Submitted URL: http://xml-api.online/click?c=4rv2i1ij0kku81uvae&f=500100&s=DZE90G6OIS&d=FlaGm3eyJpcCI6IjE5Ni4xOTEuMTYyLjE2IiwiYnJvd3N...
Effective URL: https://hot.findsale.club/index.php?key=0wcff73b6nxj48rip18j&subid=e908-bid_500260&utm_source=e908-bid_500260&utm_medium=w...
Submission: On October 01 via api from ET — Scanned from DE

Summary

This website contacted 14 IPs in 4 countries across 17 domains to perform 65 HTTP transactions. The main IP is 157.245.71.143, located in Amsterdam, Netherlands and belongs to DIGITALOCEAN-ASN, US. The main domain is hot.findsale.club.
TLS certificate: Issued by R3 on August 30th 2021. Valid for: 3 months.
This is the only time hot.findsale.club was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 85.17.23.6 60781 (LEASEWEB-...)
13 213.227.145.147 60781 (LEASEWEB-...)
5 95.211.194.53 60781 (LEASEWEB-...)
2 2 5.79.77.202 60781 (LEASEWEB-...)
2 2 206.189.241.141 14061 (DIGITALOC...)
4 104.21.23.167 13335 (CLOUDFLAR...)
2 2 68.183.216.111 14061 (DIGITALOC...)
2 2 5.79.72.207 60781 (LEASEWEB-...)
13 104.19.134.80 13335 (CLOUDFLAR...)
5 213.227.149.216 60781 (LEASEWEB-...)
2 67.27.235.122 3356 (LEVEL3)
2 5.79.69.65 60781 (LEASEWEB-...)
3 142.250.185.238 15169 (GOOGLE)
9 104.19.133.80 13335 (CLOUDFLAR...)
1 104.19.135.80 13335 (CLOUDFLAR...)
1 1 64.225.80.227 14061 (DIGITALOC...)
1 157.245.71.143 14061 (DIGITALOC...)
3 104.18.16.65 13335 (CLOUDFLAR...)
1 142.250.186.40 15169 (GOOGLE)
65 14
Domain Requested by
11 press-news-for.me press-news-for.me
9 s-img.adskeeper.co.uk jsc.adskeeper.co.uk
5 cdn.adskeeper.co.uk int.special-offers.online
jsc.adskeeper.co.uk
5 free-coupons.network int.special-offers.online
5 wbidder.online press-news-for.me
free-coupons.network
4 s.adoppop.com
3 c.adskeeper.co.uk jsc.adskeeper.co.uk
3 www.google-analytics.com free-coupons.network
www.googletagmanager.com
www.google-analytics.com
2 jsc.adskeeper.com hot.findsale.club
jsc.adskeeper.com
2 cm.adskeeper.co.uk jsc.adskeeper.co.uk
2 cdn.special-offers.online int.special-offers.online
2 jsc.adskeeper.co.uk int.special-offers.online
jsc.adskeeper.co.uk
2 clk.wbidder.online 2 redirects
2 tracking.eu.adoperatorcore.com 2 redirects
2 crtv.wboptim.online 2 redirects
2 wbidr.com press-news-for.me
free-coupons.network
1 c.adskeeper.com jsc.adskeeper.com
1 www.googletagmanager.com hot.findsale.club
1 hot.findsale.club free-coupons.network
1 click.eu.adoperatorcore.com 1 redirects
1 track.special-promotions.online 1 redirects
1 cm.steepto.com
1 servicer.adskeeper.co.uk jsc.adskeeper.co.uk
1 special-offers.online int.special-offers.online
1 int.special-offers.online press-news-for.me
1 track.cpa-optimizer.online 1 redirects
1 xml-api.online 1 redirects
65 27

This site contains no links.

Subject Issuer Validity Valid
*.press-news-for.me
AlphaSSL CA - SHA256 - G2
2021-09-20 -
2022-10-22
a year crt.sh
*.wbidder.online
AlphaSSL CA - SHA256 - G2
2021-03-06 -
2022-04-07
a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2021-02-19 -
2022-02-18
a year crt.sh
*.special-offers.online
AlphaSSL CA - SHA256 - G2
2021-08-09 -
2022-09-10
a year crt.sh
*.free-coupons.network
AlphaSSL CA - SHA256 - G2
2021-03-08 -
2022-04-09
a year crt.sh
*.wbidr.com
AlphaSSL CA - SHA256 - G2
2021-03-06 -
2022-04-07
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2021-09-13 -
2021-11-20
2 months crt.sh
hot.findsale.club
R3
2021-08-30 -
2021-11-28
3 months crt.sh

This page contains 2 frames:

Primary Page: https://hot.findsale.club/index.php?key=0wcff73b6nxj48rip18j&subid=e908-bid_500260&utm_source=e908-bid_500260&utm_medium=ww_mini1_split_findsale&bbid=16
Frame ID: 11AA644B63AF3C509E73DEF9FBF87E28
Requests: 64 HTTP requests in this frame

Frame: https://cm.adskeeper.co.uk/i-noref.js?cbuster=1633111380120869500139
Frame ID: DE9E3F8435420FDD708DDE204990B87C
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Updated 2021-10-01

Page URL History Show full URLs

  1. http://xml-api.online/click?c=4rv2i1ij0kku81uvae&f=500100&s=DZE90G6OIS&d=FlaGm3eyJpcCI6IjE5Ni4xOTE... HTTP 302
    https://press-news-for.me/lp/skip-lp/?tag=500100&tag1=ADK&tag2=DZE90G6OIS&tag3=500100&tag4=ADK&clickid... Page URL
  2. https://track.cpa-optimizer.online/15GtmV?tag=500100&tag1=ADK&tag2=DZE90G6OIS&tag3=500100&tag4=ADK&clickid=4rv2... HTTP 302
    https://clk.wbidder.online/redirect?url=https%3A%2F%2Fint.special-offers.online%2Fcommon%2Fcontent%2Fsp... HTTP 302
    https://int.special-offers.online/common/content/special-contentforyou.php?affid=bid_500100&subid=DZE90G6OIS&s... Page URL
  3. https://track.special-promotions.online/15G9io?affid=bid_500100&subid=DZE90G6OIS&sClient=1&r=1633111379.0.9845734095... HTTP 302
    https://clk.wbidder.online/redirect?url=https%3A%2F%2Fclick.eu.adoperatorcore.com%2Frtb%2Ffeedclick%3Fu... HTTP 302
    https://click.eu.adoperatorcore.com/rtb/feedclick?uuid=418587fd-d1e9-466d-af63-ca121d16a089&s=101&d=221&feedid=e... HTTP 302
    https://hot.findsale.club/index.php?key=0wcff73b6nxj48rip18j&subid=e908-bid_500260&utm_source=e908-bid... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js

Page Statistics

65
Requests

95 %
HTTPS

0 %
IPv6

17
Domains

27
Subdomains

14
IPs

4
Countries

955 kB
Transfer

1375 kB
Size

16
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://xml-api.online/click?c=4rv2i1ij0kku81uvae&f=500100&s=DZE90G6OIS&d=FlaGm3eyJpcCI6IjE5Ni4xOTEuMTYyLjE2IiwiYnJvd3NlciI6IkNocm9tZSIsImJyb3dzZXJWZXJzaW9uIjoiOTQuMC40NjA2LjYxIiwib3MiOiJXaW5kb3dzIn0 HTTP 302
    https://press-news-for.me/lp/skip-lp/?tag=500100&tag1=ADK&tag2=DZE90G6OIS&tag3=500100&tag4=ADK&clickid=4rv2i1ij0kku81uvae&country={country}&affid=500100&subid=DZE90G6OIS&as=adk Page URL
  2. https://track.cpa-optimizer.online/15GtmV?tag=500100&tag1=ADK&tag2=DZE90G6OIS&tag3=500100&tag4=ADK&clickid=4rv2i1ij0kku81uvae&country=%7Bcountry%7D&affid=500100&subid=DZE90G6OIS&as=adk&onw=1&link=url%3Dhttps%253A%252F%252Fint.special-offers.online%252Fcommon%252Fcontent%252Fspecial-contentforyou.php%253Faffid%253Dbid_500100%2526subid%253DDZE90G6OIS%2526sClient%253D1%2526r%253D1633111379.0.984573409572671%26s%3DDEFAULT%26a%3Dbid_onw_500100%26uA%3D%26sub%3DDZE90G6OIS%26ts%3D1633111379%26d%3D66%26i%3Def0x1nfsdku8ockwq%26t%3Dclient%26c%3D3250438448 HTTP 302
    https://clk.wbidder.online/redirect?url=https%3A%2F%2Fint.special-offers.online%2Fcommon%2Fcontent%2Fspecial-contentforyou.php%3Faffid%3Dbid_500100%26subid%3DDZE90G6OIS%26sClient%3D1%26r%3D1633111379.0.984573409572671&s=DEFAULT&a=bid_onw_500100&uA=&sub=DZE90G6OIS&ts=1633111379&d=66&i=ef0x1nfsdku8ockwq&t=client&c=3250438448 HTTP 302
    https://int.special-offers.online/common/content/special-contentforyou.php?affid=bid_500100&subid=DZE90G6OIS&sClient=1&r=1633111379.0.984573409572671 Page URL
  3. https://track.special-promotions.online/15G9io?affid=bid_500100&subid=DZE90G6OIS&sClient=1&r=1633111379.0.984573409572671&onw=1&link=url%3Dhttps%253A%252F%252Fclick.eu.adoperatorcore.com%252Frtb%252Ffeedclick%253Fuuid%253D418587fd-d1e9-466d-af63-ca121d16a089%2526s%253D101%2526d%253D221%2526feedid%253De908%2526rt%253D1633111379545%2526sb%253D0.0004%2526db%253D0.0008%2526subid%253Dbid_500260%2526tokid%253Dnull%2526url%253DMCGV6QV42H5HDXSWE67YROYVBUBACZ2BU4PITXQIR6PKUROTGHM2U2URE7SIFVEG7DL6HPRKLTTMMOZPKKHMUY7ZXDO6QVMOKIHPWUAB3UMVBH64EBOAMBPPLCIYJ26J477RJ2N5XMECPKFATUDGUTHDSPQOFXIZFM5E3ZPOYP5AWI6EHINAJA365GAQ56KEL3V2PNEFXA32P2VTOZYQGXDO2Y3KSPP53L6N2OD6D5TEEJTKIW3FIOGYOCWDWMJJ%2526i%253D20f3e0%2526u%253D1479dd%2526ad%253D%26s%3D1036%26a%3Dbid_onw_500100%26uA%3Dbid_500260%26sub%3DDZE90G6OIS%26ts%3D1633111384%26d%3D28%26i%3Dd9eaya1mu3rku8ococ0%26t%3Dclient%26c%3D50711400212 HTTP 302
    https://clk.wbidder.online/redirect?url=https%3A%2F%2Fclick.eu.adoperatorcore.com%2Frtb%2Ffeedclick%3Fuuid%3D418587fd-d1e9-466d-af63-ca121d16a089%26s%3D101%26d%3D221%26feedid%3De908%26rt%3D1633111379545%26sb%3D0.0004%26db%3D0.0008%26subid%3Dbid_500260%26tokid%3Dnull%26url%3DMCGV6QV42H5HDXSWE67YROYVBUBACZ2BU4PITXQIR6PKUROTGHM2U2URE7SIFVEG7DL6HPRKLTTMMOZPKKHMUY7ZXDO6QVMOKIHPWUAB3UMVBH64EBOAMBPPLCIYJ26J477RJ2N5XMECPKFATUDGUTHDSPQOFXIZFM5E3ZPOYP5AWI6EHINAJA365GAQ56KEL3V2PNEFXA32P2VTOZYQGXDO2Y3KSPP53L6N2OD6D5TEEJTKIW3FIOGYOCWDWMJJ%26i%3D20f3e0%26u%3D1479dd%26ad%3D&s=1036&a=bid_onw_500100&uA=bid_500260&sub=DZE90G6OIS&ts=1633111384&d=28&i=d9eaya1mu3rku8ococ0&t=client&c=50711400212 HTTP 302
    https://click.eu.adoperatorcore.com/rtb/feedclick?uuid=418587fd-d1e9-466d-af63-ca121d16a089&s=101&d=221&feedid=e908&rt=1633111379545&sb=0.0004&db=0.0008&subid=bid_500260&tokid=null&url=MCGV6QV42H5HDXSWE67YROYVBUBACZ2BU4PITXQIR6PKUROTGHM2U2URE7SIFVEG7DL6HPRKLTTMMOZPKKHMUY7ZXDO6QVMOKIHPWUAB3UMVBH64EBOAMBPPLCIYJ26J477RJ2N5XMECPKFATUDGUTHDSPQOFXIZFM5E3ZPOYP5AWI6EHINAJA365GAQ56KEL3V2PNEFXA32P2VTOZYQGXDO2Y3KSPP53L6N2OD6D5TEEJTKIW3FIOGYOCWDWMJJ&i=20f3e0&u=1479dd&ad= HTTP 302
    https://hot.findsale.club/index.php?key=0wcff73b6nxj48rip18j&subid=e908-bid_500260&utm_source=e908-bid_500260&utm_medium=ww_mini1_split_findsale&bbid=16 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://xml-api.online/click?c=4rv2i1ij0kku81uvae&f=500100&s=DZE90G6OIS&d=FlaGm3eyJpcCI6IjE5Ni4xOTEuMTYyLjE2IiwiYnJvd3NlciI6IkNocm9tZSIsImJyb3dzZXJWZXJzaW9uIjoiOTQuMC40NjA2LjYxIiwib3MiOiJXaW5kb3dzIn0 HTTP 302
  • https://press-news-for.me/lp/skip-lp/?tag=500100&tag1=ADK&tag2=DZE90G6OIS&tag3=500100&tag4=ADK&clickid=4rv2i1ij0kku81uvae&country={country}&affid=500100&subid=DZE90G6OIS&as=adk
Request Chain 16
  • https://crtv.wboptim.online/icon?url=https%3A%2F%2Ftracking.eu.adoperatorcore.com%2Frtb%2Ffeedimpression%3Fuuid%3D4a4378a7-07ed-4334-8954-bbc5e6a68929%26s%3D101%26d%3D221%26feedid%3De908%26rt%3D1633111378806%26sb%3D0.0004%26db%3D0.0008%26subid%3Dbid_501404%26tokid%3Dnull%26url%3DM6R2B4GETR2CBYFKGVL23NVIDJRWMWAVTP7SS6K44OJVF6F7YRDV6QH5N42RFRZATROZ6YJJRX7X2%253D%253D%253D%26i%3D20f3e0%26u%3D1479dd&s=1036&a=bid_500100&uA=bid_501404&sub=DZE90G6OIS&d=8&ic=1 HTTP 302
  • https://tracking.eu.adoperatorcore.com/rtb/feedimpression?uuid=4a4378a7-07ed-4334-8954-bbc5e6a68929&s=101&d=221&feedid=e908&rt=1633111378806&sb=0.0004&db=0.0008&subid=bid_501404&tokid=null&url=M6R2B4GETR2CBYFKGVL23NVIDJRWMWAVTP7SS6K44OJVF6F7YRDV6QH5N42RFRZATROZ6YJJRX7X2%3D%3D%3D&i=20f3e0&u=1479dd HTTP 302
  • https://s.adoppop.com/images/icon/whats_11.jpg
Request Chain 18
  • https://track.cpa-optimizer.online/15GtmV?tag=500100&tag1=ADK&tag2=DZE90G6OIS&tag3=500100&tag4=ADK&clickid=4rv2i1ij0kku81uvae&country=%7Bcountry%7D&affid=500100&subid=DZE90G6OIS&as=adk&onw=1&link=url%3Dhttps%253A%252F%252Fint.special-offers.online%252Fcommon%252Fcontent%252Fspecial-contentforyou.php%253Faffid%253Dbid_500100%2526subid%253DDZE90G6OIS%2526sClient%253D1%2526r%253D1633111379.0.984573409572671%26s%3DDEFAULT%26a%3Dbid_onw_500100%26uA%3D%26sub%3DDZE90G6OIS%26ts%3D1633111379%26d%3D66%26i%3Def0x1nfsdku8ockwq%26t%3Dclient%26c%3D3250438448 HTTP 302
  • https://clk.wbidder.online/redirect?url=https%3A%2F%2Fint.special-offers.online%2Fcommon%2Fcontent%2Fspecial-contentforyou.php%3Faffid%3Dbid_500100%26subid%3DDZE90G6OIS%26sClient%3D1%26r%3D1633111379.0.984573409572671&s=DEFAULT&a=bid_onw_500100&uA=&sub=DZE90G6OIS&ts=1633111379&d=66&i=ef0x1nfsdku8ockwq&t=client&c=3250438448 HTTP 302
  • https://int.special-offers.online/common/content/special-contentforyou.php?affid=bid_500100&subid=DZE90G6OIS&sClient=1&r=1633111379.0.984573409572671
Request Chain 55
  • https://crtv.wboptim.online/icon?url=https%3A%2F%2Ftracking.eu.adoperatorcore.com%2Frtb%2Ffeedimpression%3Fuuid%3D418587fd-d1e9-466d-af63-ca121d16a089%26s%3D101%26d%3D221%26feedid%3De908%26rt%3D1633111379545%26sb%3D0.0004%26db%3D0.0008%26subid%3Dbid_500260%26tokid%3Dnull%26url%3DM6R2B4GETR2CBYFKGVL23NVIDJRWMWAVTP7SS6K44OJVF6F7YRD5F7XWCULGQHIEMFRIOT4INK7DS%253D%253D%253D%26i%3D20f3e0%26u%3D1479dd&s=1036&a=bid_onw_500100&uA=bid_500260&sub=DZE90G6OIS&d=28&ic=1 HTTP 302
  • https://tracking.eu.adoperatorcore.com/rtb/feedimpression?uuid=418587fd-d1e9-466d-af63-ca121d16a089&s=101&d=221&feedid=e908&rt=1633111379545&sb=0.0004&db=0.0008&subid=bid_500260&tokid=null&url=M6R2B4GETR2CBYFKGVL23NVIDJRWMWAVTP7SS6K44OJVF6F7YRD5F7XWCULGQHIEMFRIOT4INK7DS%3D%3D%3D&i=20f3e0&u=1479dd HTTP 302
  • https://s.adoppop.com/images/icon/lara.jpg

65 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
/
press-news-for.me/lp/skip-lp/
Redirect Chain
  • http://xml-api.online/click?c=4rv2i1ij0kku81uvae&f=500100&s=DZE90G6OIS&d=FlaGm3eyJpcCI6IjE5Ni4xOTEuMTYyLjE2IiwiYnJvd3NlciI6IkNocm9tZSIsImJyb3dzZXJWZXJzaW9uIjoiOTQuMC40NjA2LjYxIiwib3MiOiJXaW5kb3dzIn0
  • https://press-news-for.me/lp/skip-lp/?tag=500100&tag1=ADK&tag2=DZE90G6OIS&tag3=500100&tag4=ADK&clickid=4rv2i1ij0kku81uvae&country={country}&affid=500100&subid=DZE90G6OIS&as=adk
17 KB
17 KB
Document
General
Full URL
https://press-news-for.me/lp/skip-lp/?tag=500100&tag1=ADK&tag2=DZE90G6OIS&tag3=500100&tag4=ADK&clickid=4rv2i1ij0kku81uvae&country={country}&affid=500100&subid=DZE90G6OIS&as=adk
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.227.145.147 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
75196baf5451d4a5b0aeb0d7adc2c576b67284a4385771dc2ec203bd4add5b75
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

:method
GET
:authority
press-news-for.me
:scheme
https
:path
/lp/skip-lp/?tag=500100&tag1=ADK&tag2=DZE90G6OIS&tag3=500100&tag4=ADK&clickid=4rv2i1ij0kku81uvae&country={country}&affid=500100&subid=DZE90G6OIS&as=adk
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Fri, 01 Oct 2021 18:02:58 GMT
content-type
text/html
content-length
16917
last-modified
Wed, 01 Sep 2021 08:23:16 GMT
etag
"612f3874-4215"
x-frame-options
SAMEORIGIN
accept-ranges
bytes

Redirect headers

location
https://press-news-for.me/lp/skip-lp/?tag=500100&tag1=ADK&tag2=DZE90G6OIS&tag3=500100&tag4=ADK&clickid=4rv2i1ij0kku81uvae&country={country}&affid=500100&subid=DZE90G6OIS&as=adk
content-length
0
date
Fri, 01 Oct 2021 18:02:58 GMT
keep-alive
timeout=5
style-new.css
press-news-for.me/lp/plugin/css/
38 KB
38 KB
Stylesheet
General
Full URL
https://press-news-for.me/lp/plugin/css/style-new.css
Requested by
Host: press-news-for.me
URL: https://press-news-for.me/lp/skip-lp/?tag=500100&tag1=ADK&tag2=DZE90G6OIS&tag3=500100&tag4=ADK&clickid=4rv2i1ij0kku81uvae&country={country}&affid=500100&subid=DZE90G6OIS&as=adk
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.227.145.147 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
88463998ff9fa0fc4c6d6ca048e456779eaae4305b3e8ede91666b5c7ef4d9e3
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

:path
/lp/plugin/css/style-new.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
press-news-for.me
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 18:02:58 GMT
last-modified
Fri, 03 Jul 2020 12:28:02 GMT
server
nginx
etag
"5eff2452-9791"
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
max-age=2592000
accept-ranges
bytes
content-length
38801
expires
Sun, 31 Oct 2021 18:02:58 GMT
skip-button.jpeg
press-news-for.me/lp/skip-lp/img/
13 KB
13 KB
Image
General
Full URL
https://press-news-for.me/lp/skip-lp/img/skip-button.jpeg
Requested by
Host: press-news-for.me
URL: https://press-news-for.me/lp/skip-lp/?tag=500100&tag1=ADK&tag2=DZE90G6OIS&tag3=500100&tag4=ADK&clickid=4rv2i1ij0kku81uvae&country={country}&affid=500100&subid=DZE90G6OIS&as=adk
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.227.145.147 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
445c2d9d796d903b4c1f3c896c857cf549be5279c27d83e23524aab91f3294a3
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

:path
/lp/skip-lp/img/skip-button.jpeg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
press-news-for.me
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 18:02:58 GMT
last-modified
Thu, 13 May 2021 13:24:37 GMT
server
nginx
etag
"609d2895-33db"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
13275
expires
Sun, 31 Oct 2021 18:02:58 GMT
script.js
press-news-for.me/lp/skip-lp/
4 KB
4 KB
Script
General
Full URL
https://press-news-for.me/lp/skip-lp/script.js
Requested by
Host: press-news-for.me
URL: https://press-news-for.me/lp/skip-lp/?tag=500100&tag1=ADK&tag2=DZE90G6OIS&tag3=500100&tag4=ADK&clickid=4rv2i1ij0kku81uvae&country={country}&affid=500100&subid=DZE90G6OIS&as=adk
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.227.145.147 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
fdd3014848a6ec682daf4af484d6360279976d99deb9f3afc1693aa5739488a5
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

:path
/lp/skip-lp/script.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
press-news-for.me
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 18:02:58 GMT
last-modified
Thu, 13 May 2021 14:07:05 GMT
server
nginx
etag
"609d3289-f2c"
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=2592000
accept-ranges
bytes
content-length
3884
expires
Sun, 31 Oct 2021 18:02:58 GMT
IndexedDb.js
press-news-for.me/lp/plugin/js/
4 KB
4 KB
Script
General
Full URL
https://press-news-for.me/lp/plugin/js/IndexedDb.js
Requested by
Host: press-news-for.me
URL: https://press-news-for.me/lp/skip-lp/?tag=500100&tag1=ADK&tag2=DZE90G6OIS&tag3=500100&tag4=ADK&clickid=4rv2i1ij0kku81uvae&country={country}&affid=500100&subid=DZE90G6OIS&as=adk
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.227.145.147 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
2ae833f4464565f0a42688dc6e386f1e2fdfd63ccafe93151404b4c27fa9f8f7
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

:path
/lp/plugin/js/IndexedDb.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
press-news-for.me
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 18:02:58 GMT
last-modified
Fri, 03 Jul 2020 09:20:38 GMT
server
nginx
etag
"5efef866-1012"
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=2592000
accept-ranges
bytes
content-length
4114
expires
Sun, 31 Oct 2021 18:02:58 GMT
log.js
press-news-for.me/lp/plugin/js/
1 KB
2 KB
Script
General
Full URL
https://press-news-for.me/lp/plugin/js/log.js
Requested by
Host: press-news-for.me
URL: https://press-news-for.me/lp/skip-lp/?tag=500100&tag1=ADK&tag2=DZE90G6OIS&tag3=500100&tag4=ADK&clickid=4rv2i1ij0kku81uvae&country={country}&affid=500100&subid=DZE90G6OIS&as=adk
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.227.145.147 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
b126582a2dc15643553ecc896192ffe2b58858c39571411ef548013a0be9d258
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

:path
/lp/plugin/js/log.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
press-news-for.me
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 18:02:58 GMT
last-modified
Fri, 03 Jul 2020 09:20:39 GMT
server
nginx
etag
"5efef867-5c3"
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=2592000
accept-ranges
bytes
content-length
1475
expires
Sun, 31 Oct 2021 18:02:58 GMT
client.new.js
press-news-for.me/plugin/js/
26 KB
26 KB
Script
General
Full URL
https://press-news-for.me/plugin/js/client.new.js
Requested by
Host: press-news-for.me
URL: https://press-news-for.me/lp/skip-lp/?tag=500100&tag1=ADK&tag2=DZE90G6OIS&tag3=500100&tag4=ADK&clickid=4rv2i1ij0kku81uvae&country={country}&affid=500100&subid=DZE90G6OIS&as=adk
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.227.145.147 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
48ba395cc577fa83ac2a96ad9231c97127e72d64d5055d6d8356bb15e7dbdd91
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

:path
/plugin/js/client.new.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
press-news-for.me
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 18:02:58 GMT
last-modified
Wed, 01 Sep 2021 12:17:27 GMT
server
nginx
etag
"612f6f57-683e"
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=2592000
accept-ranges
bytes
content-length
26686
expires
Sun, 31 Oct 2021 18:02:58 GMT
bidder.js
press-news-for.me/plugin/js/
14 KB
14 KB
Script
General
Full URL
https://press-news-for.me/plugin/js/bidder.js
Requested by
Host: press-news-for.me
URL: https://press-news-for.me/lp/skip-lp/?tag=500100&tag1=ADK&tag2=DZE90G6OIS&tag3=500100&tag4=ADK&clickid=4rv2i1ij0kku81uvae&country={country}&affid=500100&subid=DZE90G6OIS&as=adk
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.227.145.147 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
58d13f6f6ce4cb045c2edc8d2b8227cc7229541c0b29957e86a94ec3a6fd4581
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

:path
/plugin/js/bidder.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
press-news-for.me
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 18:02:58 GMT
last-modified
Tue, 14 Sep 2021 11:45:52 GMT
server
nginx
etag
"61408b70-36d2"
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=2592000
accept-ranges
bytes
content-length
14034
expires
Sun, 31 Oct 2021 18:02:58 GMT
bidder-interval.js
press-news-for.me/plugin/js/
8 KB
8 KB
Script
General
Full URL
https://press-news-for.me/plugin/js/bidder-interval.js
Requested by
Host: press-news-for.me
URL: https://press-news-for.me/lp/skip-lp/?tag=500100&tag1=ADK&tag2=DZE90G6OIS&tag3=500100&tag4=ADK&clickid=4rv2i1ij0kku81uvae&country={country}&affid=500100&subid=DZE90G6OIS&as=adk
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.227.145.147 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
24141558e900e7958550c5fd92cc9b06c901ca0eee038bba7ed53b5c6e539ff6
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

:path
/plugin/js/bidder-interval.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
press-news-for.me
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 18:02:58 GMT
last-modified
Fri, 06 Aug 2021 08:27:00 GMT
server
nginx
etag
"610cf254-1f8f"
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=2592000
accept-ranges
bytes
content-length
8079
expires
Sun, 31 Oct 2021 18:02:58 GMT
client
wbidder.online/offer/
3 KB
1 KB
Fetch
General
Full URL
https://wbidder.online/offer/client?affid=500100&subid=DZE90G6OIS
Requested by
Host: press-news-for.me
URL: https://press-news-for.me/lp/skip-lp/script.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.211.194.53 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
34fb5300995ca4c60fb9287babb7819a34c1ebc21384b2579d2003b4a54d328e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 01 Oct 2021 18:02:58 GMT
content-encoding
gzip
vary
Origin, Accept-Encoding
keep-alive
timeout=5
transfer-encoding
chunked
content-type
application/json; charset=utf-8
client
wbidder.online/offer/
1 KB
827 B
Fetch
General
Full URL
https://wbidder.online/offer/client?affid=onw_500100&subid=DZE90G6OIS&days=8&count=1
Requested by
Host: press-news-for.me
URL: https://press-news-for.me/plugin/js/client.new.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.211.194.53 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
58bfe42f5cc12c531202f249fed4cf36a73d9940884873aef47079e87d38f805

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 01 Oct 2021 18:02:59 GMT
content-encoding
gzip
vary
Origin, Accept-Encoding
keep-alive
timeout=5
transfer-encoding
chunked
content-type
application/json; charset=utf-8
client
wbidder.online/offer/
1 KB
790 B
Fetch
General
Full URL
https://wbidder.online/offer/client?affid=onw_500100&subid=DZE90G6OIS&days=8&count=1
Requested by
Host: press-news-for.me
URL: https://press-news-for.me/plugin/js/client.new.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.211.194.53 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 01 Oct 2021 18:02:59 GMT
content-encoding
gzip
vary
Origin, Accept-Encoding
keep-alive
timeout=5
transfer-encoding
chunked
content-type
application/json; charset=utf-8
client
wbidder.online/offer/
2 B
280 B
Fetch
General
Full URL
https://wbidder.online/offer/client?affid=onw_500100&subid=DZE90G6OIS&days=8&count=1
Requested by
Host: press-news-for.me
URL: https://press-news-for.me/plugin/js/client.new.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.211.194.53 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 01 Oct 2021 18:02:59 GMT
content-encoding
gzip
vary
Origin, Accept-Encoding
keep-alive
timeout=5
transfer-encoding
chunked
content-type
application/json; charset=utf-8
newB1modal.png
press-news-for.me/pluginstuff/
9 KB
9 KB
Image
General
Full URL
https://press-news-for.me/pluginstuff/newB1modal.png
Requested by
Host: press-news-for.me
URL: https://press-news-for.me/lp/skip-lp/?tag=500100&tag1=ADK&tag2=DZE90G6OIS&tag3=500100&tag4=ADK&clickid=4rv2i1ij0kku81uvae&country={country}&affid=500100&subid=DZE90G6OIS&as=adk
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.227.145.147 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
3f0014f83976d1cf838ba0bb0dd7b9150457ebc601c4f6840d8e16620c12ad5b
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

:path
/pluginstuff/newB1modal.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
press-news-for.me
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 18:02:58 GMT
last-modified
Fri, 14 May 2021 16:13:10 GMT
server
nginx
etag
"609ea196-2359"
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
9049
expires
Sun, 31 Oct 2021 18:02:58 GMT
client
wbidr.com/offer/
0
0

spinner.gif
press-news-for.me/flow-lp/porsche-1/img/
113 KB
113 KB
Image
General
Full URL
https://press-news-for.me/flow-lp/porsche-1/img/spinner.gif
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.227.145.147 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
7ffbc5613ad711543dc07ae92ea8a151ed27fa356f0a591181910f4270b2e908
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

:path
/flow-lp/porsche-1/img/spinner.gif
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
press-news-for.me
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 18:02:58 GMT
last-modified
Fri, 01 Nov 2019 13:26:09 GMT
server
nginx
etag
"5dbc3271-1c3fd"
x-frame-options
SAMEORIGIN
content-type
image/gif
cache-control
max-age=2592000
accept-ranges
bytes
content-length
115709
expires
Sun, 31 Oct 2021 18:02:58 GMT
whats_11.jpg
s.adoppop.com/images/icon/
Redirect Chain
  • https://crtv.wboptim.online/icon?url=https%3A%2F%2Ftracking.eu.adoperatorcore.com%2Frtb%2Ffeedimpression%3Fuuid%3D4a4378a7-07ed-4334-8954-bbc5e6a68929%26s%3D101%26d%3D221%26feedid%3De908%26rt%3D163...
  • https://tracking.eu.adoperatorcore.com/rtb/feedimpression?uuid=4a4378a7-07ed-4334-8954-bbc5e6a68929&s=101&d=221&feedid=e908&rt=1633111378806&sb=0.0004&db=0.0008&subid=bid_501404&tokid=null&url=M6R2...
  • https://s.adoppop.com/images/icon/whats_11.jpg
6 KB
7 KB
Image
General
Full URL
https://s.adoppop.com/images/icon/whats_11.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.23.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3ec39bd558700302672edd978e29352cd2acd0c78b4641b9f5d085f32baa4f87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 18:02:59 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2147962
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
6458
last-modified
Mon, 06 Sep 2021 21:07:21 GMT
server
cloudflare
etag
"61368309-193a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1LToHMsagsdM5mvCOgDUbl%2BfbYPO2rqhdDucgo9pF8s%2F2wZCotJr90XfkLzf61vHrjJsgljR6e1CpajdfLnURANzjO0r2M8spkbM8yioEdu1CNYVye3kgpFGqNWvBVmJ"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
69779ae73dc59724-FRA
expires
Wed, 06 Oct 2021 21:23:37 GMT

Redirect headers

location
https://s.adoppop.com/images/icon/whats_11.jpg
date
Fri, 01 Oct 2021 18:02:58 GMT
referrer-policy
no-referrer
content-length
0
22469460.jpg
s.adoppop.com/images/image/
17 KB
18 KB
Image
General
Full URL
https://s.adoppop.com/images/image/22469460.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.23.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1131334767c14a242b6b8eb6b3b35c708ee366b6209bd202fb02513203856f4c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 18:02:59 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
779877
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
17587
last-modified
Wed, 22 Sep 2021 14:55:52 GMT
server
cloudflare
etag
"614b43f8-44b3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IDhETsfG0u1ZIDxiG52DEtK42kfMrBucuSHLomVpTMMxpIAw%2F615bdfFUi1GBtZPAAaqrhpsL884hYNYd5894%2FzFlGXlPD1A0MDFkqvNAO%2B4ztpAiLzPlMjATflbonut"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
69779ae6bda69724-FRA
expires
Fri, 22 Oct 2021 17:25:02 GMT
special-contentforyou.php
int.special-offers.online/common/content/
Redirect Chain
  • https://track.cpa-optimizer.online/15GtmV?tag=500100&tag1=ADK&tag2=DZE90G6OIS&tag3=500100&tag4=ADK&clickid=4rv2i1ij0kku81uvae&country=%7Bcountry%7D&affid=500100&subid=DZE90G6OIS&as=adk&onw=1&link=u...
  • https://clk.wbidder.online/redirect?url=https%3A%2F%2Fint.special-offers.online%2Fcommon%2Fcontent%2Fspecial-contentforyou.php%3Faffid%3Dbid_500100%26subid%3DDZE90G6OIS%26sClient%3D1%26r%3D16331113...
  • https://int.special-offers.online/common/content/special-contentforyou.php?affid=bid_500100&subid=DZE90G6OIS&sClient=1&r=1633111379.0.984573409572671
3 KB
3 KB
Document
General
Full URL
https://int.special-offers.online/common/content/special-contentforyou.php?affid=bid_500100&subid=DZE90G6OIS&sClient=1&r=1633111379.0.984573409572671
Requested by
Host: press-news-for.me
URL: https://press-news-for.me/plugin/js/client.new.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.227.145.147 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
edaa809d217e4d3e0924d38146184f6db3d53da125059836636b711e770b285e
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

:method
GET
:authority
int.special-offers.online
:scheme
https
:path
/common/content/special-contentforyou.php?affid=bid_500100&subid=DZE90G6OIS&sClient=1&r=1633111379.0.984573409572671
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://press-news-for.me/lp/skip-lp/?tag=500100&tag1=ADK&tag2=DZE90G6OIS&tag3=500100&tag4=ADK&clickid=4rv2i1ij0kku81uvae&country={country}&affid=500100&subid=DZE90G6OIS&as=adk

Response headers

server
nginx
date
Fri, 01 Oct 2021 18:02:59 GMT
content-type
text/html; charset=UTF-8
x-frame-options
SAMEORIGIN

Redirect headers

vary
Origin
access-control-allow-origin
*
location
https://int.special-offers.online/common/content/special-contentforyou.php?affid=bid_500100&subid=DZE90G6OIS&sClient=1&r=1633111379.0.984573409572671
content-length
0
date
Fri, 01 Oct 2021 18:02:59 GMT
offerwall.clickpush.com.964329.js
jsc.adskeeper.co.uk/o/f/
2 KB
1 KB
Script
General
Full URL
https://jsc.adskeeper.co.uk/o/f/offerwall.clickpush.com.964329.js
Requested by
Host: int.special-offers.online
URL: https://int.special-offers.online/common/content/special-contentforyou.php?affid=bid_500100&subid=DZE90G6OIS&sClient=1&r=1633111379.0.984573409572671
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.134.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a130dfd8b6a4407dcaf6866d48918a39ccfc97bdf83f6be4d82d8e95b5c244f3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://int.special-offers.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 18:02:59 GMT
content-encoding
br
cf-cache-status
HIT
age
5923
last-modified
Wed, 08 Sep 2021 05:45:58 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
XWR5XN8VAG581B77
x-amz-id-2
uJhOC6c89/ypKV9Mg/EK7Z8EdlvMGMo/iTn4/eR2cqc9baxLOuePsaAOHvcpN5zw6S5ncp2oo70=
cf-bgj
minify
server
cloudflare
etag
W/"5fb3c33ad69a1f16189b5d13e17b54e9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=14400
cf-ray
69779ae96f231f29-FRA
expires
Fri, 01 Oct 2021 22:02:59 GMT
IndexedDb.js
free-coupons.network/lp/plugin/js/
4 KB
4 KB
Script
General
Full URL
https://free-coupons.network/lp/plugin/js/IndexedDb.js
Requested by
Host: int.special-offers.online
URL: https://int.special-offers.online/common/content/special-contentforyou.php?affid=bid_500100&subid=DZE90G6OIS&sClient=1&r=1633111379.0.984573409572671
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.227.149.216 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
2ae833f4464565f0a42688dc6e386f1e2fdfd63ccafe93151404b4c27fa9f8f7
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://int.special-offers.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 18:02:59 GMT
last-modified
Fri, 03 Jul 2020 09:20:38 GMT
server
nginx
etag
"5efef866-1012"
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=2592000
accept-ranges
bytes
content-length
4114
expires
Sun, 31 Oct 2021 18:02:59 GMT
log.js
free-coupons.network/lp/plugin/js/
1 KB
2 KB
Script
General
Full URL
https://free-coupons.network/lp/plugin/js/log.js
Requested by
Host: int.special-offers.online
URL: https://int.special-offers.online/common/content/special-contentforyou.php?affid=bid_500100&subid=DZE90G6OIS&sClient=1&r=1633111379.0.984573409572671
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.227.149.216 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
b126582a2dc15643553ecc896192ffe2b58858c39571411ef548013a0be9d258
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://int.special-offers.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 18:02:59 GMT
last-modified
Fri, 03 Jul 2020 09:20:39 GMT
server
nginx
etag
"5efef867-5c3"
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=2592000
accept-ranges
bytes
content-length
1475
expires
Sun, 31 Oct 2021 18:02:59 GMT
client.js
free-coupons.network/lp/plugin/js/
99 KB
99 KB
Script
General
Full URL
https://free-coupons.network/lp/plugin/js/client.js
Requested by
Host: int.special-offers.online
URL: https://int.special-offers.online/common/content/special-contentforyou.php?affid=bid_500100&subid=DZE90G6OIS&sClient=1&r=1633111379.0.984573409572671
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.227.149.216 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
e68a5fa473afa396b513a8a02c197417123b13dc4b0109af33de25d49da9e862
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://int.special-offers.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 18:02:59 GMT
last-modified
Fri, 03 Jul 2020 09:20:39 GMT
server
nginx
etag
"5efef867-18c61"
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=2592000
accept-ranges
bytes
content-length
101473
expires
Sun, 31 Oct 2021 18:02:59 GMT
bidder-interval.js
free-coupons.network/plugin/js/
8 KB
8 KB
Script
General
Full URL
https://free-coupons.network/plugin/js/bidder-interval.js
Requested by
Host: int.special-offers.online
URL: https://int.special-offers.online/common/content/special-contentforyou.php?affid=bid_500100&subid=DZE90G6OIS&sClient=1&r=1633111379.0.984573409572671
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.227.149.216 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
24141558e900e7958550c5fd92cc9b06c901ca0eee038bba7ed53b5c6e539ff6
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://int.special-offers.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 18:02:59 GMT
last-modified
Fri, 06 Aug 2021 08:27:00 GMT
server
nginx
etag
"610cf254-1f8f"
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=2592000
accept-ranges
bytes
content-length
8079
expires
Sun, 31 Oct 2021 18:02:59 GMT
bidder.js
free-coupons.network/plugin/js/
14 KB
14 KB
Script
General
Full URL
https://free-coupons.network/plugin/js/bidder.js
Requested by
Host: int.special-offers.online
URL: https://int.special-offers.online/common/content/special-contentforyou.php?affid=bid_500100&subid=DZE90G6OIS&sClient=1&r=1633111379.0.984573409572671
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.227.149.216 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
58d13f6f6ce4cb045c2edc8d2b8227cc7229541c0b29957e86a94ec3a6fd4581
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://int.special-offers.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 18:02:59 GMT
last-modified
Tue, 14 Sep 2021 11:45:52 GMT
server
nginx
etag
"61408b70-36d2"
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=2592000
accept-ranges
bytes
content-length
14034
expires
Sun, 31 Oct 2021 18:02:59 GMT
offerwall.clickpush.com.964329.es6.js
jsc.adskeeper.co.uk/o/f/
228 KB
64 KB
Script
General
Full URL
https://jsc.adskeeper.co.uk/o/f/offerwall.clickpush.com.964329.es6.js
Requested by
Host: jsc.adskeeper.co.uk
URL: https://jsc.adskeeper.co.uk/o/f/offerwall.clickpush.com.964329.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.134.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
87d1fc30dede14f838c3b7e628f5a51216f4057afa4c04e2ba6374c741a37853

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://int.special-offers.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 18:02:59 GMT
content-encoding
br
cf-cache-status
HIT
age
213
last-modified
Wed, 08 Sep 2021 05:45:59 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
714AKAMFJ2C8HJNV
x-amz-id-2
dzddeu2OGb4clCuA6CHU9Oq8HOdjYdtXkJ0V9lBhG0M29jhNr4nDOwFQqVF17IlVkDZKn3ilAME=
cf-bgj
minify
server
cloudflare
etag
W/"edf62e0a8e25535af5e0b296a129ad73"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=14400
cf-ray
69779ae9abf8bebf-FRA
expires
Fri, 01 Oct 2021 22:02:59 GMT
client
wbidder.online/offer/
3 KB
1 KB
Fetch
General
Full URL
https://wbidder.online/offer/client?affid=onw_bid_500100&subid=DZE90G6OIS&days=8&count=3
Requested by
Host: free-coupons.network
URL: https://free-coupons.network/lp/plugin/js/client.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.211.194.53 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
90f196f6d409b79206a59dc025ba5df638a702924a9c210a3c77f465541fde25

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 01 Oct 2021 18:03:03 GMT
content-encoding
gzip
vary
Origin, Accept-Encoding
keep-alive
timeout=5
transfer-encoding
chunked
content-type
application/json; charset=utf-8
newB1modal.png
cdn.special-offers.online/pluginstuff/
9 KB
9 KB
Image
General
Full URL
https://cdn.special-offers.online/pluginstuff/newB1modal.png
Requested by
Host: int.special-offers.online
URL: https://int.special-offers.online/common/content/special-contentforyou.php?affid=bid_500100&subid=DZE90G6OIS&sClient=1&r=1633111379.0.984573409572671
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.27.235.122 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
SE-1.15.12 /
Resource Hash
3f0014f83976d1cf838ba0bb0dd7b9150457ebc601c4f6840d8e16620c12ad5b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 18:02:59 GMT
last-modified
Tue, 08 May 2018 15:55:26 GMT
server
SE-1.15.12
age
897422
etag
"5af1c86e-2359"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
x-cachetier-status
EXPIRED
x-cdn
Level3
accept-ranges
bytes
content-length
9049
x-edgecache-status
MISS
expires
Thu, 21 Oct 2021 08:45:57 GMT
client
wbidr.com/offer/
1 KB
800 B
Fetch
General
Full URL
https://wbidr.com/offer/client?affid=onw_bid_500100&subid=DZE90G6OIS&days=8
Requested by
Host: free-coupons.network
URL: https://free-coupons.network/plugin/js/bidder.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
5.79.69.65 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
051c971da79950571ae8e2de4d7f587f2cb6d86fce44554b68d23734b534b583

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 01 Oct 2021 18:03:00 GMT
content-encoding
gzip
vary
Origin, Accept-Encoding
keep-alive
timeout=5
transfer-encoding
chunked
content-type
application/json; charset=utf-8
onBack.mp3
cdn.special-offers.online/
18 KB
19 KB
Media
General
Full URL
https://cdn.special-offers.online/onBack.mp3
Requested by
Host: int.special-offers.online
URL: https://int.special-offers.online/common/content/special-contentforyou.php?affid=bid_500100&subid=DZE90G6OIS&sClient=1&r=1633111379.0.984573409572671
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.27.235.122 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
SE-1.15.12 /
Resource Hash
130828dc2d3d11c2b4ad0c998dde0b660671963aaf610a2ad366e999ddfd2b5a

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Range
bytes=0-

Response headers

date
Fri, 01 Oct 2021 18:02:59 GMT
last-modified
Wed, 26 Apr 2017 17:44:10 GMT
server
SE-1.15.12
age
897468
etag
"5900dc6a-4922"
content-type
audio/mpeg
Content-Range
bytes 0-18721/18722
cache-control
max-age=2592000
x-cachetier-status
HIT
x-cdn
Level3
access-control-allow-origin
*
Content-Length
18722
x-edgecache-status
MISS
expires
Thu, 21 Oct 2021 08:45:11 GMT
collect
www.google-analytics.com/
35 B
0
Fetch
General
Full URL
https://www.google-analytics.com/collect
Requested by
Host: free-coupons.network
URL: https://free-coupons.network/lp/plugin/js/log.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 01 Oct 2021 18:02:59 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
https://int.special-offers.online
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
spinner.gif
special-offers.online/flow-lp/porsche-1/img/
113 KB
113 KB
Image
General
Full URL
https://special-offers.online/flow-lp/porsche-1/img/spinner.gif
Requested by
Host: int.special-offers.online
URL: https://int.special-offers.online/common/content/special-contentforyou.php?affid=bid_500100&subid=DZE90G6OIS&sClient=1&r=1633111379.0.984573409572671
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.227.145.147 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
7ffbc5613ad711543dc07ae92ea8a151ed27fa356f0a591181910f4270b2e908
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 18:02:59 GMT
last-modified
Fri, 01 Nov 2019 13:26:09 GMT
server
nginx
etag
"5dbc3271-1c3fd"
x-frame-options
SAMEORIGIN
content-type
image/gif
cache-control
max-age=2592000
accept-ranges
bytes
content-length
115709
expires
Sun, 31 Oct 2021 18:02:59 GMT
/
c.adskeeper.co.uk/pv/
0
285 B
Script
General
Full URL
https://c.adskeeper.co.uk/pv/?pv=5&src_id=bid_500100&cbuster=1633111379689590584613&uniqId=01866&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Fint.special-offers.online%2Fcommon%2Fcontent%2Fspecial-contentforyou.php%3Faffid%3Dbid_500100%26subid%3DDZE90G6OIS%26sClient%3D1%26r%3D1633111379.0.984573409572671&lu=https%3A%2F%2Fint.special-offers.online%2Fcommon%2Fcontent%2Fspecial-contentforyou.php%3Faffid%3Dbid_500100%26subid%3DDZE90G6OIS%26sClient%3D1%26r%3D1633111379.0.984573409572671&sessionId=61574d54-06625&pageView=1&pvid=17c3d060eea92ef61d4&site=613482&implVersion=11&dpr=1
Requested by
Host: jsc.adskeeper.co.uk
URL: https://jsc.adskeeper.co.uk/o/f/offerwall.clickpush.com.964329.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.134.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://int.special-offers.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Oct 2021 18:02:59 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
69779aeb29371f29-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
adskeeper_svg.svg
cdn.adskeeper.co.uk/images/
4 KB
1 KB
Image
General
Full URL
https://cdn.adskeeper.co.uk/images/adskeeper_svg.svg
Requested by
Host: int.special-offers.online
URL: https://int.special-offers.online/common/content/special-contentforyou.php?affid=bid_500100&subid=DZE90G6OIS&sClient=1&r=1633111379.0.984573409572671
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.134.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c1798ee0e6e7de78f91bb457e6670385951caea9fc9c97295ca303ec6fe49be

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 18:02:59 GMT
content-encoding
br
cf-cache-status
HIT
age
486
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
XXQX9JBSCH0N5JS5
x-amz-id-2
CWQcblvkNgl841zhni5fxo9UtrMY0Uhwn5zh1oLPU16Poqdim6PAdvDXGiizTIG8dmF0P9kScEk=
last-modified
Tue, 08 Dec 2020 08:34:59 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1607416491/ctime:1607416491/gid:0/gname:root/md5:93f6d1136fb77e38a0a2c72108588f09/mode:33206/mtime:1607416491/uid:0/uname:root
etag
W/"93f6d1136fb77e38a0a2c72108588f09"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=14400
cf-ray
69779aeb49651f29-FRA
expires
Fri, 01 Oct 2021 22:02:59 GMT
1
servicer.adskeeper.co.uk/964329/
5 KB
2 KB
Script
General
Full URL
https://servicer.adskeeper.co.uk/964329/1?pv=5&src_id=bid_500100&cbuster=1633111379965833143327&uniqId=01866&niet=4g&nisd=false&jsv=es6&w=1584&h=821&cols=3&ref=&cxurl=https%3A%2F%2Fint.special-offers.online%2Fcommon%2Fcontent%2Fspecial-contentforyou.php%3Faffid%3Dbid_500100%26subid%3DDZE90G6OIS%26sClient%3D1%26r%3D1633111379.0.984573409572671&lu=https%3A%2F%2Fint.special-offers.online%2Fcommon%2Fcontent%2Fspecial-contentforyou.php%3Faffid%3Dbid_500100%26subid%3DDZE90G6OIS%26sClient%3D1%26r%3D1633111379.0.984573409572671&sessionId=61574d54-06625&pageView=1&pvid=17c3d060eea92ef61d4&implVersion=11&dpr=1
Requested by
Host: jsc.adskeeper.co.uk
URL: https://jsc.adskeeper.co.uk/o/f/offerwall.clickpush.com.964329.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.134.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
004230d2c3a349753331142665605efffc614266b976c1afbf5f57fd29f7a55e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://int.special-offers.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Oct 2021 18:03:00 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/x-javascript; charset=utf-8
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
69779aecdb451f29-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
adskeeper_svg.svg
cdn.adskeeper.co.uk/images/
4 KB
2 KB
Image
General
Full URL
https://cdn.adskeeper.co.uk/images/adskeeper_svg.svg
Requested by
Host: jsc.adskeeper.co.uk
URL: https://jsc.adskeeper.co.uk/o/f/offerwall.clickpush.com.964329.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.134.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c1798ee0e6e7de78f91bb457e6670385951caea9fc9c97295ca303ec6fe49be

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 18:03:00 GMT
content-encoding
br
cf-cache-status
HIT
age
487
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
XXQX9JBSCH0N5JS5
x-amz-id-2
CWQcblvkNgl841zhni5fxo9UtrMY0Uhwn5zh1oLPU16Poqdim6PAdvDXGiizTIG8dmF0P9kScEk=
last-modified
Tue, 08 Dec 2020 08:34:59 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1607416491/ctime:1607416491/gid:0/gname:root/md5:93f6d1136fb77e38a0a2c72108588f09/mode:33206/mtime:1607416491/uid:0/uname:root
etag
W/"93f6d1136fb77e38a0a2c72108588f09"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=14400
cf-ray
69779aed6d07bebf-FRA
expires
Fri, 01 Oct 2021 22:03:00 GMT
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzJlOTRiNWZjYTQ0MjY1NDU4ZjllOGEwMTNiNmJlZTNhLmpwZWc.webp
s-img.adskeeper.co.uk/g/3946100/492x328/0x0x971x647/
14 KB
14 KB
Image
General
Full URL
https://s-img.adskeeper.co.uk/g/3946100/492x328/0x0x971x647/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzJlOTRiNWZjYTQ0MjY1NDU4ZjllOGEwMTNiNmJlZTNhLmpwZWc.webp?v=1633111380-6zmt7_Msgnr3rUk06enFU0wMLiMlTxaWZKTfYapgk9I
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.133.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dd0837d40d3aa45b6ad60a9c6028cb0cc74b02715ba5b7292b27b5603ee2f14a

Request headers

Referer
Origin
https://int.special-offers.online
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 18:03:00 GMT
cf-cache-status
MISS
last-modified
Fri, 01 Oct 2021 14:24:14 GMT
x-mg-request-uuid
96818010-bcd7-45f5-8383-06a121650493
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
69779aed9c395b50-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
13958
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMTEvMTAxOTI0LzBmOGNkNzk2YWZlMTgwMjkyMTQ5ZDQwOTEzY2M4NDAwLmpwZWc.webp
s-img.adskeeper.co.uk/g/8052388/492x328/0x0x672x448/
22 KB
23 KB
Image
General
Full URL
https://s-img.adskeeper.co.uk/g/8052388/492x328/0x0x672x448/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMTEvMTAxOTI0LzBmOGNkNzk2YWZlMTgwMjkyMTQ5ZDQwOTEzY2M4NDAwLmpwZWc.webp?v=1633111380-edQt_6hkmjl_uLlNNdTLByZC15bwozW8GBtofZehgHc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.133.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e78da09cf28eca88ec0e8e8311ba0d76882e6cd3f598ee6abd7127de8aa2243f

Request headers

Referer
Origin
https://int.special-offers.online
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 18:03:00 GMT
cf-cache-status
HIT
last-modified
Fri, 01 Oct 2021 14:23:02 GMT
x-mg-request-uuid
d823f026-d41a-41f5-980d-ae30752a32f8
age
12297
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
69779aed9c3c5b50-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
23018
server
cloudflare
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX3h5X2NlbnRlcix3XzEwMjAseF81NTcseV8zOTEvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjEtMDkvMTAxOTI0LzhhOWQ5Y...
s-img.adskeeper.co.uk/g/10839617/492x328/-/
12 KB
13 KB
Image
General
Full URL
https://s-img.adskeeper.co.uk/g/10839617/492x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX3h5X2NlbnRlcix3XzEwMjAseF81NTcseV8zOTEvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjEtMDkvMTAxOTI0LzhhOWQ5Y2Y0MjFhNDhlN2M1YjdjMDkwYzRmZjBkZmViLmpwZWc.webp?v=1633111380-aoWyNLvcaK849PKnNsm7n7isVpgHVEoJKiePjTx39Ao
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.133.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e80844ba59f2c00b3e415fdfce9f67ee902bf36c9286e4ab88f2a3d92083794

Request headers

Referer
Origin
https://int.special-offers.online
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 18:03:00 GMT
cf-cache-status
MISS
last-modified
Fri, 01 Oct 2021 16:27:09 GMT
x-mg-request-uuid
3a46d17c-3362-4261-9ac7-3e50cecebe39
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
69779aed9c405b50-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
12678
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzdjODMzMmYwY2IzMWMwMzcxNTEwMTZiMDJiZTg2YzBhLmpwZWc.webp
s-img.adskeeper.co.uk/g/3885439/492x328/0x0x582x388/
13 KB
13 KB
Image
General
Full URL
https://s-img.adskeeper.co.uk/g/3885439/492x328/0x0x582x388/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzdjODMzMmYwY2IzMWMwMzcxNTEwMTZiMDJiZTg2YzBhLmpwZWc.webp?v=1633111380-R-m9LtctUhAF302bzWCcxnrAwmGvHOQa_tTXX-OlFAI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.133.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
282da097d553709ca9e4ac83a24f68f869d3dd238b1b00968caf2a3332b49356

Request headers

Referer
Origin
https://int.special-offers.online
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 18:03:00 GMT
cf-cache-status
HIT
last-modified
Fri, 01 Oct 2021 14:23:08 GMT
x-mg-request-uuid
731c2277-fd64-4085-bca6-87b1d6bb1137
age
10424
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
69779aed9c445b50-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
13374
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzI4MGUwZTIyYTk0NDg4NTA3ZjM0MzA2YWM5M2JlOWM1LmpwZWc.webp
s-img.adskeeper.co.uk/g/3839414/492x328/84x0x758x505/
16 KB
16 KB
Image
General
Full URL
https://s-img.adskeeper.co.uk/g/3839414/492x328/84x0x758x505/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzI4MGUwZTIyYTk0NDg4NTA3ZjM0MzA2YWM5M2JlOWM1LmpwZWc.webp?v=1633111380-CVEWYKPNc7D4U9Jc0JmzXhHwh3p7YFwad3qP3lbKptk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.133.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4726172dfe7e1530ef1618eca03f8ad3fb4cacd8505d36b81c052f83b0abb087

Request headers

Referer
Origin
https://int.special-offers.online
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 18:03:00 GMT
cf-cache-status
HIT
last-modified
Fri, 01 Oct 2021 14:23:13 GMT
x-mg-request-uuid
fa09cea1-6a0f-4ec6-bf86-e142e1eadcce
age
12372
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
69779aed9c465b50-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
15950
server
cloudflare
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTA4LzEwMTkyNC9lMGRjMmFlY2I5YWU5YzFhN...
s-img.adskeeper.co.uk/g/10839610/492x328/-/
39 KB
39 KB
Image
General
Full URL
https://s-img.adskeeper.co.uk/g/10839610/492x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTA4LzEwMTkyNC9lMGRjMmFlY2I5YWU5YzFhNjQ3YmJhNTliMWIxNzhiMi5qcGVn.webp?v=1633111380-aCgHSDHDH_qkSBztjl6mJcTBNjcGBA6-ihf5xr6FM9s
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.133.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e8bed767a0840105a4042243017ef07858d15e9477a97c4fffb42c7cc1a38fb

Request headers

Referer
Origin
https://int.special-offers.online
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 18:03:00 GMT
cf-cache-status
MISS
last-modified
Fri, 01 Oct 2021 16:26:25 GMT
x-mg-request-uuid
5e15cd8f-7c12-48ec-8d26-39c7e217f545
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
69779aed9c485b50-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
40100
server
cloudflare
int_exchange_wages_src.svg
cdn.adskeeper.co.uk/images/adskeeper/
855 B
981 B
Image
General
Full URL
https://cdn.adskeeper.co.uk/images/adskeeper/int_exchange_wages_src.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.134.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bf48ab5bd0aa94e42a820a7714971f4e29b680774aac08b4bd0ae1cf21b16167

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 18:03:00 GMT
content-encoding
br
cf-cache-status
HIT
age
2794
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
0BG1VXESSG0Z7PGJ
x-amz-id-2
WD6BjKL2k1KcDVGVX/lQKeSPysfWCi/XOR1CJRZ2DECNVfbPsd723E4LpKwUVacE6rVR482y/p8=
last-modified
Mon, 04 May 2020 12:16:42 GMT
server
cloudflare
etag
W/"8a4c1edaf146a31549d5287a7ab74b63"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=14400
cf-ray
69779aed8d0bbebf-FRA
expires
Fri, 01 Oct 2021 22:03:00 GMT
int_exchange_wages_ad.svg
cdn.adskeeper.co.uk/images/adskeeper/
1 KB
1 KB
Image
General
Full URL
https://cdn.adskeeper.co.uk/images/adskeeper/int_exchange_wages_ad.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.134.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
096a4bb9d7f8588a8520d57f103bdf0dae273af88fc0265371124c048bff7b05

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 18:03:00 GMT
content-encoding
br
cf-cache-status
HIT
age
6668
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
XXQK699M7M3ZSK31
x-amz-id-2
LzHuCrT9qwEiymqw/t5BuPRkBsOI6BHDPNrAdanl1t13k0KePCW5s+wMAJ5vCx7SUsMSGBPZ1E8=
last-modified
Mon, 04 May 2020 12:16:42 GMT
server
cloudflare
etag
W/"37346cd2daeeec771e8ffe3a34ef43ea"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=14400
cf-ray
69779aed8d0cbebf-FRA
expires
Fri, 01 Oct 2021 22:03:00 GMT
i.js
cm.adskeeper.co.uk/
113 B
248 B
Script
General
Full URL
https://cm.adskeeper.co.uk/i.js?&cbuster=1633111380101856209204
Requested by
Host: jsc.adskeeper.co.uk
URL: https://jsc.adskeeper.co.uk/o/f/offerwall.clickpush.com.964329.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.134.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e7dda2988060ad055230a162c6f43f1459d79f8256dd76cae7e28a8e4947248

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Oct 2021 18:03:00 GMT
content-encoding
br
cf-cache-status
MISS
x-mg-request-uuid
a68fc703-eace-4040-b1d5-2cf9fc39eff6
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
69779aedbc741f29-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server
cloudflare
i-noref.js
cm.adskeeper.co.uk/ Frame DE9E
19 B
105 B
Script
General
Full URL
https://cm.adskeeper.co.uk/i-noref.js?cbuster=1633111380120869500139
Requested by
Host: jsc.adskeeper.co.uk
URL: https://jsc.adskeeper.co.uk/o/f/offerwall.clickpush.com.964329.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.134.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Oct 2021 18:03:00 GMT
content-encoding
br
cf-cache-status
MISS
x-mg-request-uuid
d8f9a1cc-6a10-4c99-8b13-6662db3610b2
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
69779aedcc8b1f29-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMTEvMTAxOTI0LzBmOGNkNzk2YWZlMTgwMjkyMTQ5ZDQwOTEzY2M4NDAwLmpwZWc.webp
s-img.adskeeper.co.uk/g/8052388/492x328/0x0x672x448/
22 KB
23 KB
Image
General
Full URL
https://s-img.adskeeper.co.uk/g/8052388/492x328/0x0x672x448/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMTEvMTAxOTI0LzBmOGNkNzk2YWZlMTgwMjkyMTQ5ZDQwOTEzY2M4NDAwLmpwZWc.webp?v=1633111380-edQt_6hkmjl_uLlNNdTLByZC15bwozW8GBtofZehgHc
Requested by
Host: jsc.adskeeper.co.uk
URL: https://jsc.adskeeper.co.uk/o/f/offerwall.clickpush.com.964329.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.133.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e78da09cf28eca88ec0e8e8311ba0d76882e6cd3f598ee6abd7127de8aa2243f

Request headers

Referer
Origin
https://int.special-offers.online
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 18:03:00 GMT
cf-cache-status
HIT
last-modified
Fri, 01 Oct 2021 14:23:02 GMT
x-mg-request-uuid
d823f026-d41a-41f5-980d-ae30752a32f8
age
12297
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
69779aee1f375bf9-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
23018
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzdjODMzMmYwY2IzMWMwMzcxNTEwMTZiMDJiZTg2YzBhLmpwZWc.webp
s-img.adskeeper.co.uk/g/3885439/492x328/0x0x582x388/
13 KB
13 KB
Image
General
Full URL
https://s-img.adskeeper.co.uk/g/3885439/492x328/0x0x582x388/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzdjODMzMmYwY2IzMWMwMzcxNTEwMTZiMDJiZTg2YzBhLmpwZWc.webp?v=1633111380-R-m9LtctUhAF302bzWCcxnrAwmGvHOQa_tTXX-OlFAI
Requested by
Host: jsc.adskeeper.co.uk
URL: https://jsc.adskeeper.co.uk/o/f/offerwall.clickpush.com.964329.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.133.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
282da097d553709ca9e4ac83a24f68f869d3dd238b1b00968caf2a3332b49356

Request headers

Referer
Origin
https://int.special-offers.online
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 18:03:00 GMT
cf-cache-status
HIT
last-modified
Fri, 01 Oct 2021 14:23:08 GMT
x-mg-request-uuid
731c2277-fd64-4085-bca6-87b1d6bb1137
age
10424
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
69779aee1f395bf9-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
13374
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzI4MGUwZTIyYTk0NDg4NTA3ZjM0MzA2YWM5M2JlOWM1LmpwZWc.webp
s-img.adskeeper.co.uk/g/3839414/492x328/84x0x758x505/
16 KB
16 KB
Image
General
Full URL
https://s-img.adskeeper.co.uk/g/3839414/492x328/84x0x758x505/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzI4MGUwZTIyYTk0NDg4NTA3ZjM0MzA2YWM5M2JlOWM1LmpwZWc.webp?v=1633111380-CVEWYKPNc7D4U9Jc0JmzXhHwh3p7YFwad3qP3lbKptk
Requested by
Host: jsc.adskeeper.co.uk
URL: https://jsc.adskeeper.co.uk/o/f/offerwall.clickpush.com.964329.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.133.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4726172dfe7e1530ef1618eca03f8ad3fb4cacd8505d36b81c052f83b0abb087

Request headers

Referer
Origin
https://int.special-offers.online
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 18:03:00 GMT
cf-cache-status
HIT
last-modified
Fri, 01 Oct 2021 14:23:13 GMT
x-mg-request-uuid
fa09cea1-6a0f-4ec6-bf86-e142e1eadcce
age
12372
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
69779aee1f3b5bf9-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
15950
server
cloudflare
/
cm.steepto.com/setmuidn/
0
173 B
Image
General
Full URL
https://cm.steepto.com/setmuidn/?muidf=l91Xw85MKn2b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.135.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 18:03:00 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
69779aef2cdb5c44-FRA
content-length
0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif
c
c.adskeeper.co.uk/
43 B
441 B
Image
General
Full URL
https://c.adskeeper.co.uk/c?f=1&pv=3&v=512|381|12|0yiOK25VOcEjYrkG2Spv4BYmxur2qKxPKPN-4W9409GdWdtsP7OFkuUHr58zV5ll&fw=1&extjs=66044&v=512|381|12|0yiOK25VOcEjYrkG2Spv4FVwe9WeeXj5DIvgKopxbhAJtUPLgPqDl2JbW0YbBuvp&v=512|381|12|0yiOK25VOcEjYrkG2Spv4D2TUjrhWeh_2tfenMmgUoTaoDt9ktxivmh1qhZ8PQsE&cid=964329&h2=CBvd3SiXK6CDlaashqQY2P1flr7oH3XRjeqGg-aXiiU*&rid=d05aaa08-22e1-11ec-a61e-d0946675f626&tt=Direct&psid=bid_500100&iv=11&pageImp=1&pvid=17c3d060eea92ef61d4&muid=l91Xw85MKn2b&cbuster=1633111381401726991147&tpl=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.134.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Oct 2021 18:03:01 GMT
cf-cache-status
DYNAMIC
x-mg-request-uuid
e1b8f933-8548-4168-a2ef-946fe3eaa40e
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
69779af5cff2bebf-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server
cloudflare
c
c.adskeeper.co.uk/
43 B
441 B
Image
General
Full URL
https://c.adskeeper.co.uk/c?pv=3&v=512|381|12|0yiOK25VOcEjYrkG2Spv4DpFvmlyshp-uKFaWTu4iwah3kH0RlZ5ncFkP2Pr_ko5&extjs=66044&v=512|381|12|0yiOK25VOcEjYrkG2Spv4N95vvj3KbKYiAQRtFNP5eBEXUw31V77vrWYFsxJDx_7&v=512|381|12|0yiOK25VOcEjYrkG2Spv4J-GDSHz866lk5X00nns5rYownoQku5c27Ghfo5e96k8&cid=964329&h2=CBvd3SiXK6CDlaashqQY2P1flr7oH3XRjeqGg-aXiiU*&rid=d05aaa08-22e1-11ec-a61e-d0946675f626&tt=Direct&psid=bid_500100&iv=11&pageImp=0&pvid=17c3d060eea92ef61d4&muid=l91Xw85MKn2b&cbuster=1633111381508471804990&tpl=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.134.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Oct 2021 18:03:01 GMT
cf-cache-status
DYNAMIC
x-mg-request-uuid
36e4c557-efd3-4f64-ad74-9281b6e2c6ca
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
69779af6784ebebf-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server
cloudflare
client
wbidder.online/offer/
0
0

client
wbidder.online/offer/
0
0

client
wbidr.com/offer/
2 B
280 B
Fetch
General
Full URL
https://wbidr.com/offer/client?affid=onw_bid_500100&subid=DZE90G6OIS&days=8&count=3&adult=undefined
Requested by
Host: free-coupons.network
URL: https://free-coupons.network/plugin/js/bidder.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
5.79.69.65 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 01 Oct 2021 18:03:03 GMT
content-encoding
gzip
vary
Origin, Accept-Encoding
keep-alive
timeout=5
transfer-encoding
chunked
content-type
application/json; charset=utf-8
Primary Request Cookie set index.php
hot.findsale.club/
Redirect Chain
  • https://track.special-promotions.online/15G9io?affid=bid_500100&subid=DZE90G6OIS&sClient=1&r=1633111379.0.984573409572671&onw=1&link=url%3Dhttps%253A%252F%252Fclick.eu.adoperatorcore.com%252Frtb%25...
  • https://clk.wbidder.online/redirect?url=https%3A%2F%2Fclick.eu.adoperatorcore.com%2Frtb%2Ffeedclick%3Fuuid%3D418587fd-d1e9-466d-af63-ca121d16a089%26s%3D101%26d%3D221%26feedid%3De908%26rt%3D16331113...
  • https://click.eu.adoperatorcore.com/rtb/feedclick?uuid=418587fd-d1e9-466d-af63-ca121d16a089&s=101&d=221&feedid=e908&rt=1633111379545&sb=0.0004&db=0.0008&subid=bid_500260&tokid=null&url=MCGV6QV42H5H...
  • https://hot.findsale.club/index.php?key=0wcff73b6nxj48rip18j&subid=e908-bid_500260&utm_source=e908-bid_500260&utm_medium=ww_mini1_split_findsale&bbid=16
2 KB
1 KB
Document
General
Full URL
https://hot.findsale.club/index.php?key=0wcff73b6nxj48rip18j&subid=e908-bid_500260&utm_source=e908-bid_500260&utm_medium=ww_mini1_split_findsale&bbid=16
Requested by
Host: free-coupons.network
URL: https://free-coupons.network/lp/plugin/js/client.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
157.245.71.143 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
eac95a624920b56121ace8b6e15c666573dea54807ecbded95a4b35253884a59
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Host
hot.findsale.club
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://int.special-offers.online/common/content/special-contentforyou.php?affid=bid_500100&subid=DZE90G6OIS&sClient=1&r=1633111379.0.984573409572671

Response headers

Server
nginx/1.20.1
Date
Fri, 01 Oct 2021 18:03:03 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
uclick=ibpmvci4; expires=Sat, 02-Oct-2021 18:03:03 GMT; Max-Age=86400; path=/; secure; SameSite=none uclickhash=ibpmvci4-ibpmvci4-bz-0-tw-15-j2-90f20f; expires=Sat, 02-Oct-2021 18:03:03 GMT; Max-Age=86400; path=/; secure; SameSite=none
Strict-Transport-Security
max-age=31536000
Content-Encoding
gzip

Redirect headers

referrer-policy
no-referrer
location
https://hot.findsale.club/index.php?key=0wcff73b6nxj48rip18j&subid=e908-bid_500260&utm_source=e908-bid_500260&utm_medium=ww_mini1_split_findsale&bbid=16
content-length
0
date
Fri, 01 Oct 2021 18:03:03 GMT
lara.jpg
s.adoppop.com/images/icon/
Redirect Chain
  • https://crtv.wboptim.online/icon?url=https%3A%2F%2Ftracking.eu.adoperatorcore.com%2Frtb%2Ffeedimpression%3Fuuid%3D418587fd-d1e9-466d-af63-ca121d16a089%26s%3D101%26d%3D221%26feedid%3De908%26rt%3D163...
  • https://tracking.eu.adoperatorcore.com/rtb/feedimpression?uuid=418587fd-d1e9-466d-af63-ca121d16a089&s=101&d=221&feedid=e908&rt=1633111379545&sb=0.0004&db=0.0008&subid=bid_500260&tokid=null&url=M6R2...
  • https://s.adoppop.com/images/icon/lara.jpg
21 KB
21 KB
Image
General
Full URL
https://s.adoppop.com/images/icon/lara.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.23.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 18:03:03 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1456827
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
21327
last-modified
Tue, 14 Sep 2021 18:35:40 GMT
server
cloudflare
etag
"6140eb7c-534f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9JQ4YOXzqo%2Fxo09gNTsHPSVfmODJtMwzSI5WqHNCp%2BvXhpDvtqqYb5RTJvOgJAWCRXsWvd2275K4f%2Bwg9gFcRBE92dfS8g2ICnFfb52pGImyMZLYw28TzAH5gSWp0ZoZ"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
69779b03dad84309-FRA
expires
Thu, 14 Oct 2021 21:22:36 GMT

Redirect headers

location
https://s.adoppop.com/images/icon/lara.jpg
date
Fri, 01 Oct 2021 18:03:03 GMT
referrer-policy
no-referrer
content-length
0
11133180.jpg
s.adoppop.com/images/image/
12 KB
13 KB
Image
General
Full URL
https://s.adoppop.com/images/image/11133180.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.23.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 18:03:03 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
779886
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
12447
last-modified
Wed, 22 Sep 2021 14:55:24 GMT
server
cloudflare
etag
"614b43dc-309f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ORpDJ41gquKtWZcX7z5JgRoimeXf2USPF9xEdasX36mfnxo36bAqIAExQc3CFlhioe2JAV37fHbAl88Ysdx7Pe%2B2ZScZXeAU7faTzLdGxIhMpGAzCYMber9p9GN%2BRkv3"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
69779b039a2b4309-FRA
expires
Fri, 22 Oct 2021 17:24:56 GMT
inpage.adoperator.com.1194591.js
jsc.adskeeper.com/i/n/
2 KB
1 KB
Script
General
Full URL
https://jsc.adskeeper.com/i/n/inpage.adoperator.com.1194591.js
Requested by
Host: hot.findsale.club
URL: https://hot.findsale.club/index.php?key=0wcff73b6nxj48rip18j&subid=e908-bid_500260&utm_source=e908-bid_500260&utm_medium=ww_mini1_split_findsale&bbid=16
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.16.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1290eaec5af987f2aa21469f01d7d9d995d93a98abbcbbfd12658bc161d4a068

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hot.findsale.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 18:03:03 GMT
content-encoding
gzip
cf-cache-status
HIT
age
2215
cf-ray
69779b05cb282b22-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
745
x-amz-id-2
QAGN6JqPBQnQyBpfs1glgnaXm3qQ+boYzXxN0doNEm4x67jwLjYg3RGBMlPeEo4SK6BNdfPUBK0=
last-modified
Sun, 12 Sep 2021 15:43:23 GMT
server
cloudflare
etag
"71479d26607b9dc5b5dc2efc33b07ab7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-request-id
A7NRMMY8EAGEA207
cache-control
public, max-age=14400
accept-ranges
bytes
content-type
text/javascript
expires
Fri, 01 Oct 2021 22:03:03 GMT
gtm.js
www.googletagmanager.com/
101 KB
39 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PDZZV69
Requested by
Host: hot.findsale.club
URL: https://hot.findsale.club/index.php?key=0wcff73b6nxj48rip18j&subid=e908-bid_500260&utm_source=e908-bid_500260&utm_medium=ww_mini1_split_findsale&bbid=16
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.40 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
d48b4915c77e31d03ffb3656bc5b103ff1f3d1cc34c123e83b5273de0758e617
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hot.findsale.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 18:03:03 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39927
x-xss-protection
0
expires
Fri, 01 Oct 2021 18:03:03 GMT
inpage.adoperator.com.1194591.es6.js
jsc.adskeeper.com/i/n/
227 KB
65 KB
Script
General
Full URL
https://jsc.adskeeper.com/i/n/inpage.adoperator.com.1194591.es6.js
Requested by
Host: jsc.adskeeper.com
URL: https://jsc.adskeeper.com/i/n/inpage.adoperator.com.1194591.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.16.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a6fb2aded6a74a59549136bde7fa78217acb2abab282d89847583ccc67e41a18

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hot.findsale.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 18:03:04 GMT
content-encoding
gzip
cf-cache-status
HIT
age
2312
cf-ray
69779b05fccc4ea4-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
66235
x-amz-id-2
wSB6mmGfu9UsmMtj7R+qEA65T1xAkG2oAq97HhCzc6RxDwxnfgF5sMQR1C5wdtYniv1G/2yzR9E=
last-modified
Sun, 12 Sep 2021 15:43:23 GMT
server
cloudflare
etag
"c45ad86bba00433b332c2fc386986fec"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-request-id
A7NGBK5TQF38J6BV
cache-control
public, max-age=14400
accept-ranges
bytes
content-type
text/javascript
expires
Fri, 01 Oct 2021 22:03:04 GMT
analytics.js
www.google-analytics.com/
48 KB
19 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PDZZV69
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hot.findsale.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 11 Aug 2021 00:32:57 GMT
server
Golfe2
age
4567
date
Fri, 01 Oct 2021 16:46:57 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19747
expires
Fri, 01 Oct 2021 18:46:57 GMT
collect
www.google-analytics.com/j/
1 B
21 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j93&a=1405933676&t=pageview&_s=1&dl=https%3A%2F%2Fhot.findsale.club%2Findex.php%3Fkey%3D0wcff73b6nxj48rip18j%26subid%3De908-bid_500260%26utm_source%3De908-bid_500260%26utm_medium%3Dww_mini1_split_findsale%26bbid%3D16&ul=en-us&de=UTF-8&dt=Updated%202021-10-01&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=1864856904&gjid=556784955&cid=2103094523.1633111384&tid=UA-205556619-1&_gid=417166480.1633111384&_r=1&gtm=2wg9r0PDZZV69&z=2047158712
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://hot.findsale.club/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 01 Oct 2021 18:03:04 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://hot.findsale.club
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
c.adskeeper.com/pv/
0
306 B
Script
General
Full URL
https://c.adskeeper.com/pv/?pv=5&cbuster=1633111384191505555980&uniqId=08b62&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Fhot.findsale.club%2Findex.php%3Fkey%3D0wcff73b6nxj48rip18j%26subid%3De908-bid_500260%26utm_source%3De908-bid_500260%26utm_medium%3Dww_mini1_split_findsale%26bbid%3D16&lu=https%3A%2F%2Fhot.findsale.club%2Findex.php%3Fkey%3D0wcff73b6nxj48rip18j%26subid%3De908-bid_500260%26utm_source%3De908-bid_500260%26utm_medium%3Dww_mini1_split_findsale%26bbid%3D16&sessionId=61574d58-01b37&pageView=1&pvid=17c3d0620808bc2805a&site=733910&implVersion=11&dpr=1
Requested by
Host: jsc.adskeeper.com
URL: https://jsc.adskeeper.com/i/n/inpage.adoperator.com.1194591.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.16.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hot.findsale.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Oct 2021 18:03:04 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
69779b074e122b22-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
adskeeper_svg.svg
cdn.adskeeper.co.uk/images/
4 KB
2 KB
Image
General
Full URL
https://cdn.adskeeper.co.uk/images/adskeeper_svg.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.134.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c1798ee0e6e7de78f91bb457e6670385951caea9fc9c97295ca303ec6fe49be

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hot.findsale.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 18:03:04 GMT
content-encoding
br
cf-cache-status
HIT
age
491
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
XXQX9JBSCH0N5JS5
x-amz-id-2
CWQcblvkNgl841zhni5fxo9UtrMY0Uhwn5zh1oLPU16Poqdim6PAdvDXGiizTIG8dmF0P9kScEk=
last-modified
Tue, 08 Dec 2020 08:34:59 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1607416491/ctime:1607416491/gid:0/gname:root/md5:93f6d1136fb77e38a0a2c72108588f09/mode:33206/mtime:1607416491/uid:0/uname:root
etag
W/"93f6d1136fb77e38a0a2c72108588f09"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=14400
cf-ray
69779b075dc7bebf-FRA
expires
Fri, 01 Oct 2021 22:03:04 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
wbidr.com
URL
https://wbidr.com/offer/client?affid=onw_500100&subid=DZE90G6OIS&days=8
Domain
wbidder.online
URL
https://wbidder.online/offer/client?affid=onw_bid_500100&subid=DZE90G6OIS&days=8&count=4&adult=undefined
Domain
wbidder.online
URL
https://wbidder.online/offer/client?affid=onw_bid_500100&subid=DZE90G6OIS&days=8&count=4&adult=undefined

Verdicts & Comments Add Verdict or Comment

26 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect boolean| originAgentCluster object| dataLayer object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| _mgIntExchangeNews object| AdskeeperInfC1194591 function| AdskeeperCContextBlock1194591 function| AdskeeperCMainBlock1194591 function| AdskeeperCInternalExchangeBlock1194591 function| AdskeeperCColorBlock1194591 function| AdskeeperCRejectBlock1194591 function| AdskeeperCInternalExchangeLoggerBlock1194591 function| AdskeeperCObserverBlock1194591 function| AdskeeperCSendDimensionsBlock1194591 function| AdskeeperCRtbBlock1194591 function| AdskeeperCIframeSizeChangerBlock1194591 function| AdskeeperCContentPreviewBlock1194591 function| AdskeeperCGradientBlock1194591 function| AdskeeperCResponsiveBlock1194591 boolean| mg_loaded_733910_1194591 object| gaplugins object| gaGlobal object| gaData

16 Cookies

Domain/Path Name / Value
.track.cpa-optimizer.online/ Name: 15GtmVo
Value: 20211001181633111866296
.track.cpa-optimizer.online/ Name: _pc_lc_id
Value: 15GtmV
.track.cpa-optimizer.online/ Name: peerclickcid
Value: 1e64c7b13de9f7e7dcc16a3c5a153f35-4888-1001
.track.cpa-optimizer.online/ Name: _norg
Value: 1
.adskeeper.co.uk/ Name: muidn
Value: l91Xw85MKn2b
servicer.adskeeper.co.uk/ Name: __mglb
Value: b77c90ace61932b85ead847cc0fcb78b
int.special-offers.online/ Name: AdskeeperStorage
Value: %7B%220%22%3A%7B%7D%2C%22C964329%22%3A%7B%22page%22%3A1%2C%22time%22%3A1633111380064%7D%7D
.track.special-promotions.online/ Name: 15G9ioo
Value: 20211001181633111999088
.track.special-promotions.online/ Name: _pc_lc_id
Value: 15G9io
.track.special-promotions.online/ Name: peerclickcid
Value: ffc5e69cd7ad66fce8ab01d7f625816a-4888-1001
.track.special-promotions.online/ Name: _norg
Value: 1
hot.findsale.club/ Name: uclick
Value: ibpmvci4
hot.findsale.club/ Name: uclickhash
Value: ibpmvci4-ibpmvci4-bz-0-tw-15-j2-90f20f
.findsale.club/ Name: _ga
Value: GA1.2.2103094523.1633111384
.findsale.club/ Name: _gid
Value: GA1.2.417166480.1633111384
.findsale.club/ Name: _gat_UA-205556619-1
Value: 1

2 Console Messages

Source Level URL
Text
other error URL: https://press-news-for.me/lp/skip-lp/?tag=500100&tag1=ADK&tag2=DZE90G6OIS&tag3=500100&tag4=ADK&clickid=4rv2i1ij0kku81uvae&country={country}&affid=500100&subid=DZE90G6OIS&as=adk
Message:
Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.
other error URL: https://int.special-offers.online/common/content/special-contentforyou.php?affid=bid_500100&subid=DZE90G6OIS&sClient=1&r=1633111379.0.984573409572671
Message:
Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

c.adskeeper.co.uk
c.adskeeper.com
cdn.adskeeper.co.uk
cdn.special-offers.online
click.eu.adoperatorcore.com
clk.wbidder.online
cm.adskeeper.co.uk
cm.steepto.com
crtv.wboptim.online
free-coupons.network
hot.findsale.club
int.special-offers.online
jsc.adskeeper.co.uk
jsc.adskeeper.com
press-news-for.me
s-img.adskeeper.co.uk
s.adoppop.com
servicer.adskeeper.co.uk
special-offers.online
track.cpa-optimizer.online
track.special-promotions.online
tracking.eu.adoperatorcore.com
wbidder.online
wbidr.com
www.google-analytics.com
www.googletagmanager.com
xml-api.online
wbidder.online
wbidr.com
104.18.16.65
104.19.133.80
104.19.134.80
104.19.135.80
104.21.23.167
142.250.185.238
142.250.186.40
157.245.71.143
206.189.241.141
213.227.145.147
213.227.149.216
5.79.69.65
5.79.72.207
5.79.77.202
64.225.80.227
67.27.235.122
68.183.216.111
85.17.23.6
95.211.194.53
004230d2c3a349753331142665605efffc614266b976c1afbf5f57fd29f7a55e
051c971da79950571ae8e2de4d7f587f2cb6d86fce44554b68d23734b534b583
096a4bb9d7f8588a8520d57f103bdf0dae273af88fc0265371124c048bff7b05
0e7dda2988060ad055230a162c6f43f1459d79f8256dd76cae7e28a8e4947248
0e80844ba59f2c00b3e415fdfce9f67ee902bf36c9286e4ab88f2a3d92083794
1131334767c14a242b6b8eb6b3b35c708ee366b6209bd202fb02513203856f4c
1290eaec5af987f2aa21469f01d7d9d995d93a98abbcbbfd12658bc161d4a068
130828dc2d3d11c2b4ad0c998dde0b660671963aaf610a2ad366e999ddfd2b5a
24141558e900e7958550c5fd92cc9b06c901ca0eee038bba7ed53b5c6e539ff6
282da097d553709ca9e4ac83a24f68f869d3dd238b1b00968caf2a3332b49356
2ae833f4464565f0a42688dc6e386f1e2fdfd63ccafe93151404b4c27fa9f8f7
31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c
34fb5300995ca4c60fb9287babb7819a34c1ebc21384b2579d2003b4a54d328e
3c1798ee0e6e7de78f91bb457e6670385951caea9fc9c97295ca303ec6fe49be
3ec39bd558700302672edd978e29352cd2acd0c78b4641b9f5d085f32baa4f87
3f0014f83976d1cf838ba0bb0dd7b9150457ebc601c4f6840d8e16620c12ad5b
445c2d9d796d903b4c1f3c896c857cf549be5279c27d83e23524aab91f3294a3
4726172dfe7e1530ef1618eca03f8ad3fb4cacd8505d36b81c052f83b0abb087
48ba395cc577fa83ac2a96ad9231c97127e72d64d5055d6d8356bb15e7dbdd91
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
58bfe42f5cc12c531202f249fed4cf36a73d9940884873aef47079e87d38f805
58d13f6f6ce4cb045c2edc8d2b8227cc7229541c0b29957e86a94ec3a6fd4581
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
75196baf5451d4a5b0aeb0d7adc2c576b67284a4385771dc2ec203bd4add5b75
7ffbc5613ad711543dc07ae92ea8a151ed27fa356f0a591181910f4270b2e908
87d1fc30dede14f838c3b7e628f5a51216f4057afa4c04e2ba6374c741a37853
88463998ff9fa0fc4c6d6ca048e456779eaae4305b3e8ede91666b5c7ef4d9e3
90f196f6d409b79206a59dc025ba5df638a702924a9c210a3c77f465541fde25
9e8bed767a0840105a4042243017ef07858d15e9477a97c4fffb42c7cc1a38fb
a130dfd8b6a4407dcaf6866d48918a39ccfc97bdf83f6be4d82d8e95b5c244f3
a6fb2aded6a74a59549136bde7fa78217acb2abab282d89847583ccc67e41a18
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
b126582a2dc15643553ecc896192ffe2b58858c39571411ef548013a0be9d258
bf48ab5bd0aa94e42a820a7714971f4e29b680774aac08b4bd0ae1cf21b16167
d48b4915c77e31d03ffb3656bc5b103ff1f3d1cc34c123e83b5273de0758e617
dd0837d40d3aa45b6ad60a9c6028cb0cc74b02715ba5b7292b27b5603ee2f14a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e68a5fa473afa396b513a8a02c197417123b13dc4b0109af33de25d49da9e862
e78da09cf28eca88ec0e8e8311ba0d76882e6cd3f598ee6abd7127de8aa2243f
eac95a624920b56121ace8b6e15c666573dea54807ecbded95a4b35253884a59
edaa809d217e4d3e0924d38146184f6db3d53da125059836636b711e770b285e
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
fdd3014848a6ec682daf4af484d6360279976d99deb9f3afc1693aa5739488a5