urlscan.io logo urlscan.io
SecurityTrails logo

campaign.campaignworld.co Open in urlscan Pro
2a06:98c1:3120::3  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://kaqsidzw.kenndeymanget.com/rd/c1469QEFOv1361JQKf493854mAq13086pMks322
Effective URL: https://campaign.campaignworld.co/0e0n59AOysYi?oid=295&affid=23&zip_code=a530476a-2d72-4fc5-a821-8d0262d331a2&_ef_transaction_id=1...
Submission: On March 27 via manual from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 6 countries across 14 domains to perform 14 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is campaign.campaignworld.co.
TLS certificate: Issued by GTS CA 1P5 on March 15th 2023. Valid for: 3 months.
This is the only time campaign.campaignworld.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 185.174.30.23 51559 (NETINTERN...)
1 1 141.95.107.214 16276 (OVH)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
1 18.195.19.123 16509 (AMAZON-02)
2 18.192.249.87 16509 (AMAZON-02)
1 1 143.198.192.208 14061 (DIGITALOC...)
1 1 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 6 2a06:98c1:312... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 167.99.45.28 ()
1 2001:4de0:ac1... 20446 (STACKPATH...)
14 8
2    185.174.30.23 (Turkey)

ASN51559 (NETINTERNET Netinternet Bilisim Teknolojileri AS, TR)
PTR: agy2.ished1.site
kaqsidzw.kenndeymanget.com
1    141.95.107.214 (France)

ASN16276 (OVH, FR)
www.onestoolslives.com
1    2606:4700:3035::ac43:a4bf (United States)

ASN13335 (CLOUDFLARENET, US)
dtr.websforshops.net
1    2606:4700:3030::ac43:bbef (United States)

ASN13335 (CLOUDFLARENET, US)
theproducthub.net
1    18.195.19.123 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-19-123.eu-central-1.compute.amazonaws.com
armalecom-squessels.icu
2    18.192.249.87 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-192-249-87.eu-central-1.compute.amazonaws.com
track.tranklatsall.com
track.uptruckthat.com
1    143.198.192.208 (Singapore)

ASN14061 (DIGITALOCEAN-ASN, US)
www.melovetracking.top
1    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
link.hellovouchers.com
6    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
campaign.campaignworld.co
cdn1.liquifycdn.com
2    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    167.99.45.28 (None, )

ASN- ()
trk.pigsclicks.com
1    2001:4de0:ac18::1:a:3b (Netherlands)

ASN20446 (STACKPATH-CDN, US)
code.jquery.com
Domain Requested by
3 cdn1.liquifycdn.com campaign.campaignworld.co
cdn1.liquifycdn.com
3 campaign.campaignworld.co 1 redirects campaign.campaignworld.co
2 cdnjs.cloudflare.com campaign.campaignworld.co
2 kaqsidzw.kenndeymanget.com 1 redirects
1 code.jquery.com campaign.campaignworld.co
1 trk.pigsclicks.com campaign.campaignworld.co
trk.pigsclicks.com
1 link.hellovouchers.com 1 redirects
1 www.melovetracking.top 1 redirects
1 track.uptruckthat.com
1 track.tranklatsall.com armalecom-squessels.icu
1 armalecom-squessels.icu kaqsidzw.kenndeymanget.com
1 theproducthub.net 1 redirects
1 dtr.websforshops.net 1 redirects
1 www.onestoolslives.com 1 redirects
14 14

This site contains no links.

Subject Issuer Validity Valid
armalecom-squessels.icu
R3		 2023-02-03 -
2023-05-04		 3 months crt.sh
track.tranklatsall.com
R3		 2023-02-15 -
2023-05-16		 3 months crt.sh
track.uptruckthat.com
R3		 2023-02-20 -
2023-05-21		 3 months crt.sh
*.campaignworld.co
GTS CA 1P5		 2023-03-15 -
2023-06-13		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-08-03 -
2023-08-02		 a year crt.sh
*.liquifycdn.com
GTS CA 1P5		 2023-02-06 -
2023-05-07		 3 months crt.sh
trk.pigsclicks.com
R3		 2023-02-28 -
2023-05-29		 3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2022-08-03 -
2023-07-14		 a year crt.sh

This page contains 1 frames:

Primary Page: https://campaign.campaignworld.co/0e0n59AOysYi?oid=295&affid=23&zip_code=a530476a-2d72-4fc5-a821-8d0262d331a2&_ef_transaction_id=17f4301e53ed469198aab509dae3f133&sub1=wkh6r8dpuciutdjn24hojie4
Frame ID: 9361E7B6214FC37BAEE6AE52F1030656
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Checkout

Page URL History Show full URLs

  1. http://kaqsidzw.kenndeymanget.com/rd/c1469QEFOv1361JQKf493854mAq13086pMks322 Page URL
  2. http://kaqsidzw.kenndeymanget.com/track/c1469QEFOv1361JQKf493854mAq13086pMks322 HTTP 302
    https://www.onestoolslives.com/74MCDP6/22G8T7HT/?sub1=9&sub2=322-1469&sub3=1361-493854-13086 HTTP 302
    https://dtr.websforshops.net/aff_c?offer_id=7700&aff_id=1045&aff_sub2=e781e46739434ca0a9e04795a380a42f&af... HTTP 302
    https://theproducthub.net/c/KdPfRTz?s1=10297f5ffe605259bd624beeb70351&s2=1045&s3=3781&offer_id=7700&fi... HTTP 301
    https://armalecom-squessels.icu/a530476a-2d72-4fc5-a821-8d0262d331a2?address=&email=&phone=&first=&last=&cou... Page URL
  3. https://track.tranklatsall.com/d3fa545a-a903-4b2a-b3b3-37c04d28fe81?click_id=wlk15ppp6u4obdjnimutp88m&camp-... Page URL
  4. https://track.uptruckthat.com/redirect?target=BASE64aHR0cHM6Ly93d3cubWVsb3ZldHJhY2tpbmcudG9wLzIyN000NC9ITE... Page URL
  5. https://www.melovetracking.top/227M44/HLML44/?sub1=wkh6r8dpuciutdjn24hojie4&first_name=&last_name=&address=... HTTP 302
    https://link.hellovouchers.com/en_US/0e0n59AOysYi?oid=295&affid=23&first_name=&last_name=&address=&zip_code... HTTP 302
    https://campaign.campaignworld.co/enter/Ecm03y36P65U9H2zprb8XP7j6d1z390T7IIIeB1zQd?oid=295&affid=23&zip_code=a... HTTP 302
    https://campaign.campaignworld.co/0e0n59AOysYi?oid=295&affid=23&zip_code=a530476a-2d72-4fc5-a821-8d0262d331a2&... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

14
Requests

86 %
HTTPS

50 %
IPv6

14
Domains

14
Subdomains

8
IPs

6
Countries

562 kB
Transfer

804 kB
Size

12
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://kaqsidzw.kenndeymanget.com/rd/c1469QEFOv1361JQKf493854mAq13086pMks322 Page URL
  2. http://kaqsidzw.kenndeymanget.com/track/c1469QEFOv1361JQKf493854mAq13086pMks322 HTTP 302
    https://www.onestoolslives.com/74MCDP6/22G8T7HT/?sub1=9&sub2=322-1469&sub3=1361-493854-13086 HTTP 302
    https://dtr.websforshops.net/aff_c?offer_id=7700&aff_id=1045&aff_sub2=e781e46739434ca0a9e04795a380a42f&aff_sub=3781&aff_unique1=&aff_unique2=&aff_unique3=&aff_unique=&aff_unique5=&aff_sub3=&aff_sub4=&aff_sub5= HTTP 302
    https://theproducthub.net/c/KdPfRTz?s1=10297f5ffe605259bd624beeb70351&s2=1045&s3=3781&offer_id=7700&first=&last=&country=&zip=&city=&address=&email=&phone= HTTP 301
    https://armalecom-squessels.icu/a530476a-2d72-4fc5-a821-8d0262d331a2?address=&email=&phone=&first=&last=&country=&zip=&city=&external_id=2b7d5c07-a4d7-45c3-8099-2307c9d6eca2 Page URL
  3. https://track.tranklatsall.com/d3fa545a-a903-4b2a-b3b3-37c04d28fe81?click_id=wlk15ppp6u4obdjnimutp88m&camp-id=a530476a-2d72-4fc5-a821-8d0262d331a2 Page URL
  4. https://track.uptruckthat.com/redirect?target=BASE64aHR0cHM6Ly93d3cubWVsb3ZldHJhY2tpbmcudG9wLzIyN000NC9ITE1MNDQvP3N1YjE9d2toNnI4ZHB1Y2l1dGRqbjI0aG9qaWU0JmZpcnN0X25hbWU9Jmxhc3RfbmFtZT0mYWRkcmVzcz0memlwX2NvZGU9YTUzMDQ3NmEtMmQ3Mi00ZmM1LWE4MjEtOGQwMjYyZDMzMWEyJmNpdHk9JnBob25lX251bWJlcj0mZW1haWw9&ts=1679952314286&hash=A4WCgQuy1rnn65f_1R5_cK-3_31OPq7S_I8NZ8mO3kU&rm=D Page URL
  5. https://www.melovetracking.top/227M44/HLML44/?sub1=wkh6r8dpuciutdjn24hojie4&first_name=&last_name=&address=&zip_code=a530476a-2d72-4fc5-a821-8d0262d331a2&city=&phone_number=&email= HTTP 302
    https://link.hellovouchers.com/en_US/0e0n59AOysYi?oid=295&affid=23&first_name=&last_name=&address=&zip_code=a530476a-2d72-4fc5-a821-8d0262d331a2&city=&phone_number=&email=&_ef_transaction_id=17f4301e53ed469198aab509dae3f133&sub1=wkh6r8dpuciutdjn24hojie4&sub2=&sub3=&sub4=&sub5= HTTP 302
    https://campaign.campaignworld.co/enter/Ecm03y36P65U9H2zprb8XP7j6d1z390T7IIIeB1zQd?oid=295&affid=23&zip_code=a530476a-2d72-4fc5-a821-8d0262d331a2&_ef_transaction_id=17f4301e53ed469198aab509dae3f133&sub1=wkh6r8dpuciutdjn24hojie4&sub2=&sub3=&sub4=&sub5= HTTP 302
    https://campaign.campaignworld.co/0e0n59AOysYi?oid=295&affid=23&zip_code=a530476a-2d72-4fc5-a821-8d0262d331a2&_ef_transaction_id=17f4301e53ed469198aab509dae3f133&sub1=wkh6r8dpuciutdjn24hojie4 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • http://kaqsidzw.kenndeymanget.com/track/c1469QEFOv1361JQKf493854mAq13086pMks322 HTTP 302
  • https://www.onestoolslives.com/74MCDP6/22G8T7HT/?sub1=9&sub2=322-1469&sub3=1361-493854-13086 HTTP 302
  • https://dtr.websforshops.net/aff_c?offer_id=7700&aff_id=1045&aff_sub2=e781e46739434ca0a9e04795a380a42f&aff_sub=3781&aff_unique1=&aff_unique2=&aff_unique3=&aff_unique=&aff_unique5=&aff_sub3=&aff_sub4=&aff_sub5= HTTP 302
  • https://theproducthub.net/c/KdPfRTz?s1=10297f5ffe605259bd624beeb70351&s2=1045&s3=3781&offer_id=7700&first=&last=&country=&zip=&city=&address=&email=&phone= HTTP 301
  • https://armalecom-squessels.icu/a530476a-2d72-4fc5-a821-8d0262d331a2?address=&email=&phone=&first=&last=&country=&zip=&city=&external_id=2b7d5c07-a4d7-45c3-8099-2307c9d6eca2

14 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
c1469QEFOv1361JQKf493854mAq13086pMks322
kaqsidzw.kenndeymanget.com/rd/ 		243 B
360 B 		Document
General
Check archive.org
Download Go to
Full URL
http://kaqsidzw.kenndeymanget.com/rd/c1469QEFOv1361JQKf493854mAq13086pMks322
Protocol
HTTP/1.1
Server
185.174.30.23 , Turkey, ASN51559 (NETINTERNET Netinternet Bilisim Teknolojileri AS, TR),
Reverse DNS
agy2.ished1.site
Software
/
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Length
243
Content-Type
text/html; charset=utf-8
Date
Mon, 27 Mar 2023 21:25:13 GMT
a530476a-2d72-4fc5-a821-8d0262d331a2
armalecom-squessels.icu/
Redirect Chain
  • http://kaqsidzw.kenndeymanget.com/track/c1469QEFOv1361JQKf493854mAq13086pMks322
  • https://www.onestoolslives.com/74MCDP6/22G8T7HT/?sub1=9&sub2=322-1469&sub3=1361-493854-13086
  • https://dtr.websforshops.net/aff_c?offer_id=7700&aff_id=1045&aff_sub2=e781e46739434ca0a9e04795a380a42f&aff_sub=3781&aff_unique1=&aff_unique2=&aff_unique3=&aff_unique=&aff_unique5=&aff_sub3=&aff_sub...
  • https://theproducthub.net/c/KdPfRTz?s1=10297f5ffe605259bd624beeb70351&s2=1045&s3=3781&offer_id=7700&first=&last=&country=&zip=&city=&address=&email=&phone=
  • https://armalecom-squessels.icu/a530476a-2d72-4fc5-a821-8d0262d331a2?address=&email=&phone=&first=&last=&country=&zip=&city=&external_id=2b7d5c07-a4d7-45c3-8099-2307c9d6eca2
630 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://armalecom-squessels.icu/a530476a-2d72-4fc5-a821-8d0262d331a2?address=&email=&phone=&first=&last=&country=&zip=&city=&external_id=2b7d5c07-a4d7-45c3-8099-2307c9d6eca2
Requested by
Host: kaqsidzw.kenndeymanget.com
URL: http://kaqsidzw.kenndeymanget.com/rd/c1469QEFOv1361JQKf493854mAq13086pMks322
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.195.19.123 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-19-123.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
15a92fd3f51626d7fab11f6c26caa7ccf7373370dcea98117bcad5af9a313674

Request headers

Referer
http://kaqsidzw.kenndeymanget.com/rd/c1469QEFOv1361JQKf493854mAq13086pMks322
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, pre-check=0, post-check=0
content-type
text/html;charset=UTF-8
date
Mon, 27 Mar 2023 21:25:14 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
server
nginx

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7aeab46a3ed99b63-FRA
content-type
text/html; charset=UTF-8
date
Mon, 27 Mar 2023 21:25:14 GMT
location
https://armalecom-squessels.icu/a530476a-2d72-4fc5-a821-8d0262d331a2?address=&email=&phone=&first=&last=&country=&zip=&city=&external_id=2b7d5c07-a4d7-45c3-8099-2307c9d6eca2
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BExeBDVz4LiydhpJYkB0a5TJrxP6RjiarrSb3qc%2F%2FW6ROgkuOjGa6EC2kzsgXApMhu88GsSoOR02CLhaLF5z77o4But5ewmQ%2BXs4EkLQJJ8BzSFqBzEcbaOhjhwIjnH3Z5GJuROt4oZiQXk0SN7vDg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
d3fa545a-a903-4b2a-b3b3-37c04d28fe81
track.tranklatsall.com/ 		625 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://track.tranklatsall.com/d3fa545a-a903-4b2a-b3b3-37c04d28fe81?click_id=wlk15ppp6u4obdjnimutp88m&camp-id=a530476a-2d72-4fc5-a821-8d0262d331a2
Requested by
Host: armalecom-squessels.icu
URL: https://armalecom-squessels.icu/a530476a-2d72-4fc5-a821-8d0262d331a2?address=&email=&phone=&first=&last=&country=&zip=&city=&external_id=2b7d5c07-a4d7-45c3-8099-2307c9d6eca2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.192.249.87 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-192-249-87.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
fd5a0b1f3dc0de0308844d1fa6921d4b8923cc368288a52f1660f6ec6e31f4d7

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, pre-check=0, post-check=0
content-length
625
content-type
text/html;charset=UTF-8
date
Mon, 27 Mar 2023 21:25:14 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
server
nginx
redirect
track.uptruckthat.com/ 		438 B
600 B 		Document
General
Check archive.org
Download Go to
Full URL
https://track.uptruckthat.com/redirect?target=BASE64aHR0cHM6Ly93d3cubWVsb3ZldHJhY2tpbmcudG9wLzIyN000NC9ITE1MNDQvP3N1YjE9d2toNnI4ZHB1Y2l1dGRqbjI0aG9qaWU0JmZpcnN0X25hbWU9Jmxhc3RfbmFtZT0mYWRkcmVzcz0memlwX2NvZGU9YTUzMDQ3NmEtMmQ3Mi00ZmM1LWE4MjEtOGQwMjYyZDMzMWEyJmNpdHk9JnBob25lX251bWJlcj0mZW1haWw9&ts=1679952314286&hash=A4WCgQuy1rnn65f_1R5_cK-3_31OPq7S_I8NZ8mO3kU&rm=D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.192.249.87 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-192-249-87.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
9ee2de4091059af05dd87c26800eb2b0c7c64df6549192ce6d134f27716fa6be

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, pre-check=0, post-check=0
content-length
438
content-type
text/html;charset=UTF-8
date
Mon, 27 Mar 2023 21:25:14 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
server
nginx
Primary Request 0e0n59AOysYi
campaign.campaignworld.co/
Redirect Chain
  • https://www.melovetracking.top/227M44/HLML44/?sub1=wkh6r8dpuciutdjn24hojie4&first_name=&last_name=&address=&zip_code=a530476a-2d72-4fc5-a821-8d0262d331a2&city=&phone_number=&email=
  • https://link.hellovouchers.com/en_US/0e0n59AOysYi?oid=295&affid=23&first_name=&last_name=&address=&zip_code=a530476a-2d72-4fc5-a821-8d0262d331a2&city=&phone_number=&email=&_ef_transaction_id=17f430...
  • https://campaign.campaignworld.co/enter/Ecm03y36P65U9H2zprb8XP7j6d1z390T7IIIeB1zQd?oid=295&affid=23&zip_code=a530476a-2d72-4fc5-a821-8d0262d331a2&_ef_transaction_id=17f4301e53ed469198aab509dae3f133...
  • https://campaign.campaignworld.co/0e0n59AOysYi?oid=295&affid=23&zip_code=a530476a-2d72-4fc5-a821-8d0262d331a2&_ef_transaction_id=17f4301e53ed469198aab509dae3f133&sub1=wkh6r8dpuciutdjn24hojie4
23 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://campaign.campaignworld.co/0e0n59AOysYi?oid=295&affid=23&zip_code=a530476a-2d72-4fc5-a821-8d0262d331a2&_ef_transaction_id=17f4301e53ed469198aab509dae3f133&sub1=wkh6r8dpuciutdjn24hojie4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ac256aff7773f55b2675faa311b8f5e98de2cc70f7776c8fc20a31de328aabda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://track.uptruckthat.com/redirect?target=BASE64aHR0cHM6Ly93d3cubWVsb3ZldHJhY2tpbmcudG9wLzIyN000NC9ITE1MNDQvP3N1YjE9d2toNnI4ZHB1Y2l1dGRqbjI0aG9qaWU0JmZpcnN0X25hbWU9Jmxhc3RfbmFtZT0mYWRkcmVzcz0memlwX2NvZGU9YTUzMDQ3NmEtMmQ3Mi00ZmM1LWE4MjEtOGQwMjYyZDMzMWEyJmNpdHk9JnBob25lX251bWJlcj0mZW1haWw9&ts=1679952314286&hash=A4WCgQuy1rnn65f_1R5_cK-3_31OPq7S_I8NZ8mO3kU&rm=D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache, private
cf-cache-status
DYNAMIC
cf-ray
7aeab47b8e5d2bba-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 27 Mar 2023 21:25:17 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DWYz1ZiVIkpF0euIZ49aN6P8aiTbQ%2BiGQmh9t9VY2H%2BpcaAYY67m4T5pNudtk%2FjdVquE%2BUgZ5M%2FuEgXCBl4rX9cCKL1oroTcH970I0c%2FIXKDQIA1TIt5j97Fzd1908OfGTL%2BMoXWDo9ScKBue0Ui%2FHDcfdMk2e%2BV"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache, private
cf-cache-status
DYNAMIC
cf-ray
7aeab47b3de62bba-FRA
content-type
text/html; charset=UTF-8
date
Mon, 27 Mar 2023 21:25:16 GMT
location
https://campaign.campaignworld.co/0e0n59AOysYi?oid=295&affid=23&zip_code=a530476a-2d72-4fc5-a821-8d0262d331a2&_ef_transaction_id=17f4301e53ed469198aab509dae3f133&sub1=wkh6r8dpuciutdjn24hojie4
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OQGmStXjp8yyw%2FC6iSTvkVAKsLLjP84U%2FHeYqvQzdFbiYwrmGsNRdkpQK9G1CPos0DcxYRKLHg%2F2GyaWn7XBio8ikEgqEtTsewxHcXFkacTTLP%2B8udle91%2BQgp2gwNioSEvQTQ1BRTYBr0hAbYTKCs6Vxvab0ufK"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.6.1/ 		88 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.1/jquery.min.js
Requested by
Host: campaign.campaignworld.co
URL: https://campaign.campaignworld.co/0e0n59AOysYi?oid=295&affid=23&zip_code=a530476a-2d72-4fc5-a821-8d0262d331a2&_ef_transaction_id=17f4301e53ed469198aab509dae3f133&sub1=wkh6r8dpuciutdjn24hojie4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
Origin
https://campaign.campaignworld.co
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Mon, 27 Mar 2023 21:25:17 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
429423
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
27990
last-modified
Fri, 26 Aug 2022 18:34:13 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"63091225-6d56"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wmx62UCBBgPZAf9rEwj%2F9SOE9Q5USksNbmHxYkc8OgvOBD%2BJP%2FURmty%2BZOg6QoibdYlP%2F80NSZa7%2BlE%2B8%2FW9fneE8RQefC2DRlXPaIlYa31RzcG4ysseAD1%2BMC1mQdaVjfPA2lgvee8R88xSscE9O1my"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7aeab481cf6c5c9e-FRA
expires
Sat, 16 Mar 2024 21:25:17 GMT
app.css
cdn1.liquifycdn.com/cp/form-campaign-checkout-v4/assets/css/ 		15 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn1.liquifycdn.com/cp/form-campaign-checkout-v4/assets/css/app.css
Requested by
Host: campaign.campaignworld.co
URL: https://campaign.campaignworld.co/0e0n59AOysYi?oid=295&affid=23&zip_code=a530476a-2d72-4fc5-a821-8d0262d331a2&_ef_transaction_id=17f4301e53ed469198aab509dae3f133&sub1=wkh6r8dpuciutdjn24hojie4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
62ca9d47729a1f67cb61b2ba589761f33d9acc43683362501f50dbafd40808dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Mon, 27 Mar 2023 21:25:17 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css; charset=UTF-8
access-control-allow-origin
*, *
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WRQ9FYgiHQImFm8VuU4VoHCyhKBb3GnFui2LP2G88PUvZ4ifr1AMpWXz%2ByyX4h3Jit5%2F2Q8Y%2F9GeVuip9rHE0eBfQBHBg43T5KtFby0PhgDmCZ4R0qiz8Eqdg%2BhFCHbXfXoc7PROy1QvdaTKvo8K1ggi"}],"group":"cf-nel","max_age":604800}
cache-control
no-cache, private
cf-ray
7aeab482ead2bb37-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
styles.css
campaign.campaignworld.co/assets/css/ 		53 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://campaign.campaignworld.co/assets/css/styles.css?id=ed8ac1c08d4d3f9d324296f3094c43d2
Requested by
Host: campaign.campaignworld.co
URL: https://campaign.campaignworld.co/0e0n59AOysYi?oid=295&affid=23&zip_code=a530476a-2d72-4fc5-a821-8d0262d331a2&_ef_transaction_id=17f4301e53ed469198aab509dae3f133&sub1=wkh6r8dpuciutdjn24hojie4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c5b8481febc886b3a96d81e477c3a09e5ca850c0f265d23c52baae54571fdd1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Mon, 27 Mar 2023 21:25:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5153
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Mon, 20 Mar 2023 16:15:32 GMT
server
cloudflare
etag
W/"641886a4-d5db"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZPyvvHn3ZD43tWf2U8B2RA2Kb5euKH2UlQpWAxNYztQDMkVg0WFpHb3OUlb1UEQzXY6zkZbUNAnUYTSeW3pteaGS%2BKyUNmdU2wIz2hPIebA7kWndyCKovyLvNC4Atwff3JnNaR6N6qt6xsttn5QmCB5XxfKxYWgl"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
cf-ray
7aeab481ab652ba9-FRA
jquery.validate.min.js
cdnjs.cloudflare.com/ajax/libs/jquery-validate/1.19.0/ 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery-validate/1.19.0/jquery.validate.min.js
Requested by
Host: campaign.campaignworld.co
URL: https://campaign.campaignworld.co/0e0n59AOysYi?oid=295&affid=23&zip_code=a530476a-2d72-4fc5-a821-8d0262d331a2&_ef_transaction_id=17f4301e53ed469198aab509dae3f133&sub1=wkh6r8dpuciutdjn24hojie4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6eefc13f4d9832e74173dea423bca495ceb7f4cbb888a19434d71a9bc0f69cb7
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
Origin
https://campaign.campaignworld.co
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Mon, 27 Mar 2023 21:25:17 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
2663534
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6955
last-modified
Mon, 04 May 2020 16:11:46 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec2-5f30"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wc168oFfMEKxo7zMVDYQ%2Bat0vVm37WdUQFndbdrImsdqzXrs033AelFu0j2jjH9A4%2FFoyT4f8%2F05un3IGHc4ZLHG1tWaKesMSoxFUjCWrj%2Bj9URSPki%2FsrjoUiZ1OOenJoUouegiXNBQF1yWcNxymo4D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7aeab481ffaa5c9e-FRA
expires
Sat, 16 Mar 2024 21:25:17 GMT
everflow.js
trk.pigsclicks.com/scripts/sdk/ 		60 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trk.pigsclicks.com/scripts/sdk/everflow.js
Requested by
Host: campaign.campaignworld.co
URL: https://campaign.campaignworld.co/0e0n59AOysYi?oid=295&affid=23&zip_code=a530476a-2d72-4fc5-a821-8d0262d331a2&_ef_transaction_id=17f4301e53ed469198aab509dae3f133&sub1=wkh6r8dpuciutdjn24hojie4
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
167.99.45.28 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
fe6ffaf44c518e8e48b6cdb545a6392eee162b8986ab1fef3529a119572c9ae1
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Mon, 27 Mar 2023 21:25:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
strict-transport-security
max-age=31536000;
transfer-encoding
chunked
x-xss-protection
1;mode=block
referrer-policy
same-origin
server
nginx
accept-ch
Sec-Ch-Ua-Platform-Version
vary
Origin
x-frame-options
SAMEORIGIN
content-type
text/javascript
cache-control
max-age=14400
permissions-policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
x-eflow-request-id
a654c10a-c764-4eb1-b609-6c3d29df9d8d
jquery-3.6.1.min.js
code.jquery.com/ 		88 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.6.1.min.js
Requested by
Host: campaign.campaignworld.co
URL: https://campaign.campaignworld.co/0e0n59AOysYi?oid=295&affid=23&zip_code=a530476a-2d72-4fc5-a821-8d0262d331a2&_ef_transaction_id=17f4301e53ed469198aab509dae3f133&sub1=wkh6r8dpuciutdjn24hojie4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:3b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74

Request headers

Referer
Origin
https://campaign.campaignworld.co
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Mon, 27 Mar 2023 21:25:17 GMT
content-encoding
gzip
last-modified
Fri, 26 Aug 2022 17:36:05 GMT
server
nginx
etag
W/"63090485-15e40"
vary
Accept-Encoding
x-hw
1679952317.dop010.fr8.t,1679952317.cds108.fr8.hn,1679952317.cds258.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
30957
Segoe%20UI.woff
cdn1.liquifycdn.com/cp/form-campaign-checkout-v4/assets/fonts/ 		19 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn1.liquifycdn.com/cp/form-campaign-checkout-v4/assets/fonts/Segoe%20UI.woff
Requested by
Host: cdn1.liquifycdn.com
URL: https://cdn1.liquifycdn.com/cp/form-campaign-checkout-v4/assets/css/app.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f424915a692bc5a458d6e7d9c99e4fe0cf5cb8883bd3516b01d4fef5da8d3663

Request headers

Referer
https://cdn1.liquifycdn.com/cp/form-campaign-checkout-v4/assets/css/app.css
Origin
https://campaign.campaignworld.co
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Mon, 27 Mar 2023 21:25:17 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3679
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
19904
last-modified
Mon, 27 Mar 2023 06:58:43 GMT
server
cloudflare
etag
"64213ea3-4dc0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7Z%2FdbQHri6JYrVQZ2krD%2BPSE05eEUyEbM88ldhH5IKsgs9b8ZAWaR0uyr51bdgdebHPCY1yZn8zUc2jNL5qAl0VHu3s9mv5QAiAzIjuTjVXEYhdtxdnHIoHhRFzqLQniBMVSfguEZOHrsH2TqhJmnleJ"}],"group":"cf-nel","max_age":604800}
content-type
font/woff
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7aeab4836b3d9235-FRA
SegoeUI-Semibold.woff
cdn1.liquifycdn.com/cp/form-campaign-checkout-v4/assets/fonts/ 		433 KB
434 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn1.liquifycdn.com/cp/form-campaign-checkout-v4/assets/fonts/SegoeUI-Semibold.woff
Requested by
Host: cdn1.liquifycdn.com
URL: https://cdn1.liquifycdn.com/cp/form-campaign-checkout-v4/assets/css/app.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1262ac155e399de63cf7272fbc295863b2f43c61ba58cd8b255d689e771a5fc1

Request headers

Referer
https://cdn1.liquifycdn.com/cp/form-campaign-checkout-v4/assets/css/app.css
Origin
https://campaign.campaignworld.co
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Mon, 27 Mar 2023 21:25:17 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3679
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
443880
last-modified
Mon, 27 Mar 2023 06:58:43 GMT
server
cloudflare
etag
"64213ea3-6c5e8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A7dMW5Glw%2FuFbQmHFrkPmQkOaw7gQMwRBE%2FcDU0bDa6O8HJUKGmcsHvSMmxEPervhv6T20YZBNwx7kDndFuQ%2Fp5eFZV5YTcE7pteh7lgyM6m5ydE5mOxxkfimvZSgkjMM8XIrwkJSTys9nCdbFTi1vV%2B"}],"group":"cf-nel","max_age":604800}
content-type
font/woff
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7aeab4836b3e9235-FRA
click
trk.pigsclicks.com/sdk/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
trk.pigsclicks.com
URL
https://trk.pigsclicks.com/sdk/click?effp=eae3d3d5f0dab4da8c1f4ef3ff1d7745&sec_ch_ua_platform=&sec_ch_ua_platform_version=&_ef_transaction_id=17f4301e53ed469198aab509dae3f133&oid=295&affid=23&__cc=&async=json&sub1=wkh6r8dpuciutdjn24hojie4

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless function| $ function| jQuery

12 Cookies

Domain/Path Name / Value
dtr.websforshops.net/ Name: enc_aff_session_7700
Value: ENC03e9c8a8a33e5c4d504f50fa6b4264e60afebf53284ec39db9d3ab1d005bde37ca82654f43288ddeae2ac2292a50888689392a19c9ed4c556444f14a872799f956f25c699d5d006c4d76fa857b1bf1f82ed7f7464a3d86901066358f563377785e75e24911178ce9fffbd5ac48dfcd1f697d746c5ebbbcabe76cbe3e752dd75fa53fde80211b2d34596a3c646a3800a4b285b060852d941bc2449e837d7834883728f3c33f1a5f338f7cdc563d25649ca5ac9b48a9e610735d0f34952d798b30de1f548fe2
dtr.websforshops.net/ Name: ho_mob
Value: eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9vc192ZXJzaW9uIjoiMCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJDaHJvbWUiLCJtb2JpbGVfZGV2aWNlX2JyYW5kIjoiR29vZ2xlIiwibW9iaWxlX2Jyb3dzZXIiOiJDaHJvbWUgRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiIxMTEiLCJtb2JpbGVfY2FycmllciI6Ij8iLCJ1c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IFg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgTGlrZSBHZWNrbykgQ2hyb21lLzExMS4wLjU1NjMuMTEwIFNhZmFyaS81MzcuMzYiLCJhY2NlcHRfbGFuZ3VhZ2UiOiJkZS1ERSxkZTtxPTAuOSIsImNvbm5lY3Rpb25fc3BlZWQiOiJicm9hZGJhbmQifQ==
theproducthub.net/ Name: XSRF-TOKEN
Value: eyJpdiI6InJlVzRjU1M5ZDJnY3RiNmt6MXJmaXc9PSIsInZhbHVlIjoiM1pURy84aTFMZm1IMkNvT25qdmJUSlBNcm42RllYMjV6Uk50UkNES2NKbUVRVnNXNmxGNURCbUdGVThmbEhWRUdrRnF6REl5RlRQTGtJajhZV2ROZHJqZXNqUjlNU25TRlJVSVZaUFV0cTV1dFpmWDNPdkdtQmNVYllNSVVaeW8iLCJtYWMiOiIzODEyZjg5ZmUwMmRhZGU0MzA1N2NjYTI2OTRlYmNjYTkyYzg0NGQ3OGIyNTU4ZDZlZTJmZDUzMDAwNWIyYjhmIiwidGFnIjoiIn0%3D
theproducthub.net/ Name: SESSION_ID
Value: PlOqcXv6ovmmx6S4eo4EcuYdl0MFAUEiaGhDAHW1
.armalecom-squessels.icu/ Name: a530476a-2d72-4fc5-a821-8d0262d331a2-v4
Value: 0mqYTz5sJbI3w6gbQUbf2yQxbE5pFJYjujRAuuY6YBw
.armalecom-squessels.icu/ Name: cc-v4
Value: Y1K5FneGpItZ%2FltuOV1YZZFVhAHWqMLaiUktSet06KoBWu9xowOWetzzpYUy%2FVwj5AA63nHem9oRVSpCbqs%2B48TZdAHfIZc3w3b4eCt0c7as6z27GO5UgYe3TwKZ9fP6rEx5i1zW9vdxVZiLPQXHPA%3D%3D
.track.tranklatsall.com/ Name: d3fa545a-a903-4b2a-b3b3-37c04d28fe81-v4
Value: dG4ki0lBnjkbFmcflza_gFuK1PANT7EdUpzHiX_rDXQ
.track.tranklatsall.com/ Name: cc-v4
Value: Mo8Qr5AJufgxAQRnz0bbMlghh9MB%2BGuE0ghxfVPxNNXG5jyNoc9i3wNhyEAPAOmryByCIhVJGxUjGh7cbqLiCBjguUoIh%2B%2BsxWaWk5AcZNijKym5b6iLkEOmy%2BFhEH%2FZZA4FuHXG0OX5AwKtMxY4UA%3D%3D
link.hellovouchers.com/ Name: XSRF-TOKEN
Value: eyJpdiI6IlJZWXo3bU5SQ2ZKb0FHZzF0cVZaQnc9PSIsInZhbHVlIjoiWjRjRUJRMFIxRUFWTlFuTWo5ZVE1REkwNzYxRDltN2VsRFQ4YUMzd0JYK1hHU1oxRzRIckN6VStGaGpNV3ZoVFp5S3BYVzZON09GYkFoeHR0blFqYXZpOUYrdVF6MXFDQXkxZ1JvY1hWUmg5WFRCSEFvMzI3cFRIT21PNU1BWXAiLCJtYWMiOiIxN2E1ZGRiOTkyYjA4NmYyYjMxMTEyYzE4MmJiODBiMmMzZGU1ZjM4ZWEzNjM5N2I1YzUwNmIzNDk5YmNmYzNhIiwidGFnIjoiIn0%3D
link.hellovouchers.com/ Name: spring_session
Value: eyJpdiI6InJsUU45OTVISGQ1cGk5VGZ2Y291MUE9PSIsInZhbHVlIjoiV1IyZGNWUjRmRXlWY0l6cFpRODJOYU0zazRBLzZBb2c2YjF4bWlPUmE1T1BHU3NPM3dzLzFmbCtkZmtzYUhXOGtPL3VTcU9lM2NLSFVZbjZ0dEVkNTVVWC90SmlyTnAvemNyWkZZdUtFV0pjVDlTNC83UkFmeU9OLzF2eGUxNEUiLCJtYWMiOiI3ZTY2ZDhhMTEyYTFhY2MyMTNlOTc4YmVmYTlhMjEzNDA1N2FkZTkwNWI4NzdkZDkwNGYyYTNlNjQ0NWNhNDJhIiwidGFnIjoiIn0%3D
campaign.campaignworld.co/ Name: XSRF-TOKEN
Value: eyJpdiI6IlZvbVZYS0g5cWFxeHZ2TzA2dG8rdnc9PSIsInZhbHVlIjoiak83WGVEWGJIcThFcWdRZnY1SzljUVdjL0MySi9TU3FnS3lDUmRWY2lCL0pIbTdZUTFzUmRpVzVhRStjOXE2YUkzMDU2aWpRNXF6WXBkRjRiOGRya2tsNSttWmN3L0dlVlBlR0t6WUFwQjdIMDBMTk5GMGFRUG5Wb0RzU0w5S2ciLCJtYWMiOiJmYmY5MjI3ZmVkMjY0MTU4MDNiNzkyZGU0ZGU4ZmVkYmFjN2U4MzM3YzAzMjRmM2U0YzY3MGExZWFmMjcwNTE1IiwidGFnIjoiIn0%3D
campaign.campaignworld.co/ Name: sitesession
Value: eyJpdiI6Imh6M2N1bU8xaHp0cUpLMjJQOG5qSGc9PSIsInZhbHVlIjoiNzQrM3pwOUo1azVZMzRlWEdCR3NiYml0MkhPVmhoR0F5MkZXc1p1bWpJTzhBMzR2a3FKSzNqS3JEakh0WkVlQ1ZWanFKT29SWnBVSUdFc3h1c3MrcWM4NmFxbHhTZ01VVFdQaU1CVi9QTFl3allYcU5yNWprMHFiTUhaaWx3UFIiLCJtYWMiOiJiMGViYzg5YjJhNDQyZGY5YmU5YmM0MjBlODhmZmY4NmFlYmQwNWFlMmNkYTcyYjFiNTQ5YTYyNmU3ODYwZGFhIiwidGFnIjoiIn0%3D