hot.findsale.club Open in urlscan Pro
157.245.71.143 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://safebrowsdv.com/gtm.js?id=1861873&pb=2230f25d9d204b4e8ab970034104f5f21641764125&psp=XUDJCcVn6ScNNNlI4pbALzQbod_m...
Effective URL:
https://hot.findsale.club/index.php?key=0wcff73b6nxj48rip18j&subid=&utm_source=&utm_medium=ww_mini1_split_findsale&bbid=47
Submission: On January 09 via manual (January 9th 2022, 7:36:47 pm UTC) from US — Scanned from NL

Summary HTTP 41 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 10 IPs in 4 countries across 14 domains to perform 41 HTTP transactions. The main IP is 157.245.71.143, located in Amsterdam, Netherlands and belongs to DIGITALOCEAN-ASN, US. The main domain is hot.findsale.club. The Cisco Umbrella rank of the primary domain is 684153.
TLS certificate: Issued by R3 on December 29th 2021. Valid for: 3 months.

This is the only time hot.findsale.club was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	62.122.170.197 62.122.170.197	50245 (SERVEREL-AS) (SERVEREL-AS)
2 2	2a03:b0c0:3:d... 2a03:b0c0:3:d0::1114:8001	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
12	213.227.149.216 213.227.149.216	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1	95.211.60.56 95.211.60.56	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1 1	213.227.145.132 213.227.145.132	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1 1	206.189.241.141 206.189.241.141	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	2606:4700:303... 2606:4700:3035::6815:5e55	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	85.17.31.90 85.17.31.90	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1 1	64.225.80.227 64.225.80.227	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	157.245.71.143 157.245.71.143	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
14	104.18.17.65 104.18.17.65	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:830::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
2	104.19.131.80 104.19.131.80	13335 (CLOUDFLAR...) (CLOUDFLARENET)
41	10

4 62.122.170.197 (Netherlands)

ASN50245 (SERVEREL-AS, NL)
PTR: 62.122.170.197.serverel.net

safebrowsdv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:b0c0:3:d0::1114:8001 (Frankfurt am Main, Germany) 2 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

track.cpa-optimizer.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 213.227.149.216 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

cpa-optimizer.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
special-offers-for.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
free-coupons.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.211.60.56 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

wbidder2.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.227.145.132 (Netherlands) 1 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

crtv.wboptim.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 206.189.241.141 (Amsterdam, Netherlands) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

tracking.eu.adoperatorcore.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3035::6815:5e55 (United States)

ASN13335 (CLOUDFLARENET, US)

s.adoppop.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.17.31.90 (Netherlands) 1 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

clk.wbidder.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.225.80.227 (Amsterdam, Netherlands) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

click.eu.adoperatorcore.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 157.245.71.143 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)

hot.findsale.club	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 104.18.17.65 (None, )

ASN13335 (CLOUDFLARENET, US)

jsc.adskeeper.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.adskeeper.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
servicer.adskeeper.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s-img.adskeeper.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.adskeeper.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.19.131.80 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.adskeeper.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	adskeeper.com jsc.adskeeper.com — Cisco Umbrella Rank: 33788 c.adskeeper.com — Cisco Umbrella Rank: 15348 servicer.adskeeper.com — Cisco Umbrella Rank: 33164 s-img.adskeeper.com — Cisco Umbrella Rank: 16678 cm.adskeeper.com — Cisco Umbrella Rank: 36151	140 KB
9	special-offers-for.me special-offers-for.me	209 KB
4	safebrowsdv.com safebrowsdv.com — Cisco Umbrella Rank: 252546	18 KB
3	cpa-optimizer.online 2 redirects track.cpa-optimizer.online — Cisco Umbrella Rank: 124631 cpa-optimizer.online — Cisco Umbrella Rank: 79780	3 KB
2	adskeeper.co.uk cdn.adskeeper.co.uk — Cisco Umbrella Rank: 27405	3 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 33	20 KB
2	adoperatorcore.com 2 redirects tracking.eu.adoperatorcore.com — Cisco Umbrella Rank: 26365 click.eu.adoperatorcore.com — Cisco Umbrella Rank: 130276	403 B
2	free-coupons.network free-coupons.network — Cisco Umbrella Rank: 89694	34 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 62	38 KB
1	findsale.club hot.findsale.club — Cisco Umbrella Rank: 684153	1 KB
1	wbidder.online 1 redirects clk.wbidder.online — Cisco Umbrella Rank: 132170	555 B
1	adoppop.com s.adoppop.com — Cisco Umbrella Rank: 135043	10 KB
1	wboptim.online 1 redirects crtv.wboptim.online — Cisco Umbrella Rank: 13806	474 B
1	wbidder2.com wbidder2.com — Cisco Umbrella Rank: 73106 Failed	1 KB
41	14

	Domain	Requested by
9	special-offers-for.me	cpa-optimizer.online special-offers-for.me
6	s-img.adskeeper.com
4	safebrowsdv.com	safebrowsdv.com
3	c.adskeeper.com	jsc.adskeeper.com
2	cm.adskeeper.com	jsc.adskeeper.com
2	cdn.adskeeper.co.uk	jsc.adskeeper.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	jsc.adskeeper.com	hot.findsale.club jsc.adskeeper.com
2	free-coupons.network	special-offers-for.me
2	track.cpa-optimizer.online	2 redirects
1	servicer.adskeeper.com	jsc.adskeeper.com
1	www.googletagmanager.com	hot.findsale.club
1	hot.findsale.club	free-coupons.network
1	click.eu.adoperatorcore.com	1 redirects
1	clk.wbidder.online	1 redirects
1	s.adoppop.com
1	tracking.eu.adoperatorcore.com	1 redirects
1	crtv.wboptim.online	1 redirects
1	wbidder2.com	free-coupons.network special-offers-for.me
1	cpa-optimizer.online	safebrowsdv.com
41	20

This site contains links to these domains. Also see Links.

Domain
widgets.adskeeper.com
www.adskeeper.com

Subject Issuer	Validity	Valid
safebrowsdv.com R3	`2022-01-01` - `2022-04-01`	3 months	crt.sh
*.cpa-optimizer.online AlphaSSL CA - SHA256 - G2	`2021-03-30` - `2022-05-01`	a year	crt.sh
*.special-offers-for.me AlphaSSL CA - SHA256 - G2	`2021-07-04` - `2022-08-05`	a year	crt.sh
*.free-coupons.network AlphaSSL CA - SHA256 - G2	`2021-03-08` - `2022-04-09`	a year	crt.sh
*.wbidder2.com AlphaSSL CA - SHA256 - G2	`2021-11-12` - `2022-12-14`	a year	crt.sh
hot.findsale.club R3	`2021-12-29` - `2022-03-29`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-11` - `2022-06-10`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://hot.findsale.club/index.php?key=0wcff73b6nxj48rip18j&subid=&utm_source=&utm_medium=ww_mini1_split_findsale&bbid=47
Frame ID: 6B24EC9745F449B50B3C494A8E31E919
Requests: 40 HTTP requests in this frame

Frame: https://cm.adskeeper.com/i-noref.js?cbuster=1641757003244993750055
Frame ID: 04A9BC14C4F7155AD19708DCC2E213B2
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Updated 2022-01-09

Page URL History Show full URLs

https://safebrowsdv.com/gtm.js?id=1861873&pb=2230f25d9d204b4e8ab970034104f5f21641764125&psp=XUDJCcVn... Page URL
https://safebrowsdv.com/ga-audiences?cid=1861873&pb=2230f25d9d204b4e8ab970034104f5f21641764125&psp=X... Page URL
https://track.cpa-optimizer.online/15G8tR?subid=1861873&currency={usd}&affid=5000&cost={payout}&external_id=220... HTTP 302
https://cpa-optimizer.online/lp/common/arb/?url=/video-lp/video-4/?tag=5000&tag1=new-message&tag2=1861873... Page URL
https://special-offers-for.me/video-lp/video-4/?tag=5000&tag1=new-message&tag2=1861873&tag3=5000&tag4=dati... Page URL
https://track.cpa-optimizer.online/15GtmV?tag=5000&tag1=new-message&tag2=1861873&tag3=5000&tag4=dating&clickid=... HTTP 302
https://clk.wbidder.online/redirect?url=https%3A%2F%2Fclick.eu.adoperatorcore.com%2Frtb%2Ffeedclick%3Fu... HTTP 302
https://click.eu.adoperatorcore.com/rtb/feedclick?uuid=259dacbd-f7dc-4177-ae06-cfffb755539d&s=101&d=221&feedid=e... HTTP 302
https://hot.findsale.club/index.php?key=0wcff73b6nxj48rip18j&subid=&utm_source=&utm_medium=ww_mini1_sp... Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js

Page Statistics

41
Requests

90 %
HTTPS

29 %
IPv6

14
Domains

20
Subdomains

10
IPs

4
Countries

475 kB
Transfer

756 kB
Size

17
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://widgets.adskeeper.com/?utm_source=widget_adskeeper&utm_medium=text&utm_campaign=add&utm_content=1194591

Search URL Search Domain Scan URL

URL: https://www.adskeeper.com/ghits/3805433/i/57527724/2/pp/1/1?h=l-HE7frd99UtR5p-E40_62vZvQteFAeNojOc1-AIOEjuy730wlP8KFvH9MquWEzB&rid=795115ee-7183-11ec-af9d-e43d1a2a53a0&ts=ww_mini1_split_findsale&tt=Referral&att=4&afrd=8&iv=11&ct=1&gdpr=1

Search URL Search Domain Scan URL

URL: https://www.adskeeper.com/ghits/3805490/i/57527724/2/pp/2/1?h=l-HE7frd99UtR5p-E40_645nmv3PFXiKheo12yPTz2SEFuBPbT2WgZ4WjfNYL-r5&rid=795115ee-7183-11ec-af9d-e43d1a2a53a0&ts=ww_mini1_split_findsale&tt=Referral&att=4&afrd=8&iv=11&ct=1&gdpr=1

Search URL Search Domain Scan URL

URL: https://www.adskeeper.com/ghits/3805630/i/57527724/2/pp/3/1?h=l-HE7frd99UtR5p-E40_60sK5tj8vzS3HqsSM1v9cj0EblbEA5IrIn-rsgnKlWvc&rid=795115ee-7183-11ec-af9d-e43d1a2a53a0&ts=ww_mini1_split_findsale&tt=Referral&att=4&afrd=8&iv=11&ct=1&gdpr=1

Search URL Search Domain Scan URL

URL: https://www.adskeeper.com/ghits/8193521/i/57527724/2/pp/4/1?h=l-HE7frd99UtR5p-E40_63MHpExjR_FzdvwH9ZcMSYBXscGSVH2zV4usvp3kV-bm&rid=795115ee-7183-11ec-af9d-e43d1a2a53a0&ts=ww_mini1_split_findsale&tt=Referral&att=4&afrd=8&iv=11&ct=1&gdpr=1

Search URL Search Domain Scan URL

URL: https://www.adskeeper.com/ghits/3882281/i/57527724/2/pp/5/1?h=l-HE7frd99UtR5p-E40_6wmPYl60uwqCQAsEij-QxHMwVImvT9gWDw_LrKpO1p9C&rid=795115ee-7183-11ec-af9d-e43d1a2a53a0&ts=ww_mini1_split_findsale&tt=Referral&att=4&afrd=8&iv=11&ct=1&gdpr=1

Search URL Search Domain Scan URL

URL: https://www.adskeeper.com/ghits/3805457/i/57527724/2/pp/6/1?h=l-HE7frd99UtR5p-E40_6xFs5_NIAKTD4_0cl3M_R4DHldPuY6IzSyN1p6w3z4GM&rid=795115ee-7183-11ec-af9d-e43d1a2a53a0&ts=ww_mini1_split_findsale&tt=Referral&att=4&afrd=8&iv=11&ct=1&gdpr=1

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://safebrowsdv.com/gtm.js?id=1861873&pb=2230f25d9d204b4e8ab970034104f5f21641764125&psp=XUDJCcVn6ScNNNlI4pbALzQbod_moYSNQYytHs1Ra3kQEoN16juRHeMeisHQ9L1mdXO3gOvoSIFzjNWdh9gXvh9gMOfU5SpaIvie8iaYyVep8kKtqiZb3hDNXOSmE7rtxH9naLCikgbbQiItTQJ0-wDCludavG3X-ZA9sBHwa48IQ1Mze-pzHtabMo9brkThyb2QR07Ww8HUUCFV-pHdlyoQKqnyoCpCEw637k9YGaa9xB13CP_9cAw7q5e47_3ktx5ZSOpxVGBEESgG9WgQnOHHdCFK51gX9R5jXOnu6jIhBambVfZYjoc8t4FteKNx8ZLpF9vfjWCsulzJDcH79Fmy_hu_p6eXCdPir-Mi-QJTo3k2CCwEthrbNJgP1P0h9g1nahWM2zb-1SgSUGzT8CIzVNZ_uWX5oCrGBQITWLepzDcd-5wDssWvJd_P6SUYh4iUmiHO5rokc8KpKiBHdnrLIh2x2qGC9MfzK5Wp2SB42-GCI_AN9ESdX4wZN4vqWatVH-_IfzGDY2PMPq_aAlCrPDFS4Rk2tQTWrxNpyQ4RhDn5KZhrMzj3pXfbIm_o_KJd-SqJ9ZbSkKaInMtgyngERr8ntwkTd2K0jYvLERufN5TdXlfBSIOP2vwd2v40gJ6LJOyDbbdeB2jbfFtarQHRhNDTyJSVjKfYaSFDMHaXUhAo3hSWI9Fnv2vD6Q== Page URL
https://safebrowsdv.com/ga-audiences?cid=1861873&pb=2230f25d9d204b4e8ab970034104f5f21641764125&psp=XUDJCcVn6ScNNNlI4pbALzQbod_moYSNQYytHs1Ra3kQEoN16juRHeMeisHQ9L1mdXO3gOvoSIFzjNWdh9gXvh9gMOfU5SpaIvie8iaYyVep8kKtqiZb3hDNXOSmE7rtxH9naLCikgbbQiItTQJ0-wDCludavG3X-ZA9sBHwa48IQ1Mze-pzHtabMo9brkThyb2QR07Ww8HUUCFV-pHdlyoQKqnyoCpCEw637k9YGaa9xB13CP_9cAw7q5e47_3ktx5ZSOpxVGBEESgG9WgQnOHHdCFK51gX9R5jXOnu6jIhBambVfZYjoc8t4FteKNx8ZLpF9vfjWCsulzJDcH79Fmy_hu_p6eXCdPir-Mi-QJTo3k2CCwEthrbNJgP1P0h9g1nahWM2zb-1SgSUGzT8CIzVNZ_uWX5oCrGBQITWLepzDcd-5wDssWvJd_P6SUYh4iUmiHO5rokc8KpKiBHdnrLIh2x2qGC9MfzK5Wp2SB42-GCI_AN9ESdX4wZN4vqWatVH-_IfzGDY2PMPq_aAlCrPDFS4Rk2tQTWrxNpyQ4RhDn5KZhrMzj3pXfbIm_o_KJd-SqJ9ZbSkKaInMtgyngERr8ntwkTd2K0jYvLERufN5TdXlfBSIOP2vwd2v40gJ6LJOyDbbdeB2jbfFtarQHRhNDTyJSVjKfYaSFDMHaXUhAo3hSWI9Fnv2vD6Q==&nojs=0&ix=0&abvar=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=170&rlp=%5B0%2C8.400001525878906%2C42.39999961853027%2C23%2C1.3999996185302734%2C120.60000038146973%2C68.49999809265137%2C46%5D Page URL
https://track.cpa-optimizer.online/15G8tR?subid=1861873&currency={usd}&affid=5000&cost={payout}&external_id=22010914360a75e9bb92db45fbb738ddfa16 HTTP 302
https://cpa-optimizer.online/lp/common/arb/?url=/video-lp/video-4/?tag=5000&tag1=new-message&tag2=1861873&tag3=5000&tag4=dating&clickid=&device=Desktop&brand=Desktop&model=Desktop&country=NL&affid=5000&subid=1861873&ln=nl&cid=%7Busd%7D&useragent=%7Bvar:useragent%7D&ip=2001:1af8:4700:a069:0035:0000:0000:0009&bv=Chrome%2097&as=pc Page URL
https://special-offers-for.me/video-lp/video-4/?tag=5000&tag1=new-message&tag2=1861873&tag3=5000&tag4=dating&clickid=&device=Desktop&brand=Desktop&model=Desktop&country=NL&affid=5000&subid=1861873&ln=nl&cid=%7Busd%7D&useragent=%7Bvar:useragent%7D&ip=2001:1af8:4700:a069:0035:0000:0000:0009&bv=Chrome%2097&as=pc Page URL
https://track.cpa-optimizer.online/15GtmV?tag=5000&tag1=new-message&tag2=1861873&tag3=5000&tag4=dating&clickid=&device=Desktop&brand=Desktop&model=Desktop&country=NL&affid=5000&subid=1861873&ln=nl&cid=%257Busd%257D&useragent=%257Bvar%3Auseragent%257D&ip=2001%3A1af8%3A4700%3Aa069%3A0035%3A0000%3A0000%3A0009&bv=Chrome%252097&as=pc&onw=1&link=url%3Dhttps%253A%252F%252Fclick.eu.adoperatorcore.com%252Frtb%252Ffeedclick%253Fuuid%253D259dacbd-f7dc-4177-ae06-cfffb755539d%2526s%253D101%2526d%253D221%2526feedid%253De908%2526rt%253D1641757001878%2526sb%253D0.0002%2526db%253D0.0008%2526subid%253Dbid_5806%2526tokid%253Dnull%2526url%253DMCGV6QV42H5HDXSWE67YROYVBUBACZ2BU4PITXQIR6PKUROTGHM2U2URE7SIFVEG7DL6HPRKLTTMMOZPKKHMUY7ZXDO6QVMOKIHPWUHNRWFE5NWWUMJFLH4IZZGEAU5J2FZ5KJQ5G5CVQJW7Q3WYOJ7V4ZSCTPW5LANXWYQ6AJXVXJSRXVLR77B7GY2PZERGQKFWAPWDYME5E%25253D%25253D%25253D%2526i%253D4121ee%2526u%253D896148%2526ad%253D%26s%3D1036%26a%3Dbid_onw_5000%26uA%3Dbid_5806%26sub%3D1861873%26ts%3D1641757002%26d%3D59%26i%3D1fwh23wbmky7nqa71%26t%3Dclient%26c%3D55757200753 HTTP 302
https://clk.wbidder.online/redirect?url=https%3A%2F%2Fclick.eu.adoperatorcore.com%2Frtb%2Ffeedclick%3Fuuid%3D259dacbd-f7dc-4177-ae06-cfffb755539d%26s%3D101%26d%3D221%26feedid%3De908%26rt%3D1641757001878%26sb%3D0.0002%26db%3D0.0008%26subid%3Dbid_5806%26tokid%3Dnull%26url%3DMCGV6QV42H5HDXSWE67YROYVBUBACZ2BU4PITXQIR6PKUROTGHM2U2URE7SIFVEG7DL6HPRKLTTMMOZPKKHMUY7ZXDO6QVMOKIHPWUHNRWFE5NWWUMJFLH4IZZGEAU5J2FZ5KJQ5G5CVQJW7Q3WYOJ7V4ZSCTPW5LANXWYQ6AJXVXJSRXVLR77B7GY2PZERGQKFWAPWDYME5E%253D%253D%253D%26i%3D4121ee%26u%3D896148%26ad%3D&s=1036&a=bid_onw_5000&uA=bid_5806&sub=1861873&ts=1641757002&d=59&i=1fwh23wbmky7nqa71&t=client&c=55757200753 HTTP 302
https://click.eu.adoperatorcore.com/rtb/feedclick?uuid=259dacbd-f7dc-4177-ae06-cfffb755539d&s=101&d=221&feedid=e908&rt=1641757001878&sb=0.0002&db=0.0008&subid=bid_5806&tokid=null&url=MCGV6QV42H5HDXSWE67YROYVBUBACZ2BU4PITXQIR6PKUROTGHM2U2URE7SIFVEG7DL6HPRKLTTMMOZPKKHMUY7ZXDO6QVMOKIHPWUHNRWFE5NWWUMJFLH4IZZGEAU5J2FZ5KJQ5G5CVQJW7Q3WYOJ7V4ZSCTPW5LANXWYQ6AJXVXJSRXVLR77B7GY2PZERGQKFWAPWDYME5E%3D%3D%3D&i=4121ee&u=896148&ad= HTTP 302
https://hot.findsale.club/index.php?key=0wcff73b6nxj48rip18j&subid=&utm_source=&utm_medium=ww_mini1_split_findsale&bbid=47 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3

https://track.cpa-optimizer.online/15G8tR?subid=1861873&currency={usd}&affid=5000&cost={payout}&external_id=22010914360a75e9bb92db45fbb738ddfa16 HTTP 302
https://cpa-optimizer.online/lp/common/arb/?url=/video-lp/video-4/?tag=5000&tag1=new-message&tag2=1861873&tag3=5000&tag4=dating&clickid=&device=Desktop&brand=Desktop&model=Desktop&country=NL&affid=5000&subid=1861873&ln=nl&cid=%7Busd%7D&useragent=%7Bvar:useragent%7D&ip=2001:1af8:4700:a069:0035:0000:0000:0009&bv=Chrome%2097&as=pc

Request Chain 20

https://crtv.wboptim.online/icon?url=https%3A%2F%2Ftracking.eu.adoperatorcore.com%2Frtb%2Ffeedimpression%3Fuuid%3D259dacbd-f7dc-4177-ae06-cfffb755539d%26s%3D101%26d%3D221%26feedid%3De908%26rt%3D1641757001878%26sb%3D0.0002%26db%3D0.0008%26subid%3Dbid_5806%26tokid%3Dnull%26url%3DM6R2B4GETR2CBYFKGVL23NVIDJRWMWAVTP7SS6K44OJVF6F7YRD7WU7MPQM3F6DLPDRDLHMF62YQHHB3FZDGGG6CMOI4UJNSIJ25N3Q%253D%26i%3D4121ee%26u%3D896148&s=1036&a=bid_onw_5000&uA=bid_5806&sub=1861873&d=59&ic=1 HTTP 302
https://tracking.eu.adoperatorcore.com/rtb/feedimpression?uuid=259dacbd-f7dc-4177-ae06-cfffb755539d&s=101&d=221&feedid=e908&rt=1641757001878&sb=0.0002&db=0.0008&subid=bid_5806&tokid=null&url=M6R2B4GETR2CBYFKGVL23NVIDJRWMWAVTP7SS6K44OJVF6F7YRD7WU7MPQM3F6DLPDRDLHMF62YQHHB3FZDGGG6CMOI4UJNSIJ25N3Q%3D&i=4121ee&u=896148 HTTP 302
https://s.adoppop.com/images/icon/fb_messneger2.png

41 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 gtm.js Show response
safebrowsdv.com/ 2 KB
1 KB 73ms
22ms Document
text/html 62.122.170.197
SERVEREL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://safebrowsdv.com/gtm.js?id=1861873&pb=2230f25d9d204b4e8ab970034104f5f21641764125&psp=XUDJCcVn6ScNNNlI4pbALzQbod_moYSNQYytHs1Ra3kQEoN16juRHeMeisHQ9L1mdXO3gOvoSIFzjNWdh9gXvh9gMOfU5SpaIvie8iaYyVep8kKtqiZb3hDNXOSmE7rtxH9naLCikgbbQiItTQJ0-wDCludavG3X-ZA9sBHwa48IQ1Mze-pzHtabMo9brkThyb2QR07Ww8HUUCFV-pHdlyoQKqnyoCpCEw637k9YGaa9xB13CP_9cAw7q5e47_3ktx5ZSOpxVGBEESgG9WgQnOHHdCFK51gX9R5jXOnu6jIhBambVfZYjoc8t4FteKNx8ZLpF9vfjWCsulzJDcH79Fmy_hu_p6eXCdPir-Mi-QJTo3k2CCwEthrbNJgP1P0h9g1nahWM2zb-1SgSUGzT8CIzVNZ_uWX5oCrGBQITWLepzDcd-5wDssWvJd_P6SUYh4iUmiHO5rokc8KpKiBHdnrLIh2x2qGC9MfzK5Wp2SB42-GCI_AN9ESdX4wZN4vqWatVH-_IfzGDY2PMPq_aAlCrPDFS4Rk2tQTWrxNpyQ4RhDn5KZhrMzj3pXfbIm_o_KJd-SqJ9ZbSkKaInMtgyngERr8ntwkTd2K0jYvLERufN5TdXlfBSIOP2vwd2v40gJ6LJOyDbbdeB2jbfFtarQHRhNDTyJSVjKfYaSFDMHaXUhAo3hSWI9Fnv2vD6Q==
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 62.122.170.197 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS: 62.122.170.197.serverel.net
Software: nginx /
Resource Hash: 1a8a8285baac3ecf3ca4827134f63472b7d90f78acaf6f2804efe4af32dd30da

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: nl-NL,nl;q=0.9

Response headers

server: nginx
date: Sun, 09 Jan 2022 19:36:41 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
x-route-id: check.sumbit.script
content-encoding: gzip
timing-allow-origin: *

GET
H2 200 submit.min.js Show response
safebrowsdv.com/ 36 KB
14 KB 45ms
45ms Script
application/javascript 62.122.170.197
SERVEREL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://safebrowsdv.com/submit.min.js?2.0
Requested by: Host: safebrowsdv.com
URL: https://safebrowsdv.com/gtm.js?id=1861873&pb=2230f25d9d204b4e8ab970034104f5f21641764125&psp=XUDJCcVn6ScNNNlI4pbALzQbod_moYSNQYytHs1Ra3kQEoN16juRHeMeisHQ9L1mdXO3gOvoSIFzjNWdh9gXvh9gMOfU5SpaIvie8iaYyVep8kKtqiZb3hDNXOSmE7rtxH9naLCikgbbQiItTQJ0-wDCludavG3X-ZA9sBHwa48IQ1Mze-pzHtabMo9brkThyb2QR07Ww8HUUCFV-pHdlyoQKqnyoCpCEw637k9YGaa9xB13CP_9cAw7q5e47_3ktx5ZSOpxVGBEESgG9WgQnOHHdCFK51gX9R5jXOnu6jIhBambVfZYjoc8t4FteKNx8ZLpF9vfjWCsulzJDcH79Fmy_hu_p6eXCdPir-Mi-QJTo3k2CCwEthrbNJgP1P0h9g1nahWM2zb-1SgSUGzT8CIzVNZ_uWX5oCrGBQITWLepzDcd-5wDssWvJd_P6SUYh4iUmiHO5rokc8KpKiBHdnrLIh2x2qGC9MfzK5Wp2SB42-GCI_AN9ESdX4wZN4vqWatVH-_IfzGDY2PMPq_aAlCrPDFS4Rk2tQTWrxNpyQ4RhDn5KZhrMzj3pXfbIm_o_KJd-SqJ9ZbSkKaInMtgyngERr8ntwkTd2K0jYvLERufN5TdXlfBSIOP2vwd2v40gJ6LJOyDbbdeB2jbfFtarQHRhNDTyJSVjKfYaSFDMHaXUhAo3hSWI9Fnv2vD6Q==
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 62.122.170.197 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS: 62.122.170.197.serverel.net
Software: nginx /
Resource Hash: affd7d53fae7862c66f5c5a6bd142aefe65e7a5424f8098c93b0fb1bf3f718d4

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 09 Jan 2022 19:36:41 GMT
content-encoding: gzip
last-modified: Wed, 22 Dec 2021 10:55:46 GMT
server: nginx
etag: W/"61c30432-8e19"
vary: Accept-Encoding
content-type: application/javascript
timing-allow-origin: *

GET
H2 200 ga-audiences Show response
safebrowsdv.com/ 4 KB
2 KB 22ms
22ms Document
text/html 62.122.170.197
SERVEREL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://safebrowsdv.com/ga-audiences?cid=1861873&pb=2230f25d9d204b4e8ab970034104f5f21641764125&psp=XUDJCcVn6ScNNNlI4pbALzQbod_moYSNQYytHs1Ra3kQEoN16juRHeMeisHQ9L1mdXO3gOvoSIFzjNWdh9gXvh9gMOfU5SpaIvie8iaYyVep8kKtqiZb3hDNXOSmE7rtxH9naLCikgbbQiItTQJ0-wDCludavG3X-ZA9sBHwa48IQ1Mze-pzHtabMo9brkThyb2QR07Ww8HUUCFV-pHdlyoQKqnyoCpCEw637k9YGaa9xB13CP_9cAw7q5e47_3ktx5ZSOpxVGBEESgG9WgQnOHHdCFK51gX9R5jXOnu6jIhBambVfZYjoc8t4FteKNx8ZLpF9vfjWCsulzJDcH79Fmy_hu_p6eXCdPir-Mi-QJTo3k2CCwEthrbNJgP1P0h9g1nahWM2zb-1SgSUGzT8CIzVNZ_uWX5oCrGBQITWLepzDcd-5wDssWvJd_P6SUYh4iUmiHO5rokc8KpKiBHdnrLIh2x2qGC9MfzK5Wp2SB42-GCI_AN9ESdX4wZN4vqWatVH-_IfzGDY2PMPq_aAlCrPDFS4Rk2tQTWrxNpyQ4RhDn5KZhrMzj3pXfbIm_o_KJd-SqJ9ZbSkKaInMtgyngERr8ntwkTd2K0jYvLERufN5TdXlfBSIOP2vwd2v40gJ6LJOyDbbdeB2jbfFtarQHRhNDTyJSVjKfYaSFDMHaXUhAo3hSWI9Fnv2vD6Q==&nojs=0&ix=0&abvar=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=170&rlp=%5B0%2C8.400001525878906%2C42.39999961853027%2C23%2C1.3999996185302734%2C120.60000038146973%2C68.49999809265137%2C46%5D
Requested by: Host: safebrowsdv.com
URL: https://safebrowsdv.com/submit.min.js?2.0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 62.122.170.197 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS: 62.122.170.197.serverel.net
Software: nginx /
Resource Hash: 4f45b6abab6896fbbd25724269953a7f9eb67ba0edf2c10c95a0af39269a61e2

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: nl-NL,nl;q=0.9

Response headers

server: nginx
date: Sun, 09 Jan 2022 19:36:41 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
x-route-id: redirect.script
content-encoding: gzip
timing-allow-origin: *

GET
H2

200

/
cpa-optimizer.online/lp/common/arb/
Redirect Chain

https://track.cpa-optimizer.online/15G8tR?subid=1861873&currency={usd}&affid=5000&cost={payout}&external_id=22010914360a75e9bb92db45fbb738ddfa16
https://cpa-optimizer.online/lp/common/arb/?url=/video-lp/video-4/?tag=5000&tag1=new-message&tag2=1861873&tag3=5000&tag4=dating&clickid=&device=Desktop&brand=Desktop&model=Desktop&country=NL&affid=...

405 B
498 B

58ms
18ms

Document
text/html

213.227.149.216
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://cpa-optimizer.online/lp/common/arb/?url=/video-lp/video-4/?tag=5000&tag1=new-message&tag2=1861873&tag3=5000&tag4=dating&clickid=&device=Desktop&brand=Desktop&model=Desktop&country=NL&affid=5000&subid=1861873&ln=nl&cid=%7Busd%7D&useragent=%7Bvar:useragent%7D&ip=2001:1af8:4700:a069:0035:0000:0000:0009&bv=Chrome%2097&as=pc

Requested by

Host: safebrowsdv.com
URL: https://safebrowsdv.com/ga-audiences?cid=1861873&pb=2230f25d9d204b4e8ab970034104f5f21641764125&psp=XUDJCcVn6ScNNNlI4pbALzQbod_moYSNQYytHs1Ra3kQEoN16juRHeMeisHQ9L1mdXO3gOvoSIFzjNWdh9gXvh9gMOfU5SpaIvie8iaYyVep8kKtqiZb3hDNXOSmE7rtxH9naLCikgbbQiItTQJ0-wDCludavG3X-ZA9sBHwa48IQ1Mze-pzHtabMo9brkThyb2QR07Ww8HUUCFV-pHdlyoQKqnyoCpCEw637k9YGaa9xB13CP_9cAw7q5e47_3ktx5ZSOpxVGBEESgG9WgQnOHHdCFK51gX9R5jXOnu6jIhBambVfZYjoc8t4FteKNx8ZLpF9vfjWCsulzJDcH79Fmy_hu_p6eXCdPir-Mi-QJTo3k2CCwEthrbNJgP1P0h9g1nahWM2zb-1SgSUGzT8CIzVNZ_uWX5oCrGBQITWLepzDcd-5wDssWvJd_P6SUYh4iUmiHO5rokc8KpKiBHdnrLIh2x2qGC9MfzK5Wp2SB42-GCI_AN9ESdX4wZN4vqWatVH-_IfzGDY2PMPq_aAlCrPDFS4Rk2tQTWrxNpyQ4RhDn5KZhrMzj3pXfbIm_o_KJd-SqJ9ZbSkKaInMtgyngERr8ntwkTd2K0jYvLERufN5TdXlfBSIOP2vwd2v40gJ6LJOyDbbdeB2jbfFtarQHRhNDTyJSVjKfYaSFDMHaXUhAo3hSWI9Fnv2vD6Q==&nojs=0&ix=0&abvar=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=170&rlp=%5B0%2C8.400001525878906%2C42.39999961853027%2C23%2C1.3999996185302734%2C120.60000038146973%2C68.49999809265137%2C46%5D

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

213.227.149.216 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: nl-NL,nl;q=0.9
Referer: https://safebrowsdv.com/afu.php?zoneid=1762995&var=1861873

Response headers

server: nginx
date: Sun, 09 Jan 2022 19:36:41 GMT
content-type: text/html; charset=UTF-8
x-frame-options: SAMEORIGIN

Redirect headers

Server: nginx/1.21.0
Date: Sun, 09 Jan 2022 19:36:41 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 838
Connection: keep-alive
X-Powered-By: Express
Location: https://cpa-optimizer.online/lp/common/arb/?url=/video-lp/video-4/?tag=5000&tag1=new-message&tag2=1861873&tag3=5000&tag4=dating&clickid=&device=Desktop&brand=Desktop&model=Desktop&country=NL&affid=5000&subid=1861873&ln=nl&cid=%7Busd%7D&useragent=%7Bvar:useragent%7D&ip=2001:1af8:4700:a069:0035:0000:0000:0009&bv=Chrome%2097&as=pc
Vary: Accept

POST
H2 200 dupa.gif
safebrowsdv.com/ 43 B
148 B 20ms
20ms Ping
image/gif 62.122.170.197
SERVEREL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://safebrowsdv.com/dupa.gif?z=1861873&pb=2230f25d9d204b4e8ab970034104f5f21641764125&psp=XUDJCcVn6ScNNNlI4pbALzQbod_moYSNQYytHs1Ra3kQEoN16juRHeMeisHQ9L1mdXO3gOvoSIFzjNWdh9gXvh9gMOfU5SpaIvie8iaYyVep8kKtqiZb3hDNXOSmE7rtxH9naLCikgbbQiItTQJ0-wDCludavG3X-ZA9sBHwa48IQ1Mze-pzHtabMo9brkThyb2QR07Ww8HUUCFV-pHdlyoQKqnyoCpCEw637k9YGaa9xB13CP_9cAw7q5e47_3ktx5ZSOpxVGBEESgG9WgQnOHHdCFK51gX9R5jXOnu6jIhBambVfZYjoc8t4FteKNx8ZLpF9vfjWCsulzJDcH79Fmy_hu_p6eXCdPir-Mi-QJTo3k2CCwEthrbNJgP1P0h9g1nahWM2zb-1SgSUGzT8CIzVNZ_uWX5oCrGBQITWLepzDcd-5wDssWvJd_P6SUYh4iUmiHO5rokc8KpKiBHdnrLIh2x2qGC9MfzK5Wp2SB42-GCI_AN9ESdX4wZN4vqWatVH-_IfzGDY2PMPq_aAlCrPDFS4Rk2tQTWrxNpyQ4RhDn5KZhrMzj3pXfbIm_o_KJd-SqJ9ZbSkKaInMtgyngERr8ntwkTd2K0jYvLERufN5TdXlfBSIOP2vwd2v40gJ6LJOyDbbdeB2jbfFtarQHRhNDTyJSVjKfYaSFDMHaXUhAo3hSWI9Fnv2vD6Q==&pload=40&rlp=%5B0%2C0%2C0%2C0%2C0.6000003814697266%2C22.899999618530273%2C22.299999237060547%2C0%5D
Requested by: Host: safebrowsdv.com
URL: https://safebrowsdv.com/ga-audiences?cid=1861873&pb=2230f25d9d204b4e8ab970034104f5f21641764125&psp=XUDJCcVn6ScNNNlI4pbALzQbod_moYSNQYytHs1Ra3kQEoN16juRHeMeisHQ9L1mdXO3gOvoSIFzjNWdh9gXvh9gMOfU5SpaIvie8iaYyVep8kKtqiZb3hDNXOSmE7rtxH9naLCikgbbQiItTQJ0-wDCludavG3X-ZA9sBHwa48IQ1Mze-pzHtabMo9brkThyb2QR07Ww8HUUCFV-pHdlyoQKqnyoCpCEw637k9YGaa9xB13CP_9cAw7q5e47_3ktx5ZSOpxVGBEESgG9WgQnOHHdCFK51gX9R5jXOnu6jIhBambVfZYjoc8t4FteKNx8ZLpF9vfjWCsulzJDcH79Fmy_hu_p6eXCdPir-Mi-QJTo3k2CCwEthrbNJgP1P0h9g1nahWM2zb-1SgSUGzT8CIzVNZ_uWX5oCrGBQITWLepzDcd-5wDssWvJd_P6SUYh4iUmiHO5rokc8KpKiBHdnrLIh2x2qGC9MfzK5Wp2SB42-GCI_AN9ESdX4wZN4vqWatVH-_IfzGDY2PMPq_aAlCrPDFS4Rk2tQTWrxNpyQ4RhDn5KZhrMzj3pXfbIm_o_KJd-SqJ9ZbSkKaInMtgyngERr8ntwkTd2K0jYvLERufN5TdXlfBSIOP2vwd2v40gJ6LJOyDbbdeB2jbfFtarQHRhNDTyJSVjKfYaSFDMHaXUhAo3hSWI9Fnv2vD6Q==&nojs=0&ix=0&abvar=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=170&rlp=%5B0%2C8.400001525878906%2C42.39999961853027%2C23%2C1.3999996185302734%2C120.60000038146973%2C68.49999809265137%2C46%5D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 62.122.170.197 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS: 62.122.170.197.serverel.net
Software: nginx /
Resource Hash

Request headers

Referer
Accept-Language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 09 Jan 2022 19:36:41 GMT
x-route-id: stats.redirect-pixel
server: nginx
timing-allow-origin: *
content-length: 43
content-type: image/gif

GET
H2 200 / Show response
special-offers-for.me/video-lp/video-4/ 11 KB
11 KB 58ms
16ms Document
text/html 213.227.149.216
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://special-offers-for.me/video-lp/video-4/?tag=5000&tag1=new-message&tag2=1861873&tag3=5000&tag4=dating&clickid=&device=Desktop&brand=Desktop&model=Desktop&country=NL&affid=5000&subid=1861873&ln=nl&cid=%7Busd%7D&useragent=%7Bvar:useragent%7D&ip=2001:1af8:4700:a069:0035:0000:0000:0009&bv=Chrome%2097&as=pc

Requested by

Host: cpa-optimizer.online
URL: https://cpa-optimizer.online/lp/common/arb/?url=/video-lp/video-4/?tag=5000&tag1=new-message&tag2=1861873&tag3=5000&tag4=dating&clickid=&device=Desktop&brand=Desktop&model=Desktop&country=NL&affid=5000&subid=1861873&ln=nl&cid=%7Busd%7D&useragent=%7Bvar:useragent%7D&ip=2001:1af8:4700:a069:0035:0000:0000:0009&bv=Chrome%2097&as=pc

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

213.227.149.216 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

Software

nginx /

Resource Hash

89b95273145861817a6c3f24199d9b025c4e417d54ef8a46de3c01bd3273e854

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: nl-NL,nl;q=0.9
Referer: https://cpa-optimizer.online/

Response headers

server: nginx
date: Sun, 09 Jan 2022 19:36:41 GMT
content-type: text/html
content-length: 11331
last-modified: Fri, 31 Dec 2021 13:18:25 GMT
etag: "61cf0321-2c43"
x-frame-options: SAMEORIGIN
accept-ranges: bytes

GET
H2 200 pageTemplate.min.css
special-offers-for.me/plugin/css/ 2 KB
865 B 19ms
18ms Stylesheet
text/css 213.227.149.216
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://special-offers-for.me/plugin/css/pageTemplate.min.css

Requested by

Host: special-offers-for.me
URL: https://special-offers-for.me/video-lp/video-4/?tag=5000&tag1=new-message&tag2=1861873&tag3=5000&tag4=dating&clickid=&device=Desktop&brand=Desktop&model=Desktop&country=NL&affid=5000&subid=1861873&ln=nl&cid=%7Busd%7D&useragent=%7Bvar:useragent%7D&ip=2001:1af8:4700:a069:0035:0000:0000:0009&bv=Chrome%2097&as=pc

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

213.227.149.216 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

Software

nginx /

Resource Hash

a44edde7abfe4086b29943ccf7c7443cfdda6b7a0460f54a2837ab889268d55c

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://special-offers-for.me/video-lp/video-4/?tag=5000&tag1=new-message&tag2=1861873&tag3=5000&tag4=dating&clickid=&device=Desktop&brand=Desktop&model=Desktop&country=NL&affid=5000&subid=1861873&ln=nl&cid=%7Busd%7D&useragent=%7Bvar:useragent%7D&ip=2001:1af8:4700:a069:0035:0000:0000:0009&bv=Chrome%2097&as=pc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 09 Jan 2022 19:36:41 GMT
content-encoding: gzip
vary: Accept-Encoding
last-modified: Wed, 10 Jul 2019 14:02:03 GMT
server: nginx
etag: "5d25efdb-290"
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=2592000
content-length: 656
expires: Tue, 08 Feb 2022 19:36:41 GMT

GET
H2 200 pageTemplateClean.js Show response
special-offers-for.me/lp/plugin/js/ 27 KB
28 KB 20ms
19ms Script
application/javascript 213.227.149.216
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://special-offers-for.me/lp/plugin/js/pageTemplateClean.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

213.227.149.216 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

Software

nginx /

Resource Hash

e4e8b912ad316b320ca401e71f8843b49acfdb2e21e23bb65eacd33a93991276

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://special-offers-for.me/video-lp/video-4/?tag=5000&tag1=new-message&tag2=1861873&tag3=5000&tag4=dating&clickid=&device=Desktop&brand=Desktop&model=Desktop&country=NL&affid=5000&subid=1861873&ln=nl&cid=%7Busd%7D&useragent=%7Bvar:useragent%7D&ip=2001:1af8:4700:a069:0035:0000:0000:0009&bv=Chrome%2097&as=pc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 09 Jan 2022 19:36:41 GMT
last-modified: Wed, 05 May 2021 16:00:06 GMT
server: nginx
etag: "6092c106-6def"
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 28143
expires: Tue, 08 Feb 2022 19:36:41 GMT

GET
H2 200 script.js Show response
free-coupons.network/lp/loadcomplete/ 7 KB
8 KB 68ms
28ms Script
application/javascript 213.227.149.216
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://free-coupons.network/lp/loadcomplete/script.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

213.227.149.216 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

Software

nginx /

Resource Hash

7c664050493a7973f724b768ad6a48e4b78eec90050015dc7152a08e7dbb32e7

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://special-offers-for.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 09 Jan 2022 19:36:41 GMT
last-modified: Fri, 03 Jul 2020 09:24:48 GMT
server: nginx
etag: "5efef960-1d8a"
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 7562
expires: Tue, 08 Feb 2022 19:36:41 GMT

GET
H2 200 client.new.js Show response
free-coupons.network/plugin/js/ 26 KB
26 KB 80ms
41ms Script
application/javascript 213.227.149.216
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://free-coupons.network/plugin/js/client.new.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

213.227.149.216 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

Software

nginx /

Resource Hash

01395d69b4ee6c9483a90824d115289edaf853ea3556cce363df7f552a6e0acb

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://special-offers-for.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 09 Jan 2022 19:36:41 GMT
last-modified: Wed, 24 Nov 2021 12:36:40 GMT
server: nginx
etag: "619e31d8-67de"
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 26590
expires: Tue, 08 Feb 2022 19:36:41 GMT

GET
H2 200 bidder.js Show response
special-offers-for.me/plugin/js/ 14 KB
14 KB 35ms
34ms Script
application/javascript 213.227.149.216
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://special-offers-for.me/plugin/js/bidder.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

213.227.149.216 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

Software

nginx /

Resource Hash

514d52e802c002031a89d00de1ac804b75fc146877eff127e9ff85ef516798aa

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://special-offers-for.me/video-lp/video-4/?tag=5000&tag1=new-message&tag2=1861873&tag3=5000&tag4=dating&clickid=&device=Desktop&brand=Desktop&model=Desktop&country=NL&affid=5000&subid=1861873&ln=nl&cid=%7Busd%7D&useragent=%7Bvar:useragent%7D&ip=2001:1af8:4700:a069:0035:0000:0000:0009&bv=Chrome%2097&as=pc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 09 Jan 2022 19:36:41 GMT
last-modified: Wed, 22 Dec 2021 11:42:37 GMT
server: nginx
etag: "61c30f2d-36a8"
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 13992
expires: Tue, 08 Feb 2022 19:36:41 GMT

GET
H2 200 bidder-interval.js Show response
special-offers-for.me/plugin/js/ 8 KB
8 KB 35ms
35ms Script
application/javascript 213.227.149.216
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://special-offers-for.me/plugin/js/bidder-interval.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

213.227.149.216 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

Software

nginx /

Resource Hash

4fcf63aeecc00b000351d5b887fb4cc3dc9b6bc97cb7852734864852b7797226

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://special-offers-for.me/video-lp/video-4/?tag=5000&tag1=new-message&tag2=1861873&tag3=5000&tag4=dating&clickid=&device=Desktop&brand=Desktop&model=Desktop&country=NL&affid=5000&subid=1861873&ln=nl&cid=%7Busd%7D&useragent=%7Bvar:useragent%7D&ip=2001:1af8:4700:a069:0035:0000:0000:0009&bv=Chrome%2097&as=pc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 09 Jan 2022 19:36:41 GMT
last-modified: Wed, 24 Nov 2021 11:01:21 GMT
server: nginx
etag: "619e1b81-1f27"
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 7975
expires: Tue, 08 Feb 2022 19:36:41 GMT

GET
H2 200 arrow-blue4.png
special-offers-for.me/pageTemplate/ 6 KB
7 KB 13ms
13ms Image
image/png 213.227.149.216
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://special-offers-for.me/pageTemplate/arrow-blue4.png

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

213.227.149.216 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

Software

nginx /

Resource Hash

41173a98b0ae7b2001f183af16586aa6e6777195a5d100652f4365e310ae9372

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://special-offers-for.me/video-lp/video-4/?tag=5000&tag1=new-message&tag2=1861873&tag3=5000&tag4=dating&clickid=&device=Desktop&brand=Desktop&model=Desktop&country=NL&affid=5000&subid=1861873&ln=nl&cid=%7Busd%7D&useragent=%7Bvar:useragent%7D&ip=2001:1af8:4700:a069:0035:0000:0000:0009&bv=Chrome%2097&as=pc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 09 Jan 2022 19:36:41 GMT
last-modified: Thu, 10 Dec 2020 14:14:34 GMT
server: nginx
etag: "5fd22d4a-194a"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 6474
expires: Tue, 08 Feb 2022 19:36:41 GMT

GET
H2 206 onBack.mp3
special-offers-for.me/pageTemplate/ 18 KB
18 KB 16ms
16ms Media
audio/mpeg 213.227.149.216
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://special-offers-for.me/pageTemplate/onBack.mp3

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

213.227.149.216 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

Software

nginx /

Resource Hash

130828dc2d3d11c2b4ad0c998dde0b660671963aaf610a2ad366e999ddfd2b5a

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://special-offers-for.me/video-lp/video-4/?tag=5000&tag1=new-message&tag2=1861873&tag3=5000&tag4=dating&clickid=&device=Desktop&brand=Desktop&model=Desktop&country=NL&affid=5000&subid=1861873&ln=nl&cid=%7Busd%7D&useragent=%7Bvar:useragent%7D&ip=2001:1af8:4700:a069:0035:0000:0000:0009&bv=Chrome%2097&as=pc
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Range: bytes=0-

Response headers

date: Sun, 09 Jan 2022 19:36:41 GMT
last-modified: Thu, 10 Dec 2020 14:14:34 GMT
server: nginx
etag: "5fd22d4a-4922"
x-frame-options: SAMEORIGIN
content-type: audio/mpeg
Content-Range: bytes 0-18721/18722
Content-Length: 18722

GET client
wbidder2.com/offer/ 0
0

GET
H/1.1 200
OK client Show response
wbidder2.com/offer/ 3 KB
1 KB 208ms
168ms Fetch
application/json 95.211.60.56
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://wbidder2.com/offer/client?affid=onw_5000&subid=1861873&days=8&count=1
Requested by: Host: free-coupons.network
URL: https://free-coupons.network/plugin/js/client.new.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.211.60.56 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: a87a6778744ce0c8c43f77a12656a38876202312f5a6d4603515f88a244d8a06

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 09 Jan 2022 19:36:42 GMT
content-encoding: gzip
vary: Origin, Accept-Encoding
keep-alive: timeout=5
transfer-encoding: chunked
content-type: application/json; charset=utf-8

GET
H2 200 newB1modal.png
special-offers-for.me/pluginstuff/ 9 KB
9 KB 13ms
13ms Image
image/png 213.227.149.216
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://special-offers-for.me/pluginstuff/newB1modal.png

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

213.227.149.216 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

Software

nginx /

Resource Hash

3f0014f83976d1cf838ba0bb0dd7b9150457ebc601c4f6840d8e16620c12ad5b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 09 Jan 2022 19:36:41 GMT
last-modified: Fri, 14 May 2021 16:13:10 GMT
server: nginx
etag: "609ea196-2359"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 9049
expires: Tue, 08 Feb 2022 19:36:41 GMT

GET client
wbidder2.com/offer/ 0
0

GET
H2 200 spinner.gif
special-offers-for.me/flow-lp/porsche-1/img/ 113 KB
113 KB 15ms
15ms Image
image/gif 213.227.149.216
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://special-offers-for.me/flow-lp/porsche-1/img/spinner.gif

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

213.227.149.216 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

Software

nginx /

Resource Hash

7ffbc5613ad711543dc07ae92ea8a151ed27fa356f0a591181910f4270b2e908

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 09 Jan 2022 19:36:41 GMT
last-modified: Fri, 01 Nov 2019 13:26:09 GMT
server: nginx
etag: "5dbc3271-1c3fd"
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 115709
expires: Tue, 08 Feb 2022 19:36:41 GMT

GET
H2

200

fb_messneger2.png
s.adoppop.com/images/icon/
Redirect Chain

https://crtv.wboptim.online/icon?url=https%3A%2F%2Ftracking.eu.adoperatorcore.com%2Frtb%2Ffeedimpression%3Fuuid%3D259dacbd-f7dc-4177-ae06-cfffb755539d%26s%3D101%26d%3D221%26feedid%3De908%26rt%3D164...
https://tracking.eu.adoperatorcore.com/rtb/feedimpression?uuid=259dacbd-f7dc-4177-ae06-cfffb755539d&s=101&d=221&feedid=e908&rt=1641757001878&sb=0.0002&db=0.0008&subid=bid_5806&tokid=null&url=M6R2B4...
https://s.adoppop.com/images/icon/fb_messneger2.png

10 KB
10 KB

101ms
42ms

Image
image/png

2606:4700:3035::6815:5e55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.adoppop.com/images/icon/fb_messneger2.png
Protocol: H2
Server: 2606:4700:3035::6815:5e55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 09 Jan 2022 19:36:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2113764
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 10056
last-modified: Tue, 07 Sep 2021 15:51:24 GMT
server: cloudflare
etag: "61378a7c-2748"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ezGZWpyo5L9H%2FQO9TrCjlM61SP4gvD6VWt%2BTT32iZiup8sX3jZwdIeLRPQVFALA5S8XQspthlgreB7BJWTf0CiIAt9sX2oHjAf5eHhvSVhOVxctPb4ZkZA6C6iiEDkQoWZXcs61%2BefYT0kCf"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 6cb01dafdb4ac4c2-DUS
expires: Sat, 15 Jan 2022 08:27:18 GMT

Redirect headers

location: https://s.adoppop.com/images/icon/fb_messneger2.png
date: Sun, 09 Jan 2022 19:36:41 GMT
referrer-policy: no-referrer
content-length: 0

GET
H/1.1

200
OK

Primary Request index.php Show response
hot.findsale.club/
Redirect Chain

https://track.cpa-optimizer.online/15GtmV?tag=5000&tag1=new-message&tag2=1861873&tag3=5000&tag4=dating&clickid=&device=Desktop&brand=Desktop&model=Desktop&country=NL&affid=5000&subid=1861873&ln=nl&...
https://clk.wbidder.online/redirect?url=https%3A%2F%2Fclick.eu.adoperatorcore.com%2Frtb%2Ffeedclick%3Fuuid%3D259dacbd-f7dc-4177-ae06-cfffb755539d%26s%3D101%26d%3D221%26feedid%3De908%26rt%3D16417570...
https://click.eu.adoperatorcore.com/rtb/feedclick?uuid=259dacbd-f7dc-4177-ae06-cfffb755539d&s=101&d=221&feedid=e908&rt=1641757001878&sb=0.0002&db=0.0008&subid=bid_5806&tokid=null&url=MCGV6QV42H5HDX...
https://hot.findsale.club/index.php?key=0wcff73b6nxj48rip18j&subid=&utm_source=&utm_medium=ww_mini1_split_findsale&bbid=47

2 KB
1 KB

96ms
53ms

Document
text/html

157.245.71.143
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://hot.findsale.club/index.php?key=0wcff73b6nxj48rip18j&subid=&utm_source=&utm_medium=ww_mini1_split_findsale&bbid=47

Requested by

Host: free-coupons.network
URL: https://free-coupons.network/plugin/js/client.new.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

157.245.71.143 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx/1.20.1 /

Resource Hash

bfa6f3f85cf5175170ad3e970f8ff680e0229a7c311298a4d320d3d3cf60b22d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: nl-NL,nl;q=0.9

Response headers

Server: nginx/1.20.1
Date: Sun, 09 Jan 2022 19:36:42 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip

Redirect headers

referrer-policy: no-referrer
location: https://hot.findsale.club/index.php?key=0wcff73b6nxj48rip18j&subid=&utm_source=&utm_medium=ww_mini1_split_findsale&bbid=47
content-length: 0
date: Sun, 09 Jan 2022 19:36:41 GMT

GET
H2 200 inpage.adoperator.com.1194591.js Show response
jsc.adskeeper.com/i/n/ 2 KB
1 KB 97ms
36ms Script
text/javascript 104.18.17.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.adskeeper.com/i/n/inpage.adoperator.com.1194591.js
Requested by: Host: hot.findsale.club
URL: https://hot.findsale.club/index.php?key=0wcff73b6nxj48rip18j&subid=&utm_source=&utm_medium=ww_mini1_split_findsale&bbid=47
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.17.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3cedeec2f7dd58b20179d840f61afcc15a9bfd9f541bdb170e76a32bf8438080

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://hot.findsale.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 09 Jan 2022 19:36:42 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 4851
cf-ray: 6cb01db23c20692e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 745
x-amz-id-2: ywq0dsI5YjM+6ZACnxTbXcr4RLR7d+xLL5eWSyKFVhFFBa7uldTdXOv+5JftMS7EL76+QS3zCHQ=
last-modified: Thu, 02 Dec 2021 16:26:04 GMT
server: cloudflare
etag: "6d9e7c563ec1686d2f1c944b6f2b51bf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: CS5QQ6JK705SD2S5
cache-control: public, max-age=14400
accept-ranges: bytes
content-type: text/javascript
expires: Sun, 09 Jan 2022 23:36:42 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 97 KB
38 KB 81ms
32ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PDZZV69

Requested by

Host: hot.findsale.club
URL: https://hot.findsale.club/index.php?key=0wcff73b6nxj48rip18j&subid=&utm_source=&utm_medium=ww_mini1_split_findsale&bbid=47

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

05db549caf6865d5340e0f2d593094abcb73b456f8846246de74e6b485c8ad0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://hot.findsale.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 09 Jan 2022 19:36:42 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38153
x-xss-protection: 0
last-modified: Sun, 09 Jan 2022 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 09 Jan 2022 19:36:42 GMT

GET
H2 200 inpage.adoperator.com.1194591.es6.js Show response
jsc.adskeeper.com/i/n/ 235 KB
70 KB 31ms
30ms Script
text/javascript 104.18.17.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.adskeeper.com/i/n/inpage.adoperator.com.1194591.es6.js
Requested by: Host: jsc.adskeeper.com
URL: https://jsc.adskeeper.com/i/n/inpage.adoperator.com.1194591.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.17.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6c3f70fde8c62c0016f52fc613437f68449f42e73081aa38438b98db8d7b65dd

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://hot.findsale.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 09 Jan 2022 19:36:42 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 4850
cf-ray: 6cb01db26ca3692e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 71835
x-amz-id-2: eSOMCrObUSiiC4wcKNt18VEW4PQG8clUOaN+Z/Jxr8zYLlRJNu84pFW3INJ3BCs4ay5horn4cQ0=
last-modified: Thu, 02 Dec 2021 16:26:04 GMT
server: cloudflare
etag: "e78e568689179a489b1fa67f70109f12"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: R5VM71XJ1H3V6766
cache-control: public, max-age=14400
accept-ranges: bytes
content-type: text/javascript
expires: Sun, 09 Jan 2022 23:36:42 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 69ms
21ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PDZZV69

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://hot.findsale.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 2136
date: Sun, 09 Jan 2022 19:01:06 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Sun, 09 Jan 2022 21:01:06 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 56ms
28ms XHR
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=112824290&t=pageview&_s=1&dl=https%3A%2F%2Fhot.findsale.club%2Findex.php%3Fkey%3D0wcff73b6nxj48rip18j%26subid%3D%26utm_source%3D%26utm_medium%3Dww_mini1_split_findsale%26bbid%3D47&ul=en-us&de=UTF-8&dt=Updated%202022-01-09&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=61829997&gjid=1752427738&cid=1164440247.1641757003&tid=UA-205556619-1&_gid=856786381.1641757003&_r=1&gtm=2wg150PDZZV69&z=80896817

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://hot.findsale.club/
Accept-Language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 09 Jan 2022 19:36:42 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://hot.findsale.club
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
c.adskeeper.com/pv/ 0
306 B 72ms
59ms Script
text/plain 104.18.17.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.adskeeper.com/pv/?pv=5&cbuster=1641757003050698429808&uniqId=02cc0&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Fhot.findsale.club%2Findex.php%3Fkey%3D0wcff73b6nxj48rip18j%26subid%3D%26utm_source%3D%26utm_medium%3Dww_mini1_split_findsale%26bbid%3D47&lu=https%3A%2F%2Fhot.findsale.club%2Findex.php%3Fkey%3D0wcff73b6nxj48rip18j%26subid%3D%26utm_source%3D%26utm_medium%3Dww_mini1_split_findsale%26bbid%3D47&sessionId=61db394b-17f4c&pageView=1&pvid=17e4057cd2b96d8ac60&site=733910&implVersion=11&dpr=1
Requested by: Host: jsc.adskeeper.com
URL: https://jsc.adskeeper.com/i/n/inpage.adoperator.com.1194591.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.17.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://hot.findsale.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 09 Jan 2022 19:36:43 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 6cb01db53b82692e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 adskeeper_svg.svg
cdn.adskeeper.co.uk/images/ 4 KB
2 KB 97ms
40ms Image
image/svg+xml 104.19.131.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.adskeeper.co.uk/images/adskeeper_svg.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.131.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c1798ee0e6e7de78f91bb457e6670385951caea9fc9c97295ca303ec6fe49be

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://hot.findsale.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 09 Jan 2022 19:36:43 GMT
content-encoding: br
cf-cache-status: HIT
age: 2843
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: PQQY40JG1BTA00NB
x-amz-id-2: jn8iFc6HIZ78ziSodiCEP66Q9ApPuT2TQqxEag+8wBEQ/l8XxqONp5qtUsNtHzGMPfbkonGCXqs=
last-modified: Tue, 08 Dec 2020 08:34:59 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1607416491/ctime:1607416491/gid:0/gname:root/md5:93f6d1136fb77e38a0a2c72108588f09/mode:33206/mtime:1607416491/uid:0/uname:root
etag: W/"93f6d1136fb77e38a0a2c72108588f09"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=14400
cf-ray: 6cb01db59cd84a86-FRA
expires: Sun, 09 Jan 2022 23:36:43 GMT

GET
H2 200 1 Show response
servicer.adskeeper.com/1194591/ 5 KB
2 KB 63ms
52ms Script
application/x-javascript 104.18.17.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.adskeeper.com/1194591/1?pv=5&cbuster=1641757003124664953018&uniqId=02cc0&niet=4g&nisd=false&jsv=es6&w=1584&h=758&cols=3&ref=&cxurl=https%3A%2F%2Fhot.findsale.club%2Findex.php%3Fkey%3D0wcff73b6nxj48rip18j%26subid%3D%26utm_source%3D%26utm_medium%3Dww_mini1_split_findsale%26bbid%3D47&lu=https%3A%2F%2Fhot.findsale.club%2Findex.php%3Fkey%3D0wcff73b6nxj48rip18j%26subid%3D%26utm_source%3D%26utm_medium%3Dww_mini1_split_findsale%26bbid%3D47&sessionId=61db394b-17f4c&pageView=1&pvid=17e4057cd2b96d8ac60&implVersion=11&dpr=1
Requested by: Host: jsc.adskeeper.com
URL: https://jsc.adskeeper.com/i/n/inpage.adoperator.com.1194591.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.17.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ca01fb65d9fe5a45f3bfbcd3b1d4f7a042d74760f7f7a792df4711e89a959a75

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://hot.findsale.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 09 Jan 2022 19:36:43 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/x-javascript; charset=utf-8
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 6cb01db5acb8692e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 adskeeper_svg.svg
cdn.adskeeper.co.uk/images/ 4 KB
2 KB 69ms
40ms Image
image/svg+xml 104.19.131.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.adskeeper.co.uk/images/adskeeper_svg.svg
Requested by: Host: jsc.adskeeper.com
URL: https://jsc.adskeeper.com/i/n/inpage.adoperator.com.1194591.es6.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.131.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c1798ee0e6e7de78f91bb457e6670385951caea9fc9c97295ca303ec6fe49be

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://hot.findsale.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 09 Jan 2022 19:36:43 GMT
content-encoding: br
cf-cache-status: HIT
age: 2843
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: PQQY40JG1BTA00NB
x-amz-id-2: jn8iFc6HIZ78ziSodiCEP66Q9ApPuT2TQqxEag+8wBEQ/l8XxqONp5qtUsNtHzGMPfbkonGCXqs=
last-modified: Tue, 08 Dec 2020 08:34:59 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1607416491/ctime:1607416491/gid:0/gname:root/md5:93f6d1136fb77e38a0a2c72108588f09/mode:33206/mtime:1607416491/uid:0/uname:root
etag: W/"93f6d1136fb77e38a0a2c72108588f09"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=14400
cf-ray: 6cb01db64c3d7039-FRA
expires: Sun, 09 Jan 2022 23:36:43 GMT

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDQtMTQvMTAxOTI0L2U5M2JkMjcyOGU0ODlhOGJjMTlmNDJhOTYzYzRkMDAwLmpwZz90PTE0OTIxOTU2MzI3Mzk.webp
s-img.adskeeper.com/g/3805433/492x328/0x0x492x328/ 8 KB
8 KB 349ms
291ms Image
image/webp 104.18.17.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.adskeeper.com/g/3805433/492x328/0x0x492x328/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDQtMTQvMTAxOTI0L2U5M2JkMjcyOGU0ODlhOGJjMTlmNDJhOTYzYzRkMDAwLmpwZz90PTE0OTIxOTU2MzI3Mzk.webp?v=1641757003-qTZhBVNpcnMYUJgC-WTXurxRNUTFmWthDBnqX_OWRWM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.17.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d9c7250284834ec061d27de7ca591dd9e45d2aef1eeff46d1a3141a2a039206a

Request headers

Referer: https://hot.findsale.club/
Origin: https://hot.findsale.club
Accept-Language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 09 Jan 2022 19:36:43 GMT
cf-cache-status: MISS
last-modified: Thu, 11 Nov 2021 15:56:05 GMT
x-mg-request-uuid: 131cd9a5-c870-40a4-9cb2-9d8dad59a3f0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6cb01db67ad14e50-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 7922
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDYtMjAvMTAxOTI0Lzc3YjhmMzZiOGM2YWIwMjRhNzk0YzFmMzE3Y2JkMWY0LmpwZz90PTE0OTc5ODUwMDEyMDQ.webp
s-img.adskeeper.com/g/3805490/492x328/0x0x783x522/ 10 KB
11 KB 96ms
38ms Image
image/webp 104.18.17.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.adskeeper.com/g/3805490/492x328/0x0x783x522/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDYtMjAvMTAxOTI0Lzc3YjhmMzZiOGM2YWIwMjRhNzk0YzFmMzE3Y2JkMWY0LmpwZz90PTE0OTc5ODUwMDEyMDQ.webp?v=1641757003-dVwymSdRU_UT0-sSdfu6kX1CN4IRI87DyDX8zjVG018
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.17.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 065d23e5751d878e9bc6f6ee5b8ae4cb9d6a3341719a28c3dbd27b4e87341a55

Request headers

Referer: https://hot.findsale.club/
Origin: https://hot.findsale.club
Accept-Language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 09 Jan 2022 19:36:43 GMT
cf-cache-status: HIT
last-modified: Thu, 11 Nov 2021 15:54:16 GMT
x-mg-request-uuid: c27cb41c-9164-4efa-86ca-fb6828a87651
age: 56497
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6cb01db67ad54e50-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 10686
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMTItMDcvMTAxOTI0L2Y0MWM5M2NmZDY3NDczZmI3NjVhODJiMzVmYzk4NTY3LmpwZWc_dD0xNTEyNjg0NTE0MTAz.webp
s-img.adskeeper.com/g/3805630/492x328/0x0x575x383/ 12 KB
12 KB 397ms
340ms Image
image/webp 104.18.17.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.adskeeper.com/g/3805630/492x328/0x0x575x383/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMTItMDcvMTAxOTI0L2Y0MWM5M2NmZDY3NDczZmI3NjVhODJiMzVmYzk4NTY3LmpwZWc_dD0xNTEyNjg0NTE0MTAz.webp?v=1641757003-ORHnxVv_nGEOHPJuWySnAVU5tp1sHHjLx0KegDgiqP8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.17.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8d4badde417d90c7abe3d9aeaafd8161300684e04011feaa5c89be94ac054bf3

Request headers

Referer: https://hot.findsale.club/
Origin: https://hot.findsale.club
Accept-Language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 09 Jan 2022 19:36:43 GMT
cf-cache-status: MISS
last-modified: Thu, 11 Nov 2021 15:53:45 GMT
x-mg-request-uuid: 1dac59c9-8888-4674-b01f-8dab05ef5d9f
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6cb01db67ad74e50-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 12468
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0L2M0NjQ1ZjgwN2MzMDJlZmNiYzQxZWVhZWRmNGE5MmZjLmpwZw.webp
s-img.adskeeper.com/g/8193521/492x328/0x168x565x376/ 12 KB
12 KB 338ms
281ms Image
image/webp 104.18.17.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.adskeeper.com/g/8193521/492x328/0x168x565x376/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0L2M0NjQ1ZjgwN2MzMDJlZmNiYzQxZWVhZWRmNGE5MmZjLmpwZw.webp?v=1641757003-w2kReHsBfVlhN6LVrXsz6qqilV_HjaZlrqK-o1aFYxk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.17.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3d9692f2c35422938f137fb38550828805454b4204febdd70a5dae8d4a39b285

Request headers

Referer: https://hot.findsale.club/
Origin: https://hot.findsale.club
Accept-Language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 09 Jan 2022 19:36:43 GMT
cf-cache-status: MISS
last-modified: Thu, 11 Nov 2021 15:44:21 GMT
x-mg-request-uuid: acad4c06-0675-414e-ada7-cd9656bb136b
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6cb01db67ad84e50-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 12422
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0L2I3ZjY5MjZjMTAzYzZjZTNmODBlZTI3ODFlOGE1OGExLnBuZw.webp
s-img.adskeeper.com/g/3882281/492x328/0x0x913x608/ 9 KB
9 KB 470ms
413ms Image
image/webp 104.18.17.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.adskeeper.com/g/3882281/492x328/0x0x913x608/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0L2I3ZjY5MjZjMTAzYzZjZTNmODBlZTI3ODFlOGE1OGExLnBuZw.webp?v=1641757003-sQAmtg4oFkHlUFzk4xs4t1xnTha1j623mKtpiCKpYiE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.17.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d3f7167d90f1aaaa1030f99f29e436b7a9874a76412f9132c7ed49707a43384a

Request headers

Referer: https://hot.findsale.club/
Origin: https://hot.findsale.club
Accept-Language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 09 Jan 2022 19:36:43 GMT
cf-cache-status: MISS
last-modified: Thu, 11 Nov 2021 15:54:26 GMT
x-mg-request-uuid: 5c9e2d54-94a6-44a0-939d-749c43a18aba
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6cb01db67adc4e50-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 9364
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDQtMjgvMTAxOTI0L2NkYzRlZTNmNDM2YmU3M2U3OTFiMDI1NWNkMDAxOTNjLmpwZz90PTE0OTM0MDA4NjUxMTk.webp
s-img.adskeeper.com/g/3805457/492x328/0x0x492x328/ 12 KB
12 KB 108ms
51ms Image
image/webp 104.18.17.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.adskeeper.com/g/3805457/492x328/0x0x492x328/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDQtMjgvMTAxOTI0L2NkYzRlZTNmNDM2YmU3M2U3OTFiMDI1NWNkMDAxOTNjLmpwZz90PTE0OTM0MDA4NjUxMTk.webp?v=1641757003-RVdp8DrHfjsqCq1xHZWxka2yps03r1Q1sCZxzZYTKt8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.17.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 10e36e64a6d38ba12ef26181ce90389a8b81c93de861f41bafa492f8266c5cb7

Request headers

Referer: https://hot.findsale.club/
Origin: https://hot.findsale.club
Accept-Language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 09 Jan 2022 19:36:43 GMT
cf-cache-status: HIT
last-modified: Thu, 11 Nov 2021 15:54:01 GMT
x-mg-request-uuid: ad01ae3b-c059-495a-a5b6-7d6ba485e2b8
age: 11187
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6cb01db67ade4e50-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 12478
server: cloudflare

GET
H2 200 i.js Show response
cm.adskeeper.com/ 0
80 B 130ms
119ms Script
application/javascript 104.18.17.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.adskeeper.com/i.js?&cbuster=1641757003226952794223
Requested by: Host: jsc.adskeeper.com
URL: https://jsc.adskeeper.com/i/n/inpage.adoperator.com.1194591.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.17.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://hot.findsale.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 09 Jan 2022 19:36:43 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Sun, 09 Jan 2022 19:36:43 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 6cb01db64e7a692e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 i-noref.js Show response
cm.adskeeper.com/ Frame 04A9 0
160 B 87ms
86ms Script
application/javascript 104.18.17.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.adskeeper.com/i-noref.js?cbuster=1641757003244993750055
Requested by: Host: jsc.adskeeper.com
URL: https://jsc.adskeeper.com/i/n/inpage.adoperator.com.1194591.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.17.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 09 Jan 2022 19:36:43 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Sun, 09 Jan 2022 19:36:43 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 6cb01db65ea6692e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 c
c.adskeeper.com/ 43 B
477 B 51ms
50ms Image
image/gif 104.18.17.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.adskeeper.com/c?f=1&pv=3&v=512|349|8|l-HE7frd99UtR5p-E40_645nmv3PFXiKheo12yPTz2SEFuBPbT2WgZ4WjfNYL-r5&fw=1&extjs=66044&v=512|366|8|l-HE7frd99UtR5p-E40_6xFs5_NIAKTD4_0cl3M_R4DHldPuY6IzSyN1p6w3z4GM&cid=1194591&h2=0f88f5SrAhnvrKlGfizmWlLom0aA5KYP3LrwMD-ohAQ*&rid=795115ee-7183-11ec-af9d-e43d1a2a53a0&tt=Referral&ts=ww_mini1_split_findsale&iv=11&pageImp=1&pvid=17e4057cd2b96d8ac60&cbuster=1641757004517303420812&tpl=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.17.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://hot.findsale.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 09 Jan 2022 19:36:44 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: 5d39d3d2-c788-4ce1-aadd-8303b932cbe7
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 6cb01dbe4ef842db-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server: cloudflare

GET
H3 200 c
c.adskeeper.com/ 43 B
441 B 46ms
46ms Image
image/gif 104.18.17.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.adskeeper.com/c?pv=3&v=512|366|8|l-HE7frd99UtR5p-E40_63MHpExjR_FzdvwH9ZcMSYBXscGSVH2zV4usvp3kV-bm&extjs=66044&v=512|349|8|l-HE7frd99UtR5p-E40_62vZvQteFAeNojOc1-AIOEjuy730wlP8KFvH9MquWEzB&v=512|349|8|l-HE7frd99UtR5p-E40_60sK5tj8vzS3HqsSM1v9cj0EblbEA5IrIn-rsgnKlWvc&v=512|366|8|l-HE7frd99UtR5p-E40_6wmPYl60uwqCQAsEij-QxHMwVImvT9gWDw_LrKpO1p9C&cid=1194591&h2=0f88f5SrAhnvrKlGfizmWlLom0aA5KYP3LrwMD-ohAQ*&rid=795115ee-7183-11ec-af9d-e43d1a2a53a0&tt=Referral&ts=ww_mini1_split_findsale&iv=11&pageImp=0&pvid=17e4057cd2b96d8ac60&cbuster=1641757004717149308752&tpl=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.17.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://hot.findsale.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 09 Jan 2022 19:36:44 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: 14f1e7a4-1a41-4284-8bc3-36f7d6f28e73
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 6cb01dbf8a6042db-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server: cloudflare

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: wbidder2.com
URL: https://wbidder2.com/offer/client?affid=onw_5000&subid=1861873&days=8&count=1

Domain: wbidder2.com
URL: https://wbidder2.com/offer/client?affid=onw_5000&subid=1861873&days=8&count=1

Domain: wbidder2.com
URL: https://wbidder2.com/offer/client?affid=onw_5000&subid=1861873&days=8

Verdicts & Comments Add Verdict or Comment

42 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

17 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
safebrowsdv.com/	1970-01-20 08:48:13	Name: UID Value: 2201091436c488bf50b68c403280627f94fa
safebrowsdv.com/	1970-01-20 00:04:03	Name: OXCCLK Value: ABLE9wAAAAAAAAAB
safebrowsdv.com/	1970-01-20 00:04:03	Name: OXPCLK Value: AAHdPQAAAAAAAAAB
safebrowsdv.com/	1970-01-20 00:04:03	Name: ppucnt Value: 1
.track.cpa-optimizer.online/	1970-01-20 00:04:03	Name: 15G8tRo Value: 20220109191641757892652
.track.cpa-optimizer.online/	1970-01-20 00:04:03	Name: _norg Value: 1
.track.cpa-optimizer.online/	1970-01-20 00:04:03	Name: 15GtmVo Value: 20220109191641757323978
.track.cpa-optimizer.online/	1970-01-20 00:04:03	Name: _pc_lc_id Value: 15GtmV
.track.cpa-optimizer.online/	1970-01-20 00:04:03	Name: peerclickcid Value: 8630258b63e5ec79b54bf3e487aef75b-4888-0109
hot.findsale.club/	1970-01-20 00:04:03	Name: uclick Value: ojwh16p2
hot.findsale.club/	1970-01-20 00:04:03	Name: uclickhash Value: ojwh16p2-ojwh16p2-bz-0-tw-15-j2-fc8ef0
.findsale.club/	1970-01-20 17:33:49	Name: _ga Value: GA1.2.1164440247.1641757003
.findsale.club/	1970-01-20 00:04:03	Name: _gid Value: GA1.2.856786381.1641757003
.findsale.club/	1970-01-20 00:02:37	Name: _gat_UA-205556619-1 Value: 1
.adskeeper.com/	1970-01-25 20:31:23	Name: muidn Value: m09HJ563miAb
servicer.adskeeper.com/	1970-01-20 00:02:37	Name: __mglb Value: ed02bb11b748a9279413c1eb8e47c448
hot.findsale.club/	1969-12-31 23:59:59	Name: AdskeeperStorage Value: %7B%220%22%3A%7B%7D%2C%22C1194591%22%3A%7B%22page%22%3A1%2C%22time%22%3A1641757003203%7D%7D

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	error	URL: https://special-offers-for.me/video-lp/video-4/?tag=5000&tag1=new-message&tag2=1861873&tag3=5000&tag4=dating&clickid=&device=Desktop&brand=Desktop&model=Desktop&country=NL&affid=5000&subid=1861873&ln=nl&cid=%7Busd%7D&useragent=%7Bvar:useragent%7D&ip=2001:1af8:4700:a069:0035:0000:0000:0009&bv=Chrome%2097&as=pc Message: Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

c.adskeeper.com
cdn.adskeeper.co.uk
click.eu.adoperatorcore.com
clk.wbidder.online
cm.adskeeper.com
cpa-optimizer.online
crtv.wboptim.online
free-coupons.network
hot.findsale.club
jsc.adskeeper.com
s-img.adskeeper.com
s.adoppop.com
safebrowsdv.com
servicer.adskeeper.com
special-offers-for.me
track.cpa-optimizer.online
tracking.eu.adoperatorcore.com
wbidder2.com
www.google-analytics.com
www.googletagmanager.com
wbidder2.com
104.18.17.65
104.19.131.80
157.245.71.143
206.189.241.141
213.227.145.132
213.227.149.216
2606:4700:3035::6815:5e55
2a00:1450:4001:830::2008
2a00:1450:4001:831::200e
2a03:b0c0:3:d0::1114:8001
62.122.170.197
64.225.80.227
85.17.31.90
95.211.60.56
01395d69b4ee6c9483a90824d115289edaf853ea3556cce363df7f552a6e0acb
05db549caf6865d5340e0f2d593094abcb73b456f8846246de74e6b485c8ad0f
065d23e5751d878e9bc6f6ee5b8ae4cb9d6a3341719a28c3dbd27b4e87341a55
10e36e64a6d38ba12ef26181ce90389a8b81c93de861f41bafa492f8266c5cb7
130828dc2d3d11c2b4ad0c998dde0b660671963aaf610a2ad366e999ddfd2b5a
1a8a8285baac3ecf3ca4827134f63472b7d90f78acaf6f2804efe4af32dd30da
3c1798ee0e6e7de78f91bb457e6670385951caea9fc9c97295ca303ec6fe49be
3cedeec2f7dd58b20179d840f61afcc15a9bfd9f541bdb170e76a32bf8438080
3d9692f2c35422938f137fb38550828805454b4204febdd70a5dae8d4a39b285
3f0014f83976d1cf838ba0bb0dd7b9150457ebc601c4f6840d8e16620c12ad5b
41173a98b0ae7b2001f183af16586aa6e6777195a5d100652f4365e310ae9372
4f45b6abab6896fbbd25724269953a7f9eb67ba0edf2c10c95a0af39269a61e2
4fcf63aeecc00b000351d5b887fb4cc3dc9b6bc97cb7852734864852b7797226
514d52e802c002031a89d00de1ac804b75fc146877eff127e9ff85ef516798aa
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c3f70fde8c62c0016f52fc613437f68449f42e73081aa38438b98db8d7b65dd
7c664050493a7973f724b768ad6a48e4b78eec90050015dc7152a08e7dbb32e7
7ffbc5613ad711543dc07ae92ea8a151ed27fa356f0a591181910f4270b2e908
89b95273145861817a6c3f24199d9b025c4e417d54ef8a46de3c01bd3273e854
8d4badde417d90c7abe3d9aeaafd8161300684e04011feaa5c89be94ac054bf3
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a44edde7abfe4086b29943ccf7c7443cfdda6b7a0460f54a2837ab889268d55c
a87a6778744ce0c8c43f77a12656a38876202312f5a6d4603515f88a244d8a06
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
affd7d53fae7862c66f5c5a6bd142aefe65e7a5424f8098c93b0fb1bf3f718d4
bfa6f3f85cf5175170ad3e970f8ff680e0229a7c311298a4d320d3d3cf60b22d
ca01fb65d9fe5a45f3bfbcd3b1d4f7a042d74760f7f7a792df4711e89a959a75
d3f7167d90f1aaaa1030f99f29e436b7a9874a76412f9132c7ed49707a43384a
d9c7250284834ec061d27de7ca591dd9e45d2aef1eeff46d1a3141a2a039206a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4e8b912ad316b320ca401e71f8843b49acfdb2e21e23bb65eacd33a93991276

hot.findsale.club Open in urlscan Pro 157.245.71.143 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

41 Requests

90 %HTTPS

29 %IPv6

14 Domains

20 Subdomains

10 IPs

4 Countries

475 kBTransfer

756 kBSize

17 Cookies

7 Outgoing links

Page URL History

Redirected requests

41 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

hot.findsale.club Open in urlscan Pro
157.245.71.143 Public Scan

Screenshot
Live screenshot

Full Image

41
Requests

90 %
HTTPS

29 %
IPv6

14
Domains

20
Subdomains

10
IPs

4
Countries

475 kB
Transfer

756 kB
Size

17
Cookies

41 HTTP transactions
0 data transactions