Submitted URL: http://m9d.us/9nt0y
Effective URL: https://dk.deductprize.com/?lem=Hbyjwm2065&transaction_id=5d5f90e987b414045904f43d&info1=5ac73189b6920d339b0da6d3&email=&in...
Submission: On August 23 via manual from DK

Summary

This website contacted 11 IPs in 6 countries across 11 domains to perform 16 HTTP transactions. The main IP is 2606:4700:30::6812:3a43, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is dk.deductprize.com.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on August 21st 2019. Valid for: a year.
This is the only time dk.deductprize.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 185.212.128.37 200313 (INTERNET-IT)
1 2 23.229.68.113 55286 (SERVER-MANIA)
1 35.201.98.21 15169 (GOOGLE)
1 2606:4700:30:... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
3 2606:4700:30:... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 23.111.9.35 33438 (HIGHWINDS2)
1 2606:4700:30:... 13335 (CLOUDFLAR...)
1 2a03:2880:f01... 32934 (FACEBOOK)
2 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
16 11
Domain Requested by
3 discount-nation.com dk.deductprize.com
2 fonts.gstatic.com dk.deductprize.com
2 use.fontawesome.com dk.deductprize.com
2 zoftwarecarbs.com 1 redirects
1 onesignal.com cdn.onesignal.com
1 cdn.onesignal.com www.traffiklink.com
1 connect.facebook.net dk.deductprize.com
1 www.traffiklink.com dk.deductprize.com
1 ajax.googleapis.com dk.deductprize.com
1 fonts.googleapis.com dk.deductprize.com
1 dk.deductprize.com trk.traffikflow.com
1 trk.traffikflow.com zoftwarecarbs.com
1 m9d.us 1 redirects
16 13

This site contains no links.

Subject Issuer Validity Valid
zoftwarecarbs.com
Let's Encrypt Authority X3
2019-06-05 -
2019-09-03
3 months crt.sh
ady.adsyatra.net
Let's Encrypt Authority X3
2019-08-22 -
2019-11-20
3 months crt.sh
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2
2019-08-21 -
2020-08-20
a year crt.sh
*.googleapis.com
Google Internet Authority G3
2019-07-29 -
2019-10-21
3 months crt.sh
*.fontawesome.com
DigiCert SHA2 Secure Server CA
2018-09-17 -
2019-11-21
a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2019-06-06 -
2019-09-04
3 months crt.sh
ssl473492.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2
2019-07-02 -
2020-01-08
6 months crt.sh
*.google.com
Google Internet Authority G3
2019-07-29 -
2019-10-21
3 months crt.sh

This page contains 1 frames:

Primary Page: https://dk.deductprize.com/?lem=Hbyjwm2065&transaction_id=5d5f90e987b414045904f43d&info1=5ac73189b6920d339b0da6d3&email=&info2=
Frame ID: 41D422BBF2D944D28146278EE7F08086
Requests: 16 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://m9d.us/9nt0y HTTP 302
    https://zoftwarecarbs.com/r/81182bb9-354a-44b2-9d72-04a627c80c24/ Page URL
  2. https://zoftwarecarbs.com/r2/81182bb9-354a-44b2-9d72-04a627c80c24////a186081f-ef09-4fa4-b92c-cdc7ccdac... HTTP 302
    https://trk.traffikflow.com/5d499406b6920d05a73d2699?p1=192&p2=a186081f-ef09-4fa4-b92c-cdc7ccdac18a Page URL
  3. https://dk.deductprize.com/?lem=Hbyjwm2065&transaction_id=5d5f90e987b414045904f43d&info1=5ac73189b6920d... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i

Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Overall confidence: 100%
Detected patterns
  • script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

16
Requests

100 %
HTTPS

67 %
IPv6

11
Domains

13
Subdomains

11
IPs

6
Countries

203 kB
Transfer

649 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://m9d.us/9nt0y HTTP 302
    https://zoftwarecarbs.com/r/81182bb9-354a-44b2-9d72-04a627c80c24/ Page URL
  2. https://zoftwarecarbs.com/r2/81182bb9-354a-44b2-9d72-04a627c80c24////a186081f-ef09-4fa4-b92c-cdc7ccdac18a/?fctr=0 HTTP 302
    https://trk.traffikflow.com/5d499406b6920d05a73d2699?p1=192&p2=a186081f-ef09-4fa4-b92c-cdc7ccdac18a Page URL
  3. https://dk.deductprize.com/?lem=Hbyjwm2065&transaction_id=5d5f90e987b414045904f43d&info1=5ac73189b6920d339b0da6d3&email=&info2= Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://m9d.us/9nt0y HTTP 302
  • https://zoftwarecarbs.com/r/81182bb9-354a-44b2-9d72-04a627c80c24/
Request Chain 1
  • https://zoftwarecarbs.com/r2/81182bb9-354a-44b2-9d72-04a627c80c24////a186081f-ef09-4fa4-b92c-cdc7ccdac18a/?fctr=0 HTTP 302
  • https://trk.traffikflow.com/5d499406b6920d05a73d2699?p1=192&p2=a186081f-ef09-4fa4-b92c-cdc7ccdac18a

16 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
/
zoftwarecarbs.com/r/81182bb9-354a-44b2-9d72-04a627c80c24/
Redirect Chain
  • http://m9d.us/9nt0y
  • https://zoftwarecarbs.com/r/81182bb9-354a-44b2-9d72-04a627c80c24/
683 B
863 B
Document
General
Full URL
https://zoftwarecarbs.com/r/81182bb9-354a-44b2-9d72-04a627c80c24/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.229.68.113 Stoney Creek, Canada, ASN55286 (SERVER-MANIA - B2 Net Solutions Inc., CA),
Reverse DNS
Software
nginx /
Resource Hash
d8d2c91858c1de902dd849cb44e6a633ff3e4bc10e5dbdb7307ed2fdb230f755

Request headers

Host
zoftwarecarbs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
none
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Server
nginx
Date
Fri, 23 Aug 2019 07:08:17 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
set-cookie
7588e6ef-5824-426e-8839-b979401699c7=a186081f-ef09-4fa4-b92c-cdc7ccdac18a; Version=1; Expires=Sun, 22-Sep-2019 07:08:17 GMT; Max-Age=2592000; Domain=zoftwarecarbs.com; Path=/ 7588e6ef-5824-426e-8839-b979401699c7-check=a186081f-ef09-4fa4-b92c-cdc7ccdac18a; Version=1; Expires=Fri, 23-Aug-2019 07:18:17 GMT; Max-Age=600; Domain=zoftwarecarbs.com; Path=/
Cache-Control
no-cache
Expires
Fri, 23 Aug 2019 07:08:17 GMT
Content-Encoding
gzip

Redirect headers

Server
nginx/1.12.2
Date
Fri, 23 Aug 2019 07:09:06 GMT
Content-Type
text/html; charset=utf-8
Content-Length
174
Connection
keep-alive
Access-Control-Allow-Origin
*
Location
https://zoftwarecarbs.com/r/81182bb9-354a-44b2-9d72-04a627c80c24/
Vary
Accept
5d499406b6920d05a73d2699
trk.traffikflow.com/
Redirect Chain
  • https://zoftwarecarbs.com/r2/81182bb9-354a-44b2-9d72-04a627c80c24////a186081f-ef09-4fa4-b92c-cdc7ccdac18a/?fctr=0
  • https://trk.traffikflow.com/5d499406b6920d05a73d2699?p1=192&p2=a186081f-ef09-4fa4-b92c-cdc7ccdac18a
476 B
778 B
Document
General
Full URL
https://trk.traffikflow.com/5d499406b6920d05a73d2699?p1=192&p2=a186081f-ef09-4fa4-b92c-cdc7ccdac18a
Requested by
Host: zoftwarecarbs.com
URL: https://zoftwarecarbs.com/r/81182bb9-354a-44b2-9d72-04a627c80c24/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.201.98.21 , Ascension Island, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
21.98.201.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
0822c79f63e895f9a7329318b58e7d475ae0b2d5d3d37acd4a605a1bc4549279

Request headers

:method
GET
:authority
trk.traffikflow.com
:scheme
https
:path
/5d499406b6920d05a73d2699?p1=192&p2=a186081f-ef09-4fa4-b92c-cdc7ccdac18a
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
navigate
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
referer
https://zoftwarecarbs.com/r/81182bb9-354a-44b2-9d72-04a627c80c24/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
navigate
Referer
https://zoftwarecarbs.com/r/81182bb9-354a-44b2-9d72-04a627c80c24/

Response headers

status
200
server
nginx
date
Fri, 23 Aug 2019 07:08:25 GMT
content-type
text/html
content-length
476
x-rt
0
set-cookie
__vnativetracking=65c1808c-4eb4-41b3-8fae-4ff66852b405; expires=Sun, 23 Aug 2020 07:08:25 GMT; path=/; HttpOnly __vnativeverify_v3=X3HT8Xu5PmgZjQk9_Bvh3Z6CzGqIKFJfy77qo9pA6zE; expires=Sat, 24 Aug 2019 07:08:25 GMT; path=/; HttpOnly
via
1.1 google
alt-svc
clear

Redirect headers

Server
nginx
Date
Fri, 23 Aug 2019 07:08:18 GMT
Content-Length
122
Connection
keep-alive
set-cookie
7588e6ef-5824-426e-8839-b979401699c7=a186081f-ef09-4fa4-b92c-cdc7ccdac18a; Version=1; Expires=Sun, 22-Sep-2019 07:08:18 GMT; Max-Age=2592000; Domain=zoftwarecarbs.com; Path=/
Location
https://trk.traffikflow.com/5d499406b6920d05a73d2699?p1=192&p2=a186081f-ef09-4fa4-b92c-cdc7ccdac18a
Cache-Control
no-cache
Expires
Fri, 23 Aug 2019 07:08:18 GMT
Primary Request /
dk.deductprize.com/
5 KB
2 KB
Document
General
Full URL
https://dk.deductprize.com/?lem=Hbyjwm2065&transaction_id=5d5f90e987b414045904f43d&info1=5ac73189b6920d339b0da6d3&email=&info2=
Requested by
Host: trk.traffikflow.com
URL: https://trk.traffikflow.com/5d499406b6920d05a73d2699?p1=192&p2=a186081f-ef09-4fa4-b92c-cdc7ccdac18a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:3a43 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccec816f9b67be21b39b1b641e5a33d55f1f1dfeb99f35bc369008c4f18851be

Request headers

:method
GET
:authority
dk.deductprize.com
:scheme
https
:path
/?lem=Hbyjwm2065&transaction_id=5d5f90e987b414045904f43d&info1=5ac73189b6920d339b0da6d3&email=&info2=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
navigate
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
referer
https://trk.traffikflow.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
navigate
Referer
https://trk.traffikflow.com/

Response headers

status
200
date
Fri, 23 Aug 2019 07:08:25 GMT
content-type
text/html;charset=UTF-8
set-cookie
__cfduid=d2bfa3838b7ce869c50d8bc3ae34154ac1566544105; expires=Sat, 22-Aug-20 07:08:25 GMT; path=/; domain=.deductprize.com; HttpOnly; Secure tid=5d5f90e987b414045904f43d pid=5ac73189b6920d339b0da6d3 psid=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
50ab41548aa663e9-FRA
content-encoding
br
css
fonts.googleapis.com/
15 KB
963 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,400i,600,600i,700,700i&display=swap&subset=cyrillic,cyrillic-ext,latin-ext,vietnamese
Requested by
Host: dk.deductprize.com
URL: https://dk.deductprize.com/?lem=Hbyjwm2065&transaction_id=5d5f90e987b414045904f43d&info1=5ac73189b6920d339b0da6d3&email=&info2=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
7e091d92d8df2585e1d74001371a0fd2033ff45576849570964d695be796cb76
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://dk.deductprize.com/?lem=Hbyjwm2065&transaction_id=5d5f90e987b414045904f43d&info1=5ac73189b6920d339b0da6d3&email=&info2=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Fri, 23 Aug 2019 07:08:25 GMT
server
ESF
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
status
200
date
Fri, 23 Aug 2019 07:08:25 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
x-xss-protection
0
expires
Fri, 23 Aug 2019 07:08:25 GMT
payment.css
discount-nation.com/css/
13 KB
2 KB
Stylesheet
General
Full URL
https://discount-nation.com/css/payment.css
Requested by
Host: dk.deductprize.com
URL: https://dk.deductprize.com/?lem=Hbyjwm2065&transaction_id=5d5f90e987b414045904f43d&info1=5ac73189b6920d339b0da6d3&email=&info2=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:2152 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
c40cbbc86b0f04636e04ca0593e1210ed0a609ff1e59cc1c28281f6ffdf172d7

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://dk.deductprize.com/?lem=Hbyjwm2065&transaction_id=5d5f90e987b414045904f43d&info1=5ac73189b6920d339b0da6d3&email=&info2=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 23 Aug 2019 07:08:26 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 31 Jul 2019 10:27:24 GMT
server
cloudflare
age
694
etag
W/"5d416d0c-3323"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
public, max-age=14400
cf-ray
50ab41567d3edfc7-FRA
expires
Fri, 23 Aug 2019 11:08:26 GMT
cc_blank.css
discount-nation.com/css/
96 KB
9 KB
Stylesheet
General
Full URL
https://discount-nation.com/css/cc_blank.css
Requested by
Host: dk.deductprize.com
URL: https://dk.deductprize.com/?lem=Hbyjwm2065&transaction_id=5d5f90e987b414045904f43d&info1=5ac73189b6920d339b0da6d3&email=&info2=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:2152 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f9ee04409a1b8d15706b06cf4635d60c4503bac5a340199ae2bbcfe228732fe

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://dk.deductprize.com/?lem=Hbyjwm2065&transaction_id=5d5f90e987b414045904f43d&info1=5ac73189b6920d339b0da6d3&email=&info2=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 23 Aug 2019 07:08:26 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 31 Jul 2019 11:02:37 GMT
server
cloudflare
age
694
etag
W/"5d41754d-1814f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
public, max-age=14400
cf-ray
50ab41567d40dfc7-FRA
expires
Fri, 23 Aug 2019 11:08:26 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/2.1.3/
82 KB
29 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/2.1.3/jquery.min.js
Requested by
Host: dk.deductprize.com
URL: https://dk.deductprize.com/?lem=Hbyjwm2065&transaction_id=5d5f90e987b414045904f43d&info1=5ac73189b6920d339b0da6d3&email=&info2=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
8af93bd675e1cfd9ecc850e862819fdac6e3ad1f5d761f970e409c7d9c63bdc3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://dk.deductprize.com/?lem=Hbyjwm2065&transaction_id=5d5f90e987b414045904f43d&info1=5ac73189b6920d339b0da6d3&email=&info2=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 12 Aug 2019 21:57:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
897029
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
29707
x-xss-protection
0
last-modified
Tue, 20 Dec 2016 18:17:03 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 11 Aug 2020 21:57:56 GMT
all.css
use.fontawesome.com/releases/v5.8.1/css/
54 KB
14 KB
Stylesheet
General
Full URL
https://use.fontawesome.com/releases/v5.8.1/css/all.css
Requested by
Host: dk.deductprize.com
URL: https://dk.deductprize.com/?lem=Hbyjwm2065&transaction_id=5d5f90e987b414045904f43d&info1=5ac73189b6920d339b0da6d3&email=&info2=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
eeb17a45a48aca1d7adbcf04de155dcd0b47cb36ad036310446bb471fea9aaa3

Request headers

Sec-Fetch-Mode
cors
Referer
https://dk.deductprize.com/?lem=Hbyjwm2065&transaction_id=5d5f90e987b414045904f43d&info1=5ac73189b6920d339b0da6d3&email=&info2=
Origin
https://dk.deductprize.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 23 Aug 2019 07:08:25 GMT
content-encoding
gzip
last-modified
Thu, 21 Mar 2019 21:31:35 GMT
server
NetDNA-cache/2.2
status
200
etag
W/"e4c542a7f6bf6f74fdd8cdf6e8096396"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
access-control-max-age
3000
cache-control
max-age=31556926
x-cache
HIT
webpush.js.php
www.traffiklink.com/
17 KB
6 KB
Script
General
Full URL
https://www.traffiklink.com/webpush.js.php
Requested by
Host: dk.deductprize.com
URL: https://dk.deductprize.com/?lem=Hbyjwm2065&transaction_id=5d5f90e987b414045904f43d&info1=5ac73189b6920d339b0da6d3&email=&info2=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681b:9975 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce73b65766082165504d083a9e1c259813e1725167ff044c778e35767aa4d7af

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://dk.deductprize.com/?lem=Hbyjwm2065&transaction_id=5d5f90e987b414045904f43d&info1=5ac73189b6920d339b0da6d3&email=&info2=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Fri, 23 Aug 2019 07:08:26 GMT
content-encoding
br
server
cloudflare
cf-ray
50ab41567b5bdfbf-FRA
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
text/html; charset=UTF-8
paycards.png
discount-nation.com/images/
29 KB
30 KB
Image
General
Full URL
https://discount-nation.com/images/paycards.png
Requested by
Host: dk.deductprize.com
URL: https://dk.deductprize.com/?lem=Hbyjwm2065&transaction_id=5d5f90e987b414045904f43d&info1=5ac73189b6920d339b0da6d3&email=&info2=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:2152 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
a6bf686e2cbcd047b8b743e321d8fe2a468c09df4caf5410b9fc4146ed57d849

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://dk.deductprize.com/?lem=Hbyjwm2065&transaction_id=5d5f90e987b414045904f43d&info1=5ac73189b6920d339b0da6d3&email=&info2=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 23 Aug 2019 07:08:26 GMT
cf-cache-status
HIT
last-modified
Wed, 31 Jul 2019 10:27:14 GMT
server
cloudflare
age
694
etag
"5d416d02-75e0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
50ab41567d44dfc7-FRA
content-length
30176
expires
Fri, 23 Aug 2019 11:08:26 GMT
fbevents.js
connect.facebook.net/en_US/
88 KB
23 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: dk.deductprize.com
URL: https://dk.deductprize.com/?lem=Hbyjwm2065&transaction_id=5d5f90e987b414045904f43d&info1=5ac73189b6920d339b0da6d3&email=&info2=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
f15f778cd39043a166a29f654b1191bc6fbf8043a8cc3477c42764b14b919dec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://dk.deductprize.com/?lem=Hbyjwm2065&transaction_id=5d5f90e987b414045904f43d&info1=5ac73189b6920d339b0da6d3&email=&info2=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
content-length
23404
x-xss-protection
0
pragma
private
x-fb-debug
s5zRKE1vFL8zHDDtw+5WU7scOLd3Lq6cOT3oA4cEhgANvJoZvM1UM/z457sWRJT6n+p8pou05+1ss0zDXB/rWQ==
x-fb-trip-id
2090878573
x-frame-options
DENY
date
Fri, 23 Aug 2019 07:08:26 GMT
vary
Origin, Accept-Encoding
access-control-allow-methods
OPTIONS
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://connect.facebook.net
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
private
access-control-allow-credentials
true
expires
Sat, 01 Jan 2000 00:00:00 GMT
OneSignalPageSDKES6.js
cdn.onesignal.com/sdks/
214 KB
52 KB
Script
General
Full URL
https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=150706
Requested by
Host: www.traffiklink.com
URL: https://www.traffiklink.com/webpush.js.php
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:233f , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
16f688bad571627f2a40dad80951a0220fa5d11cdf8fb2888bf2887c53811c7d

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://dk.deductprize.com/?lem=Hbyjwm2065&transaction_id=5d5f90e987b414045904f43d&info1=5ac73189b6920d339b0da6d3&email=&info2=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 23 Aug 2019 07:08:26 GMT
content-encoding
gzip
cf-cache-status
HIT
server
cloudflare
age
756
etag
W/"f4ebb281698a883231242a4d72c8502e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=259200
cf-ray
50ab41577ad0c29a-FRA
expires
Mon, 26 Aug 2019 07:08:26 GMT
mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v17/
9 KB
9 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v17/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
Requested by
Host: dk.deductprize.com
URL: https://dk.deductprize.com/?lem=Hbyjwm2065&transaction_id=5d5f90e987b414045904f43d&info1=5ac73189b6920d339b0da6d3&email=&info2=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
https://fonts.googleapis.com/css?family=Open+Sans:400,400i,600,600i,700,700i&display=swap&subset=cyrillic,cyrillic-ext,latin-ext,vietnamese
Origin
https://dk.deductprize.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 22 Aug 2019 20:01:58 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 19:30:49 GMT
server
sffe
age
39988
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
9132
x-xss-protection
0
expires
Fri, 21 Aug 2020 20:01:58 GMT
fa-regular-400.woff2
use.fontawesome.com/releases/v5.8.1/webfonts/
13 KB
14 KB
Font
General
Full URL
https://use.fontawesome.com/releases/v5.8.1/webfonts/fa-regular-400.woff2
Requested by
Host: dk.deductprize.com
URL: https://dk.deductprize.com/?lem=Hbyjwm2065&transaction_id=5d5f90e987b414045904f43d&info1=5ac73189b6920d339b0da6d3&email=&info2=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
ccf4db1eeb68c96e05e74f8ebfa75cc60c3a0fed862dae6b0ad85d4e1b5b4e4f

Request headers

Sec-Fetch-Mode
cors
Referer
https://use.fontawesome.com/releases/v5.8.1/css/all.css
Origin
https://dk.deductprize.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 23 Aug 2019 07:08:26 GMT
last-modified
Thu, 21 Mar 2019 21:32:15 GMT
server
NetDNA-cache/2.2
status
200
etag
"e6257a726a0cf6ec8c6fec22821c055f"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
access-control-max-age
3000
cache-control
max-age=31556926
x-cache
HIT
accept-ranges
bytes
content-length
13552
mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v17/
9 KB
9 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v17/mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
Requested by
Host: dk.deductprize.com
URL: https://dk.deductprize.com/?lem=Hbyjwm2065&transaction_id=5d5f90e987b414045904f43d&info1=5ac73189b6920d339b0da6d3&email=&info2=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
https://fonts.googleapis.com/css?family=Open+Sans:400,400i,600,600i,700,700i&display=swap&subset=cyrillic,cyrillic-ext,latin-ext,vietnamese
Origin
https://dk.deductprize.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 23 Aug 2019 05:23:57 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 19:31:11 GMT
server
sffe
age
6269
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
9080
x-xss-protection
0
expires
Sat, 22 Aug 2020 05:23:57 GMT
web
onesignal.com/api/v1/sync/2909ee02-b241-4a6c-840e-9c94e86615b9/
3 KB
2 KB
Script
General
Full URL
https://onesignal.com/api/v1/sync/2909ee02-b241-4a6c-840e-9c94e86615b9/web?callback=__jp0
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=150706
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:233f , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / Phusion Passenger 5.3.7
Resource Hash
ab268dc6b5bf3965b920402b85f06db75ad833dbe3ddf40b5e388241cc13edf6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://dk.deductprize.com/?lem=Hbyjwm2065&transaction_id=5d5f90e987b414045904f43d&info1=5ac73189b6920d339b0da6d3&email=&info2=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 23 Aug 2019 07:08:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
12
x-powered-by
Phusion Passenger 5.3.7
status
200, 200 OK
x-xss-protection
1; mode=block
x-request-id
e166658f-af2f-4921-9b16-d1d1d940e735
x-runtime
0.067989
cf-bgj
minify
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=300
cf-polished
origSize=3120
cf-ray
50ab4157cb7ac29a-FRA
access-control-allow-headers
SDK-Version
expires
Fri, 23 Aug 2019 07:13:26 GMT

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery function| fbq function| _fbq function| OneSignal number| __oneSignalSdkLoadCount function| __jp0

0 Cookies

1 Console Messages

Source Level URL
Text
console-api warning URL: https://connect.facebook.net/en_US/fbevents.js(Line 24)
Message:
[Facebook Pixel] - Invalid PixelID: .

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cdn.onesignal.com
connect.facebook.net
discount-nation.com
dk.deductprize.com
fonts.googleapis.com
fonts.gstatic.com
m9d.us
onesignal.com
trk.traffikflow.com
use.fontawesome.com
www.traffiklink.com
zoftwarecarbs.com
185.212.128.37
23.111.9.35
23.229.68.113
2606:4700:30::6812:2152
2606:4700:30::6812:3a43
2606:4700:30::681b:9975
2606:4700::6810:233f
2a00:1450:4001:814::2003
2a00:1450:4001:81f::200a
2a00:1450:4001:825::200a
2a03:2880:f01c:8012:face:b00c:0:3
35.201.98.21
0822c79f63e895f9a7329318b58e7d475ae0b2d5d3d37acd4a605a1bc4549279
16f688bad571627f2a40dad80951a0220fa5d11cdf8fb2888bf2887c53811c7d
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
5f9ee04409a1b8d15706b06cf4635d60c4503bac5a340199ae2bbcfe228732fe
7e091d92d8df2585e1d74001371a0fd2033ff45576849570964d695be796cb76
8af93bd675e1cfd9ecc850e862819fdac6e3ad1f5d761f970e409c7d9c63bdc3
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
a6bf686e2cbcd047b8b743e321d8fe2a468c09df4caf5410b9fc4146ed57d849
ab268dc6b5bf3965b920402b85f06db75ad833dbe3ddf40b5e388241cc13edf6
c40cbbc86b0f04636e04ca0593e1210ed0a609ff1e59cc1c28281f6ffdf172d7
ccec816f9b67be21b39b1b641e5a33d55f1f1dfeb99f35bc369008c4f18851be
ccf4db1eeb68c96e05e74f8ebfa75cc60c3a0fed862dae6b0ad85d4e1b5b4e4f
ce73b65766082165504d083a9e1c259813e1725167ff044c778e35767aa4d7af
d8d2c91858c1de902dd849cb44e6a633ff3e4bc10e5dbdb7307ed2fdb230f755
eeb17a45a48aca1d7adbcf04de155dcd0b47cb36ad036310446bb471fea9aaa3
f15f778cd39043a166a29f654b1191bc6fbf8043a8cc3477c42764b14b919dec