urlscan.io logo urlscan.io
SecurityTrails logo

adfast.qmuli.com Open in urlscan Pro
51.11.50.102  Public Scan

Go To Rescan Add Verdict Report
URL: https://adfast.qmuli.com/Padn/link?publisher=NEWSUK&id=3837814:e5c528358f6e9783419308c37f613f00c09007cc794b7a8c6c16da...
Submission: On August 19 via api from ES
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 6 countries across 7 domains to perform 42 HTTP transactions. The main IP is 51.11.50.102, located in London, United Kingdom and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is adfast.qmuli.com.
TLS certificate: Issued by RapidSSL RSA CA 2018 on April 20th 2020. Valid for: 2 years.
This is the only time adfast.qmuli.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
19 51.11.50.102 8075 (MICROSOFT...)
3 2001:4de0:ac1... 20446 (HIGHWINDS3)
1 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 13.226.155.129 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a04:4e42:3::621 54113 (FASTLY)
6 2606:4700:10:... 13335 (CLOUDFLAR...)
3 54.77.54.31 16509 (AMAZON-02)
42 11
19    51.11.50.102 (London, United Kingdom)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
adfast.qmuli.com
3    2001:4de0:ac19::1:b:2a (Netherlands)

ASN20446 (HIGHWINDS3, US)
maxcdn.bootstrapcdn.com
1    2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
2    2606:4700::6811:4e6b (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2606:4700:10::6816:1983 (United States)

ASN13335 (CLOUDFLARENET, US)
embed.tawk.to
1    13.226.155.129 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-155-129.dus51.r.cloudfront.net
serve.albacross.com
2    2a00:1450:4001:825::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:819::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    2a04:4e42:3::621 (Ascension Island)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
6    2606:4700:10::ac43:2642 (United States)

ASN13335 (CLOUDFLARENET, US)
va.tawk.to
vsb22.tawk.to
3    54.77.54.31 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-54-31.eu-west-1.compute.amazonaws.com
collect.albacross.com
Domain Requested by
19 adfast.qmuli.com adfast.qmuli.com
4 vsb22.tawk.to embed.tawk.to
3 collect.albacross.com
3 cdn.jsdelivr.net embed.tawk.to
3 fonts.googleapis.com embed.tawk.to
3 maxcdn.bootstrapcdn.com adfast.qmuli.com
2 va.tawk.to embed.tawk.to
2 cdnjs.cloudflare.com adfast.qmuli.com
1 serve.albacross.com adfast.qmuli.com
1 embed.tawk.to adfast.qmuli.com
1 ajax.googleapis.com adfast.qmuli.com
42 11

This site contains links to these domains. Also see Links.

Domain
qmuli.com
Subject Issuer Validity Valid
*.qmuli.com
RapidSSL RSA CA 2018		 2020-04-20 -
2022-06-19		 2 years crt.sh
*.bootstrapcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2019-09-14 -
2020-10-13		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2020-07-15 -
2020-10-07		 3 months crt.sh
cdnjs.cloudflare.com
DigiCert ECC Secure Server CA		 2020-08-12 -
2022-08-17		 2 years crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-07-29 -
2021-07-29		 a year crt.sh
*.albacross.com
Amazon		 2019-10-03 -
2020-11-03		 a year crt.sh
f3.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2020-08-17 -
2021-04-17		 8 months crt.sh

This page contains 4 frames:

Primary Page: https://adfast.qmuli.com/Padn/link?publisher=NEWSUK&id=3837814:e5c528358f6e9783419308c37f613f00c09007cc794b7a8c6c16da3a3bc769bd
Frame ID: 8A0B0343A778C4949FD0F49AB1BFD65D
Requests: 36 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext
Frame ID: 8703EB7017674F80D602845F72B219EE
Requests: 1 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext
Frame ID: 369728E81ADF7FF80E1E7AD24652020F
Requests: 1 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext
Frame ID: B3932A062862F5B38C64F668054202A5
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
  • script /(?:\/([\d.]+))?(?:\/js)?\/bootstrap(?:\.min)?\.js/i
Overall confidence: 100%
Detected patterns
  • script /handlebars(?:\.runtime)?(?:-v([\d.]+?))?(?:\.min)?\.js/i
Overall confidence: 100%
Detected patterns
  • headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /\/\/embed\.tawk\.to/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i
Overall confidence: 100%
Detected patterns
  • script /swfobject.*\.js/i
Overall confidence: 100%
Detected patterns
  • script /jquery[.-]([\d.]*\d)[^/]*\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

42
Requests

100 %
HTTPS

73 %
IPv6

7
Domains

11
Subdomains

11
IPs

6
Countries

416 kB
Transfer

1574 kB
Size

4
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

42 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request link
adfast.qmuli.com/Padn/ 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://adfast.qmuli.com/Padn/link?publisher=NEWSUK&amp;id=3837814:e5c528358f6e9783419308c37f613f00c09007cc794b7a8c6c16da3a3bc769bd
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.11.50.102 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
d0502bb1a8985fdd5b1a454c643339c86353bdbaaa616e1e9488192dc84f09b0

Request headers

:method
GET
:authority
adfast.qmuli.com
:scheme
https
:path
/Padn/link?publisher=NEWSUK&amp;id=3837814:e5c528358f6e9783419308c37f613f00c09007cc794b7a8c6c16da3a3bc769bd
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
cache-control
private
content-type
text/html; charset=utf-8
content-encoding
gzip
vary
Accept-Encoding
server
Microsoft-IIS/10.0
set-cookie
ASP.NET_SessionId=ps3oa4fdtvm3x4jrgnnlfq5k; path=/; HttpOnly; SameSite=Lax
x-aspnetmvc-version
5.2
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
date
Wed, 19 Aug 2020 00:34:43 GMT
content-length
3328
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.4.0/css/ 		26 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.4.0/css/font-awesome.min.css
Requested by
Host: adfast.qmuli.com
URL: https://adfast.qmuli.com/Padn/link?publisher=NEWSUK&amp;id=3837814:e5c528358f6e9783419308c37f613f00c09007cc794b7a8c6c16da3a3bc769bd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:2a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
936ffccdc35bc55221e669d0e76034af76ba8c080c1b1149144dbbd3b5311829
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://adfast.qmuli.com/Padn/link?publisher=NEWSUK&amp;id=3837814:e5c528358f6e9783419308c37f613f00c09007cc794b7a8c6c16da3a3bc769bd
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 19 Aug 2020 00:34:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 12 Dec 2018 18:35:19 GMT
status
200
etag
"1544639719"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
6079
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.4/css/ 		115 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.4/css/bootstrap.min.css
Requested by
Host: adfast.qmuli.com
URL: https://adfast.qmuli.com/Padn/link?publisher=NEWSUK&amp;id=3837814:e5c528358f6e9783419308c37f613f00c09007cc794b7a8c6c16da3a3bc769bd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:2a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
f04b517ba5d6a0510485689a3e42dac000f51640fd71b986804cba178eae42a5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://adfast.qmuli.com/Padn/link?publisher=NEWSUK&amp;id=3837814:e5c528358f6e9783419308c37f613f00c09007cc794b7a8c6c16da3a3bc769bd
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 19 Aug 2020 00:34:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 12 Dec 2018 18:34:07 GMT
status
200
etag
"1544639647"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
19240
bootstrap-dialog.min.css
adfast.qmuli.com/Content/Styles/Default/ 		2 KB
749 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://adfast.qmuli.com/Content/Styles/Default/bootstrap-dialog.min.css
Requested by
Host: adfast.qmuli.com
URL: https://adfast.qmuli.com/Padn/link?publisher=NEWSUK&amp;id=3837814:e5c528358f6e9783419308c37f613f00c09007cc794b7a8c6c16da3a3bc769bd
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.11.50.102 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
5c51377dfe900eca83e5064faa276f2a3b7baa36d30439922aa9b0f5bceca4ce

Request headers

Referer
https://adfast.qmuli.com/Padn/link?publisher=NEWSUK&amp;id=3837814:e5c528358f6e9783419308c37f613f00c09007cc794b7a8c6c16da3a3bc769bd
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 19 Aug 2020 00:34:43 GMT
content-encoding
gzip
etag
"95eec753dddbd41:0"
last-modified
Sat, 16 Mar 2019 09:47:54 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
text/css
status
200
accept-ranges
bytes
content-length
656
bootstrap-popover-x.min.css
adfast.qmuli.com/Content/Styles/Default/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://adfast.qmuli.com/Content/Styles/Default/bootstrap-popover-x.min.css
Requested by
Host: adfast.qmuli.com
URL: https://adfast.qmuli.com/Padn/link?publisher=NEWSUK&amp;id=3837814:e5c528358f6e9783419308c37f613f00c09007cc794b7a8c6c16da3a3bc769bd
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.11.50.102 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
5ef655313119a1655783961369f977858939e8058a4162e0e4c0cc9e69c17b72

Request headers

Referer
https://adfast.qmuli.com/Padn/link?publisher=NEWSUK&amp;id=3837814:e5c528358f6e9783419308c37f613f00c09007cc794b7a8c6c16da3a3bc769bd
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 19 Aug 2020 00:34:43 GMT
content-encoding
gzip
etag
"a515c853dddbd41:0"
last-modified
Sat, 16 Mar 2019 09:47:54 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
text/css
status
200
accept-ranges
bytes
content-length
1076
datepicker.css
adfast.qmuli.com/Content/Styles/Default/ 		15 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://adfast.qmuli.com/Content/Styles/Default/datepicker.css
Requested by
Host: adfast.qmuli.com
URL: https://adfast.qmuli.com/Padn/link?publisher=NEWSUK&amp;id=3837814:e5c528358f6e9783419308c37f613f00c09007cc794b7a8c6c16da3a3bc769bd
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.11.50.102 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
f9ad1a3632e2e24e264da8141e6535923ef5d8afe3b1c89a9fd7eccdb8d6ba52

Request headers

Referer
https://adfast.qmuli.com/Padn/link?publisher=NEWSUK&amp;id=3837814:e5c528358f6e9783419308c37f613f00c09007cc794b7a8c6c16da3a3bc769bd
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 19 Aug 2020 00:34:43 GMT
content-encoding
gzip
etag
"a93cc853dddbd41:0"
last-modified
Sat, 16 Mar 2019 09:47:54 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
text/css
status
200
accept-ranges
bytes
content-length
2886
Site.css
adfast.qmuli.com/Content/Styles/ 		18 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://adfast.qmuli.com/Content/Styles/Site.css?v=9
Requested by
Host: adfast.qmuli.com
URL: https://adfast.qmuli.com/Padn/link?publisher=NEWSUK&amp;id=3837814:e5c528358f6e9783419308c37f613f00c09007cc794b7a8c6c16da3a3bc769bd
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.11.50.102 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
ec700a38fa949966da49b4dc94a0d655afd08da9bf5d55171e4a8df71ed22570

Request headers

Referer
https://adfast.qmuli.com/Padn/link?publisher=NEWSUK&amp;id=3837814:e5c528358f6e9783419308c37f613f00c09007cc794b7a8c6c16da3a3bc769bd
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 19 Aug 2020 00:34:43 GMT
content-encoding
gzip
etag
"1730d413525bd61:0"
last-modified
Thu, 16 Jul 2020 09:18:33 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
text/css
status
200
accept-ranges
bytes
content-length
5456
jquery-1.11.3.min.js
adfast.qmuli.com/Scripts/ 		113 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adfast.qmuli.com/Scripts/jquery-1.11.3.min.js
Requested by
Host: adfast.qmuli.com
URL: https://adfast.qmuli.com/Padn/link?publisher=NEWSUK&amp;id=3837814:e5c528358f6e9783419308c37f613f00c09007cc794b7a8c6c16da3a3bc769bd
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.11.50.102 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
1f9ccc00333aed36f9646c2dec274861c5122e7a0614f1441c6a0cffb21a484a

Request headers

Referer
https://adfast.qmuli.com/Padn/link?publisher=NEWSUK&amp;id=3837814:e5c528358f6e9783419308c37f613f00c09007cc794b7a8c6c16da3a3bc769bd
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 19 Aug 2020 00:34:43 GMT
content-encoding
gzip
etag
"798d553dddbd41:0"
last-modified
Sat, 16 Mar 2019 09:47:54 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
status
200
accept-ranges
bytes
content-length
46816
handlebars-v3.0.0.js
adfast.qmuli.com/Scripts/ 		121 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adfast.qmuli.com/Scripts/handlebars-v3.0.0.js
Requested by
Host: adfast.qmuli.com
URL: https://adfast.qmuli.com/Padn/link?publisher=NEWSUK&amp;id=3837814:e5c528358f6e9783419308c37f613f00c09007cc794b7a8c6c16da3a3bc769bd
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.11.50.102 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
b8c21f31aebba583306cfc53b1d175bf576f9052df67d0cf6698c641f8bee832

Request headers

Referer
https://adfast.qmuli.com/Padn/link?publisher=NEWSUK&amp;id=3837814:e5c528358f6e9783419308c37f613f00c09007cc794b7a8c6c16da3a3bc769bd
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 19 Aug 2020 00:34:43 GMT
content-encoding
gzip
etag
"798d553dddbd41:0"
last-modified
Sat, 16 Mar 2019 09:47:54 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
status
200
accept-ranges
bytes
content-length
40174
jquery.alphanumeric.js
adfast.qmuli.com/Scripts/ 		1 KB
909 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adfast.qmuli.com/Scripts/jquery.alphanumeric.js
Requested by
Host: adfast.qmuli.com
URL: https://adfast.qmuli.com/Padn/link?publisher=NEWSUK&amp;id=3837814:e5c528358f6e9783419308c37f613f00c09007cc794b7a8c6c16da3a3bc769bd
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.11.50.102 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
2de3e61670ca7228c5255cf379ab059bf7a43b71bdcaf3800388a6d2e6f6d696

Request headers

Referer
https://adfast.qmuli.com/Padn/link?publisher=NEWSUK&amp;id=3837814:e5c528358f6e9783419308c37f613f00c09007cc794b7a8c6c16da3a3bc769bd
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 19 Aug 2020 00:34:43 GMT
content-encoding
gzip
etag
"7a2fd553dddbd41:0"
last-modified
Sat, 16 Mar 2019 09:47:54 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
status
200
accept-ranges
bytes
content-length
851
jquery.validate.min.js
adfast.qmuli.com/Scripts/ 		21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adfast.qmuli.com/Scripts/jquery.validate.min.js
Requested by
Host: adfast.qmuli.com
URL: https://adfast.qmuli.com/Padn/link?publisher=NEWSUK&amp;id=3837814:e5c528358f6e9783419308c37f613f00c09007cc794b7a8c6c16da3a3bc769bd
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.11.50.102 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
2e3e3b2660cbfaac5febf7a50b31d0494159989626a84102b2c3792cffe27d13

Request headers

Referer
https://adfast.qmuli.com/Padn/link?publisher=NEWSUK&amp;id=3837814:e5c528358f6e9783419308c37f613f00c09007cc794b7a8c6c16da3a3bc769bd
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 19 Aug 2020 00:34:43 GMT
content-encoding
gzip
etag
"bf19d653dddbd41:0"
last-modified
Sat, 16 Mar 2019 09:47:54 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
status
200
accept-ranges
bytes
content-length
8520
jquery.form.js
adfast.qmuli.com/Scripts/ 		47 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adfast.qmuli.com/Scripts/jquery.form.js
Requested by
Host: adfast.qmuli.com
URL: https://adfast.qmuli.com/Padn/link?publisher=NEWSUK&amp;id=3837814:e5c528358f6e9783419308c37f613f00c09007cc794b7a8c6c16da3a3bc769bd
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.11.50.102 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
8aaddb76a10c17525166687a8b1e343654df937647e5288b9e717672a7b07463

Request headers

Referer
https://adfast.qmuli.com/Padn/link?publisher=NEWSUK&amp;id=3837814:e5c528358f6e9783419308c37f613f00c09007cc794b7a8c6c16da3a3bc769bd
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 19 Aug 2020 00:34:43 GMT
content-encoding
gzip
etag
"a3cbd553dddbd41:0"
last-modified
Sat, 16 Mar 2019 09:47:54 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
status
200
accept-ranges
bytes
content-length
15510
bootstrap.min.js
maxcdn.bootstrapcdn.com/bootstrap/3.3.4/js/ 		35 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.4/js/bootstrap.min.js
Requested by
Host: adfast.qmuli.com
URL: https://adfast.qmuli.com/Padn/link?publisher=NEWSUK&amp;id=3837814:e5c528358f6e9783419308c37f613f00c09007cc794b7a8c6c16da3a3bc769bd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:2a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
d5fd173d00d9733900834e0e1083de86b532e048b15c0420ba5c2db0623644b8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://adfast.qmuli.com/Padn/link?publisher=NEWSUK&amp;id=3837814:e5c528358f6e9783419308c37f613f00c09007cc794b7a8c6c16da3a3bc769bd
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 19 Aug 2020 00:34:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 12 Dec 2018 18:33:51 GMT
status
200
etag
"1544639631"
vary
Accept-Encoding
x-cache
HIT
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
9538
bootstrap-dialog.min.js
adfast.qmuli.com/Scripts/ 		20 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adfast.qmuli.com/Scripts/bootstrap-dialog.min.js
Requested by
Host: adfast.qmuli.com
URL: https://adfast.qmuli.com/Padn/link?publisher=NEWSUK&amp;id=3837814:e5c528358f6e9783419308c37f613f00c09007cc794b7a8c6c16da3a3bc769bd
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.11.50.102 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
40d78b2b2a4a04e31b4dcb8b488f163306c8b8e6f91b84bf3b5351fba3882f5e

Request headers

Referer
https://adfast.qmuli.com/Padn/link?publisher=NEWSUK&amp;id=3837814:e5c528358f6e9783419308c37f613f00c09007cc794b7a8c6c16da3a3bc769bd
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 19 Aug 2020 00:34:43 GMT
content-encoding
gzip
etag
"416cd453dddbd41:0"
last-modified
Sat, 16 Mar 2019 09:47:54 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
status
200
accept-ranges
bytes
content-length
6211
bootstrap-popover-x.min.js
adfast.qmuli.com/Scripts/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adfast.qmuli.com/Scripts/bootstrap-popover-x.min.js
Requested by
Host: adfast.qmuli.com
URL: https://adfast.qmuli.com/Padn/link?publisher=NEWSUK&amp;id=3837814:e5c528358f6e9783419308c37f613f00c09007cc794b7a8c6c16da3a3bc769bd
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.11.50.102 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
6d430a99235c9c003851e66b621edb7ef06a039ddc5b71b5a0d36cccfd92a636

Request headers

Referer
https://adfast.qmuli.com/Padn/link?publisher=NEWSUK&amp;id=3837814:e5c528358f6e9783419308c37f613f00c09007cc794b7a8c6c16da3a3bc769bd
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 19 Aug 2020 00:34:43 GMT
content-encoding
gzip
etag
"798d553dddbd41:0"
last-modified
Sat, 16 Mar 2019 09:47:54 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
status
200
accept-ranges
bytes
content-length
1740
bootstrap-datepicker.js
adfast.qmuli.com/Scripts/ 		32 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adfast.qmuli.com/Scripts/bootstrap-datepicker.js
Requested by
Host: adfast.qmuli.com
URL: https://adfast.qmuli.com/Padn/link?publisher=NEWSUK&amp;id=3837814:e5c528358f6e9783419308c37f613f00c09007cc794b7a8c6c16da3a3bc769bd
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.11.50.102 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
4e172c36a12ff2435cc8484f75dffe772f9967f3e31f15df00e23d8cd39ea83e

Request headers

Referer
https://adfast.qmuli.com/Padn/link?publisher=NEWSUK&amp;id=3837814:e5c528358f6e9783419308c37f613f00c09007cc794b7a8c6c16da3a3bc769bd
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 19 Aug 2020 00:34:43 GMT
content-encoding
gzip
etag
"5dbad453dddbd41:0"
last-modified
Sat, 16 Mar 2019 09:47:54 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
status
200
accept-ranges
bytes
content-length
11925
swfobject.js
ajax.googleapis.com/ajax/libs/swfobject/2.2/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/swfobject/2.2/swfobject.js
Requested by
Host: adfast.qmuli.com
URL: https://adfast.qmuli.com/Padn/link?publisher=NEWSUK&amp;id=3837814:e5c528358f6e9783419308c37f613f00c09007cc794b7a8c6c16da3a3bc769bd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8677971b119ccdb82af697ff0e08f218490d15116f221d44301f1cc8797e67d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adfast.qmuli.com/Padn/link?publisher=NEWSUK&amp;id=3837814:e5c528358f6e9783419308c37f613f00c09007cc794b7a8c6c16da3a3bc769bd
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 11 Aug 2020 16:38:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
633349
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3974
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 11 Aug 2021 16:38:54 GMT
js.cookie.js
adfast.qmuli.com/Scripts/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adfast.qmuli.com/Scripts/js.cookie.js
Requested by
Host: adfast.qmuli.com
URL: https://adfast.qmuli.com/Padn/link?publisher=NEWSUK&amp;id=3837814:e5c528358f6e9783419308c37f613f00c09007cc794b7a8c6c16da3a3bc769bd
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.11.50.102 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
2bd517e74d7e2184b884b225cc92aba9c6ae57651d1327bd355c07316742ddc1

Request headers

Referer
https://adfast.qmuli.com/Padn/link?publisher=NEWSUK&amp;id=3837814:e5c528358f6e9783419308c37f613f00c09007cc794b7a8c6c16da3a3bc769bd
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 19 Aug 2020 00:34:43 GMT
content-encoding
gzip
etag
"bf19d653dddbd41:0"
last-modified
Sat, 16 Mar 2019 09:47:54 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
status
200
accept-ranges
bytes
content-length
1692
jquery.Qmuli.js
adfast.qmuli.com/Scripts/ 		35 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adfast.qmuli.com/Scripts/jquery.Qmuli.js?v=8
Requested by
Host: adfast.qmuli.com
URL: https://adfast.qmuli.com/Padn/link?publisher=NEWSUK&amp;id=3837814:e5c528358f6e9783419308c37f613f00c09007cc794b7a8c6c16da3a3bc769bd
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.11.50.102 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
2d58c9fb496f53e8eda5178da72a011bf446041e8ac955a321d35ca0e55249dd

Request headers

Referer
https://adfast.qmuli.com/Padn/link?publisher=NEWSUK&amp;id=3837814:e5c528358f6e9783419308c37f613f00c09007cc794b7a8c6c16da3a3bc769bd
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 19 Aug 2020 00:34:43 GMT
content-encoding
gzip
etag
"38c56c30823d61:0"
last-modified
Thu, 26 Mar 2020 15:21:14 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
status
200
accept-ranges
bytes
content-length
8180
cookieconsent.min.css
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/cookieconsent.min.css
Requested by
Host: adfast.qmuli.com
URL: https://adfast.qmuli.com/Padn/link?publisher=NEWSUK&amp;id=3837814:e5c528358f6e9783419308c37f613f00c09007cc794b7a8c6c16da3a3bc769bd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4e6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
456ab1a71507ed91abae14c9d08faffb373a7bc711a66e44341b7b8b7bb72ab4
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
https://adfast.qmuli.com/Padn/link?publisher=NEWSUK&amp;id=3837814:e5c528358f6e9783419308c37f613f00c09007cc794b7a8c6c16da3a3bc769bd
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 19 Aug 2020 00:34:43 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
3550239
status
200
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
04a5bccd230000d70df7a56200000001
timing-allow-origin
*
last-modified
Thu, 17 May 2018 09:18:32 GMT
server
cloudflare
etag
W/"5afd48e8-f62"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000; includeSubDomains
content-type
text/css
access-control-allow-origin
*
expires
Mon, 09 Aug 2021 00:34:43 GMT
cache-control
public, max-age=30672000
cf-ray
5c4fca5b68b7d70d-FRA
served-in-seconds
0.001
cookieconsent.min.js
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/ 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/cookieconsent.min.js
Requested by
Host: adfast.qmuli.com
URL: https://adfast.qmuli.com/Padn/link?publisher=NEWSUK&amp;id=3837814:e5c528358f6e9783419308c37f613f00c09007cc794b7a8c6c16da3a3bc769bd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4e6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af4c6683814aa527caf53bde3d021e6aafe00833b45f2dead043c87ed7864674
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
https://adfast.qmuli.com/Padn/link?publisher=NEWSUK&amp;id=3837814:e5c528358f6e9783419308c37f613f00c09007cc794b7a8c6c16da3a3bc769bd
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 19 Aug 2020 00:34:43 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
3084418
status
200
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
04a5bccd240000d70df7a57200000001
timing-allow-origin
*
last-modified
Thu, 17 May 2018 09:18:36 GMT
server
cloudflare
etag
W/"5afd48ec-4d5a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000; includeSubDomains
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Mon, 09 Aug 2021 00:34:43 GMT
cache-control
public, max-age=30672000
cf-ray
5c4fca5b68b8d70d-FRA
served-in-seconds
0.002
AdfastLogo_sml.png
adfast.qmuli.com/Content/Images/Logos/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adfast.qmuli.com/Content/Images/Logos/AdfastLogo_sml.png
Requested by
Host: adfast.qmuli.com
URL: https://adfast.qmuli.com/Padn/link?publisher=NEWSUK&amp;id=3837814:e5c528358f6e9783419308c37f613f00c09007cc794b7a8c6c16da3a3bc769bd
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.11.50.102 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e93d8c81329d8cdd5cd1c079b3c18b909ad6fdc121a757e644c859ef56e99ecc

Request headers

Referer
https://adfast.qmuli.com/Padn/link?publisher=NEWSUK&amp;id=3837814:e5c528358f6e9783419308c37f613f00c09007cc794b7a8c6c16da3a3bc769bd
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 19 Aug 2020 00:34:56 GMT
last-modified
Sat, 16 Mar 2019 09:47:53 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"98aeb853dddbd41:0"
content-type
image/png
status
200
accept-ranges
bytes
content-length
5310
adfast-header-strip.png
adfast.qmuli.com/Content/Images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adfast.qmuli.com/Content/Images/adfast-header-strip.png
Requested by
Host: adfast.qmuli.com
URL: https://adfast.qmuli.com/Padn/link?publisher=NEWSUK&amp;id=3837814:e5c528358f6e9783419308c37f613f00c09007cc794b7a8c6c16da3a3bc769bd
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.11.50.102 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
7d8acaa5f5c06caf0f466d5cc103ba2b1c0eec78fd0df57e8cea93e802bd46f9

Request headers

Referer
https://adfast.qmuli.com/Padn/link?publisher=NEWSUK&amp;id=3837814:e5c528358f6e9783419308c37f613f00c09007cc794b7a8c6c16da3a3bc769bd
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 19 Aug 2020 00:34:56 GMT
last-modified
Sat, 16 Mar 2019 09:47:53 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"2f3baf53dddbd41:0"
content-type
image/png
status
200
accept-ranges
bytes
content-length
1098
padn-logo.png
adfast.qmuli.com/Content/Images/Logos/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adfast.qmuli.com/Content/Images/Logos/padn-logo.png
Requested by
Host: adfast.qmuli.com
URL: https://adfast.qmuli.com/Padn/link?publisher=NEWSUK&amp;id=3837814:e5c528358f6e9783419308c37f613f00c09007cc794b7a8c6c16da3a3bc769bd
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.11.50.102 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
4abe7006bf33d9203dd22025bf36bf7426fd9d44f015c26229d123de75760fc5

Request headers

Referer
https://adfast.qmuli.com/Padn/link?publisher=NEWSUK&amp;id=3837814:e5c528358f6e9783419308c37f613f00c09007cc794b7a8c6c16da3a3bc769bd
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 19 Aug 2020 00:34:56 GMT
last-modified
Sat, 16 Mar 2019 09:47:53 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"b7fcb853dddbd41:0"
content-type
image/png
status
200
accept-ranges
bytes
content-length
19593
powered.png
adfast.qmuli.com/Content/NQmuli/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adfast.qmuli.com/Content/NQmuli/images/powered.png
Requested by
Host: adfast.qmuli.com
URL: https://adfast.qmuli.com/Padn/link?publisher=NEWSUK&amp;id=3837814:e5c528358f6e9783419308c37f613f00c09007cc794b7a8c6c16da3a3bc769bd
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.11.50.102 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
3fefd68147ff4974e7876b0d590499e4b75a6f5477a0e286c4e21aff6f7022a5

Request headers

Referer
https://adfast.qmuli.com/Padn/link?publisher=NEWSUK&amp;id=3837814:e5c528358f6e9783419308c37f613f00c09007cc794b7a8c6c16da3a3bc769bd
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 19 Aug 2020 00:34:56 GMT
last-modified
Sat, 16 Mar 2019 09:47:54 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"2b71c253dddbd41:0"
content-type
image/png
status
200
accept-ranges
bytes
content-length
1906
default
embed.tawk.to/5bd18e4c19b86b5920c0da27/ 		506 KB
111 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/5bd18e4c19b86b5920c0da27/default
Requested by
Host: adfast.qmuli.com
URL: https://adfast.qmuli.com/Padn/link?publisher=NEWSUK&amp;id=3837814:e5c528358f6e9783419308c37f613f00c09007cc794b7a8c6c16da3a3bc769bd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
075fff0c126e7ebf3ee551cfa6af6e9fe2a36c8166c5ccaa47a805f32caef95e
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Origin
https://adfast.qmuli.com
Referer
https://adfast.qmuli.com/Padn/link?publisher=NEWSUK&amp;id=3837814:e5c528358f6e9783419308c37f613f00c09007cc794b7a8c6c16da3a3bc769bd
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 19 Aug 2020 00:34:56 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
322
status
200
vary
Accept-Encoding
cf-request-id
04a5bd02550000d6ddeda97200000001
server
cloudflare
etag
W/"fulls69173"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=14400, s-maxage=3600
cf-ray
5c4fcab08a04d6dd-FRA
track.js
serve.albacross.com/ 		64 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://serve.albacross.com/track.js
Requested by
Host: adfast.qmuli.com
URL: https://adfast.qmuli.com/Padn/link?publisher=NEWSUK&amp;id=3837814:e5c528358f6e9783419308c37f613f00c09007cc794b7a8c6c16da3a3bc769bd
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.226.155.129 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-155-129.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b7a12ed6cb5012d970eab1bd99f316a9077e4a1b3085ace81c19153839e6c076

Request headers

Referer
https://adfast.qmuli.com/Padn/link?publisher=NEWSUK&amp;id=3837814:e5c528358f6e9783419308c37f613f00c09007cc794b7a8c6c16da3a3bc769bd
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 18 Aug 2020 01:17:18 GMT
Content-Encoding
gzip
Last-Modified
Wed, 23 Oct 2019 09:31:23 GMT
Server
AmazonS3
Age
83859
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 20f674d6a4a322fa027d3644cb825864.cloudfront.net (CloudFront)
Connection
keep-alive
Transfer-Encoding
chunked
X-Amz-Cf-Pop
DUS51-C1
X-Amz-Cf-Id
bzYKxGBeA4RyHR6PbFr9w2pEgw3kpT38Q7SliAff-GNwcSLAxTQdvQ==
css
fonts.googleapis.com/ Frame 8703 		8 KB
790 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/5bd18e4c19b86b5920c0da27/default
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d34c7dfb31a485518c27a55eb41e6109e25f1c5c053b9a0936ff96af22199489
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://adfast.qmuli.com/Padn/link?publisher=NEWSUK&amp;id=3837814:e5c528358f6e9783419308c37f613f00c09007cc794b7a8c6c16da3a3bc769bd
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 18 Aug 2020 23:40:22 GMT
server
ESF
date
Wed, 19 Aug 2020 00:34:56 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 19 Aug 2020 00:34:56 GMT
css
fonts.googleapis.com/ Frame 3697 		8 KB
767 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/5bd18e4c19b86b5920c0da27/default
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d34c7dfb31a485518c27a55eb41e6109e25f1c5c053b9a0936ff96af22199489
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://adfast.qmuli.com/Padn/link?publisher=NEWSUK&amp;id=3837814:e5c528358f6e9783419308c37f613f00c09007cc794b7a8c6c16da3a3bc769bd
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 19 Aug 2020 00:20:38 GMT
server
ESF
date
Wed, 19 Aug 2020 00:34:56 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 19 Aug 2020 00:34:56 GMT
css
fonts.googleapis.com/ Frame B393 		8 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/5bd18e4c19b86b5920c0da27/default
Protocol
HTTP/2+QUIC/46
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:819::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d34c7dfb31a485518c27a55eb41e6109e25f1c5c053b9a0936ff96af22199489
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://adfast.qmuli.com/Padn/link?publisher=NEWSUK&amp;id=3837814:e5c528358f6e9783419308c37f613f00c09007cc794b7a8c6c16da3a3bc769bd
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 18 Aug 2020 22:49:22 GMT
server
ESF
date
Wed, 19 Aug 2020 00:34:56 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 19 Aug 2020 00:34:56 GMT
emojione.min.css
cdn.jsdelivr.net/emojione/2.2.7/assets/css/ Frame B393 		192 B
239 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/emojione/2.2.7/assets/css/emojione.min.css
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/5bd18e4c19b86b5920c0da27/default
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:3::621 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
519edf0dc00972d9a811c5e60b94cf719b30351a8dfe62f38fab8d4b5182558b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://adfast.qmuli.com/Padn/link?publisher=NEWSUK&amp;id=3837814:e5c528358f6e9783419308c37f613f00c09007cc794b7a8c6c16da3a3bc769bd
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
1762394
x-cache
HIT
status
200
content-length
152
etag
W/"c0-akPwBVON2fKdb1Kdc8vjvcdyWY0"
x-served-by
cache-fra19156-FRA
date
Wed, 19 Aug 2020 00:34:56 GMT
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
emojione.min.js
cdn.jsdelivr.net/emojione/2.2.7/lib/js/ Frame B393 		295 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/emojione/2.2.7/lib/js/emojione.min.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/5bd18e4c19b86b5920c0da27/default
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:3::621 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f5c06455e539dcd889f7f05d709b5adc76c444099fe57f431365af2fc57e803b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://adfast.qmuli.com/Padn/link?publisher=NEWSUK&amp;id=3837814:e5c528358f6e9783419308c37f613f00c09007cc794b7a8c6c16da3a3bc769bd
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
1762394
x-cache
HIT
status
200
content-length
53889
etag
W/"49dda-cp9vjKV4fYl0Ow7X6yf9dkBr+YU"
x-served-by
cache-fra19156-FRA
date
Wed, 19 Aug 2020 00:34:56 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
1597797296882
va.tawk.to/register/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://va.tawk.to/register/1597797296882
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/5bd18e4c19b86b5920c0da27/default
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ebdb7d7e3112521cc8f33b946bc8a5200804e2cb141392fe9636f8ea1b726fc2
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://adfast.qmuli.com/Padn/link?publisher=NEWSUK&amp;id=3837814:e5c528358f6e9783419308c37f613f00c09007cc794b7a8c6c16da3a3bc769bd
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Wed, 19 Aug 2020 00:34:57 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
p3p
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
status
200
vary
Accept-Encoding
cf-request-id
04a5bd03010000178267bb2200000001
x-served-by
visitor-application-preemptive-459g
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
access-control-allow-methods
POST
content-type
application/json
access-control-allow-origin
https://adfast.qmuli.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
5c4fcab199f31782-FRA
access-control-allow-headers
origin, content-type
e.gif
collect.albacross.com/ 		37 B
184 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://collect.albacross.com/e.gif?s=JSCollector%2C2.0.2%2C1597797296889&e1=pageview&ur1=https%3A%2F%2Fadfast.qmuli.com%2FPadn%2Flink%3Fpublisher%3DNEWSUK%26amp%26id%3D3837814%3Ae5c528358f6e9783419308c37f613f00c09007cc794b7a8c6c16da3a3bc769bd&ti1=Adfast%20PADN%20Link&re1=1600&re1=1200&p1=ae05b057-37ac-78c1-44ce-ee4147c6485a&c1=89270020&ci1=477bffc2-1842-18c2-c343-18dbb7383524&v1=29075560-a68d-27b2-54c2-894d2a8711ba&u1=ae05b057-37ac-78c1-44ce-ee4147c6485a&e2=fingerprint&fi2=5404145d11ea4210b857aa82e3eb3515&ti2=42&p2=ae05b057-37ac-78c1-44ce-ee4147c6485a&c2=89270020&ci2=477bffc2-1842-18c2-c343-18dbb7383524&v2=29075560-a68d-27b2-54c2-894d2a8711ba&u2=a14daf83-f7e8-7c79-b47c-ee9b9dcb3fac&e3=page_performance&ply3=56&pl3=13930&n3=navigated&p3=ae05b057-37ac-78c1-44ce-ee4147c6485a&c3=89270020&ci3=477bffc2-1842-18c2-c343-18dbb7383524&v3=29075560-a68d-27b2-54c2-894d2a8711ba&u3=dd753edc-70e7-87a9-6c32-c19739617ca9
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.54.31 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-54-31.eu-west-1.compute.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
49059d42ad3423fb9f04b2330cdce035e4d555aa9ea7a7ceae097de0c69be05d

Request headers

Referer
https://adfast.qmuli.com/Padn/link?publisher=NEWSUK&amp;id=3837814:e5c528358f6e9783419308c37f613f00c09007cc794b7a8c6c16da3a3bc769bd
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 19 Aug 2020 00:34:57 GMT
Server
nginx/1.12.1
Connection
keep-alive
Content-Length
37
Content-Type
image/gif
/
vsb22.tawk.to/s/ 		101 B
306 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vsb22.tawk.to/s/?k=5f3c73b1c038494eef38bd57&u=2f%2Fpgx7WIA%2Fz%2FsnNkTif692Wcssv0nxZTXYCudGyWrNOYRyp0OfpqAdI2XOlTnP4&uv=2&a=5bd18e4c19b86b5920c0da27&cver=0&pop=false&w=Jsznhs&jv=691&asver=31138&ust=false&p=Adfast%20PADN%20Link&r=&EIO=3&transport=polling&__t=NG48-mh
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/5bd18e4c19b86b5920c0da27/default
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
02b6fd5284ab8366147645f9928f2534371539a147a04ba9ae4ac6ea8aced482
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://adfast.qmuli.com/Padn/link?publisher=NEWSUK&amp;id=3837814:e5c528358f6e9783419308c37f613f00c09007cc794b7a8c6c16da3a3bc769bd
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 19 Aug 2020 00:34:57 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
status
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
application/octet-stream
access-control-allow-origin
https://adfast.qmuli.com
access-control-allow-credentials
true
cf-ray
5c4fcab38bad1782-FRA
content-length
101
cf-request-id
04a5bd04350000178267bbc200000001
26a1.png
cdn.jsdelivr.net/emojione/assets/png/ Frame B393 		413 B
532 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.jsdelivr.net/emojione/assets/png/26a1.png?v=2.2.7
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:3::621 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
9f8144ae6f866129aea41bbf694b0c858ef9352a139969e57cd8db73385f52c3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://adfast.qmuli.com/Padn/link?publisher=NEWSUK&amp;id=3837814:e5c528358f6e9783419308c37f613f00c09007cc794b7a8c6c16da3a3bc769bd
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
age
1762394
x-cache
HIT
status
200
content-length
413
etag
W/"19d-NgetWBBUGNU0Su9xItAjaREfnb0"
x-served-by
cache-fra19156-FRA
date
Wed, 19 Aug 2020 00:34:57 GMT
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
/
vsb22.tawk.to/s/ 		562 B
671 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vsb22.tawk.to/s/?k=5f3c73b1c038494eef38bd57&u=2f%2Fpgx7WIA%2Fz%2FsnNkTif692Wcssv0nxZTXYCudGyWrNOYRyp0OfpqAdI2XOlTnP4&uv=2&a=5bd18e4c19b86b5920c0da27&cver=0&pop=false&w=Jsznhs&jv=691&asver=31138&ust=false&p=Adfast%20PADN%20Link&r=&EIO=3&transport=polling&__t=NG48-xZ&sid=G6pIkJWre738I4gRQKOo
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/5bd18e4c19b86b5920c0da27/default
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
668f0c6e6e419e47d86df39c8c60fcd451b81fa42c992c433788cfdccfee3e98
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://adfast.qmuli.com/Padn/link?publisher=NEWSUK&amp;id=3837814:e5c528358f6e9783419308c37f613f00c09007cc794b7a8c6c16da3a3bc769bd
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 19 Aug 2020 00:34:58 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
status
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
application/octet-stream
access-control-allow-origin
https://adfast.qmuli.com
access-control-allow-credentials
true
cf-ray
5c4fcab7d8531782-FRA
content-length
562
cf-request-id
04a5bd06e40000178267bcd200000001
v3
va.tawk.to/log-performance/ 		5 B
244 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://va.tawk.to/log-performance/v3
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/5bd18e4c19b86b5920c0da27/default
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
933b971c6388d594a23fa1559825db5bec8ade2db1240aa8fc9d0c684949e8c9
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://adfast.qmuli.com/Padn/link?publisher=NEWSUK&amp;id=3837814:e5c528358f6e9783419308c37f613f00c09007cc794b7a8c6c16da3a3bc769bd
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Wed, 19 Aug 2020 00:34:58 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
status
200
vary
Accept-Encoding
cf-request-id
04a5bd09750000178267bdd200000001
x-served-by
visitor-application-preemptive-8qm5
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
access-control-allow-methods
POST
content-type
text/html; charset=utf-8
access-control-allow-origin
https://adfast.qmuli.com
access-control-allow-credentials
true
cf-ray
5c4fcabbec311782-FRA
access-control-allow-headers
origin, content-type
/
vsb22.tawk.to/s/ 		2 B
119 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vsb22.tawk.to/s/?k=5f3c73b1c038494eef38bd57&u=2f%2Fpgx7WIA%2Fz%2FsnNkTif692Wcssv0nxZTXYCudGyWrNOYRyp0OfpqAdI2XOlTnP4&uv=2&a=5bd18e4c19b86b5920c0da27&cver=0&pop=false&w=Jsznhs&jv=691&asver=31138&ust=false&p=Adfast%20PADN%20Link&r=&EIO=3&transport=polling&__t=NG48_5r&sid=G6pIkJWre738I4gRQKOo
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/5bd18e4c19b86b5920c0da27/default
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://adfast.qmuli.com/Padn/link?publisher=NEWSUK&amp;id=3837814:e5c528358f6e9783419308c37f613f00c09007cc794b7a8c6c16da3a3bc769bd
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type
text/plain;charset=UTF-8

Response headers

date
Wed, 19 Aug 2020 00:34:59 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
status
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
text/html
access-control-allow-origin
https://adfast.qmuli.com
access-control-allow-credentials
true
cf-ray
5c4fcabbfc341782-FRA
cf-request-id
04a5bd09760000178267bde200000001
/
vsb22.tawk.to/s/ 		4 B
88 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vsb22.tawk.to/s/?k=5f3c73b1c038494eef38bd57&u=2f%2Fpgx7WIA%2Fz%2FsnNkTif692Wcssv0nxZTXYCudGyWrNOYRyp0OfpqAdI2XOlTnP4&uv=2&a=5bd18e4c19b86b5920c0da27&cver=0&pop=false&w=Jsznhs&jv=691&asver=31138&ust=false&p=Adfast%20PADN%20Link&r=&EIO=3&transport=polling&__t=NG48_5r.0&sid=G6pIkJWre738I4gRQKOo
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/5bd18e4c19b86b5920c0da27/default
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a9a2f1dd042cb6f1eded53dc0a1c66ed8694fc093dc3520cdac1a541d615d474
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://adfast.qmuli.com/Padn/link?publisher=NEWSUK&amp;id=3837814:e5c528358f6e9783419308c37f613f00c09007cc794b7a8c6c16da3a3bc769bd
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 19 Aug 2020 00:34:59 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
status
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
application/octet-stream
access-control-allow-origin
https://adfast.qmuli.com
access-control-allow-credentials
true
cf-ray
5c4fcabbfc371782-FRA
content-length
4
cf-request-id
04a5bd09770000178267bdf200000001
e.gif
collect.albacross.com/ 		37 B
184 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://collect.albacross.com/e.gif?s=JSCollector%2C2.0.2%2C1597797299890&e1=pageview_ping&p1=ae05b057-37ac-78c1-44ce-ee4147c6485a&c1=89270020&ci1=477bffc2-1842-18c2-c343-18dbb7383524&v1=29075560-a68d-27b2-54c2-894d2a8711ba&u1=85bced7a-3bbe-3202-4f7c-7a8e56db6014
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.54.31 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-54-31.eu-west-1.compute.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
49059d42ad3423fb9f04b2330cdce035e4d555aa9ea7a7ceae097de0c69be05d

Request headers

Referer
https://adfast.qmuli.com/Padn/link?publisher=NEWSUK&amp;id=3837814:e5c528358f6e9783419308c37f613f00c09007cc794b7a8c6c16da3a3bc769bd
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 19 Aug 2020 00:35:00 GMT
Server
nginx/1.12.1
Connection
keep-alive
Content-Length
37
Content-Type
image/gif
e.gif
collect.albacross.com/ 		37 B
184 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://collect.albacross.com/e.gif?s=JSCollector%2C2.0.2%2C1597797304391&e1=pageview_ping&p1=ae05b057-37ac-78c1-44ce-ee4147c6485a&c1=89270020&ci1=9d820fbc-8062-adfc-0b57-694b15106cc1&v1=fd923f36-0671-4cf6-334b-89809a00a508&u1=ce514fab-622d-f28d-d2d2-5dde87959e21
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.54.31 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-54-31.eu-west-1.compute.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
49059d42ad3423fb9f04b2330cdce035e4d555aa9ea7a7ceae097de0c69be05d

Request headers

Referer
https://adfast.qmuli.com/Padn/link?publisher=NEWSUK&amp;id=3837814:e5c528358f6e9783419308c37f613f00c09007cc794b7a8c6c16da3a3bc769bd
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 19 Aug 2020 00:35:04 GMT
Server
nginx/1.12.1
Connection
keep-alive
Content-Length
37
Content-Type
image/gif

Verdicts & Comments Add Verdict or Comment

90 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| trustedTypes function| $ function| jQuery object| Handlebars object| jQuery111306014434965959343 function| BootstrapDialog object| swfobject function| Cookies string| validationMessages string| minFlashVersionRequired boolean| popupIsOpen function| initializeDatePickers function| initializeButtons function| initializeUKDateValidation function| focusElement function| showDatePicker function| highlightValidationErrors function| unHighlightValidationErrors function| showAlertPopup function| showAlert function| showAlertOld function| showHelpDialog function| showConfirm function| showConfirmWithTextEntry function| submitMainForm function| flashVersionValid function| validateFilename function| refreshPage function| showAjaxWorking function| hideAjaxWorking function| GetBrowserSize function| newGuidPart function| newGuid function| addUserAdvertiserToSelectList function| addUserBrandToSelectList function| openSingleTextEntryAddToListDialog function| updateUserAdvertiserInSelectList function| updateUserBrandInSelectList function| openSingleTextEntryUpdateListItemDialog function| LastDayOfMonth function| addUserEmailToSelectList function| deleteUserEmailToSelectList function| showConfirmEmail function| openSingleTextEntryEmailAddToListDialog function| isFunction function| getDateAsString function| hideServerValidationMessage function| getTimeStamp function| scrollToTop function| scrollToInvalidFormField function| showServerValidationMessage function| splitPascalCase function| hasJsonError function| printElement function| populateSelectList function| populateSelectListFromSelectListData function| resetValidation function| setFormFieldInvalid function| escapeRegExp function| replaceAll object| cookieconsent object| Tawk_API object| Tawk_LoadStart string| _nQc string| $_Tawk_AccountKey string| $_Tawk_WidgetId boolean| $_Tawk_Unstable object| $_Tawk function| $__TawkEngine function| EventEmitter function| $__TawkSocket object| $_Tawk_LoadStart function| TawkClass object| Inheritance_Manager string| messagePreviewRadius string| bottomBorderRadius string| topBorderRadius number| minWidth number| minHeight string| bodyClassName number| closeContainerStart undefined| __define undefined| __require undefined| define undefined| require object| JSON3 function| Fingerprint2 object| NosivaCore object| Nosiva string| url

4 Cookies

Domain/Path Name / Value
adfast.qmuli.com/ Name: nQ_cookieId
Value: 477bffc2-1842-18c2-c343-18dbb7383524
adfast.qmuli.com/ Name: TawkConnectionTime
Value: 1597797296882
adfast.qmuli.com/ Name: nQ_visitId
Value: 29075560-a68d-27b2-54c2-894d2a8711ba%3A1597797296934
adfast.qmuli.com/ Name: ASP.NET_SessionId
Value: xc4uu5fzh1rsnra2ypekor5a

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adfast.qmuli.com
ajax.googleapis.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
collect.albacross.com
embed.tawk.to
fonts.googleapis.com
maxcdn.bootstrapcdn.com
serve.albacross.com
va.tawk.to
vsb22.tawk.to
13.226.155.129
2001:4de0:ac19::1:b:2a
2606:4700:10::6816:1983
2606:4700:10::ac43:2642
2606:4700::6811:4e6b
2a00:1450:4001:802::200a
2a00:1450:4001:819::200a
2a00:1450:4001:825::200a
2a04:4e42:3::621
51.11.50.102
54.77.54.31
02b6fd5284ab8366147645f9928f2534371539a147a04ba9ae4ac6ea8aced482
075fff0c126e7ebf3ee551cfa6af6e9fe2a36c8166c5ccaa47a805f32caef95e
1f9ccc00333aed36f9646c2dec274861c5122e7a0614f1441c6a0cffb21a484a
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2bd517e74d7e2184b884b225cc92aba9c6ae57651d1327bd355c07316742ddc1
2d58c9fb496f53e8eda5178da72a011bf446041e8ac955a321d35ca0e55249dd
2de3e61670ca7228c5255cf379ab059bf7a43b71bdcaf3800388a6d2e6f6d696
2e3e3b2660cbfaac5febf7a50b31d0494159989626a84102b2c3792cffe27d13
3fefd68147ff4974e7876b0d590499e4b75a6f5477a0e286c4e21aff6f7022a5
40d78b2b2a4a04e31b4dcb8b488f163306c8b8e6f91b84bf3b5351fba3882f5e
456ab1a71507ed91abae14c9d08faffb373a7bc711a66e44341b7b8b7bb72ab4
49059d42ad3423fb9f04b2330cdce035e4d555aa9ea7a7ceae097de0c69be05d
4abe7006bf33d9203dd22025bf36bf7426fd9d44f015c26229d123de75760fc5
4e172c36a12ff2435cc8484f75dffe772f9967f3e31f15df00e23d8cd39ea83e
519edf0dc00972d9a811c5e60b94cf719b30351a8dfe62f38fab8d4b5182558b
5c51377dfe900eca83e5064faa276f2a3b7baa36d30439922aa9b0f5bceca4ce
5ef655313119a1655783961369f977858939e8058a4162e0e4c0cc9e69c17b72
668f0c6e6e419e47d86df39c8c60fcd451b81fa42c992c433788cfdccfee3e98
6d430a99235c9c003851e66b621edb7ef06a039ddc5b71b5a0d36cccfd92a636
7d8acaa5f5c06caf0f466d5cc103ba2b1c0eec78fd0df57e8cea93e802bd46f9
8677971b119ccdb82af697ff0e08f218490d15116f221d44301f1cc8797e67d4
8aaddb76a10c17525166687a8b1e343654df937647e5288b9e717672a7b07463
933b971c6388d594a23fa1559825db5bec8ade2db1240aa8fc9d0c684949e8c9
936ffccdc35bc55221e669d0e76034af76ba8c080c1b1149144dbbd3b5311829
9f8144ae6f866129aea41bbf694b0c858ef9352a139969e57cd8db73385f52c3
a9a2f1dd042cb6f1eded53dc0a1c66ed8694fc093dc3520cdac1a541d615d474
af4c6683814aa527caf53bde3d021e6aafe00833b45f2dead043c87ed7864674
b7a12ed6cb5012d970eab1bd99f316a9077e4a1b3085ace81c19153839e6c076
b8c21f31aebba583306cfc53b1d175bf576f9052df67d0cf6698c641f8bee832
d0502bb1a8985fdd5b1a454c643339c86353bdbaaa616e1e9488192dc84f09b0
d34c7dfb31a485518c27a55eb41e6109e25f1c5c053b9a0936ff96af22199489
d5fd173d00d9733900834e0e1083de86b532e048b15c0420ba5c2db0623644b8
e93d8c81329d8cdd5cd1c079b3c18b909ad6fdc121a757e644c859ef56e99ecc
ebdb7d7e3112521cc8f33b946bc8a5200804e2cb141392fe9636f8ea1b726fc2
ec700a38fa949966da49b4dc94a0d655afd08da9bf5d55171e4a8df71ed22570
f04b517ba5d6a0510485689a3e42dac000f51640fd71b986804cba178eae42a5
f5c06455e539dcd889f7f05d709b5adc76c444099fe57f431365af2fc57e803b
f9ad1a3632e2e24e264da8141e6535923ef5d8afe3b1c89a9fd7eccdb8d6ba52