urlscan.io logo urlscan.io
SecurityTrails logo

read-the-news.online Open in urlscan Pro
95.168.170.165  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www1.news-back.net/WznAi5eQPMhyzk2ciNNe230GJerbioEO0EWu7NFnE40?clck=yz6YsvcTEiBWpotboEVzBgiYyaVI6YloAutNsGGfEuezFnT...
Effective URL: https://read-the-news.online/gif-lp/3/?tag=999762&tag1=musicplayer&tag2=2575139-2078493347-0&tag3=999762&tag4=dating&clickid=...
Submission: On March 01 via manual from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 3 countries across 8 domains to perform 11 HTTP transactions. The main IP is 95.168.170.165, located in Netherlands and belongs to LEASEWEB-NL-AMS-01 Netherlands, NL. The main domain is read-the-news.online.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G2 on October 29th 2020. Valid for: a year.
This is the only time read-the-news.online was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 52.72.36.238 14618 (AMAZON-AES)
1 104.22.65.104 13335 (CLOUDFLAR...)
1 1 34.231.89.205 14618 (AMAZON-AES)
2 3 35.227.196.138 15169 (GOOGLE)
1 1 2a03:b0c0:3:d... 14061 (DIGITALOC...)
4 213.227.145.147 60781 (LEASEWEB-...)
1 95.168.170.165 60781 (LEASEWEB-...)
2 8.253.95.112 3356 (LEVEL3)
1 85.17.23.11 60781 (LEASEWEB-...)
11 8
1    52.72.36.238 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-72-36-238.compute-1.amazonaws.com
www1.news-back.net
1    104.22.65.104 (United States)

ASN13335 (CLOUDFLARENET, US)
feed.r-tb.com
1    34.231.89.205 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-231-89-205.compute-1.amazonaws.com
news-easy.net
3    35.227.196.138 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 138.196.227.35.bc.googleusercontent.com
www.performanceonclick.com
1    2a03:b0c0:3:d0::ed2:4001 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN, US)
track.free-coupons.network
4    213.227.145.147 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
special-offers.online
free-coupons.network
1    95.168.170.165 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
read-the-news.online
2    8.253.95.112 (United States)

ASN3356 (LEVEL3, US)
cdn.special-offers.online
1    85.17.23.11 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
wbidder.online
Domain Requested by
3 free-coupons.network read-the-news.online
3 www.performanceonclick.com 2 redirects www1.news-back.net
2 cdn.special-offers.online read-the-news.online
1 wbidder.online free-coupons.network
1 read-the-news.online special-offers.online
1 special-offers.online www.performanceonclick.com
1 track.free-coupons.network 1 redirects
1 news-easy.net 1 redirects
1 feed.r-tb.com www1.news-back.net
1 www1.news-back.net
11 10

This site contains no links.

Subject Issuer Validity Valid
www1.news-back.net
R3		 2021-02-27 -
2021-05-28		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-07-08 -
2021-07-08		 a year crt.sh
*.special-offers.online
AlphaSSL CA - SHA256 - G2		 2020-07-06 -
2021-08-30		 a year crt.sh
*.read-the-news.online
AlphaSSL CA - SHA256 - G2		 2020-10-29 -
2021-11-30		 a year crt.sh
*.free-coupons.network
AlphaSSL CA - SHA256 - G2		 2020-02-10 -
2021-03-17		 a year crt.sh
*.wbidder.online
AlphaSSL CA - SHA256 - G2		 2020-03-05 -
2021-03-06		 a year crt.sh

This page contains 1 frames:

Primary Page: https://read-the-news.online/gif-lp/3/?tag=999762&tag1=musicplayer&tag2=2575139-2078493347-0&tag3=999762&tag4=dating&clickid=5854adee0057da8ec62e89df6bedf3b5-4888-0301&device=Desktop&brand=Desktop&model=Desktop&country=DE&affid=999762&subid=2575139-2078493347-0&ln=en&cid=%7Bcountry%7D&useragent=%7Bvar:useragent%7D&ip=2a01:04f8:0192:5414:0000:0000:0000:0002&bv=Chrome%2083&as=pc
Frame ID: 6498EB603EFDE46B0F27D10CA55A7C5B
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://www1.news-back.net/WznAi5eQPMhyzk2ciNNe230GJerbioEO0EWu7NFnE40?clck=yz6YsvcTEiBWpotboEVzBgiYyaV... Page URL
  2. https://news-easy.net/Fu7pFVBntLJpLw3NkAeYa_Uvaba_bwcCE2F9IDT7xGc?clck=hwashuQShmGc5xuHxrhasOos_1L... HTTP 302
    http://www.performanceonclick.com/jump/next.php?r=2575139&pub_clickid=WlwzJaLIZHFJxPsKqRMfVL5odhW9L6-F-XP5X-Ad... Page URL
  3. http://www.performanceonclick.com/jump/next.php?stamat=m%7C%2C%2Cw3a3YjImoGU3Bp4GH0dEdHP3xP.24c%2CtvhpFaC36T--... HTTP 302
    http://www.performanceonclick.com/script/i.php?stamat=m%7C%2C%2CAiKmo3I-tGU3BJ5GH0dEdHP3xP.4d9%2C0W3B9pMw9gWXR... HTTP 302
    https://track.free-coupons.network/15GlN9?subid=2575139-2078493347-0&country={country}&affid=999762&cost={payou... HTTP 302
    https://special-offers.online/lp/common/arb/?url=/gif-lp/3/?tag=999762&tag1=musicplayer&tag2=2575139-20784... Page URL
  4. https://read-the-news.online/gif-lp/3/?tag=999762&tag1=musicplayer&tag2=2575139-2078493347-0&tag3=999762&... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

11
Requests

91 %
HTTPS

11 %
IPv6

8
Domains

10
Subdomains

8
IPs

3
Countries

875 kB
Transfer

884 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www1.news-back.net/WznAi5eQPMhyzk2ciNNe230GJerbioEO0EWu7NFnE40?clck=yz6YsvcTEiBWpotboEVzBgiYyaVI6YloAutNsGGfEuezFnTZH3t4-9ItbWDZmWg3AfyVOJ8LYjDmjaJwPcfdAc4pFK0uc0bXVg-d0Fro-67nakFHfzzBWsM38_egmd7m-sLBTndhNz-II3DZuBiqKrYhCb4zFn1PVu0W9_ixd2FXIo-mPKoilKgNl48ThMHrKBffh2hLJiNI_Ol4WCYMfQ3TJJ1GMuDhQ_Tlw1qDBnY&sid=roki_w10_0910_AC-BUBBLE-1514 Page URL
  2. https://news-easy.net/Fu7pFVBntLJpLw3NkAeYa_Uvaba_bwcCE2F9IDT7xGc?clck=hwashuQShmGc5xuHxrhasOos_1LB8wvogZp9VFmrDj39Fi_FCJseD2q2gQE0sXG9XL4b77MfJmtDisr6uynpMtw0_w5H3nUBbV8bMi8XVcukbP3wBGm0HruHqZz6TgH0IHdjd8B2i9oK4mega9BzpKWLwviF3VAVE0NPzHEm_F0rrRHWsFRXiGwf_MCvJXiNxjDLH_fiCAisQavwVfdh42F9RkOZhmKxH7jXe0iaKoQdYuocbUJofjA7qXRI_9VpMeZymsA8Paw77tZHi321QXrX9cozG6fvT8Sz9E--ptrC1Gtyg6xoHTOcGjhRE9EMrTZbgty9MnwW80Jqa3EsgNIyPiNfudEeSIcK82ERQ610_AAKOsaw_1JaCo3GmJA2XO-vk1pqx6OMGmjXPvnDxoZR37gjOuQQR4CKHTfFQ5RT4m4amugul7fkAH46ZpKv0WQ2BnRxH4aed3bsM3lMniPOfPiLVAeoiHAyuQE_2BlEUM-w86lGanNJNHhdfToA&sid=push_back_block_1514_01 HTTP 302
    http://www.performanceonclick.com/jump/next.php?r=2575139&pub_clickid=WlwzJaLIZHFJxPsKqRMfVL5odhW9L6-F-XP5X-Ad7Jsx5yBKvS27NXSgcqg_cFnOSCX1WdytFBe-au2vXVjnXuj1fcAz1jyWs2shmFZlwysmhFOzbvl5_PkchKwQux-gFfEoR-4x9Ep_2jI6vQC41LJnrk3onmBgsoas0XugdP3h4n-pUVd155xdI0YbBQVIGIiK-ujM_kLMBL49aQxde-5xVnG3tuegzuNAJzNIBn5E5oxZDNngRaJ73nxSfX0Bco-mqInwq9U-g-jQMcgwZ8UQOEfw-2jDrtUtDbclh_FGZpNtSB25hrSAkeA8cmSQvh-DS4qcxsd0dnDo49LqPY_D2eXQNKj6_B1AvRIgS9hvjSmRv2U_CWNVP5OBE8XFP6UbkaNp7WGQgqTyWOhbRhg1ZwrcJ5OBjkGPjyubQNRa3JbwozOrDCO-VMd_jjMx992b0KcH4wKzPNCNKU8ylzrND_FTvZZHN8FkQ3LsmkvZx0pEdBPLOt5HPZVBKVvUU8R4mQSPXfNKJFgaIig1mwqGqYWPDLw9Du3ubTBmjbcHXLZoGbpGI-fTNWpLNjW9MFLRQEtgFUJVcibe9s9IiefWMMV-GUFLds34ExuLPu2qgxXWENFASyPL9ZbId-D1RnXoZi_xf0Jcqassqp4kxhbm7UhDZiHZ8mXvR--OA3ZiQsI_axOfDNn1_mflkFoE9EG0m7d7Phgxr9XS2hctTM9_gRq87jLZWMclybAR8jPgNNeLsTu1Hk3Lx4P1g45VyVBxbto1pC7yx49qYiLUeZ5b-AlnjwwCZXNAFxgludcNKKp60bWc-m5UD1rgL7uuEdXqM-49kcbnwWT4o2fGU29aEqiyDZ-NPOSdfZC3rLY&sub1=push_back_block_1514_01 Page URL
  3. http://www.performanceonclick.com/jump/next.php?stamat=m%7C%2C%2Cw3a3YjImoGU3Bp4GH0dEdHP3xP.24c%2CtvhpFaC36T--zu-Eph-X9Wp3pvuUqXplOizw_LjRBV30Ai_emHCvNKIImqcVJKD1vuwh0m4-e6mFSeJOPqIkfrYK2U3zSLkq8sGHzRycLcqc2vQJhPqiMzvtEZPV7EPrxZv3aZ3pKyJlZBSzECRWDX5YHwNl3WzbV6-oRsF1KTwXGoQTrQ-E-IziHApPXxCjJbxaFRazO7LoJBGmallSi48aCx7HaJdFE3T17W8q3ypZx--dKxjnxDQU1Oj97zqFa_Iqcsb5AEOaMe-Qwx5QmWRDNEM0W4qL3lIXmDm3rAl5tb-_1Y5WuHRvMHAC3unjZbxk3I7BEsawFsHXZNe34UBiykAonXGl_GCLXd4Mw5pjO-r_t0tNs_ZyG2oVJtNqjyDpcPFqCOtEkfq3guyh-hmCeAY69yTUmBXTmT-d91lZEZ8ZMlnw3TzDaGf13sGw9X60KlQUC4moqHV8mTlbZ7Pr45W3vYW1s-jHVKGzPPPaY_2rEXw-2rRRJjn_zbamd1XuqFzOj7lMFez_vuSWy1RTfSgbfAcQiCYVC7NfxghQVaKuKhmHVQoMpqowO9LtS0yAceRO7yi6uzK50GBtHZoHWUX1zjjb0wkK9hyZ1rUar07JxMSWHv2PBMIsucGU8cpPJNeSKmmjh7ai7_tMv8T4HVdJSpnkwSeI0szMNipwFc9Sn67On0yhMg_UuHysHTjM9SusXZA-v4i3TxoL5ZWUbld9UezGzuNFIylhqMtGtOW3iI_0eOTCFBDchbvtXtm7jA5Z1IZIktkvdLbcc3lTl-NnBeqhRDE4jQPpWWzLcOPGVcgvVyjDRZZrgv4UoyEpxisb1w2HqfJBgHFrZ__DuO8vCY6Zhwfhr70xHK4ALQ_QV-jiQ-NfNw2AQ0wV-NzR1ATrlUyU_MakchCo7JUsYuQMaxOKAvOZxOUwVjI1TREvGhxsV6ivdDYjlr1ZO2NGepwC3tK51VK44YtqQ9U9meRrUgi912t0hFrmW5EmuZ60o-C3xoLrLPgtnIQt6UozhcD1SrjUn6OvtZzasA%2C%2C&cbrandom=0.10368027059975393&cbtitle=&cbiframe=0&cbWidth=1600&cbHeight=1200&cbdescription=&cbkeywords=&cbref= HTTP 302
    http://www.performanceonclick.com/script/i.php?stamat=m%7C%2C%2CAiKmo3I-tGU3BJ5GH0dEdHP3xP.4d9%2C0W3B9pMw9gWXRX7KEvY3Cn9R1LoeKI-Arr-rf6cFxw5tmwRSB6BGyARp2qQxHpIm5KgOtyFK-Ri-4ojIWHve9jscpW4CPIi7FkwxExVkIYUBq3MBhIqTF7gAh7eEF4E73jncbqpRgNmI91CEuUq3IEj2hFowi_a7TEFPQ95uwLt8tX1aTc9gba6tNayFb6-5spr4lpnMGYYBKnxRLUSL0uGpj_tkdHRTBzaPTfdFa__baZE8lUpqTzdpQ2Xx1Ougkb4-PBu_mt5AESwXdxa1S8OUPGwBmRheJzG5_wzj58RozdT3q65uaKUrTdniXCm52ZjNQWXfSBcBHaf8bS094pPDwEDHm0cO-tNADbmbI91pxRuVBCPRqMGW9EhE3w7V4_DdN-gUjWdCdrCM42PA8IXdUUfZXgOj4WAVx0g532jMkfu93Dn-yR-r1h-TSVDn8mO4-QIrZKc1lDGQ32LDnnumaXJTkOwShPgL7irCQy7t92wjnv8ZmQkGz1pJgzTHJ87uMHUW2DcF6EeITF5EaFheP86SHIK-1bkoQlD6iflcukCJrNwZ5860d4uEb4WVHW6QUAJCWmM0VPO-ya9OFd_Hblw5G1XA7xZTGbvraywhUXvBgnkxEsHzkGm-bPOc4sUNnkrEAFZ67r5Md4tJ_0qc3YnBkaf1JZGs3IhySP6HfKzQzgbQTKv3Prrv6N9kIyT8d9y0Lpw8ptokilb8zTtW8qmQy-mmlX2k33oFbfRcVkNudVuUecv8BjvASV3XkE6hg2Vll2qHWzwSlVIiM94yOk7JTImYy5QSnH5E6vD4izlnollRdKgVznlcyRvvjzpMk6y1gF3FB8bP_I0cSugdw3mkL6WqOYyeE3PouZS1VVYQAFeRHIzLJjZk68usWmA83f-bRQhFgXx8S10rSzvav8m2oUPFLRtcOsvPWvUL4Ibu1M-AQv7rge8zZ6IW7iGH6oSi--1qajQC18GNyNw5kZWrOEkkHj3xTpMkvhhtopmLychVOhZ2h7t1lEmPOp3dwAggByByqAAMmvxdxXfEllrCg9JAIMzkDrsk98Js3JRD9FRPOAFZbsNxMesPJVyri3GldHpZGsnH-CVDE7GnXD0Zhn9t59BPWjEiw2MsWBsSS4y--2XRBT71TEU64fI-Zp0rgsOfy5sW_3GHEHrHQCWN-J9dkZDtAkGSRlDLi5iGwdoYzegB6Swm4iTQckGEibIcum3xi_HvcNjjeC6pu-rGW1C8nnSFGBgq_PKeJb0YsRIPczi_wOMq4MAIw9qvksjrQ7YCPv-Ldm__-TyzHyPNpotQOTyIBd_dteepF9LegQV9j30MfINMs47K2wqbZ_qqx4vVTP4oJ2f9nJKaVcYbcgmfMMxO1T1RVLqORd2AnBKvQuHxhKueoOIMVoQEoQflA4Hh8WGcPhi4hA%2C%2C HTTP 302
    https://track.free-coupons.network/15GlN9?subid=2575139-2078493347-0&country={country}&affid=999762&cost={payout}&external_id=16146293213261294947103785095049294 HTTP 302
    https://special-offers.online/lp/common/arb/?url=/gif-lp/3/?tag=999762&tag1=musicplayer&tag2=2575139-2078493347-0&tag3=999762&tag4=dating&clickid=5854adee0057da8ec62e89df6bedf3b5-4888-0301&device=Desktop&brand=Desktop&model=Desktop&country=DE&affid=999762&subid=2575139-2078493347-0&ln=en&cid=%7Bcountry%7D&useragent=%7Bvar:useragent%7D&ip=2a01:04f8:0192:5414:0000:0000:0000:0002&bv=Chrome%2083&as=pc Page URL
  4. https://read-the-news.online/gif-lp/3/?tag=999762&tag1=musicplayer&tag2=2575139-2078493347-0&tag3=999762&tag4=dating&clickid=5854adee0057da8ec62e89df6bedf3b5-4888-0301&device=Desktop&brand=Desktop&model=Desktop&country=DE&affid=999762&subid=2575139-2078493347-0&ln=en&cid=%7Bcountry%7D&useragent=%7Bvar:useragent%7D&ip=2a01:04f8:0192:5414:0000:0000:0000:0002&bv=Chrome%2083&as=pc Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3
  • https://news-easy.net/Fu7pFVBntLJpLw3NkAeYa_Uvaba_bwcCE2F9IDT7xGc?clck=hwashuQShmGc5xuHxrhasOos_1LB8wvogZp9VFmrDj39Fi_FCJseD2q2gQE0sXG9XL4b77MfJmtDisr6uynpMtw0_w5H3nUBbV8bMi8XVcukbP3wBGm0HruHqZz6TgH0IHdjd8B2i9oK4mega9BzpKWLwviF3VAVE0NPzHEm_F0rrRHWsFRXiGwf_MCvJXiNxjDLH_fiCAisQavwVfdh42F9RkOZhmKxH7jXe0iaKoQdYuocbUJofjA7qXRI_9VpMeZymsA8Paw77tZHi321QXrX9cozG6fvT8Sz9E--ptrC1Gtyg6xoHTOcGjhRE9EMrTZbgty9MnwW80Jqa3EsgNIyPiNfudEeSIcK82ERQ610_AAKOsaw_1JaCo3GmJA2XO-vk1pqx6OMGmjXPvnDxoZR37gjOuQQR4CKHTfFQ5RT4m4amugul7fkAH46ZpKv0WQ2BnRxH4aed3bsM3lMniPOfPiLVAeoiHAyuQE_2BlEUM-w86lGanNJNHhdfToA&sid=push_back_block_1514_01 HTTP 302
  • http://www.performanceonclick.com/jump/next.php?r=2575139&pub_clickid=WlwzJaLIZHFJxPsKqRMfVL5odhW9L6-F-XP5X-Ad7Jsx5yBKvS27NXSgcqg_cFnOSCX1WdytFBe-au2vXVjnXuj1fcAz1jyWs2shmFZlwysmhFOzbvl5_PkchKwQux-gFfEoR-4x9Ep_2jI6vQC41LJnrk3onmBgsoas0XugdP3h4n-pUVd155xdI0YbBQVIGIiK-ujM_kLMBL49aQxde-5xVnG3tuegzuNAJzNIBn5E5oxZDNngRaJ73nxSfX0Bco-mqInwq9U-g-jQMcgwZ8UQOEfw-2jDrtUtDbclh_FGZpNtSB25hrSAkeA8cmSQvh-DS4qcxsd0dnDo49LqPY_D2eXQNKj6_B1AvRIgS9hvjSmRv2U_CWNVP5OBE8XFP6UbkaNp7WGQgqTyWOhbRhg1ZwrcJ5OBjkGPjyubQNRa3JbwozOrDCO-VMd_jjMx992b0KcH4wKzPNCNKU8ylzrND_FTvZZHN8FkQ3LsmkvZx0pEdBPLOt5HPZVBKVvUU8R4mQSPXfNKJFgaIig1mwqGqYWPDLw9Du3ubTBmjbcHXLZoGbpGI-fTNWpLNjW9MFLRQEtgFUJVcibe9s9IiefWMMV-GUFLds34ExuLPu2qgxXWENFASyPL9ZbId-D1RnXoZi_xf0Jcqassqp4kxhbm7UhDZiHZ8mXvR--OA3ZiQsI_axOfDNn1_mflkFoE9EG0m7d7Phgxr9XS2hctTM9_gRq87jLZWMclybAR8jPgNNeLsTu1Hk3Lx4P1g45VyVBxbto1pC7yx49qYiLUeZ5b-AlnjwwCZXNAFxgludcNKKp60bWc-m5UD1rgL7uuEdXqM-49kcbnwWT4o2fGU29aEqiyDZ-NPOSdfZC3rLY&sub1=push_back_block_1514_01
Request Chain 4
  • http://www.performanceonclick.com/jump/next.php?stamat=m%7C%2C%2Cw3a3YjImoGU3Bp4GH0dEdHP3xP.24c%2CtvhpFaC36T--zu-Eph-X9Wp3pvuUqXplOizw_LjRBV30Ai_emHCvNKIImqcVJKD1vuwh0m4-e6mFSeJOPqIkfrYK2U3zSLkq8sGHzRycLcqc2vQJhPqiMzvtEZPV7EPrxZv3aZ3pKyJlZBSzECRWDX5YHwNl3WzbV6-oRsF1KTwXGoQTrQ-E-IziHApPXxCjJbxaFRazO7LoJBGmallSi48aCx7HaJdFE3T17W8q3ypZx--dKxjnxDQU1Oj97zqFa_Iqcsb5AEOaMe-Qwx5QmWRDNEM0W4qL3lIXmDm3rAl5tb-_1Y5WuHRvMHAC3unjZbxk3I7BEsawFsHXZNe34UBiykAonXGl_GCLXd4Mw5pjO-r_t0tNs_ZyG2oVJtNqjyDpcPFqCOtEkfq3guyh-hmCeAY69yTUmBXTmT-d91lZEZ8ZMlnw3TzDaGf13sGw9X60KlQUC4moqHV8mTlbZ7Pr45W3vYW1s-jHVKGzPPPaY_2rEXw-2rRRJjn_zbamd1XuqFzOj7lMFez_vuSWy1RTfSgbfAcQiCYVC7NfxghQVaKuKhmHVQoMpqowO9LtS0yAceRO7yi6uzK50GBtHZoHWUX1zjjb0wkK9hyZ1rUar07JxMSWHv2PBMIsucGU8cpPJNeSKmmjh7ai7_tMv8T4HVdJSpnkwSeI0szMNipwFc9Sn67On0yhMg_UuHysHTjM9SusXZA-v4i3TxoL5ZWUbld9UezGzuNFIylhqMtGtOW3iI_0eOTCFBDchbvtXtm7jA5Z1IZIktkvdLbcc3lTl-NnBeqhRDE4jQPpWWzLcOPGVcgvVyjDRZZrgv4UoyEpxisb1w2HqfJBgHFrZ__DuO8vCY6Zhwfhr70xHK4ALQ_QV-jiQ-NfNw2AQ0wV-NzR1ATrlUyU_MakchCo7JUsYuQMaxOKAvOZxOUwVjI1TREvGhxsV6ivdDYjlr1ZO2NGepwC3tK51VK44YtqQ9U9meRrUgi912t0hFrmW5EmuZ60o-C3xoLrLPgtnIQt6UozhcD1SrjUn6OvtZzasA%2C%2C&cbrandom=0.10368027059975393&cbtitle=&cbiframe=0&cbWidth=1600&cbHeight=1200&cbdescription=&cbkeywords=&cbref= HTTP 302
  • http://www.performanceonclick.com/script/i.php?stamat=m%7C%2C%2CAiKmo3I-tGU3BJ5GH0dEdHP3xP.4d9%2C0W3B9pMw9gWXRX7KEvY3Cn9R1LoeKI-Arr-rf6cFxw5tmwRSB6BGyARp2qQxHpIm5KgOtyFK-Ri-4ojIWHve9jscpW4CPIi7FkwxExVkIYUBq3MBhIqTF7gAh7eEF4E73jncbqpRgNmI91CEuUq3IEj2hFowi_a7TEFPQ95uwLt8tX1aTc9gba6tNayFb6-5spr4lpnMGYYBKnxRLUSL0uGpj_tkdHRTBzaPTfdFa__baZE8lUpqTzdpQ2Xx1Ougkb4-PBu_mt5AESwXdxa1S8OUPGwBmRheJzG5_wzj58RozdT3q65uaKUrTdniXCm52ZjNQWXfSBcBHaf8bS094pPDwEDHm0cO-tNADbmbI91pxRuVBCPRqMGW9EhE3w7V4_DdN-gUjWdCdrCM42PA8IXdUUfZXgOj4WAVx0g532jMkfu93Dn-yR-r1h-TSVDn8mO4-QIrZKc1lDGQ32LDnnumaXJTkOwShPgL7irCQy7t92wjnv8ZmQkGz1pJgzTHJ87uMHUW2DcF6EeITF5EaFheP86SHIK-1bkoQlD6iflcukCJrNwZ5860d4uEb4WVHW6QUAJCWmM0VPO-ya9OFd_Hblw5G1XA7xZTGbvraywhUXvBgnkxEsHzkGm-bPOc4sUNnkrEAFZ67r5Md4tJ_0qc3YnBkaf1JZGs3IhySP6HfKzQzgbQTKv3Prrv6N9kIyT8d9y0Lpw8ptokilb8zTtW8qmQy-mmlX2k33oFbfRcVkNudVuUecv8BjvASV3XkE6hg2Vll2qHWzwSlVIiM94yOk7JTImYy5QSnH5E6vD4izlnollRdKgVznlcyRvvjzpMk6y1gF3FB8bP_I0cSugdw3mkL6WqOYyeE3PouZS1VVYQAFeRHIzLJjZk68usWmA83f-bRQhFgXx8S10rSzvav8m2oUPFLRtcOsvPWvUL4Ibu1M-AQv7rge8zZ6IW7iGH6oSi--1qajQC18GNyNw5kZWrOEkkHj3xTpMkvhhtopmLychVOhZ2h7t1lEmPOp3dwAggByByqAAMmvxdxXfEllrCg9JAIMzkDrsk98Js3JRD9FRPOAFZbsNxMesPJVyri3GldHpZGsnH-CVDE7GnXD0Zhn9t59BPWjEiw2MsWBsSS4y--2XRBT71TEU64fI-Zp0rgsOfy5sW_3GHEHrHQCWN-J9dkZDtAkGSRlDLi5iGwdoYzegB6Swm4iTQckGEibIcum3xi_HvcNjjeC6pu-rGW1C8nnSFGBgq_PKeJb0YsRIPczi_wOMq4MAIw9qvksjrQ7YCPv-Ldm__-TyzHyPNpotQOTyIBd_dteepF9LegQV9j30MfINMs47K2wqbZ_qqx4vVTP4oJ2f9nJKaVcYbcgmfMMxO1T1RVLqORd2AnBKvQuHxhKueoOIMVoQEoQflA4Hh8WGcPhi4hA%2C%2C HTTP 302
  • https://track.free-coupons.network/15GlN9?subid=2575139-2078493347-0&country={country}&affid=999762&cost={payout}&external_id=16146293213261294947103785095049294 HTTP 302
  • https://special-offers.online/lp/common/arb/?url=/gif-lp/3/?tag=999762&tag1=musicplayer&tag2=2575139-2078493347-0&tag3=999762&tag4=dating&clickid=5854adee0057da8ec62e89df6bedf3b5-4888-0301&device=Desktop&brand=Desktop&model=Desktop&country=DE&affid=999762&subid=2575139-2078493347-0&ln=en&cid=%7Bcountry%7D&useragent=%7Bvar:useragent%7D&ip=2a01:04f8:0192:5414:0000:0000:0000:0002&bv=Chrome%2083&as=pc

11 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Cookie set WznAi5eQPMhyzk2ciNNe230GJerbioEO0EWu7NFnE40
www1.news-back.net/ 		368 KB
368 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www1.news-back.net/WznAi5eQPMhyzk2ciNNe230GJerbioEO0EWu7NFnE40?clck=yz6YsvcTEiBWpotboEVzBgiYyaVI6YloAutNsGGfEuezFnTZH3t4-9ItbWDZmWg3AfyVOJ8LYjDmjaJwPcfdAc4pFK0uc0bXVg-d0Fro-67nakFHfzzBWsM38_egmd7m-sLBTndhNz-II3DZuBiqKrYhCb4zFn1PVu0W9_ixd2FXIo-mPKoilKgNl48ThMHrKBffh2hLJiNI_Ol4WCYMfQ3TJJ1GMuDhQ_Tlw1qDBnY&sid=roki_w10_0910_AC-BUBBLE-1514
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.72.36.238 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-72-36-238.compute-1.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Host
www1.news-back.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 01 Mar 2021 20:08:39 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Origin
*
Set-Cookie
session=42b71b0f-f45f-479e-9689-cb2094819074
Server
nginx
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ee3df69641a083faeda162fce068aef31075856f15c43c74eada446496b865f2

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
AFU1kAAPaBk
feed.r-tb.com/v1/native/ 		0
303 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://feed.r-tb.com/v1/native/AFU1kAAPaBk?subid=push_back_block_1514_01&uid=ccc54eb3-bf0c-4306-9528-1b6622f5ec25
Requested by
Host: www1.news-back.net
URL: https://www1.news-back.net/WznAi5eQPMhyzk2ciNNe230GJerbioEO0EWu7NFnE40?clck=yz6YsvcTEiBWpotboEVzBgiYyaVI6YloAutNsGGfEuezFnTZH3t4-9ItbWDZmWg3AfyVOJ8LYjDmjaJwPcfdAc4pFK0uc0bXVg-d0Fro-67nakFHfzzBWsM38_egmd7m-sLBTndhNz-II3DZuBiqKrYhCb4zFn1PVu0W9_ixd2FXIo-mPKoilKgNl48ThMHrKBffh2hLJiNI_Ol4WCYMfQ3TJJ1GMuDhQ_Tlw1qDBnY&sid=roki_w10_0910_AC-BUBBLE-1514
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.65.104 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://www1.news-back.net/WznAi5eQPMhyzk2ciNNe230GJerbioEO0EWu7NFnE40?clck=yz6YsvcTEiBWpotboEVzBgiYyaVI6YloAutNsGGfEuezFnTZH3t4-9ItbWDZmWg3AfyVOJ8LYjDmjaJwPcfdAc4pFK0uc0bXVg-d0Fro-67nakFHfzzBWsM38_egmd7m-sLBTndhNz-II3DZuBiqKrYhCb4zFn1PVu0W9_ixd2FXIo-mPKoilKgNl48ThMHrKBffh2hLJiNI_Ol4WCYMfQ3TJJ1GMuDhQ_Tlw1qDBnY&sid=roki_w10_0910_AC-BUBBLE-1514
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 01 Mar 2021 20:08:39 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
629504bf6810cc8f-WAW
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-request-id
0891014b9f0000cc8f7e208000000001
next.php
www.performanceonclick.com/jump/
Redirect Chain
  • https://news-easy.net/Fu7pFVBntLJpLw3NkAeYa_Uvaba_bwcCE2F9IDT7xGc?clck=hwashuQShmGc5xuHxrhasOos_1LB8wvogZp9VFmrDj39Fi_FCJseD2q2gQE0sXG9XL4b77MfJmtDisr6uynpMtw0_w5H3nUBbV8bMi8XVcukbP3wBGm0HruHqZz6Tg...
  • http://www.performanceonclick.com/jump/next.php?r=2575139&pub_clickid=WlwzJaLIZHFJxPsKqRMfVL5odhW9L6-F-XP5X-Ad7Jsx5yBKvS27NXSgcqg_cFnOSCX1WdytFBe-au2vXVjnXuj1fcAz1jyWs2shmFZlwysmhFOzbvl5_PkchKwQux-...
10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://www.performanceonclick.com/jump/next.php?r=2575139&pub_clickid=WlwzJaLIZHFJxPsKqRMfVL5odhW9L6-F-XP5X-Ad7Jsx5yBKvS27NXSgcqg_cFnOSCX1WdytFBe-au2vXVjnXuj1fcAz1jyWs2shmFZlwysmhFOzbvl5_PkchKwQux-gFfEoR-4x9Ep_2jI6vQC41LJnrk3onmBgsoas0XugdP3h4n-pUVd155xdI0YbBQVIGIiK-ujM_kLMBL49aQxde-5xVnG3tuegzuNAJzNIBn5E5oxZDNngRaJ73nxSfX0Bco-mqInwq9U-g-jQMcgwZ8UQOEfw-2jDrtUtDbclh_FGZpNtSB25hrSAkeA8cmSQvh-DS4qcxsd0dnDo49LqPY_D2eXQNKj6_B1AvRIgS9hvjSmRv2U_CWNVP5OBE8XFP6UbkaNp7WGQgqTyWOhbRhg1ZwrcJ5OBjkGPjyubQNRa3JbwozOrDCO-VMd_jjMx992b0KcH4wKzPNCNKU8ylzrND_FTvZZHN8FkQ3LsmkvZx0pEdBPLOt5HPZVBKVvUU8R4mQSPXfNKJFgaIig1mwqGqYWPDLw9Du3ubTBmjbcHXLZoGbpGI-fTNWpLNjW9MFLRQEtgFUJVcibe9s9IiefWMMV-GUFLds34ExuLPu2qgxXWENFASyPL9ZbId-D1RnXoZi_xf0Jcqassqp4kxhbm7UhDZiHZ8mXvR--OA3ZiQsI_axOfDNn1_mflkFoE9EG0m7d7Phgxr9XS2hctTM9_gRq87jLZWMclybAR8jPgNNeLsTu1Hk3Lx4P1g45VyVBxbto1pC7yx49qYiLUeZ5b-AlnjwwCZXNAFxgludcNKKp60bWc-m5UD1rgL7uuEdXqM-49kcbnwWT4o2fGU29aEqiyDZ-NPOSdfZC3rLY&sub1=push_back_block_1514_01
Requested by
Host: www1.news-back.net
URL: https://www1.news-back.net/WznAi5eQPMhyzk2ciNNe230GJerbioEO0EWu7NFnE40?clck=yz6YsvcTEiBWpotboEVzBgiYyaVI6YloAutNsGGfEuezFnTZH3t4-9ItbWDZmWg3AfyVOJ8LYjDmjaJwPcfdAc4pFK0uc0bXVg-d0Fro-67nakFHfzzBWsM38_egmd7m-sLBTndhNz-II3DZuBiqKrYhCb4zFn1PVu0W9_ixd2FXIo-mPKoilKgNl48ThMHrKBffh2hLJiNI_Ol4WCYMfQ3TJJ1GMuDhQ_Tlw1qDBnY&sid=roki_w10_0910_AC-BUBBLE-1514
Protocol
HTTP/1.1
Server
35.227.196.138 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
138.196.227.35.bc.googleusercontent.com
Software
openresty /
Resource Hash
50b0bcbe54bce29447d570e69f31ccaac04f8886e72a3d9500e06ee2ac16604d

Request headers

Host
www.performanceonclick.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www1.news-back.net/WznAi5eQPMhyzk2ciNNe230GJerbioEO0EWu7NFnE40?clck=yz6YsvcTEiBWpotboEVzBgiYyaVI6YloAutNsGGfEuezFnTZH3t4-9ItbWDZmWg3AfyVOJ8LYjDmjaJwPcfdAc4pFK0uc0bXVg-d0Fro-67nakFHfzzBWsM38_egmd7m-sLBTndhNz-II3DZuBiqKrYhCb4zFn1PVu0W9_ixd2FXIo-mPKoilKgNl48ThMHrKBffh2hLJiNI_Ol4WCYMfQ3TJJ1GMuDhQ_Tlw1qDBnY&sid=roki_w10_0910_AC-BUBBLE-1514

Response headers

Server
openresty
Date
Mon, 01 Mar 2021 20:08:41 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 google

Redirect headers

Date
Mon, 01 Mar 2021 20:08:41 GMT
Content-Type
text/html
Content-Length
142
Connection
keep-alive
Access-Control-Allow-Origin
*
Location
http://www.performanceonclick.com/jump/next.php?r=2575139&pub_clickid=WlwzJaLIZHFJxPsKqRMfVL5odhW9L6-F-XP5X-Ad7Jsx5yBKvS27NXSgcqg_cFnOSCX1WdytFBe-au2vXVjnXuj1fcAz1jyWs2shmFZlwysmhFOzbvl5_PkchKwQux-gFfEoR-4x9Ep_2jI6vQC41LJnrk3onmBgsoas0XugdP3h4n-pUVd155xdI0YbBQVIGIiK-ujM_kLMBL49aQxde-5xVnG3tuegzuNAJzNIBn5E5oxZDNngRaJ73nxSfX0Bco-mqInwq9U-g-jQMcgwZ8UQOEfw-2jDrtUtDbclh_FGZpNtSB25hrSAkeA8cmSQvh-DS4qcxsd0dnDo49LqPY_D2eXQNKj6_B1AvRIgS9hvjSmRv2U_CWNVP5OBE8XFP6UbkaNp7WGQgqTyWOhbRhg1ZwrcJ5OBjkGPjyubQNRa3JbwozOrDCO-VMd_jjMx992b0KcH4wKzPNCNKU8ylzrND_FTvZZHN8FkQ3LsmkvZx0pEdBPLOt5HPZVBKVvUU8R4mQSPXfNKJFgaIig1mwqGqYWPDLw9Du3ubTBmjbcHXLZoGbpGI-fTNWpLNjW9MFLRQEtgFUJVcibe9s9IiefWMMV-GUFLds34ExuLPu2qgxXWENFASyPL9ZbId-D1RnXoZi_xf0Jcqassqp4kxhbm7UhDZiHZ8mXvR--OA3ZiQsI_axOfDNn1_mflkFoE9EG0m7d7Phgxr9XS2hctTM9_gRq87jLZWMclybAR8jPgNNeLsTu1Hk3Lx4P1g45VyVBxbto1pC7yx49qYiLUeZ5b-AlnjwwCZXNAFxgludcNKKp60bWc-m5UD1rgL7uuEdXqM-49kcbnwWT4o2fGU29aEqiyDZ-NPOSdfZC3rLY&sub1=push_back_block_1514_01
Set-Cookie
session=2bf66c30-0198-4068-a995-6697d2ed302d
Server
nginx
/
special-offers.online/lp/common/arb/
Redirect Chain
  • http://www.performanceonclick.com/jump/next.php?stamat=m%7C%2C%2Cw3a3YjImoGU3Bp4GH0dEdHP3xP.24c%2CtvhpFaC36T--zu-Eph-X9Wp3pvuUqXplOizw_LjRBV30Ai_emHCvNKIImqcVJKD1vuwh0m4-e6mFSeJOPqIkfrYK2U3zSLkq8sG...
  • http://www.performanceonclick.com/script/i.php?stamat=m%7C%2C%2CAiKmo3I-tGU3BJ5GH0dEdHP3xP.4d9%2C0W3B9pMw9gWXRX7KEvY3Cn9R1LoeKI-Arr-rf6cFxw5tmwRSB6BGyARp2qQxHpIm5KgOtyFK-Ri-4ojIWHve9jscpW4CPIi7Fkwx...
  • https://track.free-coupons.network/15GlN9?subid=2575139-2078493347-0&country={country}&affid=999762&cost={payout}&external_id=16146293213261294947103785095049294
  • https://special-offers.online/lp/common/arb/?url=/gif-lp/3/?tag=999762&tag1=musicplayer&tag2=2575139-2078493347-0&tag3=999762&tag4=dating&clickid=5854adee0057da8ec62e89df6bedf3b5-4888-0301&device=D...
474 B
567 B 		Document
General
Check archive.org
Download Go to
Full URL
https://special-offers.online/lp/common/arb/?url=/gif-lp/3/?tag=999762&tag1=musicplayer&tag2=2575139-2078493347-0&tag3=999762&tag4=dating&clickid=5854adee0057da8ec62e89df6bedf3b5-4888-0301&device=Desktop&brand=Desktop&model=Desktop&country=DE&affid=999762&subid=2575139-2078493347-0&ln=en&cid=%7Bcountry%7D&useragent=%7Bvar:useragent%7D&ip=2a01:04f8:0192:5414:0000:0000:0000:0002&bv=Chrome%2083&as=pc
Requested by
Host: www.performanceonclick.com
URL: http://www.performanceonclick.com/jump/next.php?r=2575139&pub_clickid=WlwzJaLIZHFJxPsKqRMfVL5odhW9L6-F-XP5X-Ad7Jsx5yBKvS27NXSgcqg_cFnOSCX1WdytFBe-au2vXVjnXuj1fcAz1jyWs2shmFZlwysmhFOzbvl5_PkchKwQux-gFfEoR-4x9Ep_2jI6vQC41LJnrk3onmBgsoas0XugdP3h4n-pUVd155xdI0YbBQVIGIiK-ujM_kLMBL49aQxde-5xVnG3tuegzuNAJzNIBn5E5oxZDNngRaJ73nxSfX0Bco-mqInwq9U-g-jQMcgwZ8UQOEfw-2jDrtUtDbclh_FGZpNtSB25hrSAkeA8cmSQvh-DS4qcxsd0dnDo49LqPY_D2eXQNKj6_B1AvRIgS9hvjSmRv2U_CWNVP5OBE8XFP6UbkaNp7WGQgqTyWOhbRhg1ZwrcJ5OBjkGPjyubQNRa3JbwozOrDCO-VMd_jjMx992b0KcH4wKzPNCNKU8ylzrND_FTvZZHN8FkQ3LsmkvZx0pEdBPLOt5HPZVBKVvUU8R4mQSPXfNKJFgaIig1mwqGqYWPDLw9Du3ubTBmjbcHXLZoGbpGI-fTNWpLNjW9MFLRQEtgFUJVcibe9s9IiefWMMV-GUFLds34ExuLPu2qgxXWENFASyPL9ZbId-D1RnXoZi_xf0Jcqassqp4kxhbm7UhDZiHZ8mXvR--OA3ZiQsI_axOfDNn1_mflkFoE9EG0m7d7Phgxr9XS2hctTM9_gRq87jLZWMclybAR8jPgNNeLsTu1Hk3Lx4P1g45VyVBxbto1pC7yx49qYiLUeZ5b-AlnjwwCZXNAFxgludcNKKp60bWc-m5UD1rgL7uuEdXqM-49kcbnwWT4o2fGU29aEqiyDZ-NPOSdfZC3rLY&sub1=push_back_block_1514_01
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.227.145.147 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
a46ee2be678070854e6a1d44a37602a4fd87f316fa6e5d849e18e2c532fea6de
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

:method
GET
:authority
special-offers.online
:scheme
https
:path
/lp/common/arb/?url=/gif-lp/3/?tag=999762&tag1=musicplayer&tag2=2575139-2078493347-0&tag3=999762&tag4=dating&clickid=5854adee0057da8ec62e89df6bedf3b5-4888-0301&device=Desktop&brand=Desktop&model=Desktop&country=DE&affid=999762&subid=2575139-2078493347-0&ln=en&cid=%7Bcountry%7D&useragent=%7Bvar:useragent%7D&ip=2a01:04f8:0192:5414:0000:0000:0000:0002&bv=Chrome%2083&as=pc
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://www.performanceonclick.com/jump/next.php?r=2575139&pub_clickid=WlwzJaLIZHFJxPsKqRMfVL5odhW9L6-F-XP5X-Ad7Jsx5yBKvS27NXSgcqg_cFnOSCX1WdytFBe-au2vXVjnXuj1fcAz1jyWs2shmFZlwysmhFOzbvl5_PkchKwQux-gFfEoR-4x9Ep_2jI6vQC41LJnrk3onmBgsoas0XugdP3h4n-pUVd155xdI0YbBQVIGIiK-ujM_kLMBL49aQxde-5xVnG3tuegzuNAJzNIBn5E5oxZDNngRaJ73nxSfX0Bco-mqInwq9U-g-jQMcgwZ8UQOEfw-2jDrtUtDbclh_FGZpNtSB25hrSAkeA8cmSQvh-DS4qcxsd0dnDo49LqPY_D2eXQNKj6_B1AvRIgS9hvjSmRv2U_CWNVP5OBE8XFP6UbkaNp7WGQgqTyWOhbRhg1ZwrcJ5OBjkGPjyubQNRa3JbwozOrDCO-VMd_jjMx992b0KcH4wKzPNCNKU8ylzrND_FTvZZHN8FkQ3LsmkvZx0pEdBPLOt5HPZVBKVvUU8R4mQSPXfNKJFgaIig1mwqGqYWPDLw9Du3ubTBmjbcHXLZoGbpGI-fTNWpLNjW9MFLRQEtgFUJVcibe9s9IiefWMMV-GUFLds34ExuLPu2qgxXWENFASyPL9ZbId-D1RnXoZi_xf0Jcqassqp4kxhbm7UhDZiHZ8mXvR--OA3ZiQsI_axOfDNn1_mflkFoE9EG0m7d7Phgxr9XS2hctTM9_gRq87jLZWMclybAR8jPgNNeLsTu1Hk3Lx4P1g45VyVBxbto1pC7yx49qYiLUeZ5b-AlnjwwCZXNAFxgludcNKKp60bWc-m5UD1rgL7uuEdXqM-49kcbnwWT4o2fGU29aEqiyDZ-NPOSdfZC3rLY&sub1=push_back_block_1514_01

Response headers

server
nginx
date
Mon, 01 Mar 2021 20:08:42 GMT
content-type
text/html; charset=UTF-8
x-frame-options
SAMEORIGIN

Redirect headers

Server
nginx/1.19.5
Date
Mon, 01 Mar 2021 20:08:42 GMT
Content-Type
text/html; charset=utf-8
Content-Length
980
Connection
keep-alive
X-Powered-By
Express
Set-Cookie
15GlN9o=20210301201614630084931; domain=.track.free-coupons.network; path=/;expires=Tue, 02 Mar 2021 20:08:42 GMT; httpOnly=true;SameSite=None; Secure; _pc_lc_id=15GlN9; domain=.track.free-coupons.network; path=/;expires=Tue, 02 Mar 2021 20:08:42 GMT; httpOnly=true;SameSite=None; Secure; peerclickcid=5854adee0057da8ec62e89df6bedf3b5-4888-0301; domain=.track.free-coupons.network; path=/;expires=Tue, 02 Mar 2021 20:08:42 GMT; httpOnly=true;SameSite=None; Secure; _norg=1; domain=.track.free-coupons.network; path=/;expires=Tue, 02 Mar 2021 20:08:42 GMT; httpOnly=true;SameSite=None; Secure;
Location
https://special-offers.online/lp/common/arb/?url=/gif-lp/3/?tag=999762&tag1=musicplayer&tag2=2575139-2078493347-0&tag3=999762&tag4=dating&clickid=5854adee0057da8ec62e89df6bedf3b5-4888-0301&device=Desktop&brand=Desktop&model=Desktop&country=DE&affid=999762&subid=2575139-2078493347-0&ln=en&cid=%7Bcountry%7D&useragent=%7Bvar:useragent%7D&ip=2a01:04f8:0192:5414:0000:0000:0000:0002&bv=Chrome%2083&as=pc
Vary
Accept
Primary Request /
read-the-news.online/gif-lp/3/ 		728 B
873 B 		Document
General
Check archive.org
Download Go to
Full URL
https://read-the-news.online/gif-lp/3/?tag=999762&tag1=musicplayer&tag2=2575139-2078493347-0&tag3=999762&tag4=dating&clickid=5854adee0057da8ec62e89df6bedf3b5-4888-0301&device=Desktop&brand=Desktop&model=Desktop&country=DE&affid=999762&subid=2575139-2078493347-0&ln=en&cid=%7Bcountry%7D&useragent=%7Bvar:useragent%7D&ip=2a01:04f8:0192:5414:0000:0000:0000:0002&bv=Chrome%2083&as=pc
Requested by
Host: special-offers.online
URL: https://special-offers.online/lp/common/arb/?url=/gif-lp/3/?tag=999762&tag1=musicplayer&tag2=2575139-2078493347-0&tag3=999762&tag4=dating&clickid=5854adee0057da8ec62e89df6bedf3b5-4888-0301&device=Desktop&brand=Desktop&model=Desktop&country=DE&affid=999762&subid=2575139-2078493347-0&ln=en&cid=%7Bcountry%7D&useragent=%7Bvar:useragent%7D&ip=2a01:04f8:0192:5414:0000:0000:0000:0002&bv=Chrome%2083&as=pc
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.168.170.165 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
9e7c9574e75be184057aea30be04c143861d825c5e8029894862d6199c85934b
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

:method
GET
:authority
read-the-news.online
:scheme
https
:path
/gif-lp/3/?tag=999762&tag1=musicplayer&tag2=2575139-2078493347-0&tag3=999762&tag4=dating&clickid=5854adee0057da8ec62e89df6bedf3b5-4888-0301&device=Desktop&brand=Desktop&model=Desktop&country=DE&affid=999762&subid=2575139-2078493347-0&ln=en&cid=%7Bcountry%7D&useragent=%7Bvar:useragent%7D&ip=2a01:04f8:0192:5414:0000:0000:0000:0002&bv=Chrome%2083&as=pc
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://special-offers.online/lp/common/arb/?url=/gif-lp/3/?tag=999762&tag1=musicplayer&tag2=2575139-2078493347-0&tag3=999762&tag4=dating&clickid=5854adee0057da8ec62e89df6bedf3b5-4888-0301&device=Desktop&brand=Desktop&model=Desktop&country=DE&affid=999762&subid=2575139-2078493347-0&ln=en&cid=%7Bcountry%7D&useragent=%7Bvar:useragent%7D&ip=2a01:04f8:0192:5414:0000:0000:0000:0002&bv=Chrome%2083&as=pc
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://special-offers.online/lp/common/arb/?url=/gif-lp/3/?tag=999762&tag1=musicplayer&tag2=2575139-2078493347-0&tag3=999762&tag4=dating&clickid=5854adee0057da8ec62e89df6bedf3b5-4888-0301&device=Desktop&brand=Desktop&model=Desktop&country=DE&affid=999762&subid=2575139-2078493347-0&ln=en&cid=%7Bcountry%7D&useragent=%7Bvar:useragent%7D&ip=2a01:04f8:0192:5414:0000:0000:0000:0002&bv=Chrome%2083&as=pc

Response headers

server
nginx
date
Mon, 01 Mar 2021 20:08:42 GMT
content-type
text/html
content-length
728
last-modified
Wed, 19 Aug 2020 15:42:16 GMT
etag
"5f3d4858-2d8"
x-frame-options
SAMEORIGIN
accept-ranges
bytes
style-new.css
cdn.special-offers.online/lp/plugin/css/ 		38 KB
38 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.special-offers.online/lp/plugin/css/style-new.css
Requested by
Host: read-the-news.online
URL: https://read-the-news.online/gif-lp/3/?tag=999762&tag1=musicplayer&tag2=2575139-2078493347-0&tag3=999762&tag4=dating&clickid=5854adee0057da8ec62e89df6bedf3b5-4888-0301&device=Desktop&brand=Desktop&model=Desktop&country=DE&affid=999762&subid=2575139-2078493347-0&ln=en&cid=%7Bcountry%7D&useragent=%7Bvar:useragent%7D&ip=2a01:04f8:0192:5414:0000:0000:0000:0002&bv=Chrome%2083&as=pc
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
8.253.95.112 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
SE-1.15.12 /
Resource Hash
16ce0f7d9635fcb57c2ce46a649d17c9cc7e32819161179f41eea29caf5d5223

Request headers

Referer
https://read-the-news.online/gif-lp/3/?tag=999762&tag1=musicplayer&tag2=2575139-2078493347-0&tag3=999762&tag4=dating&clickid=5854adee0057da8ec62e89df6bedf3b5-4888-0301&device=Desktop&brand=Desktop&model=Desktop&country=DE&affid=999762&subid=2575139-2078493347-0&ln=en&cid=%7Bcountry%7D&useragent=%7Bvar:useragent%7D&ip=2a01:04f8:0192:5414:0000:0000:0000:0002&bv=Chrome%2083&as=pc
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Mar 2021 20:08:42 GMT
last-modified
Fri, 28 Sep 2018 15:56:11 GMT
server
SE-1.15.12
age
558482
etag
"5bae4f1b-9694"
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=2592000
x-cachetier-status
EXPIRED
x-cdn
Level3
accept-ranges
bytes
content-length
38548
x-edgecache-status
MISS
expires
Thu, 25 Mar 2021 09:00:40 GMT
bg.webp
cdn.special-offers.online/lp/gif-lp/3/ 		355 KB
356 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.special-offers.online/lp/gif-lp/3/bg.webp
Requested by
Host: read-the-news.online
URL: https://read-the-news.online/gif-lp/3/?tag=999762&tag1=musicplayer&tag2=2575139-2078493347-0&tag3=999762&tag4=dating&clickid=5854adee0057da8ec62e89df6bedf3b5-4888-0301&device=Desktop&brand=Desktop&model=Desktop&country=DE&affid=999762&subid=2575139-2078493347-0&ln=en&cid=%7Bcountry%7D&useragent=%7Bvar:useragent%7D&ip=2a01:04f8:0192:5414:0000:0000:0000:0002&bv=Chrome%2083&as=pc
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
8.253.95.112 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
SE-1.15.8 /
Resource Hash
6695d270650865abfa1944df5d3bc0deae2b6e67f08a271a63aadfb2698e4faf

Request headers

Referer
https://read-the-news.online/gif-lp/3/?tag=999762&tag1=musicplayer&tag2=2575139-2078493347-0&tag3=999762&tag4=dating&clickid=5854adee0057da8ec62e89df6bedf3b5-4888-0301&device=Desktop&brand=Desktop&model=Desktop&country=DE&affid=999762&subid=2575139-2078493347-0&ln=en&cid=%7Bcountry%7D&useragent=%7Bvar:useragent%7D&ip=2a01:04f8:0192:5414:0000:0000:0000:0002&bv=Chrome%2083&as=pc
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Mar 2021 20:08:43 GMT
last-modified
Wed, 19 Aug 2020 15:05:15 GMT
server
SE-1.15.8
age
15762365
etag
"5f3d3fab-58c82"
content-type
image/webp
access-control-allow-origin
*
x-cachetier-status
MISS
x-cdn
Level3
accept-ranges
bytes
content-length
363650
x-edgecache-status
MISS
IndexedDb.js
free-coupons.network/lp/plugin/js/ 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://free-coupons.network/lp/plugin/js/IndexedDb.js
Requested by
Host: read-the-news.online
URL: https://read-the-news.online/gif-lp/3/?tag=999762&tag1=musicplayer&tag2=2575139-2078493347-0&tag3=999762&tag4=dating&clickid=5854adee0057da8ec62e89df6bedf3b5-4888-0301&device=Desktop&brand=Desktop&model=Desktop&country=DE&affid=999762&subid=2575139-2078493347-0&ln=en&cid=%7Bcountry%7D&useragent=%7Bvar:useragent%7D&ip=2a01:04f8:0192:5414:0000:0000:0000:0002&bv=Chrome%2083&as=pc
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.227.145.147 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
2ae833f4464565f0a42688dc6e386f1e2fdfd63ccafe93151404b4c27fa9f8f7
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://read-the-news.online/gif-lp/3/?tag=999762&tag1=musicplayer&tag2=2575139-2078493347-0&tag3=999762&tag4=dating&clickid=5854adee0057da8ec62e89df6bedf3b5-4888-0301&device=Desktop&brand=Desktop&model=Desktop&country=DE&affid=999762&subid=2575139-2078493347-0&ln=en&cid=%7Bcountry%7D&useragent=%7Bvar:useragent%7D&ip=2a01:04f8:0192:5414:0000:0000:0000:0002&bv=Chrome%2083&as=pc
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Mar 2021 20:08:42 GMT
last-modified
Fri, 03 Jul 2020 09:20:38 GMT
server
nginx
etag
"5efef866-1012"
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=2592000
accept-ranges
bytes
content-length
4114
expires
Wed, 31 Mar 2021 20:08:42 GMT
log.js
free-coupons.network/lp/plugin/js/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://free-coupons.network/lp/plugin/js/log.js
Requested by
Host: read-the-news.online
URL: https://read-the-news.online/gif-lp/3/?tag=999762&tag1=musicplayer&tag2=2575139-2078493347-0&tag3=999762&tag4=dating&clickid=5854adee0057da8ec62e89df6bedf3b5-4888-0301&device=Desktop&brand=Desktop&model=Desktop&country=DE&affid=999762&subid=2575139-2078493347-0&ln=en&cid=%7Bcountry%7D&useragent=%7Bvar:useragent%7D&ip=2a01:04f8:0192:5414:0000:0000:0000:0002&bv=Chrome%2083&as=pc
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.227.145.147 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
b126582a2dc15643553ecc896192ffe2b58858c39571411ef548013a0be9d258
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://read-the-news.online/gif-lp/3/?tag=999762&tag1=musicplayer&tag2=2575139-2078493347-0&tag3=999762&tag4=dating&clickid=5854adee0057da8ec62e89df6bedf3b5-4888-0301&device=Desktop&brand=Desktop&model=Desktop&country=DE&affid=999762&subid=2575139-2078493347-0&ln=en&cid=%7Bcountry%7D&useragent=%7Bvar:useragent%7D&ip=2a01:04f8:0192:5414:0000:0000:0000:0002&bv=Chrome%2083&as=pc
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Mar 2021 20:08:42 GMT
last-modified
Fri, 03 Jul 2020 09:20:39 GMT
server
nginx
etag
"5efef867-5c3"
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=2592000
accept-ranges
bytes
content-length
1475
expires
Wed, 31 Mar 2021 20:08:42 GMT
client.js
free-coupons.network/lp/plugin/js/ 		99 KB
99 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://free-coupons.network/lp/plugin/js/client.js
Requested by
Host: read-the-news.online
URL: https://read-the-news.online/gif-lp/3/?tag=999762&tag1=musicplayer&tag2=2575139-2078493347-0&tag3=999762&tag4=dating&clickid=5854adee0057da8ec62e89df6bedf3b5-4888-0301&device=Desktop&brand=Desktop&model=Desktop&country=DE&affid=999762&subid=2575139-2078493347-0&ln=en&cid=%7Bcountry%7D&useragent=%7Bvar:useragent%7D&ip=2a01:04f8:0192:5414:0000:0000:0000:0002&bv=Chrome%2083&as=pc
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.227.145.147 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
e68a5fa473afa396b513a8a02c197417123b13dc4b0109af33de25d49da9e862
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://read-the-news.online/gif-lp/3/?tag=999762&tag1=musicplayer&tag2=2575139-2078493347-0&tag3=999762&tag4=dating&clickid=5854adee0057da8ec62e89df6bedf3b5-4888-0301&device=Desktop&brand=Desktop&model=Desktop&country=DE&affid=999762&subid=2575139-2078493347-0&ln=en&cid=%7Bcountry%7D&useragent=%7Bvar:useragent%7D&ip=2a01:04f8:0192:5414:0000:0000:0000:0002&bv=Chrome%2083&as=pc
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Mar 2021 20:08:42 GMT
last-modified
Fri, 03 Jul 2020 09:20:39 GMT
server
nginx
etag
"5efef867-18c61"
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=2592000
accept-ranges
bytes
content-length
101473
expires
Wed, 31 Mar 2021 20:08:42 GMT
client
wbidder.online/offer/ 		4 KB
989 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://wbidder.online/offer/client?affid=onw_999762&subid=2575139-2078493347-0&days=8&count=3
Requested by
Host: free-coupons.network
URL: https://free-coupons.network/lp/plugin/js/client.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
85.17.23.11 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
6bd10a6bb3649d476c96f64689654165005e0cf6c3929a0e84422c7051cfad55

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 01 Mar 2021 20:08:44 GMT
content-encoding
gzip
vary
Origin, Accept-Encoding
keep-alive
timeout=5
transfer-encoding
chunked
content-type
application/json; charset=utf-8

Verdicts & Comments Add Verdict or Comment

33 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| _createClass function| _classCallCheck function| IndexedDb function| Log object| _0x30cd function| _0x5046 function| _slicedToArray string| API_URL object| publicKeys string| domain object| log object| bidderBlockAffids object| bidderAffids2 object| bidder100Affids object| affidNoTimeoutRedirect function| Client function| Modal function| Dom object| body object| head object| qsObj string| kId function| getDomain function| getRandomArrItem

0 Cookies

1 Console Messages

Source Level URL
Text
console-api log URL: https://www1.news-back.net/WznAi5eQPMhyzk2ciNNe230GJerbioEO0EWu7NFnE40?clck=yz6YsvcTEiBWpotboEVzBgiYyaVI6YloAutNsGGfEuezFnTZH3t4-9ItbWDZmWg3AfyVOJ8LYjDmjaJwPcfdAc4pFK0uc0bXVg-d0Fro-67nakFHfzzBWsM38_egmd7m-sLBTndhNz-II3DZuBiqKrYhCb4zFn1PVu0W9_ixd2FXIo-mPKoilKgNl48ThMHrKBffh2hLJiNI_Ol4WCYMfQ3TJJ1GMuDhQ_Tlw1qDBnY&sid=roki_w10_0910_AC-BUBBLE-1514(Line 42)
Message:
0