZRH
content-type: image/gif
cf-request-id: 02ee090dc60000cc4aecab0200000001

Redirect headers

status: 302
pragma: no-cache
date: Mon, 25 May 2020 15:25:05 GMT, Mon, 25 May 2020 15:25:05 GMT
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 0
location: https://cm.mgid.com/m?cdsp=501037&c=mfg8l08LWy4HHzu0aCCd&pi=mgid&tc=1
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

google
cm.mgid.com/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=azRwNERxZ0tWZ3A4&muidn=k4p4DqgKVgp8
https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=azRwNERxZ0tWZ3A4&muidn=k4p4DqgKVgp8&google_tc=
https://cm.mgid.com/google?muidn=k4p4DqgKVgp8&google_ula={guid},5&google_gid=CAESEP4z7UCGwj5uCd-XJWgxAIs&google_cver=1

0
93 B

79ms
78ms

Image
text/plain

104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/google?muidn=k4p4DqgKVgp8&google_ula={guid},5&google_gid=CAESEP4z7UCGwj5uCd-XJWgxAIs&google_cver=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.134.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 May 2020 15:25:05 GMT
content-encoding: br
cf-cache-status: DYNAMIC
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5990445c6fdecc4a-ZRH
content-type: text/plain
cf-request-id: 02ee090dc10000cc4aecaad200000001

Redirect headers

pragma: no-cache
date: Mon, 25 May 2020 15:25:05 GMT
server: HTTP server (unknown)
status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.mgid.com/google?muidn=k4p4DqgKVgp8&google_ula={guid},5&google_gid=CAESEP4z7UCGwj5uCd-XJWgxAIs&google_cver=1
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 327
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

m
cm.mgid.com/
Redirect Chain

https://csync.loopme.me/?redirect=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D433143%26c%3D%7Bdevice_id%7D
https://cm.mgid.com/m?cdsp=433143&c=29fd55d5-4d1b-404f-9475-a4b2840f45f9

43 B
251 B

84ms
84ms

Image
image/gif

104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=433143&c=29fd55d5-4d1b-404f-9475-a4b2840f45f9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.134.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 May 2020 15:25:05 GMT
cf-cache-status: DYNAMIC
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5990445c0efccc4a-ZRH
content-type: image/gif
cf-request-id: 02ee090d800000cc4aecaa9200000001

Redirect headers

status: 307
date: Mon, 25 May 2020 15:25:05 GMT
content-length: 0
location: https://cm.mgid.com/m?cdsp=433143&c=29fd55d5-4d1b-404f-9475-a4b2840f45f9

GET
H2

200

cksync.php
contextual.media.net/
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=303&user_id=k4p4DqgKVgp8
https://x.bidswitch.net/ul_cb/sync?dsp_id=303&user_id=k4p4DqgKVgp8
https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=0c21bf2a-0a23-4f79-97c0-c09a2cc222c0

48 B
48 B

175ms
67ms

Image
image/gif

72.247.224.27
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=0c21bf2a-0a23-4f79-97c0-c09a2cc222c0

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

72.247.224.27 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a72-247-224-27.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=604800
server: Apache
date: Mon, 25 May 2020 15:25:05 GMT
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
status: 200
cache-control: max-age=0, no-cache, no-store
content-type: image/gif
content-length: 48
x-mnet-hl2: E
expires: Mon, 25 May 2020 15:25:05 GMT

Redirect headers

status: 302
date: Mon, 25 May 2020 15:25:05 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
location: //contextual.media.net/cksync.php?cs=1&type=bs&ovsid=0c21bf2a-0a23-4f79-97c0-c09a2cc222c0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2

200

m
cm.mgid.com/
Redirect Chain

https://rtb-usw.mfadsrvr.com/sync?ssp=mgid
https://rtb-usw.mfadsrvr.com/ul_cb/sync?ssp=mgid
https://cm.mgid.com/m?cdsp=287839&c=e634b28c-16ca-499a-8550-11e4e5b5fdc6

43 B
394 B

88ms
87ms

Image
image/gif

104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=287839&c=e634b28c-16ca-499a-8550-11e4e5b5fdc6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.134.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 May 2020 15:25:06 GMT
cf-cache-status: DYNAMIC
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 599044601893cc4a-ZRH
content-type: image/gif
cf-request-id: 02ee0910120000cc4aecaf4200000001

Redirect headers

date: Mon, 25 May 2020 15:25:05 GMT
via: 1.1 google
status: 302
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: //cm.mgid.com/m?cdsp=287839&c=e634b28c-16ca-499a-8550-11e4e5b5fdc6
cache-control: no-cache, no-store, must-revalidate
alt-svc: clear
content-length: 0

GET
H2

200

m
cm.mgid.com/
Redirect Chain

https://x.bidswitch.net/sync?ssp=mgid
https://x.bidswitch.net/ul_cb/sync?ssp=mgid
https://prod.perf-serving.com/sync?ssp=bidswitch&bidswitch_ssp_id=mgid
https://prod.perf-serving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=mgid
https://x.bidswitch.net/sync?dsp_id=366&expires=14&user_id=9f0b6d41-8f0d-4998-9dfd-f31114af6884&ssp=mgid&user_group=1
https://cm.mgid.com/m?cdsp=433145&c=0c21bf2a-0a23-4f79-97c0-c09a2cc222c0

43 B
393 B

80ms
80ms

Image
image/gif

104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=433145&c=0c21bf2a-0a23-4f79-97c0-c09a2cc222c0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.134.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 May 2020 15:25:05 GMT
cf-cache-status: DYNAMIC
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5990445ebd33cc4a-ZRH
content-type: image/gif
cf-request-id: 02ee090f2e0000cc4aecae4200000001

Redirect headers

status: 302
date: Mon, 25 May 2020 15:25:05 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
location: //cm.mgid.com/m?cdsp=433145&c=0c21bf2a-0a23-4f79-97c0-c09a2cc222c0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 /
cm.lentainform.com/setmuidn/ 0
329 B 211ms
69ms Image
image/gif 23.105.245.4
SERVERS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.lentainform.com/setmuidn/?muidf=k4p4DqgKVgp8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.105.245.4 , Russian Federation, ASN7979 (SERVERS, US),
Reverse DNS
Software: nginx/1.15.10 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 May 2020 15:25:05 GMT
server: nginx/1.15.10
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif

GET
H2

200

m
cm.mgid.com/
Redirect Chain

https://ads.betweendigital.com/match?bidder_id=43263&callback_url=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D501036%26c%3D%24%7BUSER_ID%7D
https://ads.betweendigital.com/match?bidder_id=43263&callback_url=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D501036%26c%3D%24%7BUSER_ID%7D&crf=1
https://cm.mgid.com/m?cdsp=501036&c=93599908-ae81-5192-9b95-745ec55e970f

43 B
275 B

84ms
83ms

Image
image/gif

104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=501036&c=93599908-ae81-5192-9b95-745ec55e970f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.134.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 May 2020 15:25:05 GMT
cf-cache-status: DYNAMIC
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5990445e0bb2cc4a-ZRH
content-type: image/gif
cf-request-id: 02ee090ec20000cc4aecad8200000001

Redirect headers

status: 302
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
location: https://cm.mgid.com/m?cdsp=501036&c=93599908-ae81-5192-9b95-745ec55e970f

GET
H2

200

m
cm.mgid.com/
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=omn67hl&ttd_tpi=1
https://cm.mgid.com/m?cdsp=371158&c=dcf0da68-79a3-4110-86a4-0bd56c68b6bf&ttl=1593012305

43 B
375 B

82ms
81ms

Image
image/gif

104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=371158&c=dcf0da68-79a3-4110-86a4-0bd56c68b6bf&ttl=1593012305
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.134.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 May 2020 15:25:05 GMT
cf-cache-status: DYNAMIC
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5990445e0bb6cc4a-ZRH
content-type: image/gif
cf-request-id: 02ee090ec20000cc4aecad9200000001

Redirect headers

pragma: no-cache
date: Mon, 25 May 2020 15:25:05 GMT
x-aspnet-version: 4.0.30319
status: 302
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.mgid.com/m?cdsp=371158&c=dcf0da68-79a3-4110-86a4-0bd56c68b6bf&ttl=1593012305
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 205

GET
H/1.1

204
No Content

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=7&c2=15208452&c3=110&ns__t=1590420305196&ns_c=UTF-8&cv=3.5&c8=RECOMMENDED%20FOR%20YOU%3A&c7=https%3A%2F%2Fint.special-offers.online%2Fcommon%2Fcontent%2Fconten...
https://sb.scorecardresearch.com/b2?c1=7&c2=15208452&c3=110&ns__t=1590420305196&ns_c=UTF-8&cv=3.5&c8=RECOMMENDED%20FOR%20YOU%3A&c7=https%3A%2F%2Fint.special-offers.online%2Fcommon%2Fcontent%2Fconte...

0
248 B

38ms
38ms

Image
text/plain

2.16.46.85
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=7&c2=15208452&c3=110&ns__t=1590420305196&ns_c=UTF-8&cv=3.5&c8=RECOMMENDED%20FOR%20YOU%3A&c7=https%3A%2F%2Fint.special-offers.online%2Fcommon%2Fcontent%2Fcontentforyou6.php&c9=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.16.46.85 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-16-46-85.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 25 May 2020 15:25:05 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://sb.scorecardresearch.com/b2?c1=7&c2=15208452&c3=110&ns__t=1590420305196&ns_c=UTF-8&cv=3.5&c8=RECOMMENDED%20FOR%20YOU%3A&c7=https%3A%2F%2Fint.special-offers.online%2Fcommon%2Fcontent%2Fcontentforyou6.php&c9=
Pragma: no-cache
Date: Mon, 25 May 2020 15:25:05 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel.gif
static.criteo.net/images/ 43 B
260 B 16ms
15ms Image
image/gif 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.criteo.net/images/pixel.gif?ch=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 25 May 2020 15:25:05 GMT
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
etag: "493ea254-2b"
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Thu, 20 May 2021 15:25:05 GMT

GET
H2 200 pixel.gif
static.criteo.net/images/ 43 B
260 B 15ms
15ms Image
image/gif 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.criteo.net/images/pixel.gif?ch=2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 25 May 2020 15:25:05 GMT
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
etag: "493ea254-2b"
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Thu, 20 May 2021 15:25:05 GMT

GET
H2 200 contentforyou6.php Show response
int.special-offers.online/common/content/ 2 KB
2 KB 46ms
45ms Fetch
text/html 213.227.145.136
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://int.special-offers.online/common/content/contentforyou6.php

Requested by

Host: int.special-offers.online
URL: https://int.special-offers.online/common/content/rev.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

213.227.145.136 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

Software

nginx /

Resource Hash

ebbd29cbf91adb41b054ec2c635dc57348e2067f468b40117540104c7f8bf49b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Mon, 25 May 2020 15:25:05 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8

GET
H2

200

OzfdHWSFhmIoVxHKRCHpTwi0qCm9IPhgMp-Ejrq9idLjyTgkLY9QyVE9k-UpjMVnVtqVJPkJ12TpcZ7pSr1QAJWygrgePqa536NKPPgVw8-tKRyrnZOkoZ6kd9gfMJPtjMXY7hDbNXZ_T_zQKCx0MXJdC8s2A6Vk209OZ9HyzRY5xs-isKcKJNVEbM7iuNNYCeRae...
shanta-jos.com/imp/e8b09eb7-9e9b-11ea-ac8d-0a8edb2d7df5/1/
Redirect Chain

https://wbidder.online/icon?url=https%3A%2F%2Fshanta-jos.com%2Fimp%2Fe8b09eb7-9e9b-11ea-ac8d-0a8edb2d7df5%2F1%2FOzfdHWSFhmIoVxHKRCHpTwi0qCm9IPhgMp-Ejrq9idLjyTgkLY9QyVE9k-UpjMVnVtqVJPkJ12TpcZ7pSr1QA...
https://shanta-jos.com/imp/e8b09eb7-9e9b-11ea-ac8d-0a8edb2d7df5/1/OzfdHWSFhmIoVxHKRCHpTwi0qCm9IPhgMp-Ejrq9idLjyTgkLY9QyVE9k-UpjMVnVtqVJPkJ12TpcZ7pSr1QAJWygrgePqa536NKPPgVw8-tKRyrnZOkoZ6kd9gfMJPtjMX...

5 KB
5 KB

148ms
89ms

Image
image/jpeg

2600:1f18:40f7:9703:c616:7210:773f:d93e
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shanta-jos.com/imp/e8b09eb7-9e9b-11ea-ac8d-0a8edb2d7df5/1/OzfdHWSFhmIoVxHKRCHpTwi0qCm9IPhgMp-Ejrq9idLjyTgkLY9QyVE9k-UpjMVnVtqVJPkJ12TpcZ7pSr1QAJWygrgePqa536NKPPgVw8-tKRyrnZOkoZ6kd9gfMJPtjMXY7hDbNXZ_T_zQKCx0MXJdC8s2A6Vk209OZ9HyzRY5xs-isKcKJNVEbM7iuNNYCeRaeEcHyXCjxwf4P9lR0aPWj967LbPbCssGgKz3R68hJKfk-Gty-uAKxsUhM5yN0l32GSZUBAK6_24fWxAFw4GsASnEIySLq0yNtW93O32_p0P1adgJq9X5-lqAinqqnbHJIxvQwpj2yT-V-ZJdf0cwuLcP5IlUG6Z36cl3rktV1BHNlhXJd5Fz8f_t694ffBq9yflgusxFVJMRqgy3lAKNPC8C26rdSlB6y56U7eaiwnGwO9NvnGxbWhB_uTTUSuqZEKueCXptOvdvOoVWcU4POyeyOu_484UGTb3ERLk-vRTQQuF_a8PtengthIBPEaL3uOy-o09sRJBLuhTP34z92Dg2bctMlSPXU5rTHW-21nEDGr1LHGA_1XqXISrkfwVEBD08SH-JLt4pc-mKRGBPG1TI6ZjvbBR_Oin0V9V7_cyIxM88cpNy2j5IFgf_kdIsG6auF4S5L7NRy6OpfWEJItYURVGxvX_0YLvAKUOVM6jLNhh6Z8zIWtn2r8yZIWuN4EiZQS2Aw_0-.ZPizyUMG3zL8ztKBCkcSnQ==
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:40f7:9703:c616:7210:773f:d93e Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 0ccdc8951e31723bf94e1c036dbfb6ab31f433e2709201089555cd624efcb85c

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Mon, 25 May 2020 15:25:06 GMT
content-disposition: inline;filename=f.txt
content-length: 4873
content-type: image/jpeg

Redirect headers

access-control-allow-origin: *
date: Mon, 25 May 2020 15:25:05 GMT
location: https://shanta-jos.com/imp/e8b09eb7-9e9b-11ea-ac8d-0a8edb2d7df5/1/OzfdHWSFhmIoVxHKRCHpTwi0qCm9IPhgMp-Ejrq9idLjyTgkLY9QyVE9k-UpjMVnVtqVJPkJ12TpcZ7pSr1QAJWygrgePqa536NKPPgVw8-tKRyrnZOkoZ6kd9gfMJPtjMXY7hDbNXZ_T_zQKCx0MXJdC8s2A6Vk209OZ9HyzRY5xs-isKcKJNVEbM7iuNNYCeRaeEcHyXCjxwf4P9lR0aPWj967LbPbCssGgKz3R68hJKfk-Gty-uAKxsUhM5yN0l32GSZUBAK6_24fWxAFw4GsASnEIySLq0yNtW93O32_p0P1adgJq9X5-lqAinqqnbHJIxvQwpj2yT-V-ZJdf0cwuLcP5IlUG6Z36cl3rktV1BHNlhXJd5Fz8f_t694ffBq9yflgusxFVJMRqgy3lAKNPC8C26rdSlB6y56U7eaiwnGwO9NvnGxbWhB_uTTUSuqZEKueCXptOvdvOoVWcU4POyeyOu_484UGTb3ERLk-vRTQQuF_a8PtengthIBPEaL3uOy-o09sRJBLuhTP34z92Dg2bctMlSPXU5rTHW-21nEDGr1LHGA_1XqXISrkfwVEBD08SH-JLt4pc-mKRGBPG1TI6ZjvbBR_Oin0V9V7_cyIxM88cpNy2j5IFgf_kdIsG6auF4S5L7NRy6OpfWEJItYURVGxvX_0YLvAKUOVM6jLNhh6Z8zIWtn2r8yZIWuN4EiZQS2Aw_0-.ZPizyUMG3zL8ztKBCkcSnQ==
content-length: 0
vary: Origin

GET
H2 200 OzfdHWSFhmIoVxHKRCHpTwi0qCm9IPhgMp-Ejrq9idLjyTgkLY9QyVE9k-UpjMVnVtqVJPkJ12TpcZ7pSr1QAJWygrgePqa536NKPPgVw8-tKRyrnZOkoZ6kd9gfMJPtjMXY7hDbNXZ_T_zQKCx0MXJdC8s2A6Vk209OZ9HyzRY5xs-isKcKJNVEbM7iuNNYCeRae...
shanta-jos.com/imp/e8b09eb7-9e9b-11ea-ac8d-0a8edb2d7df5/1/ 5 KB
5 KB 366ms
172ms Image
image/jpeg 2600:1f18:40f7:9703:c616:7210:773f:d93e
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shanta-jos.com/imp/e8b09eb7-9e9b-11ea-ac8d-0a8edb2d7df5/1/OzfdHWSFhmIoVxHKRCHpTwi0qCm9IPhgMp-Ejrq9idLjyTgkLY9QyVE9k-UpjMVnVtqVJPkJ12TpcZ7pSr1QAJWygrgePqa536NKPPgVw8-tKRyrnZOkoZ6kd9gfMJPtjMXY7hDbNXZ_T_zQKCx0MXJdC8s2A6Vk209OZ9HyzRY5xs-isKcKJNVEbM7iuNNYCeRaeEcHyXCjxwf4P9lR0aPWj967LbPbCssGgKz3R68hJKfk-Gty-uAKxsUhM5yN0l32GSZUBAK6_24fWxAFw4GsASnEIySLq0yNtW93O32_p0P1adgJq9X5-lqAinqqnbHJIxvQwpj2yT-V-ZJdf0cwuLcP5IlUG6Z36cl3rktV1BHNlhXJd5Fz8f_t694ffBq9yflgusxFVJMRqgy3lAKNPC8C26rdSlB6y56U7eaiwnGwO9NvnGxbWhB_uTTUSuqZEKueCXptOvdvOoVWcU4POyeyOu_484UGTb3ERLk-vRTQQuF_a8PtengthIBPEaL3uOy-o09sRJBLuhTP34z92Dg2bctMlSPXU5rTHW-21nEDGr1LHGA_1XqXISrkfwVEBD08SH-JLt4pc-mKRGBPG1TI6ZjvbBR_Oin0V9V7_cyIxM88cpNy2j5IFgf_kdIsG6auF4S5L7NRy6OpfWEJItYURVGxvX_0YLvAKUOVM6jLNhh6Z8zIWtn2r8yZIWuN4EiZQS2Aw_0-.ZPizyUMG3zL8ztKBCkcSnQ==
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:40f7:9703:c616:7210:773f:d93e Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 0ccdc8951e31723bf94e1c036dbfb6ab31f433e2709201089555cd624efcb85c

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Mon, 25 May 2020 15:25:06 GMT
content-disposition: inline;filename=f.txt
content-length: 4873
content-type: image/jpeg

GET
H2 200 c
c.mgid.com/ Frame E3BB 43 B
228 B 99ms
98ms Image
image/gif 104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.mgid.com/c?f=1&pv=3&v=492|328|12|a7hKUKHYailHguI54nwe8ss6hRtJ_t1yLfZ6IMCc2Y60aKKsZh4XqaDpWV_jBBVS&fw=1&extjs=66046&v=492|328|12|fFhwo-jDt2RcCk5_t4ijlGW0SC9Zd1YJYFnvdTSk0gg5gCH_zxaD-uByaUmlWrmZ&imgdim=1&cid=273247&h2=RzmfZhvBhvrigr5pmFTSMmmQxV2Yf0rUxqfPrlk_5TM*&rid=e8bcdad0-9e9b-11ea-a348-d094662f8ab5&tt=Direct&pageImp=1&muid=k4p4DqgKVgp8&cbuster=1590420306148249685203&tpl=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.134.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://int.special-offers.online/common/content/contentforyou6.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 May 2020 15:25:06 GMT
cf-cache-status: DYNAMIC
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 599044617c3bcc4a-ZRH
content-type: image/gif
cf-request-id: 02ee0910ee0000cc4aecb12200000001

GET
H2 200 c
c.mgid.com/ Frame E3BB 43 B
133 B 83ms
81ms Image
image/gif 104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.mgid.com/c?pv=3&v=492|328|12|GN18Gu05UcWCS566_0fIVNnV4GkC4i1tyEmJra0cAcbeP8QBvkxE9tsp8BtPelHi&extjs=66046&v=492|328|12|bomTtgNOIXkkyelS0WfKV8QhnwhVDK9fa7AC6QeGHaq4sM6Df9O3o4G7X6jGtwzz&v=492|328|12|-qhwzEAOpZ-kNF29_W3R5teD2Eh1GPLh98kNVHdNhRADTcV3xo2uRIDW0YCg_rqf&v=492|328|12|fUqXcY_TBQGcWMjZiny01syZDUXt_6U-b_n2wm9e9BjbgveyRq4l0IpUhUW3m9ex&imgdim=1&cid=273247&h2=RzmfZhvBhvrigr5pmFTSMmmQxV2Yf0rUxqfPrlk_5TM*&rid=e8bcdad0-9e9b-11ea-a348-d094662f8ab5&tt=Direct&pageImp=0&muid=k4p4DqgKVgp8&cbuster=1590420306248519783045&tpl=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.134.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://int.special-offers.online/common/content/contentforyou6.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 May 2020 15:25:06 GMT
cf-cache-status: DYNAMIC
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 599044621da7cc4a-ZRH
content-type: image/gif
cf-request-id: 02ee0911510000cc4aecb1c200000001

POST
H2 204 csm
bidder.criteo.com/ 0
155 B 54ms
54ms Other
text/plain 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/csm?ptv=89&profileId=206
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

status: 204
date: Mon, 25 May 2020 15:25:06 GMT
access-control-allow-credentials: true
server: Finatra
access-control-allow-origin: https://int.special-offers.online
timing-allow-origin: *
vary: Origin

Verdicts & Comments Add Verdict or Comment

35 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			int.special-offers.online/	1970-01-23 00:11:00	Name: pc Value: data_1

36 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://jsc.mgid.com/c/l/click-push.com.273247.js?t=12042515(Line 477) Message: WIDGET_273247_0e5b5 afterInitHooks hook mgqInit start
console-api	log	URL: https://jsc.mgid.com/c/l/click-push.com.273247.js?t=12042515(Line 477) Message: WIDGET_273247_0e5b5 afterInitHooks hook initAntiFraud start
console-api	log	URL: https://jsc.mgid.com/c/l/click-push.com.273247.js?t=12042515(Line 477) Message: WIDGET_273247_0e5b5 afterInitHooks hook subnetsLoad start
console-api	log	URL: https://jsc.mgid.com/c/l/click-push.com.273247.js?t=12042515(Line 477) Message: WIDGET_273247_0e5b5 afterInitHooks hook subnetsLoad start
console-api	log	URL: https://jsc.mgid.com/c/l/click-push.com.273247.js?t=12042515(Line 477) Message: WIDGET_273247_0e5b5 afterPreRenderNewsHooks hook calcPreRenderingBlock start
console-api	log	URL: https://jsc.mgid.com/c/l/click-push.com.273247.js?t=12042515(Line 477) Message: WIDGET_273247_0e5b5 afterInjectScriptHooks hook servicerDoubleClick start
console-api	log	URL: https://jsc.mgid.com/c/l/click-push.com.273247.js?t=12042515(Line 477) Message: WIDGET_273247_0e5b5 beforeLoadNewsHooks hook refreshAdvertLink start
console-api	log	URL: https://jsc.mgid.com/c/l/click-push.com.273247.js?t=12042515(Line 477) Message: WIDGET_273247_0e5b5 beforeLoadNewsHooks hook initRejectStyles start
console-api	log	URL: https://jsc.mgid.com/c/l/click-push.com.273247.js?t=12042515(Line 477) Message: WIDGET_273247_0e5b5 afterLoadNewsHooks hook initAdvertPopup start
console-api	log	URL: https://jsc.mgid.com/c/l/click-push.com.273247.js?t=12042515(Line 477) Message: WIDGET_273247_0e5b5 afterLoadNewsHooks hook initIntExchangeLabels start
console-api	log	URL: https://jsc.mgid.com/c/l/click-push.com.273247.js?t=12042515(Line 477) Message: WIDGET_273247_0e5b5 afterLoadNewsHooks hook iExchangeLoggerInit start
console-api	log	URL: https://jsc.mgid.com/c/l/click-push.com.273247.js?t=12042515(Line 477) Message: WIDGET_273247_0e5b5 afterLoadNewsHooks hook initWidgetObserver start
console-api	log	URL: https://jsc.mgid.com/c/l/click-push.com.273247.js?t=12042515(Line 477) Message: WIDGET_273247_0e5b5 afterLoadNewsHooks hook hangAFListener start
console-api	log	URL: https://jsc.mgid.com/c/l/click-push.com.273247.js?t=12042515(Line 477) Message: WIDGET_273247_0e5b5 afterLoadNewsHooks hook cmPixelLoad start
console-api	log	URL: https://jsc.mgid.com/c/l/click-push.com.273247.js?t=12042515(Line 477) Message: WIDGET_273247_0e5b5 afterLoadNewsHooks hook initActivateDelay start
console-api	log	URL: https://jsc.mgid.com/c/l/click-push.com.273247.js?t=12042515(Line 477) Message: WIDGET_273247_0e5b5 afterLoadNewsHooks hook handleExternalCountersListener start
console-api	log	URL: https://jsc.mgid.com/c/l/click-push.com.273247.js?t=12042515(Line 477) Message: WIDGET_273247_0e5b5 afterLoadNewsHooks hook executeTurboCallback start
console-api	log	URL: https://jsc.mgid.com/c/l/click-push.com.273247.js?t=12042515(Line 477) Message: WIDGET_273247_0e5b5 afterLoadNewsHooks hook addPreviewEvent start
console-api	log	URL: https://jsc.mgid.com/c/l/click-push.com.273247.js?t=12042515(Line 477) Message: WIDGET_273247_0e5b5 afterLoadNewsHooks hook countersLoad start
console-api	log	URL: https://jsc.mgid.com/c/l/click-push.com.273247.js?t=12042515(Line 477) Message: WIDGET_273247_0e5b5 afterLoadNewsHooks hook countersLoad error: Cannot read property 'hasNewsWidget' of undefined
console-api	log	URL: https://jsc.mgid.com/c/l/click-push.com.273247.js?t=12042515(Line 477) Message: WIDGET_273247_0e5b5 afterLoadNewsHooks hook compositeComscoreCountersLoad start
console-api	log	URL: https://jsc.mgid.com/c/l/click-push.com.273247.js?t=12042515(Line 477) Message: WIDGET_273247_0e5b5 afterLoadNewsHooks hook gradientRendering start
console-api	log	URL: https://jsc.mgid.com/c/l/click-push.com.273247.js?t=12042515(Line 477) Message: WIDGET_273247_0e5b5 afterLoadNewsHooks hook responsiveInit start
console-api	log	URL: https://jsc.mgid.com/c/l/click-push.com.273247.js?t=12042515(Line 477) Message: WIDGET_273247_0e5b5 afterLoadNewsHooks hook initCriteoHandlers start
console-api	log	URL: https://jsc.mgid.com/c/l/click-push.com.273247.js?t=12042515(Line 477) Message: WIDGET_273247_0e5b5 afterLoadNewsHooks hook monitorInit start
console-api	debug	URL: https://jsc.mgid.com/c/l/click-push.com.273247.js?t=12042515(Line 243) Message: [object HTMLImageElement]
console-api	log	URL: https://jsc.mgid.com/c/l/click-push.com.273247.js?t=12042515(Line 477) Message: WIDGET_273247_0e5b5 Observer. Widget shown. Ratio: 1
console-api	log	URL: https://jsc.mgid.com/c/l/click-push.com.273247.js?t=12042515(Line 477) Message: WIDGET_273247_0e5b5 Observer. Widget shown. Ratio: 0.9044005870819092
console-api	log	URL: https://jsc.mgid.com/c/l/click-push.com.273247.js?t=12042515(Line 477) Message: WIDGET_273247_0e5b5 afterPrepareCappingDataHooks hook renderLazyBanners start
console-api	log	URL: https://jsc.mgid.com/c/l/click-push.com.273247.js?t=12042515(Line 477) Message: WIDGET_273247_0e5b5 afterPrepareCappingDataHooks hook renderLazyBanners start
console-api	log	URL: https://jsc.mgid.com/c/l/click-push.com.273247.js?t=12042515(Line 477) Message: WIDGET_273247_0e5b5 afterSendCappingHooks hook doubleClickCappingEvent start
console-api	log	URL: https://jsc.mgid.com/c/l/click-push.com.273247.js?t=12042515(Line 477) Message: WIDGET_273247_0e5b5 afterPrepareCappingDataHooks hook renderLazyBanners start
console-api	log	URL: https://jsc.mgid.com/c/l/click-push.com.273247.js?t=12042515(Line 477) Message: WIDGET_273247_0e5b5 afterPrepareCappingDataHooks hook renderLazyBanners start
console-api	log	URL: https://jsc.mgid.com/c/l/click-push.com.273247.js?t=12042515(Line 477) Message: WIDGET_273247_0e5b5 afterPrepareCappingDataHooks hook renderLazyBanners start
console-api	log	URL: https://jsc.mgid.com/c/l/click-push.com.273247.js?t=12042515(Line 477) Message: WIDGET_273247_0e5b5 afterPrepareCappingDataHooks hook renderLazyBanners start
console-api	log	URL: https://jsc.mgid.com/c/l/click-push.com.273247.js?t=12042515(Line 477) Message: WIDGET_273247_0e5b5 afterSendCappingHooks hook doubleClickCappingEvent start

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.betweendigital.com
ams.creativecdn.com
bidder.criteo.com
c.mgid.com
cdn.mgid.com
clk.wbidder.online
cm.g.doubleclick.net
cm.idealmedia.io
cm.lentainform.com
cm.mgid.com
contextual.media.net
creativecdn.com
csync.loopme.me
eus.rubiconproject.com
fonts.gstatic.com
int.special-offers.online
jsc.mgid.com
match.adsrvr.org
prod.perf-serving.com
rtb-usw.mfadsrvr.com
s-img.mgid.com
sb.scorecardresearch.com
secure-assets.rubiconproject.com
servicer.mgid.com
shanta-jos.com
static.criteo.net
track.special-promotions.online
udata.mixmarket.biz
wbidder.online
x.bidswitch.net
104.109.78.125
104.16.221.74
104.19.134.78
138.201.86.121
172.217.16.194
178.250.2.131
185.184.8.30
2.16.46.85
213.227.145.136
213.227.145.141
23.105.245.4
23.105.254.60
23.5.109.251
2600:1f18:40f7:9703:c616:7210:773f:d93e
2a00:1450:4001:820::2003
2a02:2638::3
2a03:b0c0:3:d0::d13:7001
3.122.141.1
34.252.71.88
35.212.212.222
5.79.72.207
52.57.90.82
72.247.224.27
88.212.252.22
01793dfe25a8daa227696e0d8630591f4b774fcac7f257eba7296f081cb4dbaa
0ccdc8951e31723bf94e1c036dbfb6ab31f433e2709201089555cd624efcb85c
1372ebaa0d371c6cbe8624b176d4ffbfc224abe9e3a2f3c6423910768a37d85c
16823d193b11ce71c0a71c77fbbc658e19156bb1776134e2f389ad131291fd50
200bd56963adda22616ab7280f1463e11e3060e5987586729710f338f1a8df68
40adac4a5aa57fca79eb31c9bf7ca931d7402dcba7e15656892beba926633211
461a60bd2fe4e6d554cf3fcd980189ad38a2f8704898f7eaf0941af761b440e3
7e83fc3dc542e7be4f58dea74a3d729956bf590acec4c8521de9dc8a74b276c6
821a0ced3c784bc7b7ae3eeaa4a51040260f0a31675349aff2d24590dbc51e66
961d154768dae0faa392445600d352146a47be440834a449d579b1166a16bfcd
9cf2f7cf6e696c0d13bb4a893d9efc1a16fd991d0e3bb5a6f7966d9718ec9993
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aae80a8125affd8e33409d76e77ae2918d62c2028ee68e0d9fd6093d41ca0aad
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b31062abec9d4536524232f02801803517829af29b44c85b59696d52bc7107cc
d8db4c462d36286b02471b9b3e1de04caaaa29182a9336efe1de0a6610917ee3
df497567747427e9b33b10d25c85bc3e1ecb7247ddd99ebdde9b9ce6e03976df
df67f4466b8e0083eb5c698e3aab6bb1e5b2dbd9a200266c93f25a4aec1ebc14
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ebbd29cbf91adb41b054ec2c635dc57348e2067f468b40117540104c7f8bf49b
eecd880876a08e8591f2e9bf2a8349b0d990cf479393458cb074755013abdd6b

int.special-offers.online Open in urlscan Pro 213.227.145.136 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

45 Requests

100 %HTTPS

17 %IPv6

22 Domains

30 Subdomains

13 IPs

8 Countries

292 kBTransfer

499 kBSize

1 Cookies

7 Outgoing links

Page URL History

Redirected requests

45 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

int.special-offers.online Open in urlscan Pro
213.227.145.136 Public Scan

Screenshot
Live screenshot

Full Image

45
Requests

100 %
HTTPS

17 %
IPv6

22
Domains

30
Subdomains

13
IPs

8
Countries

292 kB
Transfer

499 kB
Size

1
Cookies

45 HTTP transactions
1 data transactions