saloei.com Open in urlscan Pro
93.115.241.138  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request mz940490xv6ef Show response saloei.com/index.php/campaigns/tj450mmm8s32c/web-version/	47 KB 7 KB	202ms 164ms	Document text/html	93.115.241.138 CH-NET-AS
General Check archive.org Show headers Download Go to Full URL http://saloei.com/index.php/campaigns/tj450mmm8s32c/web-version/mz940490xv6ef Protocol HTTP/1.1 Server 93.115.241.138 , Romania, ASN41011 (CH-NET-AS, RO), Reverse DNS mail.iridrive.ro Software nginx / PHP/7.3.31 Resource Hash 9488f35c97ec51908b89eb8a66394d1514bc0be1f48f834281a9ba5c147a7b97 Security Headers Name Value X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Cache-Control no-store, no-cache, must-revalidate Connection keep-alive Content-Encoding gzip Content-Type text/html; charset=UTF-8 Date Fri, 03 Jun 2022 10:54:20 GMT Expires Thu, 19 Nov 1981 08:52:00 GMT Keep-Alive timeout=60 Pragma no-cache Server nginx Transfer-Encoding chunked Vary Accept-Encoding X-Powered-By PHP/7.3.31 X-XSS-Protection 1; mode=block
GET H2	200	NM8iYypPrhpCK1pSTB3XmHfN70f6a9LttJxax3uBvQ9jo4U1-OAHk1IHcX6wO_XRDzC4LqUzW0ai9qYOnLJnEPDVwEjeqnNWF157nS-zuoE4ahZ040UfHYmWZ8HuRWjV-IEbuLM=s0-d-e1-ft ci3.googleusercontent.com/proxy/	16 KB 17 KB	145ms 46ms	Image image/png	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://ci3.googleusercontent.com/proxy/NM8iYypPrhpCK1pSTB3XmHfN70f6a9LttJxax3uBvQ9jo4U1-OAHk1IHcX6wO_XRDzC4LqUzW0ai9qYOnLJnEPDVwEjeqnNWF157nS-zuoE4ahZ040UfHYmWZ8HuRWjV-IEbuLM=s0-d-e1-ft Requested by Host: saloei.com URL: http://saloei.com/index.php/campaigns/tj450mmm8s32c/web-version/mz940490xv6ef Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software fife / Resource Hash 450ad214e9a4ac5f0c59fac664f1fa0241814e95f78b2143c0b25e91095d1fba Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer http://saloei.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Fri, 03 Jun 2022 08:20:37 GMT x-content-type-options nosniff age 9223 cross-origin-resource-policy cross-origin content-disposition attachment;filename="unnamed.png" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 16513 x-xss-protection 0 server fife vary Origin content-type image/png access-control-allow-origin * access-control-expose-headers Content-Length cache-control public, max-age=86400, no-transform, must-revalidate timing-allow-origin * expires Sat, 04 Jun 2022 08:20:37 GMT
GET H/1.1	200 OK	Postcards.png se-crm.s3.eu-west-1.amazonaws.com/images/Third-Party-Emails/	2 MB 2 MB	162ms 41ms	Image image/png	52.218.105.3 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://se-crm.s3.eu-west-1.amazonaws.com/images/Third-Party-Emails/Postcards.png Requested by Host: saloei.com URL: http://saloei.com/index.php/campaigns/tj450mmm8s32c/web-version/mz940490xv6ef Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.218.105.3 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS s3-eu-west-1-r-w.amazonaws.com Software AmazonS3 / Resource Hash 300852d81e9d58582647ffe9402fcb9a4376d35b889f42e045deef8763e016a3 Request headers accept-language de-DE,de;q=0.9 Referer http://saloei.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers Date Fri, 03 Jun 2022 10:54:21 GMT Last-Modified Fri, 27 May 2022 14:29:17 GMT Server AmazonS3 x-amz-request-id QWS661S8N29JQG49 ETag "29976371525b63277d60d0c6ebc00a03" Content-Type image/png Accept-Ranges bytes Content-Length 1587294 x-amz-id-2 +nNexnWedVzw/R9ld/GckSWqFUFMcnLtokN79HvRHM3uAvTqitN/2d7hs36orv2PVuxkliQmtNU=
GET H/1.1	200 OK	Best_SELL_1.png se-crm.s3.eu-west-1.amazonaws.com/images/Third-Party-Emails/	573 KB 574 KB	130ms 43ms	Image image/png	52.218.105.3 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://se-crm.s3.eu-west-1.amazonaws.com/images/Third-Party-Emails/Best_SELL_1.png Requested by Host: saloei.com URL: http://saloei.com/index.php/campaigns/tj450mmm8s32c/web-version/mz940490xv6ef Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.218.105.3 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS s3-eu-west-1-r-w.amazonaws.com Software AmazonS3 / Resource Hash c25082a465f13a59aced317be92e1c2f6785b1a98d2782737dfd43fd827fe9ca Request headers accept-language de-DE,de;q=0.9 Referer http://saloei.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers Date Fri, 03 Jun 2022 10:54:21 GMT Last-Modified Fri, 27 May 2022 16:26:21 GMT Server AmazonS3 x-amz-request-id QWS2WHQ7HA6FB3CJ ETag "925e46215199301f0d953467d747a178" Content-Type image/png Accept-Ranges bytes Content-Length 587165 x-amz-id-2 8Ihw10wFkNumB6yuhRs2YBZNK99MV/UX+GmIygqL6aSttDJboFrm6F4Kn7OhY63tQNr/9MgtFPQ=
GET H2	200	bYe_rxw8v1ZbmLn9baTkp-AY73HVDAVmNebN4TFut6OJDEl3z12wMLaMJCjlufPU_hUVs74Qwrg7dkPq-xYJYgHQWOqIABUbox36nBiNxcqHYVVsGR9Wb4YjF0M=s0-d-e1-ft ci3.googleusercontent.com/proxy/	1 KB 1 KB	123ms 58ms	Image image/png	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://ci3.googleusercontent.com/proxy/bYe_rxw8v1ZbmLn9baTkp-AY73HVDAVmNebN4TFut6OJDEl3z12wMLaMJCjlufPU_hUVs74Qwrg7dkPq-xYJYgHQWOqIABUbox36nBiNxcqHYVVsGR9Wb4YjF0M=s0-d-e1-ft Requested by Host: saloei.com URL: http://saloei.com/index.php/campaigns/tj450mmm8s32c/web-version/mz940490xv6ef Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software fife / Resource Hash 080449b817c796ea944dcd1b82fa6a59cbf7444e81d14ad1140f6298cd7b0ade Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer http://saloei.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Fri, 03 Jun 2022 08:55:09 GMT x-content-type-options nosniff age 7151 cross-origin-resource-policy cross-origin content-disposition attachment;filename="unnamed.png" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1095 x-xss-protection 0 server fife vary Origin content-type image/png access-control-allow-origin * access-control-expose-headers Content-Length cache-control public, max-age=86400, no-transform, must-revalidate timing-allow-origin * expires Sat, 04 Jun 2022 08:55:09 GMT
GET H/1.1	200 OK	Best_seller_2.png se-crm.s3.eu-west-1.amazonaws.com/images/Third-Party-Emails/	616 KB 617 KB	143ms 55ms	Image image/png	52.218.105.3 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://se-crm.s3.eu-west-1.amazonaws.com/images/Third-Party-Emails/Best_seller_2.png Requested by Host: saloei.com URL: http://saloei.com/index.php/campaigns/tj450mmm8s32c/web-version/mz940490xv6ef Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.218.105.3 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS s3-eu-west-1-r-w.amazonaws.com Software AmazonS3 / Resource Hash e7303ed46b914a73dd2b519d8e4be115aa56c7a61a663aefc27f9248f2b5b650 Request headers accept-language de-DE,de;q=0.9 Referer http://saloei.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers Date Fri, 03 Jun 2022 10:54:21 GMT Last-Modified Fri, 27 May 2022 16:26:21 GMT Server AmazonS3 x-amz-request-id QWS1N8YRX1KK447G ETag "0d92e5c239fc33c65828ef2060ab2335" Content-Type image/png Accept-Ranges bytes Content-Length 631149 x-amz-id-2 XkGWe9OQ2wzA2RshXLVWewGdqTkJ6G96t9hAXswyeN48oago1QeQpqYqTJTt47cnFw+w2zbkZL4=
GET H/1.1	200 OK	best_seller3.png se-crm.s3.eu-west-1.amazonaws.com/images/Third-Party-Emails/	620 KB 620 KB	139ms 45ms	Image image/png	52.218.105.3 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://se-crm.s3.eu-west-1.amazonaws.com/images/Third-Party-Emails/best_seller3.png Requested by Host: saloei.com URL: http://saloei.com/index.php/campaigns/tj450mmm8s32c/web-version/mz940490xv6ef Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.218.105.3 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS s3-eu-west-1-r-w.amazonaws.com Software AmazonS3 / Resource Hash e7c068c401ffc23b13930a187fb7ce99baa4fb84683237cdad458d19f074ee0d Request headers accept-language de-DE,de;q=0.9 Referer http://saloei.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers Date Fri, 03 Jun 2022 10:54:21 GMT Last-Modified Fri, 27 May 2022 16:26:20 GMT Server AmazonS3 x-amz-request-id QWS7W0XYZ02Z44S1 ETag "d0b24b7fd4308691a618c7ace268edc4" Content-Type image/png Accept-Ranges bytes Content-Length 634853 x-amz-id-2 +k8x2EG8JAaOhwI+w77CMdEOOopC4dxaW3gl/lSEDHiZwokrPwHZRN575+HkamrCYGDqllNO7LY=
GET H/1.1	200 OK	Best-seller_4.png se-crm.s3.eu-west-1.amazonaws.com/images/Third-Party-Emails/	690 KB 691 KB	148ms 44ms	Image image/png	52.218.105.3 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://se-crm.s3.eu-west-1.amazonaws.com/images/Third-Party-Emails/Best-seller_4.png Requested by Host: saloei.com URL: http://saloei.com/index.php/campaigns/tj450mmm8s32c/web-version/mz940490xv6ef Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.218.105.3 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS s3-eu-west-1-r-w.amazonaws.com Software AmazonS3 / Resource Hash 50666a328c7b78c2a1a5303f8a5ebb7a5c81ea9d7c28731473d655e40da1c544 Request headers accept-language de-DE,de;q=0.9 Referer http://saloei.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers Date Fri, 03 Jun 2022 10:54:21 GMT Last-Modified Fri, 27 May 2022 16:26:19 GMT Server AmazonS3 x-amz-request-id QWS9240TSG7VMSV5 ETag "50365178f833ff86ba3958bb437a8175" Content-Type image/png Accept-Ranges bytes Content-Length 706838 x-amz-id-2 Xx5/IFh8Ex7F1D39iscmevKEpWn6jr7TIkapbCvY10bWyunRCnnc3zReJ3y6FnmJ4KMindXQe94=
GET H2	200	iRo-V1VmmWeaYCNBe7jTGKwzG5pp_T8xnMK36dWAp1ibEYZrvUteL0QzAd_AtwMrD4dcnl3-ikRe3cYRTnWe4XgxLpbH0GQr8kJVfCnfeaLmrZFEMHltb5sGFw=s0-d-e1-ft ci6.googleusercontent.com/proxy/	1 KB 2 KB	165ms 37ms	Image image/png	2a00:1450:4001:803::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://ci6.googleusercontent.com/proxy/iRo-V1VmmWeaYCNBe7jTGKwzG5pp_T8xnMK36dWAp1ibEYZrvUteL0QzAd_AtwMrD4dcnl3-ikRe3cYRTnWe4XgxLpbH0GQr8kJVfCnfeaLmrZFEMHltb5sGFw=s0-d-e1-ft Requested by Host: saloei.com URL: http://saloei.com/index.php/campaigns/tj450mmm8s32c/web-version/mz940490xv6ef Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software fife / Resource Hash 1f46c6faa1c2cb7c7d2a6654c3a476b738bfd8833d44cb803a113075fea0e356 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer http://saloei.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Fri, 03 Jun 2022 08:17:05 GMT x-content-type-options nosniff age 9435 cross-origin-resource-policy cross-origin content-disposition attachment;filename="unnamed.png" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1246 x-xss-protection 0 server fife vary Origin content-type image/png access-control-allow-origin * access-control-expose-headers Content-Length cache-control public, max-age=86400, no-transform, must-revalidate timing-allow-origin * expires Sat, 04 Jun 2022 08:17:05 GMT
GET H2	200	oRGE4Yy0exGqSsCEB6x5z2oqFKM_37N2FnQG0VL8s5Fh0uCdi8vkDUM7X8Bw-0b4DfPDitO2_x9p-EcJKOVOpQgh9fst9B_CUGw2rXZgVhJYXOkx8a9l_kZRSH8zzh4=s0-d-e1-ft ci6.googleusercontent.com/proxy/	8 KB 8 KB	169ms 41ms	Image image/png	2a00:1450:4001:803::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://ci6.googleusercontent.com/proxy/oRGE4Yy0exGqSsCEB6x5z2oqFKM_37N2FnQG0VL8s5Fh0uCdi8vkDUM7X8Bw-0b4DfPDitO2_x9p-EcJKOVOpQgh9fst9B_CUGw2rXZgVhJYXOkx8a9l_kZRSH8zzh4=s0-d-e1-ft Requested by Host: saloei.com URL: http://saloei.com/index.php/campaigns/tj450mmm8s32c/web-version/mz940490xv6ef Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software fife / Resource Hash b3bc68e30d81bf7f774fb9ff7928bcdd9f90b205a79f46218d023f936414dacf Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer http://saloei.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Fri, 03 Jun 2022 09:03:54 GMT x-content-type-options nosniff age 6626 cross-origin-resource-policy cross-origin content-disposition attachment;filename="unnamed.png" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 7832 x-xss-protection 0 server fife vary Origin content-type image/png access-control-allow-origin * access-control-expose-headers Content-Length cache-control public, max-age=86400, no-transform, must-revalidate timing-allow-origin * expires Sat, 04 Jun 2022 09:03:54 GMT
GET H2	200	MttlyTBb1SAmhU21fvctghh3kxPkS9-ecLk8446H448o1UshKcM-tyjr7E2ct1NJacN9lMfmSIJLGhfqRXsjqCgpxHmjsOdDGPoRdftFkd2gC_FgyylpNNVgtDae1A=s0-d-e1-ft ci6.googleusercontent.com/proxy/	5 KB 5 KB	166ms 39ms	Image image/png	2a00:1450:4001:803::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://ci6.googleusercontent.com/proxy/MttlyTBb1SAmhU21fvctghh3kxPkS9-ecLk8446H448o1UshKcM-tyjr7E2ct1NJacN9lMfmSIJLGhfqRXsjqCgpxHmjsOdDGPoRdftFkd2gC_FgyylpNNVgtDae1A=s0-d-e1-ft Requested by Host: saloei.com URL: http://saloei.com/index.php/campaigns/tj450mmm8s32c/web-version/mz940490xv6ef Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software fife / Resource Hash bceb92d52ef7fab549d52c99dd5a300f7fa3f0c1fcd6c1aacddc893810e58d3d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer http://saloei.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Fri, 03 Jun 2022 09:03:54 GMT x-content-type-options nosniff age 6626 cross-origin-resource-policy cross-origin content-disposition attachment;filename="unnamed.png" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 5108 x-xss-protection 0 server fife vary Origin content-type image/png access-control-allow-origin * access-control-expose-headers Content-Length cache-control public, max-age=86400, no-transform, must-revalidate timing-allow-origin * expires Sat, 04 Jun 2022 09:03:54 GMT
GET H/1.1	200 OK	aff_i trk.cleandmed.com/	43 B 523 B	78ms 31ms	Image image/gif	52.210.174.128 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL http://trk.cleandmed.com/aff_i?offer_id=2788&aff_id=1063&file_id=9909 Requested by Host: saloei.com URL: http://saloei.com/index.php/campaigns/tj450mmm8s32c/web-version/mz940490xv6ef Protocol HTTP/1.1 Server 52.210.174.128 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-210-174-128.eu-west-1.compute.amazonaws.com Software nginx / Resource Hash ac05f643d51698438fc2504bc237b5a39ce1248b037dbf446aaca4ce65c3182c Request headers accept-language de-DE,de;q=0.9 Referer http://saloei.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers Pragma no-cache Date Fri, 03 Jun 2022 10:54:20 GMT Content-Encoding gzip Server nginx Tracking_id 102045f66da1b8c81cada4606b2cf5 Transfer-Encoding chunked Content-Type image/gif Access-Control-Allow-Origin * Cache-Control no-cache, no-store, must-revalidate Connection keep-alive Access-Control-Allow-Headers Tune-SDK-Version X-Request-Id 65158efdb8dbbc0d569a264e25b4f265 Expires Sat, 26 Jul 1997 05:00:00 GMT
GET H/1.1	200 OK	mz940490xv6ef saloei.com/index.php/campaigns/tj450mmm8s32c/track-opening/	0 488 B	170ms 170ms	Image application/json	93.115.241.138 CH-NET-AS
General Check archive.org Show headers Download Go to Show image Full URL http://saloei.com/index.php/campaigns/tj450mmm8s32c/track-opening/mz940490xv6ef Requested by Host: saloei.com URL: http://saloei.com/index.php/campaigns/tj450mmm8s32c/web-version/mz940490xv6ef Protocol HTTP/1.1 Server 93.115.241.138 , Romania, ASN41011 (CH-NET-AS, RO), Reverse DNS mail.iridrive.ro Software nginx / PHP/7.3.31 Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer http://saloei.com/index.php/campaigns/tj450mmm8s32c/web-version/mz940490xv6ef User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers Pragma no-cache Date Fri, 03 Jun 2022 10:54:20 GMT Last-Modified Fri, 03 Jun 2022 10:54:20 GMT Server nginx X-Powered-By PHP/7.3.31 P3P CP="OTI DSP COR CUR IVD CONi OTPi OUR IND UNI STA PRE" Cache-Control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection keep-alive Content-Type application/json Keep-Alive timeout=60 Content-Length 0 X-XSS-Protection 1; mode=block Expires Mon, 26 Jul 1997 05:00:00 GMT
GET H/1.1	200 OK	tpe_background.png se-crm.s3.eu-west-1.amazonaws.com/images/Third-Party-Emails/	2 MB 2 MB	123ms 70ms	Image image/png	52.218.105.3 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://se-crm.s3.eu-west-1.amazonaws.com/images/Third-Party-Emails/tpe_background.png Requested by Host: saloei.com URL: http://saloei.com/index.php/campaigns/tj450mmm8s32c/web-version/mz940490xv6ef Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.218.105.3 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS s3-eu-west-1-r-w.amazonaws.com Software AmazonS3 / Resource Hash 99f192d579098c5a1669c0851bb057311e71566dc2a32a8f2d6042f69c1a09cf Request headers accept-language de-DE,de;q=0.9 Referer http://saloei.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers Date Fri, 03 Jun 2022 10:54:21 GMT Last-Modified Fri, 27 May 2022 14:55:12 GMT Server AmazonS3 x-amz-request-id QWS9ZPBCJ6Y7DSWJ ETag "a164a25f76490f31802ea686e7dfa350" Content-Type image/png Accept-Ranges bytes Content-Length 2070117 x-amz-id-2 cYTbjp5YPR/szIxValEGJhwk6uk6W7QoTLTsvHkjEMNiCRZAGgm7eKyYeEgr5VinEOUmhJT+qqA=
GET H2	200	wOzTQ_uQsvlSb9tEOiPnne8jPmKCzFtOaf3CGjOG0OxycrUFJ8YPz0YJInNnESF-hxNROpkRm5iw-Z4BLb0LzAHRKa-Y-pLEkeQcAVOyeCvKeGH5ZGdaGOYBBVHr2oIw_QBEpUtn=s0-d-e1-ft ci4.googleusercontent.com/proxy/	348 KB 349 KB	156ms 40ms	Image image/jpeg	2a00:1450:4001:812::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://ci4.googleusercontent.com/proxy/wOzTQ_uQsvlSb9tEOiPnne8jPmKCzFtOaf3CGjOG0OxycrUFJ8YPz0YJInNnESF-hxNROpkRm5iw-Z4BLb0LzAHRKa-Y-pLEkeQcAVOyeCvKeGH5ZGdaGOYBBVHr2oIw_QBEpUtn=s0-d-e1-ft Requested by Host: saloei.com URL: http://saloei.com/index.php/campaigns/tj450mmm8s32c/web-version/mz940490xv6ef Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software fife / Resource Hash d2c4e04904eb0881873e2137f8a0c187fa1d1475b87c1c1fc5fcbe0961127833 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer http://saloei.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Fri, 03 Jun 2022 10:50:38 GMT x-content-type-options nosniff age 222 cross-origin-resource-policy cross-origin content-disposition attachment;filename="unnamed.jpg" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 356362 x-xss-protection 0 server fife vary Origin content-type image/jpeg access-control-allow-origin * access-control-expose-headers Content-Length cache-control public, max-age=86400, no-transform, must-revalidate timing-allow-origin * expires Sat, 04 Jun 2022 10:50:38 GMT
GET H2	200	R05IA1iJga02I6jCTt8bSHTOAci--uB09Vkc4uH6pawHmJZ9Gqr5hG6TfnMjNHsVhIPD4Ejo4FqR95_XIW8EOfolY3hns5rrYeQUG8igTvlq5HTFSy9ZfghG3j-4bkU1pH70Z40=s0-d-e1-ft ci4.googleusercontent.com/proxy/	532 KB 533 KB	291ms 176ms	Image image/png	2a00:1450:4001:812::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://ci4.googleusercontent.com/proxy/R05IA1iJga02I6jCTt8bSHTOAci--uB09Vkc4uH6pawHmJZ9Gqr5hG6TfnMjNHsVhIPD4Ejo4FqR95_XIW8EOfolY3hns5rrYeQUG8igTvlq5HTFSy9ZfghG3j-4bkU1pH70Z40=s0-d-e1-ft Requested by Host: saloei.com URL: http://saloei.com/index.php/campaigns/tj450mmm8s32c/web-version/mz940490xv6ef Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software fife / Resource Hash 3cce5269a4c89a939a36f872d69d4be7f296297672e4b20c3bf6a2291d31e42b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer http://saloei.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Fri, 03 Jun 2022 10:50:38 GMT x-content-type-options nosniff age 222 cross-origin-resource-policy cross-origin content-disposition attachment;filename="unnamed.png" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 545193 x-xss-protection 0 server fife vary Origin content-type image/png access-control-allow-origin * access-control-expose-headers Content-Length cache-control public, max-age=86400, no-transform, must-revalidate timing-allow-origin * expires Sat, 04 Jun 2022 10:50:38 GMT
GET H2	200	rL3NbG6WB1apyfFoUT-b6KhnncgKA_fSKn4_hxXM8-ZVH0LZkIgeVlTIQ9QFyLneamOTcvZSP8xHFoH2NRkQO3Hoj324WHzA2r3i1mv_HCGP-qofT_6pON5u4WEc8ZGvTPQzZA=s0-d-e1-ft ci6.googleusercontent.com/proxy/	408 KB 409 KB	185ms 91ms	Image image/png	2a00:1450:4001:803::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://ci6.googleusercontent.com/proxy/rL3NbG6WB1apyfFoUT-b6KhnncgKA_fSKn4_hxXM8-ZVH0LZkIgeVlTIQ9QFyLneamOTcvZSP8xHFoH2NRkQO3Hoj324WHzA2r3i1mv_HCGP-qofT_6pON5u4WEc8ZGvTPQzZA=s0-d-e1-ft Requested by Host: saloei.com URL: http://saloei.com/index.php/campaigns/tj450mmm8s32c/web-version/mz940490xv6ef Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software fife / Resource Hash e2b00cdde136d34652a7921e7d304048c2412015af62d6044efff26e6f42e589 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer http://saloei.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Fri, 03 Jun 2022 10:17:38 GMT x-content-type-options nosniff age 2202 cross-origin-resource-policy cross-origin content-disposition attachment;filename="unnamed.png" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 418030 x-xss-protection 0 server fife vary Origin content-type image/png access-control-allow-origin * access-control-expose-headers Content-Length cache-control public, max-age=86400, no-transform, must-revalidate timing-allow-origin * expires Sat, 04 Jun 2022 10:17:38 GMT
GET H2	200	-1Ca0DH4k0FvBeSAMpAsQTKqrx8dP8cKW5P8v-30sJMFxTws-hS6G-CdYmAuZRP0gd1vUiGGYmIrole-fLD0IyDtql2kOph2T2xxsDDQQhWXXwR8STXd09aYURW0IDzBl8pla4T7cdnopfkf=s0-d-e1-ft ci6.googleusercontent.com/proxy/	40 KB 40 KB	78ms 49ms	Image image/jpeg	2a00:1450:4001:803::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://ci6.googleusercontent.com/proxy/-1Ca0DH4k0FvBeSAMpAsQTKqrx8dP8cKW5P8v-30sJMFxTws-hS6G-CdYmAuZRP0gd1vUiGGYmIrole-fLD0IyDtql2kOph2T2xxsDDQQhWXXwR8STXd09aYURW0IDzBl8pla4T7cdnopfkf=s0-d-e1-ft Requested by Host: saloei.com URL: http://saloei.com/index.php/campaigns/tj450mmm8s32c/web-version/mz940490xv6ef Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software fife / Resource Hash 551fa2e83e59d74afde71718ce7db9e3b3e0ac1f1dd5b477102a7f8962eca25b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer http://saloei.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Fri, 03 Jun 2022 09:47:49 GMT x-content-type-options nosniff age 3991 cross-origin-resource-policy cross-origin content-disposition attachment;filename="unnamed.jpg" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 40751 x-xss-protection 0 server fife vary Origin content-type image/jpeg access-control-allow-origin * access-control-expose-headers Content-Length cache-control public, max-age=86400, no-transform, must-revalidate timing-allow-origin * expires Sat, 04 Jun 2022 09:47:49 GMT

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch object| navigation

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			saloei.com/	1969-12-31 23:59:59	Name: mwsid Value: f51280607091e944daf0859972728b6f

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ci3.googleusercontent.com
ci4.googleusercontent.com
ci6.googleusercontent.com
saloei.com
se-crm.s3.eu-west-1.amazonaws.com
trk.cleandmed.com
2a00:1450:4001:803::2001
2a00:1450:4001:812::2001
2a00:1450:4001:831::2001
52.210.174.128
52.218.105.3
93.115.241.138
080449b817c796ea944dcd1b82fa6a59cbf7444e81d14ad1140f6298cd7b0ade
1f46c6faa1c2cb7c7d2a6654c3a476b738bfd8833d44cb803a113075fea0e356
300852d81e9d58582647ffe9402fcb9a4376d35b889f42e045deef8763e016a3
3cce5269a4c89a939a36f872d69d4be7f296297672e4b20c3bf6a2291d31e42b
450ad214e9a4ac5f0c59fac664f1fa0241814e95f78b2143c0b25e91095d1fba
50666a328c7b78c2a1a5303f8a5ebb7a5c81ea9d7c28731473d655e40da1c544
551fa2e83e59d74afde71718ce7db9e3b3e0ac1f1dd5b477102a7f8962eca25b
9488f35c97ec51908b89eb8a66394d1514bc0be1f48f834281a9ba5c147a7b97
99f192d579098c5a1669c0851bb057311e71566dc2a32a8f2d6042f69c1a09cf
ac05f643d51698438fc2504bc237b5a39ce1248b037dbf446aaca4ce65c3182c
b3bc68e30d81bf7f774fb9ff7928bcdd9f90b205a79f46218d023f936414dacf
bceb92d52ef7fab549d52c99dd5a300f7fa3f0c1fcd6c1aacddc893810e58d3d
c25082a465f13a59aced317be92e1c2f6785b1a98d2782737dfd43fd827fe9ca
d2c4e04904eb0881873e2137f8a0c187fa1d1475b87c1c1fc5fcbe0961127833
e2b00cdde136d34652a7921e7d304048c2412015af62d6044efff26e6f42e589
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7303ed46b914a73dd2b519d8e4be115aa56c7a61a663aefc27f9248f2b5b650
e7c068c401ffc23b13930a187fb7ce99baa4fb84683237cdad458d19f074ee0d