Submitted URL: https://safebrowsdv.com/gtm.js?id=1861873&pb=2230f25d9d204b4e8ab970034104f5f21641764125&psp=XUDJCcVn6ScNNNlI4pbALzQbod_m...
Effective URL: https://hot.findsale.club/index.php?key=0wcff73b6nxj48rip18j&subid=&utm_source=&utm_medium=ww_mini1_split_findsale&bbid=47
Submission: On January 09 via manual from US — Scanned from NL

Summary

This website contacted 10 IPs in 4 countries across 14 domains to perform 41 HTTP transactions. The main IP is 157.245.71.143, located in Amsterdam, Netherlands and belongs to DIGITALOCEAN-ASN, US. The main domain is hot.findsale.club. The Cisco Umbrella rank of the primary domain is 684153.
TLS certificate: Issued by R3 on December 29th 2021. Valid for: 3 months.
This is the only time hot.findsale.club was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 62.122.170.197 50245 (SERVEREL-AS)
2 2 2a03:b0c0:3:d... 14061 (DIGITALOC...)
12 213.227.149.216 60781 (LEASEWEB-...)
1 95.211.60.56 60781 (LEASEWEB-...)
1 1 213.227.145.132 60781 (LEASEWEB-...)
1 1 206.189.241.141 14061 (DIGITALOC...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 1 85.17.31.90 60781 (LEASEWEB-...)
1 1 64.225.80.227 14061 (DIGITALOC...)
1 157.245.71.143 14061 (DIGITALOC...)
14 104.18.17.65 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 104.19.131.80 13335 (CLOUDFLAR...)
41 10
Apex Domain
Subdomains
Transfer
14 adskeeper.com
jsc.adskeeper.com — Cisco Umbrella Rank: 33788
c.adskeeper.com — Cisco Umbrella Rank: 15348
servicer.adskeeper.com — Cisco Umbrella Rank: 33164
s-img.adskeeper.com — Cisco Umbrella Rank: 16678
cm.adskeeper.com — Cisco Umbrella Rank: 36151
140 KB
9 special-offers-for.me
special-offers-for.me
209 KB
4 safebrowsdv.com
safebrowsdv.com — Cisco Umbrella Rank: 252546
18 KB
3 cpa-optimizer.online
track.cpa-optimizer.online — Cisco Umbrella Rank: 124631
cpa-optimizer.online — Cisco Umbrella Rank: 79780
3 KB
2 adskeeper.co.uk
cdn.adskeeper.co.uk — Cisco Umbrella Rank: 27405
3 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 33
20 KB
2 adoperatorcore.com
tracking.eu.adoperatorcore.com — Cisco Umbrella Rank: 26365
click.eu.adoperatorcore.com — Cisco Umbrella Rank: 130276
403 B
2 free-coupons.network
free-coupons.network — Cisco Umbrella Rank: 89694
34 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 62
38 KB
1 findsale.club
hot.findsale.club — Cisco Umbrella Rank: 684153
1 KB
1 wbidder.online
clk.wbidder.online — Cisco Umbrella Rank: 132170
555 B
1 adoppop.com
s.adoppop.com — Cisco Umbrella Rank: 135043
10 KB
1 wboptim.online
crtv.wboptim.online — Cisco Umbrella Rank: 13806
474 B
1 wbidder2.com
wbidder2.com — Cisco Umbrella Rank: 73106 Failed
1 KB
41 14
Domain Requested by
9 special-offers-for.me cpa-optimizer.online
special-offers-for.me
6 s-img.adskeeper.com
4 safebrowsdv.com safebrowsdv.com
3 c.adskeeper.com jsc.adskeeper.com
2 cm.adskeeper.com jsc.adskeeper.com
2 cdn.adskeeper.co.uk jsc.adskeeper.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 jsc.adskeeper.com hot.findsale.club
jsc.adskeeper.com
2 free-coupons.network special-offers-for.me
2 track.cpa-optimizer.online 2 redirects
1 servicer.adskeeper.com jsc.adskeeper.com
1 www.googletagmanager.com hot.findsale.club
1 hot.findsale.club free-coupons.network
1 click.eu.adoperatorcore.com 1 redirects
1 clk.wbidder.online 1 redirects
1 s.adoppop.com
1 tracking.eu.adoperatorcore.com 1 redirects
1 crtv.wboptim.online 1 redirects
1 wbidder2.com free-coupons.network
special-offers-for.me
1 cpa-optimizer.online safebrowsdv.com
41 20

This site contains links to these domains. Also see Links.

Domain
widgets.adskeeper.com
www.adskeeper.com
Subject Issuer Validity Valid
safebrowsdv.com
R3
2022-01-01 -
2022-04-01
3 months crt.sh
*.cpa-optimizer.online
AlphaSSL CA - SHA256 - G2
2021-03-30 -
2022-05-01
a year crt.sh
*.special-offers-for.me
AlphaSSL CA - SHA256 - G2
2021-07-04 -
2022-08-05
a year crt.sh
*.free-coupons.network
AlphaSSL CA - SHA256 - G2
2021-03-08 -
2022-04-09
a year crt.sh
*.wbidder2.com
AlphaSSL CA - SHA256 - G2
2021-11-12 -
2022-12-14
a year crt.sh
hot.findsale.club
R3
2021-12-29 -
2022-03-29
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2021-06-11 -
2022-06-10
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2021-11-29 -
2022-02-21
3 months crt.sh

This page contains 2 frames:

Primary Page: https://hot.findsale.club/index.php?key=0wcff73b6nxj48rip18j&subid=&utm_source=&utm_medium=ww_mini1_split_findsale&bbid=47
Frame ID: 6B24EC9745F449B50B3C494A8E31E919
Requests: 40 HTTP requests in this frame

Frame: https://cm.adskeeper.com/i-noref.js?cbuster=1641757003244993750055
Frame ID: 04A9BC14C4F7155AD19708DCC2E213B2
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Updated 2022-01-09

Page URL History Show full URLs

  1. https://safebrowsdv.com/gtm.js?id=1861873&pb=2230f25d9d204b4e8ab970034104f5f21641764125&psp=XUDJCcVn... Page URL
  2. https://safebrowsdv.com/ga-audiences?cid=1861873&pb=2230f25d9d204b4e8ab970034104f5f21641764125&psp=X... Page URL
  3. https://track.cpa-optimizer.online/15G8tR?subid=1861873&currency={usd}&affid=5000&cost={payout}&external_id=220... HTTP 302
    https://cpa-optimizer.online/lp/common/arb/?url=/video-lp/video-4/?tag=5000&tag1=new-message&tag2=1861873... Page URL
  4. https://special-offers-for.me/video-lp/video-4/?tag=5000&tag1=new-message&tag2=1861873&tag3=5000&tag4=dati... Page URL
  5. https://track.cpa-optimizer.online/15GtmV?tag=5000&tag1=new-message&tag2=1861873&tag3=5000&tag4=dating&clickid=... HTTP 302
    https://clk.wbidder.online/redirect?url=https%3A%2F%2Fclick.eu.adoperatorcore.com%2Frtb%2Ffeedclick%3Fu... HTTP 302
    https://click.eu.adoperatorcore.com/rtb/feedclick?uuid=259dacbd-f7dc-4177-ae06-cfffb755539d&s=101&d=221&feedid=e... HTTP 302
    https://hot.findsale.club/index.php?key=0wcff73b6nxj48rip18j&subid=&utm_source=&utm_medium=ww_mini1_sp... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js

Page Statistics

41
Requests

90 %
HTTPS

29 %
IPv6

14
Domains

20
Subdomains

10
IPs

4
Countries

475 kB
Transfer

756 kB
Size

17
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://safebrowsdv.com/gtm.js?id=1861873&pb=2230f25d9d204b4e8ab970034104f5f21641764125&psp=XUDJCcVn6ScNNNlI4pbALzQbod_moYSNQYytHs1Ra3kQEoN16juRHeMeisHQ9L1mdXO3gOvoSIFzjNWdh9gXvh9gMOfU5SpaIvie8iaYyVep8kKtqiZb3hDNXOSmE7rtxH9naLCikgbbQiItTQJ0-wDCludavG3X-ZA9sBHwa48IQ1Mze-pzHtabMo9brkThyb2QR07Ww8HUUCFV-pHdlyoQKqnyoCpCEw637k9YGaa9xB13CP_9cAw7q5e47_3ktx5ZSOpxVGBEESgG9WgQnOHHdCFK51gX9R5jXOnu6jIhBambVfZYjoc8t4FteKNx8ZLpF9vfjWCsulzJDcH79Fmy_hu_p6eXCdPir-Mi-QJTo3k2CCwEthrbNJgP1P0h9g1nahWM2zb-1SgSUGzT8CIzVNZ_uWX5oCrGBQITWLepzDcd-5wDssWvJd_P6SUYh4iUmiHO5rokc8KpKiBHdnrLIh2x2qGC9MfzK5Wp2SB42-GCI_AN9ESdX4wZN4vqWatVH-_IfzGDY2PMPq_aAlCrPDFS4Rk2tQTWrxNpyQ4RhDn5KZhrMzj3pXfbIm_o_KJd-SqJ9ZbSkKaInMtgyngERr8ntwkTd2K0jYvLERufN5TdXlfBSIOP2vwd2v40gJ6LJOyDbbdeB2jbfFtarQHRhNDTyJSVjKfYaSFDMHaXUhAo3hSWI9Fnv2vD6Q== Page URL
  2. https://safebrowsdv.com/ga-audiences?cid=1861873&pb=2230f25d9d204b4e8ab970034104f5f21641764125&psp=XUDJCcVn6ScNNNlI4pbALzQbod_moYSNQYytHs1Ra3kQEoN16juRHeMeisHQ9L1mdXO3gOvoSIFzjNWdh9gXvh9gMOfU5SpaIvie8iaYyVep8kKtqiZb3hDNXOSmE7rtxH9naLCikgbbQiItTQJ0-wDCludavG3X-ZA9sBHwa48IQ1Mze-pzHtabMo9brkThyb2QR07Ww8HUUCFV-pHdlyoQKqnyoCpCEw637k9YGaa9xB13CP_9cAw7q5e47_3ktx5ZSOpxVGBEESgG9WgQnOHHdCFK51gX9R5jXOnu6jIhBambVfZYjoc8t4FteKNx8ZLpF9vfjWCsulzJDcH79Fmy_hu_p6eXCdPir-Mi-QJTo3k2CCwEthrbNJgP1P0h9g1nahWM2zb-1SgSUGzT8CIzVNZ_uWX5oCrGBQITWLepzDcd-5wDssWvJd_P6SUYh4iUmiHO5rokc8KpKiBHdnrLIh2x2qGC9MfzK5Wp2SB42-GCI_AN9ESdX4wZN4vqWatVH-_IfzGDY2PMPq_aAlCrPDFS4Rk2tQTWrxNpyQ4RhDn5KZhrMzj3pXfbIm_o_KJd-SqJ9ZbSkKaInMtgyngERr8ntwkTd2K0jYvLERufN5TdXlfBSIOP2vwd2v40gJ6LJOyDbbdeB2jbfFtarQHRhNDTyJSVjKfYaSFDMHaXUhAo3hSWI9Fnv2vD6Q==&nojs=0&ix=0&abvar=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=170&rlp=%5B0%2C8.400001525878906%2C42.39999961853027%2C23%2C1.3999996185302734%2C120.60000038146973%2C68.49999809265137%2C46%5D Page URL
  3. https://track.cpa-optimizer.online/15G8tR?subid=1861873&currency={usd}&affid=5000&cost={payout}&external_id=22010914360a75e9bb92db45fbb738ddfa16 HTTP 302
    https://cpa-optimizer.online/lp/common/arb/?url=/video-lp/video-4/?tag=5000&tag1=new-message&tag2=1861873&tag3=5000&tag4=dating&clickid=&device=Desktop&brand=Desktop&model=Desktop&country=NL&affid=5000&subid=1861873&ln=nl&cid=%7Busd%7D&useragent=%7Bvar:useragent%7D&ip=2001:1af8:4700:a069:0035:0000:0000:0009&bv=Chrome%2097&as=pc Page URL
  4. https://special-offers-for.me/video-lp/video-4/?tag=5000&tag1=new-message&tag2=1861873&tag3=5000&tag4=dating&clickid=&device=Desktop&brand=Desktop&model=Desktop&country=NL&affid=5000&subid=1861873&ln=nl&cid=%7Busd%7D&useragent=%7Bvar:useragent%7D&ip=2001:1af8:4700:a069:0035:0000:0000:0009&bv=Chrome%2097&as=pc Page URL
  5. https://track.cpa-optimizer.online/15GtmV?tag=5000&tag1=new-message&tag2=1861873&tag3=5000&tag4=dating&clickid=&device=Desktop&brand=Desktop&model=Desktop&country=NL&affid=5000&subid=1861873&ln=nl&cid=%257Busd%257D&useragent=%257Bvar%3Auseragent%257D&ip=2001%3A1af8%3A4700%3Aa069%3A0035%3A0000%3A0000%3A0009&bv=Chrome%252097&as=pc&onw=1&link=url%3Dhttps%253A%252F%252Fclick.eu.adoperatorcore.com%252Frtb%252Ffeedclick%253Fuuid%253D259dacbd-f7dc-4177-ae06-cfffb755539d%2526s%253D101%2526d%253D221%2526feedid%253De908%2526rt%253D1641757001878%2526sb%253D0.0002%2526db%253D0.0008%2526subid%253Dbid_5806%2526tokid%253Dnull%2526url%253DMCGV6QV42H5HDXSWE67YROYVBUBACZ2BU4PITXQIR6PKUROTGHM2U2URE7SIFVEG7DL6HPRKLTTMMOZPKKHMUY7ZXDO6QVMOKIHPWUHNRWFE5NWWUMJFLH4IZZGEAU5J2FZ5KJQ5G5CVQJW7Q3WYOJ7V4ZSCTPW5LANXWYQ6AJXVXJSRXVLR77B7GY2PZERGQKFWAPWDYME5E%25253D%25253D%25253D%2526i%253D4121ee%2526u%253D896148%2526ad%253D%26s%3D1036%26a%3Dbid_onw_5000%26uA%3Dbid_5806%26sub%3D1861873%26ts%3D1641757002%26d%3D59%26i%3D1fwh23wbmky7nqa71%26t%3Dclient%26c%3D55757200753 HTTP 302
    https://clk.wbidder.online/redirect?url=https%3A%2F%2Fclick.eu.adoperatorcore.com%2Frtb%2Ffeedclick%3Fuuid%3D259dacbd-f7dc-4177-ae06-cfffb755539d%26s%3D101%26d%3D221%26feedid%3De908%26rt%3D1641757001878%26sb%3D0.0002%26db%3D0.0008%26subid%3Dbid_5806%26tokid%3Dnull%26url%3DMCGV6QV42H5HDXSWE67YROYVBUBACZ2BU4PITXQIR6PKUROTGHM2U2URE7SIFVEG7DL6HPRKLTTMMOZPKKHMUY7ZXDO6QVMOKIHPWUHNRWFE5NWWUMJFLH4IZZGEAU5J2FZ5KJQ5G5CVQJW7Q3WYOJ7V4ZSCTPW5LANXWYQ6AJXVXJSRXVLR77B7GY2PZERGQKFWAPWDYME5E%253D%253D%253D%26i%3D4121ee%26u%3D896148%26ad%3D&s=1036&a=bid_onw_5000&uA=bid_5806&sub=1861873&ts=1641757002&d=59&i=1fwh23wbmky7nqa71&t=client&c=55757200753 HTTP 302
    https://click.eu.adoperatorcore.com/rtb/feedclick?uuid=259dacbd-f7dc-4177-ae06-cfffb755539d&s=101&d=221&feedid=e908&rt=1641757001878&sb=0.0002&db=0.0008&subid=bid_5806&tokid=null&url=MCGV6QV42H5HDXSWE67YROYVBUBACZ2BU4PITXQIR6PKUROTGHM2U2URE7SIFVEG7DL6HPRKLTTMMOZPKKHMUY7ZXDO6QVMOKIHPWUHNRWFE5NWWUMJFLH4IZZGEAU5J2FZ5KJQ5G5CVQJW7Q3WYOJ7V4ZSCTPW5LANXWYQ6AJXVXJSRXVLR77B7GY2PZERGQKFWAPWDYME5E%3D%3D%3D&i=4121ee&u=896148&ad= HTTP 302
    https://hot.findsale.club/index.php?key=0wcff73b6nxj48rip18j&subid=&utm_source=&utm_medium=ww_mini1_split_findsale&bbid=47 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3
  • https://track.cpa-optimizer.online/15G8tR?subid=1861873&currency={usd}&affid=5000&cost={payout}&external_id=22010914360a75e9bb92db45fbb738ddfa16 HTTP 302
  • https://cpa-optimizer.online/lp/common/arb/?url=/video-lp/video-4/?tag=5000&tag1=new-message&tag2=1861873&tag3=5000&tag4=dating&clickid=&device=Desktop&brand=Desktop&model=Desktop&country=NL&affid=5000&subid=1861873&ln=nl&cid=%7Busd%7D&useragent=%7Bvar:useragent%7D&ip=2001:1af8:4700:a069:0035:0000:0000:0009&bv=Chrome%2097&as=pc
Request Chain 20
  • https://crtv.wboptim.online/icon?url=https%3A%2F%2Ftracking.eu.adoperatorcore.com%2Frtb%2Ffeedimpression%3Fuuid%3D259dacbd-f7dc-4177-ae06-cfffb755539d%26s%3D101%26d%3D221%26feedid%3De908%26rt%3D1641757001878%26sb%3D0.0002%26db%3D0.0008%26subid%3Dbid_5806%26tokid%3Dnull%26url%3DM6R2B4GETR2CBYFKGVL23NVIDJRWMWAVTP7SS6K44OJVF6F7YRD7WU7MPQM3F6DLPDRDLHMF62YQHHB3FZDGGG6CMOI4UJNSIJ25N3Q%253D%26i%3D4121ee%26u%3D896148&s=1036&a=bid_onw_5000&uA=bid_5806&sub=1861873&d=59&ic=1 HTTP 302
  • https://tracking.eu.adoperatorcore.com/rtb/feedimpression?uuid=259dacbd-f7dc-4177-ae06-cfffb755539d&s=101&d=221&feedid=e908&rt=1641757001878&sb=0.0002&db=0.0008&subid=bid_5806&tokid=null&url=M6R2B4GETR2CBYFKGVL23NVIDJRWMWAVTP7SS6K44OJVF6F7YRD7WU7MPQM3F6DLPDRDLHMF62YQHHB3FZDGGG6CMOI4UJNSIJ25N3Q%3D&i=4121ee&u=896148 HTTP 302
  • https://s.adoppop.com/images/icon/fb_messneger2.png

41 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
gtm.js
safebrowsdv.com/
2 KB
1 KB
Document
General
Full URL
https://safebrowsdv.com/gtm.js?id=1861873&pb=2230f25d9d204b4e8ab970034104f5f21641764125&psp=XUDJCcVn6ScNNNlI4pbALzQbod_moYSNQYytHs1Ra3kQEoN16juRHeMeisHQ9L1mdXO3gOvoSIFzjNWdh9gXvh9gMOfU5SpaIvie8iaYyVep8kKtqiZb3hDNXOSmE7rtxH9naLCikgbbQiItTQJ0-wDCludavG3X-ZA9sBHwa48IQ1Mze-pzHtabMo9brkThyb2QR07Ww8HUUCFV-pHdlyoQKqnyoCpCEw637k9YGaa9xB13CP_9cAw7q5e47_3ktx5ZSOpxVGBEESgG9WgQnOHHdCFK51gX9R5jXOnu6jIhBambVfZYjoc8t4FteKNx8ZLpF9vfjWCsulzJDcH79Fmy_hu_p6eXCdPir-Mi-QJTo3k2CCwEthrbNJgP1P0h9g1nahWM2zb-1SgSUGzT8CIzVNZ_uWX5oCrGBQITWLepzDcd-5wDssWvJd_P6SUYh4iUmiHO5rokc8KpKiBHdnrLIh2x2qGC9MfzK5Wp2SB42-GCI_AN9ESdX4wZN4vqWatVH-_IfzGDY2PMPq_aAlCrPDFS4Rk2tQTWrxNpyQ4RhDn5KZhrMzj3pXfbIm_o_KJd-SqJ9ZbSkKaInMtgyngERr8ntwkTd2K0jYvLERufN5TdXlfBSIOP2vwd2v40gJ6LJOyDbbdeB2jbfFtarQHRhNDTyJSVjKfYaSFDMHaXUhAo3hSWI9Fnv2vD6Q==
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
62.122.170.197 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
62.122.170.197.serverel.net
Software
nginx /
Resource Hash
1a8a8285baac3ecf3ca4827134f63472b7d90f78acaf6f2804efe4af32dd30da

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Sun, 09 Jan 2022 19:36:41 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
x-route-id
check.sumbit.script
content-encoding
gzip
timing-allow-origin
*
submit.min.js
safebrowsdv.com/
36 KB
14 KB
Script
General
Full URL
https://safebrowsdv.com/submit.min.js?2.0
Requested by
Host: safebrowsdv.com
URL: https://safebrowsdv.com/gtm.js?id=1861873&pb=2230f25d9d204b4e8ab970034104f5f21641764125&psp=XUDJCcVn6ScNNNlI4pbALzQbod_moYSNQYytHs1Ra3kQEoN16juRHeMeisHQ9L1mdXO3gOvoSIFzjNWdh9gXvh9gMOfU5SpaIvie8iaYyVep8kKtqiZb3hDNXOSmE7rtxH9naLCikgbbQiItTQJ0-wDCludavG3X-ZA9sBHwa48IQ1Mze-pzHtabMo9brkThyb2QR07Ww8HUUCFV-pHdlyoQKqnyoCpCEw637k9YGaa9xB13CP_9cAw7q5e47_3ktx5ZSOpxVGBEESgG9WgQnOHHdCFK51gX9R5jXOnu6jIhBambVfZYjoc8t4FteKNx8ZLpF9vfjWCsulzJDcH79Fmy_hu_p6eXCdPir-Mi-QJTo3k2CCwEthrbNJgP1P0h9g1nahWM2zb-1SgSUGzT8CIzVNZ_uWX5oCrGBQITWLepzDcd-5wDssWvJd_P6SUYh4iUmiHO5rokc8KpKiBHdnrLIh2x2qGC9MfzK5Wp2SB42-GCI_AN9ESdX4wZN4vqWatVH-_IfzGDY2PMPq_aAlCrPDFS4Rk2tQTWrxNpyQ4RhDn5KZhrMzj3pXfbIm_o_KJd-SqJ9ZbSkKaInMtgyngERr8ntwkTd2K0jYvLERufN5TdXlfBSIOP2vwd2v40gJ6LJOyDbbdeB2jbfFtarQHRhNDTyJSVjKfYaSFDMHaXUhAo3hSWI9Fnv2vD6Q==
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
62.122.170.197 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
62.122.170.197.serverel.net
Software
nginx /
Resource Hash
affd7d53fae7862c66f5c5a6bd142aefe65e7a5424f8098c93b0fb1bf3f718d4

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 19:36:41 GMT
content-encoding
gzip
last-modified
Wed, 22 Dec 2021 10:55:46 GMT
server
nginx
etag
W/"61c30432-8e19"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
ga-audiences
safebrowsdv.com/
4 KB
2 KB
Document
General
Full URL
https://safebrowsdv.com/ga-audiences?cid=1861873&pb=2230f25d9d204b4e8ab970034104f5f21641764125&psp=XUDJCcVn6ScNNNlI4pbALzQbod_moYSNQYytHs1Ra3kQEoN16juRHeMeisHQ9L1mdXO3gOvoSIFzjNWdh9gXvh9gMOfU5SpaIvie8iaYyVep8kKtqiZb3hDNXOSmE7rtxH9naLCikgbbQiItTQJ0-wDCludavG3X-ZA9sBHwa48IQ1Mze-pzHtabMo9brkThyb2QR07Ww8HUUCFV-pHdlyoQKqnyoCpCEw637k9YGaa9xB13CP_9cAw7q5e47_3ktx5ZSOpxVGBEESgG9WgQnOHHdCFK51gX9R5jXOnu6jIhBambVfZYjoc8t4FteKNx8ZLpF9vfjWCsulzJDcH79Fmy_hu_p6eXCdPir-Mi-QJTo3k2CCwEthrbNJgP1P0h9g1nahWM2zb-1SgSUGzT8CIzVNZ_uWX5oCrGBQITWLepzDcd-5wDssWvJd_P6SUYh4iUmiHO5rokc8KpKiBHdnrLIh2x2qGC9MfzK5Wp2SB42-GCI_AN9ESdX4wZN4vqWatVH-_IfzGDY2PMPq_aAlCrPDFS4Rk2tQTWrxNpyQ4RhDn5KZhrMzj3pXfbIm_o_KJd-SqJ9ZbSkKaInMtgyngERr8ntwkTd2K0jYvLERufN5TdXlfBSIOP2vwd2v40gJ6LJOyDbbdeB2jbfFtarQHRhNDTyJSVjKfYaSFDMHaXUhAo3hSWI9Fnv2vD6Q==&nojs=0&ix=0&abvar=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=170&rlp=%5B0%2C8.400001525878906%2C42.39999961853027%2C23%2C1.3999996185302734%2C120.60000038146973%2C68.49999809265137%2C46%5D
Requested by
Host: safebrowsdv.com
URL: https://safebrowsdv.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
62.122.170.197 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
62.122.170.197.serverel.net
Software
nginx /
Resource Hash
4f45b6abab6896fbbd25724269953a7f9eb67ba0edf2c10c95a0af39269a61e2

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Sun, 09 Jan 2022 19:36:41 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
x-route-id
redirect.script
content-encoding
gzip
timing-allow-origin
*
/
cpa-optimizer.online/lp/common/arb/
Redirect Chain
  • https://track.cpa-optimizer.online/15G8tR?subid=1861873&currency={usd}&affid=5000&cost={payout}&external_id=22010914360a75e9bb92db45fbb738ddfa16
  • https://cpa-optimizer.online/lp/common/arb/?url=/video-lp/video-4/?tag=5000&tag1=new-message&tag2=1861873&tag3=5000&tag4=dating&clickid=&device=Desktop&brand=Desktop&model=Desktop&country=NL&affid=...
405 B
498 B
Document
General
Full URL
https://cpa-optimizer.online/lp/common/arb/?url=/video-lp/video-4/?tag=5000&tag1=new-message&tag2=1861873&tag3=5000&tag4=dating&clickid=&device=Desktop&brand=Desktop&model=Desktop&country=NL&affid=5000&subid=1861873&ln=nl&cid=%7Busd%7D&useragent=%7Bvar:useragent%7D&ip=2001:1af8:4700:a069:0035:0000:0000:0009&bv=Chrome%2097&as=pc
Requested by
Host: safebrowsdv.com
URL: https://safebrowsdv.com/ga-audiences?cid=1861873&pb=2230f25d9d204b4e8ab970034104f5f21641764125&psp=XUDJCcVn6ScNNNlI4pbALzQbod_moYSNQYytHs1Ra3kQEoN16juRHeMeisHQ9L1mdXO3gOvoSIFzjNWdh9gXvh9gMOfU5SpaIvie8iaYyVep8kKtqiZb3hDNXOSmE7rtxH9naLCikgbbQiItTQJ0-wDCludavG3X-ZA9sBHwa48IQ1Mze-pzHtabMo9brkThyb2QR07Ww8HUUCFV-pHdlyoQKqnyoCpCEw637k9YGaa9xB13CP_9cAw7q5e47_3ktx5ZSOpxVGBEESgG9WgQnOHHdCFK51gX9R5jXOnu6jIhBambVfZYjoc8t4FteKNx8ZLpF9vfjWCsulzJDcH79Fmy_hu_p6eXCdPir-Mi-QJTo3k2CCwEthrbNJgP1P0h9g1nahWM2zb-1SgSUGzT8CIzVNZ_uWX5oCrGBQITWLepzDcd-5wDssWvJd_P6SUYh4iUmiHO5rokc8KpKiBHdnrLIh2x2qGC9MfzK5Wp2SB42-GCI_AN9ESdX4wZN4vqWatVH-_IfzGDY2PMPq_aAlCrPDFS4Rk2tQTWrxNpyQ4RhDn5KZhrMzj3pXfbIm_o_KJd-SqJ9ZbSkKaInMtgyngERr8ntwkTd2K0jYvLERufN5TdXlfBSIOP2vwd2v40gJ6LJOyDbbdeB2jbfFtarQHRhNDTyJSVjKfYaSFDMHaXUhAo3hSWI9Fnv2vD6Q==&nojs=0&ix=0&abvar=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=170&rlp=%5B0%2C8.400001525878906%2C42.39999961853027%2C23%2C1.3999996185302734%2C120.60000038146973%2C68.49999809265137%2C46%5D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.227.149.216 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9
Referer
https://safebrowsdv.com/afu.php?zoneid=1762995&var=1861873

Response headers

server
nginx
date
Sun, 09 Jan 2022 19:36:41 GMT
content-type
text/html; charset=UTF-8
x-frame-options
SAMEORIGIN

Redirect headers

Server
nginx/1.21.0
Date
Sun, 09 Jan 2022 19:36:41 GMT
Content-Type
text/html; charset=utf-8
Content-Length
838
Connection
keep-alive
X-Powered-By
Express
Location
https://cpa-optimizer.online/lp/common/arb/?url=/video-lp/video-4/?tag=5000&tag1=new-message&tag2=1861873&tag3=5000&tag4=dating&clickid=&device=Desktop&brand=Desktop&model=Desktop&country=NL&affid=5000&subid=1861873&ln=nl&cid=%7Busd%7D&useragent=%7Bvar:useragent%7D&ip=2001:1af8:4700:a069:0035:0000:0000:0009&bv=Chrome%2097&as=pc
Vary
Accept
dupa.gif
safebrowsdv.com/
43 B
148 B
Ping
General
Full URL
https://safebrowsdv.com/dupa.gif?z=1861873&pb=2230f25d9d204b4e8ab970034104f5f21641764125&psp=XUDJCcVn6ScNNNlI4pbALzQbod_moYSNQYytHs1Ra3kQEoN16juRHeMeisHQ9L1mdXO3gOvoSIFzjNWdh9gXvh9gMOfU5SpaIvie8iaYyVep8kKtqiZb3hDNXOSmE7rtxH9naLCikgbbQiItTQJ0-wDCludavG3X-ZA9sBHwa48IQ1Mze-pzHtabMo9brkThyb2QR07Ww8HUUCFV-pHdlyoQKqnyoCpCEw637k9YGaa9xB13CP_9cAw7q5e47_3ktx5ZSOpxVGBEESgG9WgQnOHHdCFK51gX9R5jXOnu6jIhBambVfZYjoc8t4FteKNx8ZLpF9vfjWCsulzJDcH79Fmy_hu_p6eXCdPir-Mi-QJTo3k2CCwEthrbNJgP1P0h9g1nahWM2zb-1SgSUGzT8CIzVNZ_uWX5oCrGBQITWLepzDcd-5wDssWvJd_P6SUYh4iUmiHO5rokc8KpKiBHdnrLIh2x2qGC9MfzK5Wp2SB42-GCI_AN9ESdX4wZN4vqWatVH-_IfzGDY2PMPq_aAlCrPDFS4Rk2tQTWrxNpyQ4RhDn5KZhrMzj3pXfbIm_o_KJd-SqJ9ZbSkKaInMtgyngERr8ntwkTd2K0jYvLERufN5TdXlfBSIOP2vwd2v40gJ6LJOyDbbdeB2jbfFtarQHRhNDTyJSVjKfYaSFDMHaXUhAo3hSWI9Fnv2vD6Q==&pload=40&rlp=%5B0%2C0%2C0%2C0%2C0.6000003814697266%2C22.899999618530273%2C22.299999237060547%2C0%5D
Requested by
Host: safebrowsdv.com
URL: https://safebrowsdv.com/ga-audiences?cid=1861873&pb=2230f25d9d204b4e8ab970034104f5f21641764125&psp=XUDJCcVn6ScNNNlI4pbALzQbod_moYSNQYytHs1Ra3kQEoN16juRHeMeisHQ9L1mdXO3gOvoSIFzjNWdh9gXvh9gMOfU5SpaIvie8iaYyVep8kKtqiZb3hDNXOSmE7rtxH9naLCikgbbQiItTQJ0-wDCludavG3X-ZA9sBHwa48IQ1Mze-pzHtabMo9brkThyb2QR07Ww8HUUCFV-pHdlyoQKqnyoCpCEw637k9YGaa9xB13CP_9cAw7q5e47_3ktx5ZSOpxVGBEESgG9WgQnOHHdCFK51gX9R5jXOnu6jIhBambVfZYjoc8t4FteKNx8ZLpF9vfjWCsulzJDcH79Fmy_hu_p6eXCdPir-Mi-QJTo3k2CCwEthrbNJgP1P0h9g1nahWM2zb-1SgSUGzT8CIzVNZ_uWX5oCrGBQITWLepzDcd-5wDssWvJd_P6SUYh4iUmiHO5rokc8KpKiBHdnrLIh2x2qGC9MfzK5Wp2SB42-GCI_AN9ESdX4wZN4vqWatVH-_IfzGDY2PMPq_aAlCrPDFS4Rk2tQTWrxNpyQ4RhDn5KZhrMzj3pXfbIm_o_KJd-SqJ9ZbSkKaInMtgyngERr8ntwkTd2K0jYvLERufN5TdXlfBSIOP2vwd2v40gJ6LJOyDbbdeB2jbfFtarQHRhNDTyJSVjKfYaSFDMHaXUhAo3hSWI9Fnv2vD6Q==&nojs=0&ix=0&abvar=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=170&rlp=%5B0%2C8.400001525878906%2C42.39999961853027%2C23%2C1.3999996185302734%2C120.60000038146973%2C68.49999809265137%2C46%5D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
62.122.170.197 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
62.122.170.197.serverel.net
Software
nginx /
Resource Hash

Request headers

Referer
Accept-Language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sun, 09 Jan 2022 19:36:41 GMT
x-route-id
stats.redirect-pixel
server
nginx
timing-allow-origin
*
content-length
43
content-type
image/gif
/
special-offers-for.me/video-lp/video-4/
11 KB
11 KB
Document
General
Full URL
https://special-offers-for.me/video-lp/video-4/?tag=5000&tag1=new-message&tag2=1861873&tag3=5000&tag4=dating&clickid=&device=Desktop&brand=Desktop&model=Desktop&country=NL&affid=5000&subid=1861873&ln=nl&cid=%7Busd%7D&useragent=%7Bvar:useragent%7D&ip=2001:1af8:4700:a069:0035:0000:0000:0009&bv=Chrome%2097&as=pc
Requested by
Host: cpa-optimizer.online
URL: https://cpa-optimizer.online/lp/common/arb/?url=/video-lp/video-4/?tag=5000&tag1=new-message&tag2=1861873&tag3=5000&tag4=dating&clickid=&device=Desktop&brand=Desktop&model=Desktop&country=NL&affid=5000&subid=1861873&ln=nl&cid=%7Busd%7D&useragent=%7Bvar:useragent%7D&ip=2001:1af8:4700:a069:0035:0000:0000:0009&bv=Chrome%2097&as=pc
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.227.149.216 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
89b95273145861817a6c3f24199d9b025c4e417d54ef8a46de3c01bd3273e854
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9
Referer
https://cpa-optimizer.online/

Response headers

server
nginx
date
Sun, 09 Jan 2022 19:36:41 GMT
content-type
text/html
content-length
11331
last-modified
Fri, 31 Dec 2021 13:18:25 GMT
etag
"61cf0321-2c43"
x-frame-options
SAMEORIGIN
accept-ranges
bytes
pageTemplate.min.css
special-offers-for.me/plugin/css/
2 KB
865 B
Stylesheet
General
Full URL
https://special-offers-for.me/plugin/css/pageTemplate.min.css
Requested by
Host: special-offers-for.me
URL: https://special-offers-for.me/video-lp/video-4/?tag=5000&tag1=new-message&tag2=1861873&tag3=5000&tag4=dating&clickid=&device=Desktop&brand=Desktop&model=Desktop&country=NL&affid=5000&subid=1861873&ln=nl&cid=%7Busd%7D&useragent=%7Bvar:useragent%7D&ip=2001:1af8:4700:a069:0035:0000:0000:0009&bv=Chrome%2097&as=pc
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.227.149.216 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
a44edde7abfe4086b29943ccf7c7443cfdda6b7a0460f54a2837ab889268d55c
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://special-offers-for.me/video-lp/video-4/?tag=5000&tag1=new-message&tag2=1861873&tag3=5000&tag4=dating&clickid=&device=Desktop&brand=Desktop&model=Desktop&country=NL&affid=5000&subid=1861873&ln=nl&cid=%7Busd%7D&useragent=%7Bvar:useragent%7D&ip=2001:1af8:4700:a069:0035:0000:0000:0009&bv=Chrome%2097&as=pc
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 19:36:41 GMT
content-encoding
gzip
vary
Accept-Encoding
last-modified
Wed, 10 Jul 2019 14:02:03 GMT
server
nginx
etag
"5d25efdb-290"
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
max-age=2592000
content-length
656
expires
Tue, 08 Feb 2022 19:36:41 GMT
pageTemplateClean.js
special-offers-for.me/lp/plugin/js/
27 KB
28 KB
Script
General
Full URL
https://special-offers-for.me/lp/plugin/js/pageTemplateClean.js
Requested by
Host: special-offers-for.me
URL: https://special-offers-for.me/video-lp/video-4/?tag=5000&tag1=new-message&tag2=1861873&tag3=5000&tag4=dating&clickid=&device=Desktop&brand=Desktop&model=Desktop&country=NL&affid=5000&subid=1861873&ln=nl&cid=%7Busd%7D&useragent=%7Bvar:useragent%7D&ip=2001:1af8:4700:a069:0035:0000:0000:0009&bv=Chrome%2097&as=pc
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.227.149.216 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
e4e8b912ad316b320ca401e71f8843b49acfdb2e21e23bb65eacd33a93991276
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://special-offers-for.me/video-lp/video-4/?tag=5000&tag1=new-message&tag2=1861873&tag3=5000&tag4=dating&clickid=&device=Desktop&brand=Desktop&model=Desktop&country=NL&affid=5000&subid=1861873&ln=nl&cid=%7Busd%7D&useragent=%7Bvar:useragent%7D&ip=2001:1af8:4700:a069:0035:0000:0000:0009&bv=Chrome%2097&as=pc
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 19:36:41 GMT
last-modified
Wed, 05 May 2021 16:00:06 GMT
server
nginx
etag
"6092c106-6def"
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=2592000
accept-ranges
bytes
content-length
28143
expires
Tue, 08 Feb 2022 19:36:41 GMT
script.js
free-coupons.network/lp/loadcomplete/
7 KB
8 KB
Script
General
Full URL
https://free-coupons.network/lp/loadcomplete/script.js
Requested by
Host: special-offers-for.me
URL: https://special-offers-for.me/video-lp/video-4/?tag=5000&tag1=new-message&tag2=1861873&tag3=5000&tag4=dating&clickid=&device=Desktop&brand=Desktop&model=Desktop&country=NL&affid=5000&subid=1861873&ln=nl&cid=%7Busd%7D&useragent=%7Bvar:useragent%7D&ip=2001:1af8:4700:a069:0035:0000:0000:0009&bv=Chrome%2097&as=pc
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.227.149.216 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
7c664050493a7973f724b768ad6a48e4b78eec90050015dc7152a08e7dbb32e7
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://special-offers-for.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 19:36:41 GMT
last-modified
Fri, 03 Jul 2020 09:24:48 GMT
server
nginx
etag
"5efef960-1d8a"
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=2592000
accept-ranges
bytes
content-length
7562
expires
Tue, 08 Feb 2022 19:36:41 GMT
client.new.js
free-coupons.network/plugin/js/
26 KB
26 KB
Script
General
Full URL
https://free-coupons.network/plugin/js/client.new.js
Requested by
Host: special-offers-for.me
URL: https://special-offers-for.me/video-lp/video-4/?tag=5000&tag1=new-message&tag2=1861873&tag3=5000&tag4=dating&clickid=&device=Desktop&brand=Desktop&model=Desktop&country=NL&affid=5000&subid=1861873&ln=nl&cid=%7Busd%7D&useragent=%7Bvar:useragent%7D&ip=2001:1af8:4700:a069:0035:0000:0000:0009&bv=Chrome%2097&as=pc
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.227.149.216 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
01395d69b4ee6c9483a90824d115289edaf853ea3556cce363df7f552a6e0acb
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://special-offers-for.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 19:36:41 GMT
last-modified
Wed, 24 Nov 2021 12:36:40 GMT
server
nginx
etag
"619e31d8-67de"
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=2592000
accept-ranges
bytes
content-length
26590
expires
Tue, 08 Feb 2022 19:36:41 GMT
bidder.js
special-offers-for.me/plugin/js/
14 KB
14 KB
Script
General
Full URL
https://special-offers-for.me/plugin/js/bidder.js
Requested by
Host: special-offers-for.me
URL: https://special-offers-for.me/video-lp/video-4/?tag=5000&tag1=new-message&tag2=1861873&tag3=5000&tag4=dating&clickid=&device=Desktop&brand=Desktop&model=Desktop&country=NL&affid=5000&subid=1861873&ln=nl&cid=%7Busd%7D&useragent=%7Bvar:useragent%7D&ip=2001:1af8:4700:a069:0035:0000:0000:0009&bv=Chrome%2097&as=pc
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.227.149.216 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
514d52e802c002031a89d00de1ac804b75fc146877eff127e9ff85ef516798aa
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://special-offers-for.me/video-lp/video-4/?tag=5000&tag1=new-message&tag2=1861873&tag3=5000&tag4=dating&clickid=&device=Desktop&brand=Desktop&model=Desktop&country=NL&affid=5000&subid=1861873&ln=nl&cid=%7Busd%7D&useragent=%7Bvar:useragent%7D&ip=2001:1af8:4700:a069:0035:0000:0000:0009&bv=Chrome%2097&as=pc
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 19:36:41 GMT
last-modified
Wed, 22 Dec 2021 11:42:37 GMT
server
nginx
etag
"61c30f2d-36a8"
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=2592000
accept-ranges
bytes
content-length
13992
expires
Tue, 08 Feb 2022 19:36:41 GMT
bidder-interval.js
special-offers-for.me/plugin/js/
8 KB
8 KB
Script
General
Full URL
https://special-offers-for.me/plugin/js/bidder-interval.js
Requested by
Host: special-offers-for.me
URL: https://special-offers-for.me/video-lp/video-4/?tag=5000&tag1=new-message&tag2=1861873&tag3=5000&tag4=dating&clickid=&device=Desktop&brand=Desktop&model=Desktop&country=NL&affid=5000&subid=1861873&ln=nl&cid=%7Busd%7D&useragent=%7Bvar:useragent%7D&ip=2001:1af8:4700:a069:0035:0000:0000:0009&bv=Chrome%2097&as=pc
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.227.149.216 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
4fcf63aeecc00b000351d5b887fb4cc3dc9b6bc97cb7852734864852b7797226
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://special-offers-for.me/video-lp/video-4/?tag=5000&tag1=new-message&tag2=1861873&tag3=5000&tag4=dating&clickid=&device=Desktop&brand=Desktop&model=Desktop&country=NL&affid=5000&subid=1861873&ln=nl&cid=%7Busd%7D&useragent=%7Bvar:useragent%7D&ip=2001:1af8:4700:a069:0035:0000:0000:0009&bv=Chrome%2097&as=pc
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 19:36:41 GMT
last-modified
Wed, 24 Nov 2021 11:01:21 GMT
server
nginx
etag
"619e1b81-1f27"
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=2592000
accept-ranges
bytes
content-length
7975
expires
Tue, 08 Feb 2022 19:36:41 GMT
arrow-blue4.png
special-offers-for.me/pageTemplate/
6 KB
7 KB
Image
General
Full URL
https://special-offers-for.me/pageTemplate/arrow-blue4.png
Requested by
Host: special-offers-for.me
URL: https://special-offers-for.me/video-lp/video-4/?tag=5000&tag1=new-message&tag2=1861873&tag3=5000&tag4=dating&clickid=&device=Desktop&brand=Desktop&model=Desktop&country=NL&affid=5000&subid=1861873&ln=nl&cid=%7Busd%7D&useragent=%7Bvar:useragent%7D&ip=2001:1af8:4700:a069:0035:0000:0000:0009&bv=Chrome%2097&as=pc
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.227.149.216 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
41173a98b0ae7b2001f183af16586aa6e6777195a5d100652f4365e310ae9372
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://special-offers-for.me/video-lp/video-4/?tag=5000&tag1=new-message&tag2=1861873&tag3=5000&tag4=dating&clickid=&device=Desktop&brand=Desktop&model=Desktop&country=NL&affid=5000&subid=1861873&ln=nl&cid=%7Busd%7D&useragent=%7Bvar:useragent%7D&ip=2001:1af8:4700:a069:0035:0000:0000:0009&bv=Chrome%2097&as=pc
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 19:36:41 GMT
last-modified
Thu, 10 Dec 2020 14:14:34 GMT
server
nginx
etag
"5fd22d4a-194a"
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
6474
expires
Tue, 08 Feb 2022 19:36:41 GMT
onBack.mp3
special-offers-for.me/pageTemplate/
18 KB
18 KB
Media
General
Full URL
https://special-offers-for.me/pageTemplate/onBack.mp3
Requested by
Host: special-offers-for.me
URL: https://special-offers-for.me/video-lp/video-4/?tag=5000&tag1=new-message&tag2=1861873&tag3=5000&tag4=dating&clickid=&device=Desktop&brand=Desktop&model=Desktop&country=NL&affid=5000&subid=1861873&ln=nl&cid=%7Busd%7D&useragent=%7Bvar:useragent%7D&ip=2001:1af8:4700:a069:0035:0000:0000:0009&bv=Chrome%2097&as=pc
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.227.149.216 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
130828dc2d3d11c2b4ad0c998dde0b660671963aaf610a2ad366e999ddfd2b5a
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://special-offers-for.me/video-lp/video-4/?tag=5000&tag1=new-message&tag2=1861873&tag3=5000&tag4=dating&clickid=&device=Desktop&brand=Desktop&model=Desktop&country=NL&affid=5000&subid=1861873&ln=nl&cid=%7Busd%7D&useragent=%7Bvar:useragent%7D&ip=2001:1af8:4700:a069:0035:0000:0000:0009&bv=Chrome%2097&as=pc
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Range
bytes=0-

Response headers

date
Sun, 09 Jan 2022 19:36:41 GMT
last-modified
Thu, 10 Dec 2020 14:14:34 GMT
server
nginx
etag
"5fd22d4a-4922"
x-frame-options
SAMEORIGIN
content-type
audio/mpeg
Content-Range
bytes 0-18721/18722
Content-Length
18722
client
wbidder2.com/offer/
0
0

client
wbidder2.com/offer/
0
0

client
wbidder2.com/offer/
3 KB
1 KB
Fetch
General
Full URL
https://wbidder2.com/offer/client?affid=onw_5000&subid=1861873&days=8&count=1
Requested by
Host: free-coupons.network
URL: https://free-coupons.network/plugin/js/client.new.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.211.60.56 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
a87a6778744ce0c8c43f77a12656a38876202312f5a6d4603515f88a244d8a06

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 09 Jan 2022 19:36:42 GMT
content-encoding
gzip
vary
Origin, Accept-Encoding
keep-alive
timeout=5
transfer-encoding
chunked
content-type
application/json; charset=utf-8
newB1modal.png
special-offers-for.me/pluginstuff/
9 KB
9 KB
Image
General
Full URL
https://special-offers-for.me/pluginstuff/newB1modal.png
Requested by
Host: special-offers-for.me
URL: https://special-offers-for.me/video-lp/video-4/?tag=5000&tag1=new-message&tag2=1861873&tag3=5000&tag4=dating&clickid=&device=Desktop&brand=Desktop&model=Desktop&country=NL&affid=5000&subid=1861873&ln=nl&cid=%7Busd%7D&useragent=%7Bvar:useragent%7D&ip=2001:1af8:4700:a069:0035:0000:0000:0009&bv=Chrome%2097&as=pc
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.227.149.216 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
3f0014f83976d1cf838ba0bb0dd7b9150457ebc601c4f6840d8e16620c12ad5b
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 19:36:41 GMT
last-modified
Fri, 14 May 2021 16:13:10 GMT
server
nginx
etag
"609ea196-2359"
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
9049
expires
Tue, 08 Feb 2022 19:36:41 GMT
client
wbidder2.com/offer/
0
0

spinner.gif
special-offers-for.me/flow-lp/porsche-1/img/
113 KB
113 KB
Image
General
Full URL
https://special-offers-for.me/flow-lp/porsche-1/img/spinner.gif
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.227.149.216 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
7ffbc5613ad711543dc07ae92ea8a151ed27fa356f0a591181910f4270b2e908
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 19:36:41 GMT
last-modified
Fri, 01 Nov 2019 13:26:09 GMT
server
nginx
etag
"5dbc3271-1c3fd"
x-frame-options
SAMEORIGIN
content-type
image/gif
cache-control
max-age=2592000
accept-ranges
bytes
content-length
115709
expires
Tue, 08 Feb 2022 19:36:41 GMT
fb_messneger2.png
s.adoppop.com/images/icon/
Redirect Chain
  • https://crtv.wboptim.online/icon?url=https%3A%2F%2Ftracking.eu.adoperatorcore.com%2Frtb%2Ffeedimpression%3Fuuid%3D259dacbd-f7dc-4177-ae06-cfffb755539d%26s%3D101%26d%3D221%26feedid%3De908%26rt%3D164...
  • https://tracking.eu.adoperatorcore.com/rtb/feedimpression?uuid=259dacbd-f7dc-4177-ae06-cfffb755539d&s=101&d=221&feedid=e908&rt=1641757001878&sb=0.0002&db=0.0008&subid=bid_5806&tokid=null&url=M6R2B4...
  • https://s.adoppop.com/images/icon/fb_messneger2.png
10 KB
10 KB
Image
General
Full URL
https://s.adoppop.com/images/icon/fb_messneger2.png
Protocol
H2
Server
2606:4700:3035::6815:5e55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 19:36:42 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2113764
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
10056
last-modified
Tue, 07 Sep 2021 15:51:24 GMT
server
cloudflare
etag
"61378a7c-2748"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ezGZWpyo5L9H%2FQO9TrCjlM61SP4gvD6VWt%2BTT32iZiup8sX3jZwdIeLRPQVFALA5S8XQspthlgreB7BJWTf0CiIAt9sX2oHjAf5eHhvSVhOVxctPb4ZkZA6C6iiEDkQoWZXcs61%2BefYT0kCf"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
6cb01dafdb4ac4c2-DUS
expires
Sat, 15 Jan 2022 08:27:18 GMT

Redirect headers

location
https://s.adoppop.com/images/icon/fb_messneger2.png
date
Sun, 09 Jan 2022 19:36:41 GMT
referrer-policy
no-referrer
content-length
0
Primary Request index.php
hot.findsale.club/
Redirect Chain
  • https://track.cpa-optimizer.online/15GtmV?tag=5000&tag1=new-message&tag2=1861873&tag3=5000&tag4=dating&clickid=&device=Desktop&brand=Desktop&model=Desktop&country=NL&affid=5000&subid=1861873&ln=nl&...
  • https://clk.wbidder.online/redirect?url=https%3A%2F%2Fclick.eu.adoperatorcore.com%2Frtb%2Ffeedclick%3Fuuid%3D259dacbd-f7dc-4177-ae06-cfffb755539d%26s%3D101%26d%3D221%26feedid%3De908%26rt%3D16417570...
  • https://click.eu.adoperatorcore.com/rtb/feedclick?uuid=259dacbd-f7dc-4177-ae06-cfffb755539d&s=101&d=221&feedid=e908&rt=1641757001878&sb=0.0002&db=0.0008&subid=bid_5806&tokid=null&url=MCGV6QV42H5HDX...
  • https://hot.findsale.club/index.php?key=0wcff73b6nxj48rip18j&subid=&utm_source=&utm_medium=ww_mini1_split_findsale&bbid=47
2 KB
1 KB
Document
General
Full URL
https://hot.findsale.club/index.php?key=0wcff73b6nxj48rip18j&subid=&utm_source=&utm_medium=ww_mini1_split_findsale&bbid=47
Requested by
Host: free-coupons.network
URL: https://free-coupons.network/plugin/js/client.new.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
157.245.71.143 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
bfa6f3f85cf5175170ad3e970f8ff680e0229a7c311298a4d320d3d3cf60b22d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

Server
nginx/1.20.1
Date
Sun, 09 Jan 2022 19:36:42 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Strict-Transport-Security
max-age=31536000
Content-Encoding
gzip

Redirect headers

referrer-policy
no-referrer
location
https://hot.findsale.club/index.php?key=0wcff73b6nxj48rip18j&subid=&utm_source=&utm_medium=ww_mini1_split_findsale&bbid=47
content-length
0
date
Sun, 09 Jan 2022 19:36:41 GMT
inpage.adoperator.com.1194591.js
jsc.adskeeper.com/i/n/
2 KB
1 KB
Script
General
Full URL
https://jsc.adskeeper.com/i/n/inpage.adoperator.com.1194591.js
Requested by
Host: hot.findsale.club
URL: https://hot.findsale.club/index.php?key=0wcff73b6nxj48rip18j&subid=&utm_source=&utm_medium=ww_mini1_split_findsale&bbid=47
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.17.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3cedeec2f7dd58b20179d840f61afcc15a9bfd9f541bdb170e76a32bf8438080

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://hot.findsale.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 19:36:42 GMT
content-encoding
gzip
cf-cache-status
HIT
age
4851
cf-ray
6cb01db23c20692e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
745
x-amz-id-2
ywq0dsI5YjM+6ZACnxTbXcr4RLR7d+xLL5eWSyKFVhFFBa7uldTdXOv+5JftMS7EL76+QS3zCHQ=
last-modified
Thu, 02 Dec 2021 16:26:04 GMT
server
cloudflare
etag
"6d9e7c563ec1686d2f1c944b6f2b51bf"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-request-id
CS5QQ6JK705SD2S5
cache-control
public, max-age=14400
accept-ranges
bytes
content-type
text/javascript
expires
Sun, 09 Jan 2022 23:36:42 GMT
gtm.js
www.googletagmanager.com/
97 KB
38 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PDZZV69
Requested by
Host: hot.findsale.club
URL: https://hot.findsale.club/index.php?key=0wcff73b6nxj48rip18j&subid=&utm_source=&utm_medium=ww_mini1_split_findsale&bbid=47
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
05db549caf6865d5340e0f2d593094abcb73b456f8846246de74e6b485c8ad0f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://hot.findsale.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 19:36:42 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38153
x-xss-protection
0
last-modified
Sun, 09 Jan 2022 18:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 09 Jan 2022 19:36:42 GMT
inpage.adoperator.com.1194591.es6.js
jsc.adskeeper.com/i/n/
235 KB
70 KB
Script
General
Full URL
https://jsc.adskeeper.com/i/n/inpage.adoperator.com.1194591.es6.js
Requested by
Host: jsc.adskeeper.com
URL: https://jsc.adskeeper.com/i/n/inpage.adoperator.com.1194591.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.17.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c3f70fde8c62c0016f52fc613437f68449f42e73081aa38438b98db8d7b65dd

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://hot.findsale.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 19:36:42 GMT
content-encoding
gzip
cf-cache-status
HIT
age
4850
cf-ray
6cb01db26ca3692e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
71835
x-amz-id-2
eSOMCrObUSiiC4wcKNt18VEW4PQG8clUOaN+Z/Jxr8zYLlRJNu84pFW3INJ3BCs4ay5horn4cQ0=
last-modified
Thu, 02 Dec 2021 16:26:04 GMT
server
cloudflare
etag
"e78e568689179a489b1fa67f70109f12"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-request-id
R5VM71XJ1H3V6766
cache-control
public, max-age=14400
accept-ranges
bytes
content-type
text/javascript
expires
Sun, 09 Jan 2022 23:36:42 GMT
analytics.js
www.google-analytics.com/
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PDZZV69
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://hot.findsale.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
2136
date
Sun, 09 Jan 2022 19:01:06 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Sun, 09 Jan 2022 21:01:06 GMT
collect
www.google-analytics.com/j/
1 B
21 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=112824290&t=pageview&_s=1&dl=https%3A%2F%2Fhot.findsale.club%2Findex.php%3Fkey%3D0wcff73b6nxj48rip18j%26subid%3D%26utm_source%3D%26utm_medium%3Dww_mini1_split_findsale%26bbid%3D47&ul=en-us&de=UTF-8&dt=Updated%202022-01-09&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=61829997&gjid=1752427738&cid=1164440247.1641757003&tid=UA-205556619-1&_gid=856786381.1641757003&_r=1&gtm=2wg150PDZZV69&z=80896817
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://hot.findsale.club/
Accept-Language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 09 Jan 2022 19:36:42 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://hot.findsale.club
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
c.adskeeper.com/pv/
0
306 B
Script
General
Full URL
https://c.adskeeper.com/pv/?pv=5&cbuster=1641757003050698429808&uniqId=02cc0&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Fhot.findsale.club%2Findex.php%3Fkey%3D0wcff73b6nxj48rip18j%26subid%3D%26utm_source%3D%26utm_medium%3Dww_mini1_split_findsale%26bbid%3D47&lu=https%3A%2F%2Fhot.findsale.club%2Findex.php%3Fkey%3D0wcff73b6nxj48rip18j%26subid%3D%26utm_source%3D%26utm_medium%3Dww_mini1_split_findsale%26bbid%3D47&sessionId=61db394b-17f4c&pageView=1&pvid=17e4057cd2b96d8ac60&site=733910&implVersion=11&dpr=1
Requested by
Host: jsc.adskeeper.com
URL: https://jsc.adskeeper.com/i/n/inpage.adoperator.com.1194591.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.17.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://hot.findsale.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 09 Jan 2022 19:36:43 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
6cb01db53b82692e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
adskeeper_svg.svg
cdn.adskeeper.co.uk/images/
4 KB
2 KB
Image
General
Full URL
https://cdn.adskeeper.co.uk/images/adskeeper_svg.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.131.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c1798ee0e6e7de78f91bb457e6670385951caea9fc9c97295ca303ec6fe49be

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://hot.findsale.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 19:36:43 GMT
content-encoding
br
cf-cache-status
HIT
age
2843
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
PQQY40JG1BTA00NB
x-amz-id-2
jn8iFc6HIZ78ziSodiCEP66Q9ApPuT2TQqxEag+8wBEQ/l8XxqONp5qtUsNtHzGMPfbkonGCXqs=
last-modified
Tue, 08 Dec 2020 08:34:59 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1607416491/ctime:1607416491/gid:0/gname:root/md5:93f6d1136fb77e38a0a2c72108588f09/mode:33206/mtime:1607416491/uid:0/uname:root
etag
W/"93f6d1136fb77e38a0a2c72108588f09"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=14400
cf-ray
6cb01db59cd84a86-FRA
expires
Sun, 09 Jan 2022 23:36:43 GMT
1
servicer.adskeeper.com/1194591/
5 KB
2 KB
Script
General
Full URL
https://servicer.adskeeper.com/1194591/1?pv=5&cbuster=1641757003124664953018&uniqId=02cc0&niet=4g&nisd=false&jsv=es6&w=1584&h=758&cols=3&ref=&cxurl=https%3A%2F%2Fhot.findsale.club%2Findex.php%3Fkey%3D0wcff73b6nxj48rip18j%26subid%3D%26utm_source%3D%26utm_medium%3Dww_mini1_split_findsale%26bbid%3D47&lu=https%3A%2F%2Fhot.findsale.club%2Findex.php%3Fkey%3D0wcff73b6nxj48rip18j%26subid%3D%26utm_source%3D%26utm_medium%3Dww_mini1_split_findsale%26bbid%3D47&sessionId=61db394b-17f4c&pageView=1&pvid=17e4057cd2b96d8ac60&implVersion=11&dpr=1
Requested by
Host: jsc.adskeeper.com
URL: https://jsc.adskeeper.com/i/n/inpage.adoperator.com.1194591.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.17.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca01fb65d9fe5a45f3bfbcd3b1d4f7a042d74760f7f7a792df4711e89a959a75

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://hot.findsale.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 09 Jan 2022 19:36:43 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/x-javascript; charset=utf-8
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
6cb01db5acb8692e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
adskeeper_svg.svg
cdn.adskeeper.co.uk/images/
4 KB
2 KB
Image
General
Full URL
https://cdn.adskeeper.co.uk/images/adskeeper_svg.svg
Requested by
Host: jsc.adskeeper.com
URL: https://jsc.adskeeper.com/i/n/inpage.adoperator.com.1194591.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.131.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c1798ee0e6e7de78f91bb457e6670385951caea9fc9c97295ca303ec6fe49be

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://hot.findsale.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 19:36:43 GMT
content-encoding
br
cf-cache-status
HIT
age
2843
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
PQQY40JG1BTA00NB
x-amz-id-2
jn8iFc6HIZ78ziSodiCEP66Q9ApPuT2TQqxEag+8wBEQ/l8XxqONp5qtUsNtHzGMPfbkonGCXqs=
last-modified
Tue, 08 Dec 2020 08:34:59 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1607416491/ctime:1607416491/gid:0/gname:root/md5:93f6d1136fb77e38a0a2c72108588f09/mode:33206/mtime:1607416491/uid:0/uname:root
etag
W/"93f6d1136fb77e38a0a2c72108588f09"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=14400
cf-ray
6cb01db64c3d7039-FRA
expires
Sun, 09 Jan 2022 23:36:43 GMT
aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDQtMTQvMTAxOTI0L2U5M2JkMjcyOGU0ODlhOGJjMTlmNDJhOTYzYzRkMDAwLmpwZz90PTE0OTIxOTU2MzI3Mzk.webp
s-img.adskeeper.com/g/3805433/492x328/0x0x492x328/
8 KB
8 KB
Image
General
Full URL
https://s-img.adskeeper.com/g/3805433/492x328/0x0x492x328/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDQtMTQvMTAxOTI0L2U5M2JkMjcyOGU0ODlhOGJjMTlmNDJhOTYzYzRkMDAwLmpwZz90PTE0OTIxOTU2MzI3Mzk.webp?v=1641757003-qTZhBVNpcnMYUJgC-WTXurxRNUTFmWthDBnqX_OWRWM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.17.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d9c7250284834ec061d27de7ca591dd9e45d2aef1eeff46d1a3141a2a039206a

Request headers

Referer
https://hot.findsale.club/
Origin
https://hot.findsale.club
Accept-Language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 19:36:43 GMT
cf-cache-status
MISS
last-modified
Thu, 11 Nov 2021 15:56:05 GMT
x-mg-request-uuid
131cd9a5-c870-40a4-9cb2-9d8dad59a3f0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6cb01db67ad14e50-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
7922
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDYtMjAvMTAxOTI0Lzc3YjhmMzZiOGM2YWIwMjRhNzk0YzFmMzE3Y2JkMWY0LmpwZz90PTE0OTc5ODUwMDEyMDQ.webp
s-img.adskeeper.com/g/3805490/492x328/0x0x783x522/
10 KB
11 KB
Image
General
Full URL
https://s-img.adskeeper.com/g/3805490/492x328/0x0x783x522/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDYtMjAvMTAxOTI0Lzc3YjhmMzZiOGM2YWIwMjRhNzk0YzFmMzE3Y2JkMWY0LmpwZz90PTE0OTc5ODUwMDEyMDQ.webp?v=1641757003-dVwymSdRU_UT0-sSdfu6kX1CN4IRI87DyDX8zjVG018
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.17.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
065d23e5751d878e9bc6f6ee5b8ae4cb9d6a3341719a28c3dbd27b4e87341a55

Request headers

Referer
https://hot.findsale.club/
Origin
https://hot.findsale.club
Accept-Language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 19:36:43 GMT
cf-cache-status
HIT
last-modified
Thu, 11 Nov 2021 15:54:16 GMT
x-mg-request-uuid
c27cb41c-9164-4efa-86ca-fb6828a87651
age
56497
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6cb01db67ad54e50-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
10686
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMTItMDcvMTAxOTI0L2Y0MWM5M2NmZDY3NDczZmI3NjVhODJiMzVmYzk4NTY3LmpwZWc_dD0xNTEyNjg0NTE0MTAz.webp
s-img.adskeeper.com/g/3805630/492x328/0x0x575x383/
12 KB
12 KB
Image
General
Full URL
https://s-img.adskeeper.com/g/3805630/492x328/0x0x575x383/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMTItMDcvMTAxOTI0L2Y0MWM5M2NmZDY3NDczZmI3NjVhODJiMzVmYzk4NTY3LmpwZWc_dD0xNTEyNjg0NTE0MTAz.webp?v=1641757003-ORHnxVv_nGEOHPJuWySnAVU5tp1sHHjLx0KegDgiqP8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.17.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8d4badde417d90c7abe3d9aeaafd8161300684e04011feaa5c89be94ac054bf3

Request headers

Referer
https://hot.findsale.club/
Origin
https://hot.findsale.club
Accept-Language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 19:36:43 GMT
cf-cache-status
MISS
last-modified
Thu, 11 Nov 2021 15:53:45 GMT
x-mg-request-uuid
1dac59c9-8888-4674-b01f-8dab05ef5d9f
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6cb01db67ad74e50-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
12468
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0L2M0NjQ1ZjgwN2MzMDJlZmNiYzQxZWVhZWRmNGE5MmZjLmpwZw.webp
s-img.adskeeper.com/g/8193521/492x328/0x168x565x376/
12 KB
12 KB
Image
General
Full URL
https://s-img.adskeeper.com/g/8193521/492x328/0x168x565x376/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0L2M0NjQ1ZjgwN2MzMDJlZmNiYzQxZWVhZWRmNGE5MmZjLmpwZw.webp?v=1641757003-w2kReHsBfVlhN6LVrXsz6qqilV_HjaZlrqK-o1aFYxk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.17.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d9692f2c35422938f137fb38550828805454b4204febdd70a5dae8d4a39b285

Request headers

Referer
https://hot.findsale.club/
Origin
https://hot.findsale.club
Accept-Language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 19:36:43 GMT
cf-cache-status
MISS
last-modified
Thu, 11 Nov 2021 15:44:21 GMT
x-mg-request-uuid
acad4c06-0675-414e-ada7-cd9656bb136b
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6cb01db67ad84e50-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
12422
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0L2I3ZjY5MjZjMTAzYzZjZTNmODBlZTI3ODFlOGE1OGExLnBuZw.webp
s-img.adskeeper.com/g/3882281/492x328/0x0x913x608/
9 KB
9 KB
Image
General
Full URL
https://s-img.adskeeper.com/g/3882281/492x328/0x0x913x608/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0L2I3ZjY5MjZjMTAzYzZjZTNmODBlZTI3ODFlOGE1OGExLnBuZw.webp?v=1641757003-sQAmtg4oFkHlUFzk4xs4t1xnTha1j623mKtpiCKpYiE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.17.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d3f7167d90f1aaaa1030f99f29e436b7a9874a76412f9132c7ed49707a43384a

Request headers

Referer
https://hot.findsale.club/
Origin
https://hot.findsale.club
Accept-Language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 19:36:43 GMT
cf-cache-status
MISS
last-modified
Thu, 11 Nov 2021 15:54:26 GMT
x-mg-request-uuid
5c9e2d54-94a6-44a0-939d-749c43a18aba
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6cb01db67adc4e50-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
9364
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDQtMjgvMTAxOTI0L2NkYzRlZTNmNDM2YmU3M2U3OTFiMDI1NWNkMDAxOTNjLmpwZz90PTE0OTM0MDA4NjUxMTk.webp
s-img.adskeeper.com/g/3805457/492x328/0x0x492x328/
12 KB
12 KB
Image
General
Full URL
https://s-img.adskeeper.com/g/3805457/492x328/0x0x492x328/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDQtMjgvMTAxOTI0L2NkYzRlZTNmNDM2YmU3M2U3OTFiMDI1NWNkMDAxOTNjLmpwZz90PTE0OTM0MDA4NjUxMTk.webp?v=1641757003-RVdp8DrHfjsqCq1xHZWxka2yps03r1Q1sCZxzZYTKt8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.17.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
10e36e64a6d38ba12ef26181ce90389a8b81c93de861f41bafa492f8266c5cb7

Request headers

Referer
https://hot.findsale.club/
Origin
https://hot.findsale.club
Accept-Language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 19:36:43 GMT
cf-cache-status
HIT
last-modified
Thu, 11 Nov 2021 15:54:01 GMT
x-mg-request-uuid
ad01ae3b-c059-495a-a5b6-7d6ba485e2b8
age
11187
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6cb01db67ade4e50-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
12478
server
cloudflare
i.js
cm.adskeeper.com/
0
80 B
Script
General
Full URL
https://cm.adskeeper.com/i.js?&cbuster=1641757003226952794223
Requested by
Host: jsc.adskeeper.com
URL: https://jsc.adskeeper.com/i/n/inpage.adoperator.com.1194591.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.17.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://hot.findsale.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 09 Jan 2022 19:36:43 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Sun, 09 Jan 2022 19:36:43 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
6cb01db64e7a692e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
i-noref.js
cm.adskeeper.com/ Frame 04A9
0
160 B
Script
General
Full URL
https://cm.adskeeper.com/i-noref.js?cbuster=1641757003244993750055
Requested by
Host: jsc.adskeeper.com
URL: https://jsc.adskeeper.com/i/n/inpage.adoperator.com.1194591.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.17.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 09 Jan 2022 19:36:43 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Sun, 09 Jan 2022 19:36:43 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
6cb01db65ea6692e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
c
c.adskeeper.com/
43 B
477 B
Image
General
Full URL
https://c.adskeeper.com/c?f=1&pv=3&v=512|349|8|l-HE7frd99UtR5p-E40_645nmv3PFXiKheo12yPTz2SEFuBPbT2WgZ4WjfNYL-r5&fw=1&extjs=66044&v=512|366|8|l-HE7frd99UtR5p-E40_6xFs5_NIAKTD4_0cl3M_R4DHldPuY6IzSyN1p6w3z4GM&cid=1194591&h2=0f88f5SrAhnvrKlGfizmWlLom0aA5KYP3LrwMD-ohAQ*&rid=795115ee-7183-11ec-af9d-e43d1a2a53a0&tt=Referral&ts=ww_mini1_split_findsale&iv=11&pageImp=1&pvid=17e4057cd2b96d8ac60&cbuster=1641757004517303420812&tpl=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.17.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://hot.findsale.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 09 Jan 2022 19:36:44 GMT
cf-cache-status
DYNAMIC
x-mg-request-uuid
5d39d3d2-c788-4ce1-aadd-8303b932cbe7
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
6cb01dbe4ef842db-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server
cloudflare
c
c.adskeeper.com/
43 B
441 B
Image
General
Full URL
https://c.adskeeper.com/c?pv=3&v=512|366|8|l-HE7frd99UtR5p-E40_63MHpExjR_FzdvwH9ZcMSYBXscGSVH2zV4usvp3kV-bm&extjs=66044&v=512|349|8|l-HE7frd99UtR5p-E40_62vZvQteFAeNojOc1-AIOEjuy730wlP8KFvH9MquWEzB&v=512|349|8|l-HE7frd99UtR5p-E40_60sK5tj8vzS3HqsSM1v9cj0EblbEA5IrIn-rsgnKlWvc&v=512|366|8|l-HE7frd99UtR5p-E40_6wmPYl60uwqCQAsEij-QxHMwVImvT9gWDw_LrKpO1p9C&cid=1194591&h2=0f88f5SrAhnvrKlGfizmWlLom0aA5KYP3LrwMD-ohAQ*&rid=795115ee-7183-11ec-af9d-e43d1a2a53a0&tt=Referral&ts=ww_mini1_split_findsale&iv=11&pageImp=0&pvid=17e4057cd2b96d8ac60&cbuster=1641757004717149308752&tpl=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.17.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://hot.findsale.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 09 Jan 2022 19:36:44 GMT
cf-cache-status
DYNAMIC
x-mg-request-uuid
14f1e7a4-1a41-4284-8bc3-36f7d6f28e73
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
6cb01dbf8a6042db-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server
cloudflare

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
wbidder2.com
URL
https://wbidder2.com/offer/client?affid=onw_5000&subid=1861873&days=8&count=1
Domain
wbidder2.com
URL
https://wbidder2.com/offer/client?affid=onw_5000&subid=1861873&days=8&count=1
Domain
wbidder2.com
URL
https://wbidder2.com/offer/client?affid=onw_5000&subid=1861873&days=8

Verdicts & Comments Add Verdict or Comment

42 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onsecuritypolicyviolation object| onslotchange object| dataLayer object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| _mgIntExchangeNews object| AdskeeperInfC1194591 function| AdskeeperCContextBlock1194591 function| AdskeeperCMainBlock1194591 function| AdskeeperCInternalExchangeBlock1194591 function| AdskeeperCRejectBlock1194591 function| AdskeeperCInternalExchangeLoggerBlock1194591 function| AdskeeperCObserverBlock1194591 function| AdskeeperCSendDimensionsBlock1194591 function| AdskeeperCRtbBlock1194591 function| AdskeeperCIframeSizeChangerBlock1194591 function| AdskeeperCContentPreviewBlock1194591 function| AdskeeperCResponsiveBlock1194591 boolean| mg_loaded_733910_1194591 object| gaplugins object| gaGlobal object| gaData object| onClickExcludes function| mgReject1194591 function| mgLoadAds1194591_02cc0 function| AdskeeperCReject1194591 function| AdskeeperLoadGoods1194591_02cc0 object| _mgq function| _mgqp number| _mgqt number| _mgqi string| _mgCanonicalUri boolean| _mgPageViewEndPoint733910 string| _mgPvid boolean| _mgPageView733910 boolean| i.js.loaded boolean| i-noref.js.loaded object| _mgwcapping boolean| _mgPageImp733910

17 Cookies

Domain/Path Name / Value
safebrowsdv.com/ Name: UID
Value: 2201091436c488bf50b68c403280627f94fa
safebrowsdv.com/ Name: OXCCLK
Value: ABLE9wAAAAAAAAAB
safebrowsdv.com/ Name: OXPCLK
Value: AAHdPQAAAAAAAAAB
safebrowsdv.com/ Name: ppucnt
Value: 1
.track.cpa-optimizer.online/ Name: 15G8tRo
Value: 20220109191641757892652
.track.cpa-optimizer.online/ Name: _norg
Value: 1
.track.cpa-optimizer.online/ Name: 15GtmVo
Value: 20220109191641757323978
.track.cpa-optimizer.online/ Name: _pc_lc_id
Value: 15GtmV
.track.cpa-optimizer.online/ Name: peerclickcid
Value: 8630258b63e5ec79b54bf3e487aef75b-4888-0109
hot.findsale.club/ Name: uclick
Value: ojwh16p2
hot.findsale.club/ Name: uclickhash
Value: ojwh16p2-ojwh16p2-bz-0-tw-15-j2-fc8ef0
.findsale.club/ Name: _ga
Value: GA1.2.1164440247.1641757003
.findsale.club/ Name: _gid
Value: GA1.2.856786381.1641757003
.findsale.club/ Name: _gat_UA-205556619-1
Value: 1
.adskeeper.com/ Name: muidn
Value: m09HJ563miAb
servicer.adskeeper.com/ Name: __mglb
Value: ed02bb11b748a9279413c1eb8e47c448
hot.findsale.club/ Name: AdskeeperStorage
Value: %7B%220%22%3A%7B%7D%2C%22C1194591%22%3A%7B%22page%22%3A1%2C%22time%22%3A1641757003203%7D%7D

1 Console Messages

Source Level URL
Text
other error URL: https://special-offers-for.me/video-lp/video-4/?tag=5000&tag1=new-message&tag2=1861873&tag3=5000&tag4=dating&clickid=&device=Desktop&brand=Desktop&model=Desktop&country=NL&affid=5000&subid=1861873&ln=nl&cid=%7Busd%7D&useragent=%7Bvar:useragent%7D&ip=2001:1af8:4700:a069:0035:0000:0000:0009&bv=Chrome%2097&as=pc
Message:
Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

c.adskeeper.com
cdn.adskeeper.co.uk
click.eu.adoperatorcore.com
clk.wbidder.online
cm.adskeeper.com
cpa-optimizer.online
crtv.wboptim.online
free-coupons.network
hot.findsale.club
jsc.adskeeper.com
s-img.adskeeper.com
s.adoppop.com
safebrowsdv.com
servicer.adskeeper.com
special-offers-for.me
track.cpa-optimizer.online
tracking.eu.adoperatorcore.com
wbidder2.com
www.google-analytics.com
www.googletagmanager.com
wbidder2.com
104.18.17.65
104.19.131.80
157.245.71.143
206.189.241.141
213.227.145.132
213.227.149.216
2606:4700:3035::6815:5e55
2a00:1450:4001:830::2008
2a00:1450:4001:831::200e
2a03:b0c0:3:d0::1114:8001
62.122.170.197
64.225.80.227
85.17.31.90
95.211.60.56
01395d69b4ee6c9483a90824d115289edaf853ea3556cce363df7f552a6e0acb
05db549caf6865d5340e0f2d593094abcb73b456f8846246de74e6b485c8ad0f
065d23e5751d878e9bc6f6ee5b8ae4cb9d6a3341719a28c3dbd27b4e87341a55
10e36e64a6d38ba12ef26181ce90389a8b81c93de861f41bafa492f8266c5cb7
130828dc2d3d11c2b4ad0c998dde0b660671963aaf610a2ad366e999ddfd2b5a
1a8a8285baac3ecf3ca4827134f63472b7d90f78acaf6f2804efe4af32dd30da
3c1798ee0e6e7de78f91bb457e6670385951caea9fc9c97295ca303ec6fe49be
3cedeec2f7dd58b20179d840f61afcc15a9bfd9f541bdb170e76a32bf8438080
3d9692f2c35422938f137fb38550828805454b4204febdd70a5dae8d4a39b285
3f0014f83976d1cf838ba0bb0dd7b9150457ebc601c4f6840d8e16620c12ad5b
41173a98b0ae7b2001f183af16586aa6e6777195a5d100652f4365e310ae9372
4f45b6abab6896fbbd25724269953a7f9eb67ba0edf2c10c95a0af39269a61e2
4fcf63aeecc00b000351d5b887fb4cc3dc9b6bc97cb7852734864852b7797226
514d52e802c002031a89d00de1ac804b75fc146877eff127e9ff85ef516798aa
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c3f70fde8c62c0016f52fc613437f68449f42e73081aa38438b98db8d7b65dd
7c664050493a7973f724b768ad6a48e4b78eec90050015dc7152a08e7dbb32e7
7ffbc5613ad711543dc07ae92ea8a151ed27fa356f0a591181910f4270b2e908
89b95273145861817a6c3f24199d9b025c4e417d54ef8a46de3c01bd3273e854
8d4badde417d90c7abe3d9aeaafd8161300684e04011feaa5c89be94ac054bf3
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a44edde7abfe4086b29943ccf7c7443cfdda6b7a0460f54a2837ab889268d55c
a87a6778744ce0c8c43f77a12656a38876202312f5a6d4603515f88a244d8a06
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
affd7d53fae7862c66f5c5a6bd142aefe65e7a5424f8098c93b0fb1bf3f718d4
bfa6f3f85cf5175170ad3e970f8ff680e0229a7c311298a4d320d3d3cf60b22d
ca01fb65d9fe5a45f3bfbcd3b1d4f7a042d74760f7f7a792df4711e89a959a75
d3f7167d90f1aaaa1030f99f29e436b7a9874a76412f9132c7ed49707a43384a
d9c7250284834ec061d27de7ca591dd9e45d2aef1eeff46d1a3141a2a039206a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4e8b912ad316b320ca401e71f8843b49acfdb2e21e23bb65eacd33a93991276