cash-back.leqshop.ru Open in urlscan Pro
45.15.159.67 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://cash-back.leqshop.ru/item/
Effective URL:
https://cash-back.leqshop.ru/
Submission: On April 17 via manual (April 17th 2023, 12:15:27 am UTC) from AU — Scanned from NL

Summary HTTP 69 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 38 IPs in 8 countries across 38 domains to perform 69 HTTP transactions. The main IP is 45.15.159.67, located in Amsterdam, Netherlands and belongs to AEZA-AS, RU. The main domain is cash-back.leqshop.ru.
TLS certificate: Issued by R3 on April 9th 2023. Valid for: 3 months.

This is the only time cash-back.leqshop.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 13	45.15.159.67 45.15.159.67	210644 (AEZA-AS) (AEZA-AS)
1	162.19.58.159 162.19.58.159	16276 (OVH) (OVH)
8	2a02:26f0:480... 2a02:26f0:480:4ac::2a1	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	2620:0:862:ed... 2620:0:862:ed1a::2:b	14907 (WIKIMEDIA) (WIKIMEDIA)
4	2a04:4e42:8d:... 2a04:4e42:8d::159	54113 (FASTLY) (FASTLY)
1	2606:4700::68... 2606:4700::6812:8c7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2.16.123.178 2.16.123.178	16625 (AKAMAI-AS) (AKAMAI-AS)
1	188.42.198.44 188.42.198.44	7979 (SERVERS-COM) (SERVERS-COM)
1	104.198.186.29 104.198.186.29	15169 (GOOGLE) (GOOGLE)
6	2606:4700::68... 2606:4700::6813:a641	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:801::2016	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3033::ac43:a2b4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
1	192.124.249.130 192.124.249.130	30148 (SUCURI-SEC) (SUCURI-SEC)
2	2620:1ec:4f:1... 2620:1ec:4f:1::45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2606:4700::68... 2606:4700::6812:13d1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2.19.126.82 2.19.126.82	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	20.63.32.201 20.63.32.201	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2606:4700:20:... 2606:4700:20::ac43:48de	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.109.74.236 104.109.74.236	16625 (AKAMAI-AS) (AKAMAI-AS)
1	104.109.72.203 104.109.72.203	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2600:9000:205... 2600:9000:2057:d400:1f:2f70:3e80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	178.128.198.159 178.128.198.159	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	2a04:4e42::775 2a04:4e42::775	54113 (FASTLY) (FASTLY)
1	2606:4700:20:... 2606:4700:20::ac43:463c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:808::2001	15169 (GOOGLE) (GOOGLE)
1	151.101.2.245 151.101.2.245	54113 (FASTLY) (FASTLY)
1	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	35.197.92.201 35.197.92.201	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2606:4700:20:... 2606:4700:20::681a:5ba	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	45.60.33.5 45.60.33.5	19551 (INCAPSULA) (INCAPSULA)
1	2606:4700:20:... 2606:4700:20::681a:ef6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:fa87:fff... 2a04:fa87:fffd::c000:4212	2635 (AUTOMATTIC) (AUTOMATTIC)
1	2606:4700:303... 2606:4700:3038::6815:e9bf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:236... 2600:9000:236e:7c00:12:832a:da00:21	16509 (AMAZON-02) (AMAZON-02)
1	87.236.16.8 87.236.16.8	198610 (BEGET-AS) (BEGET-AS)
1	64.202.124.102 64.202.124.102	48851 (RADWARE) (RADWARE)
1	176.9.93.71 176.9.93.71	24940 (HETZNER-AS) (HETZNER-AS)
1 2	88.212.202.52 88.212.202.52	39134 (UNITEDNET) (UNITEDNET)
69	38

13 45.15.159.67 (Amsterdam, Netherlands) 1 redirects

ASN210644 (AEZA-AS, RU)
PTR: protect.shop.sn

cash-back.leqshop.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.58.159 (France)

ASN16276 (OVH, FR)
PTR: ns3096667.ip-162-19-58.eu

i.ibb.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a02:26f0:480:4ac::2a1 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

is2-ssl.mzstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
is1-ssl.mzstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
is4-ssl.mzstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
is5-ssl.mzstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
is3-ssl.mzstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:0:862:ed1a::2:b (United States)

ASN14907 (WIKIMEDIA, US)

upload.wikimedia.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a04:4e42:8d::159 (United States)

ASN54113 (FASTLY, US)

pbs.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:8c7 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn1.dontpayfull.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.16.123.178 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-16-123-178.deploy.static.akamaitechnologies.com

media-cdn.tripadvisor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.42.198.44 (Luxembourg)

ASN7979 (SERVERS-COM, US)

pics.avs.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.198.186.29 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 29.186.198.104.bc.googleusercontent.com

www.aviatorcapital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6813:a641 (United States)

ASN13335 (CLOUDFLARENET, US)

res.cloudinary.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

play-lh.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3033::ac43:a2b4 (United States)

ASN13335 (CLOUDFLARENET, US)

seeklogo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn0.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.124.249.130 (Menifee, United States)

ASN30148 (SUCURI-SEC, US)
PTR: cloudproxy10130.sucuri.net

www.houstonhotels.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:4f:1::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.heathrow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:13d1 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

photos.prnewswire.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.19.126.82 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-19-126-82.deploy.static.akamaitechnologies.com

prnewswire2-a.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.63.32.201 (Toronto, Canada)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.storefrontdirect.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::ac43:48de (United States)

ASN13335 (CLOUDFLARENET, US)

companiesmarketcap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.109.74.236 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-109-74-236.deploy.static.akamaitechnologies.com

static.rakuten.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.109.72.203 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-109-72-203.deploy.static.akamaitechnologies.com

www.iberia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2057:d400:1f:2f70:3e80:93a1 (United States)

ASN16509 (AMAZON-02, US)

s3-symbol-logo.tradingview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.128.198.159 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN, US)

panorama.quicket.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::775 (United States)

ASN54113 (FASTLY, US)

blog.myvr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:463c (United States)

ASN13335 (CLOUDFLARENET, US)

uniticket.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

lh3.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.2.245 (United States)

ASN54113 (FASTLY, US)

www.jetblue.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

www.businesslist.co.ke	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.197.92.201 (The Dalles, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 201.92.197.35.bc.googleusercontent.com

www.capitalpride.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:5ba (United States)

ASN13335 (CLOUDFLARENET, US)

img.favpng.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.60.33.5 (United States)

ASN19551 (INCAPSULA, US)

images.hertz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:ef6 (United States)

ASN13335 (CLOUDFLARENET, US)

logodix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:fa87:fffd::c000:4212 (Ireland)

ASN2635 (AUTOMATTIC, US)

blog.alaskaair.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3038::6815:e9bf (United States)

ASN13335 (CLOUDFLARENET, US)

banner2.cleanpng.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:236e:7c00:12:832a:da00:21 (United States)

ASN16509 (AMAZON-02, US)

d1yjjnpx0p53s8.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 87.236.16.8 (Russian Federation)

ASN198610 (BEGET-AS, RU)
PTR: ssl.vm5.beget.com

beltel-av.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.202.124.102 (Chicago, United States)

ASN48851 (RADWARE, IL)
PTR: unknown.hostforweb.net

www.saskatchewan.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 176.9.93.71 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.71.93.9.176.clients.your-server.de

img3.akspic.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.212.202.52 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)
PTR: host152.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	leqshop.ru 1 redirects cash-back.leqshop.ru	968 KB
8	mzstatic.com is2-ssl.mzstatic.com — Cisco Umbrella Rank: 1527 is1-ssl.mzstatic.com — Cisco Umbrella Rank: 1370 is4-ssl.mzstatic.com — Cisco Umbrella Rank: 1447 is5-ssl.mzstatic.com — Cisco Umbrella Rank: 1544 is3-ssl.mzstatic.com — Cisco Umbrella Rank: 1438	95 KB
6	cloudinary.com res.cloudinary.com — Cisco Umbrella Rank: 2181	37 KB
4	twimg.com pbs.twimg.com — Cisco Umbrella Rank: 822	46 KB
4	wikimedia.org upload.wikimedia.org — Cisco Umbrella Rank: 2645	462 KB
2	yadro.ru 1 redirects counter.yadro.ru — Cisco Umbrella Rank: 10640	1 KB
2	companiesmarketcap.com companiesmarketcap.com — Cisco Umbrella Rank: 236942	13 KB
2	heathrow.com www.heathrow.com — Cisco Umbrella Rank: 196081	24 KB
2	googleusercontent.com play-lh.googleusercontent.com — Cisco Umbrella Rank: 413 lh3.googleusercontent.com — Cisco Umbrella Rank: 57	120 KB
1	akspic.ru img3.akspic.ru	629 KB
1	saskatchewan.ca www.saskatchewan.ca — Cisco Umbrella Rank: 462060	16 KB
1	beltel-av.ru beltel-av.ru	43 KB
1	cloudfront.net d1yjjnpx0p53s8.cloudfront.net	14 KB
1	cleanpng.com banner2.cleanpng.com — Cisco Umbrella Rank: 181234	82 KB
1	alaskaair.com blog.alaskaair.com	20 KB
1	logodix.com logodix.com — Cisco Umbrella Rank: 216317	13 KB
1	hertz.com images.hertz.com — Cisco Umbrella Rank: 70314	22 KB
1	favpng.com img.favpng.com — Cisco Umbrella Rank: 100097	59 KB
1	capitalpride.org www.capitalpride.org	16 KB
1	businesslist.co.ke www.businesslist.co.ke	20 KB
1	jetblue.com www.jetblue.com — Cisco Umbrella Rank: 42759	10 KB
1	uniticket.ru uniticket.ru	3 KB
1	myvr.com blog.myvr.com	36 KB
1	quicket.io panorama.quicket.io	8 KB
1	tradingview.com s3-symbol-logo.tradingview.com — Cisco Umbrella Rank: 18749	16 KB
1	iberia.com www.iberia.com — Cisco Umbrella Rank: 149632	6 KB
1	rakuten.com static.rakuten.com — Cisco Umbrella Rank: 49867	6 KB
1	storefrontdirect.com www.storefrontdirect.com	344 KB
1	akamaihd.net prnewswire2-a.akamaihd.net — Cisco Umbrella Rank: 232754	343 KB
1	prnewswire.com 1 redirects photos.prnewswire.com — Cisco Umbrella Rank: 307979	543 B
1	houstonhotels.org www.houstonhotels.org	21 KB
1	gstatic.com encrypted-tbn0.gstatic.com	6 KB
1	seeklogo.com seeklogo.com — Cisco Umbrella Rank: 98621	13 KB
1	aviatorcapital.com www.aviatorcapital.com	40 KB
1	avs.io pics.avs.io — Cisco Umbrella Rank: 501283	3 KB
1	tripadvisor.com media-cdn.tripadvisor.com — Cisco Umbrella Rank: 11237	17 KB
1	dontpayfull.com cdn1.dontpayfull.com	6 KB
1	ibb.co i.ibb.co — Cisco Umbrella Rank: 12230	2 KB
69	38

	Domain	Requested by
13	cash-back.leqshop.ru	1 redirects cash-back.leqshop.ru
6	res.cloudinary.com	cash-back.leqshop.ru
4	pbs.twimg.com	cash-back.leqshop.ru
4	upload.wikimedia.org	cash-back.leqshop.ru
2	counter.yadro.ru	1 redirects cash-back.leqshop.ru
2	is3-ssl.mzstatic.com	cash-back.leqshop.ru
2	companiesmarketcap.com	cash-back.leqshop.ru
2	www.heathrow.com	cash-back.leqshop.ru
2	is1-ssl.mzstatic.com	cash-back.leqshop.ru
2	is2-ssl.mzstatic.com	cash-back.leqshop.ru
1	img3.akspic.ru	cash-back.leqshop.ru
1	www.saskatchewan.ca	cash-back.leqshop.ru
1	beltel-av.ru	cash-back.leqshop.ru
1	d1yjjnpx0p53s8.cloudfront.net	cash-back.leqshop.ru
1	banner2.cleanpng.com	cash-back.leqshop.ru
1	blog.alaskaair.com	cash-back.leqshop.ru
1	logodix.com	cash-back.leqshop.ru
1	images.hertz.com	cash-back.leqshop.ru
1	img.favpng.com	cash-back.leqshop.ru
1	www.capitalpride.org	cash-back.leqshop.ru
1	www.businesslist.co.ke	cash-back.leqshop.ru
1	www.jetblue.com	cash-back.leqshop.ru
1	lh3.googleusercontent.com	cash-back.leqshop.ru
1	uniticket.ru	cash-back.leqshop.ru
1	blog.myvr.com	cash-back.leqshop.ru
1	panorama.quicket.io	cash-back.leqshop.ru
1	s3-symbol-logo.tradingview.com	cash-back.leqshop.ru
1	www.iberia.com	cash-back.leqshop.ru
1	is5-ssl.mzstatic.com	cash-back.leqshop.ru
1	is4-ssl.mzstatic.com	cash-back.leqshop.ru
1	static.rakuten.com	cash-back.leqshop.ru
1	www.storefrontdirect.com	cash-back.leqshop.ru
1	prnewswire2-a.akamaihd.net	cash-back.leqshop.ru
1	photos.prnewswire.com	1 redirects
1	www.houstonhotels.org	cash-back.leqshop.ru
1	encrypted-tbn0.gstatic.com	cash-back.leqshop.ru
1	seeklogo.com	cash-back.leqshop.ru
1	play-lh.googleusercontent.com	cash-back.leqshop.ru
1	www.aviatorcapital.com	cash-back.leqshop.ru
1	pics.avs.io	cash-back.leqshop.ru
1	media-cdn.tripadvisor.com	cash-back.leqshop.ru
1	cdn1.dontpayfull.com	cash-back.leqshop.ru
1	i.ibb.co	cash-back.leqshop.ru
69	43

This site contains links to these domains. Also see Links.

Domain
href.li
www.liveinternet.ru

Subject Issuer	Validity	Valid
*.leqshop.ru R3	`2023-04-09` - `2023-07-08`	3 months	crt.sh
i.ibb.co R3	`2023-04-11` - `2023-07-10`	3 months	crt.sh
itunes.apple.com Apple Public EV Server RSA CA 2 - G1	`2022-04-25` - `2023-05-25`	a year	crt.sh
*.wikipedia.org DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-10-27` - `2023-11-17`	a year	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-21` - `2023-08-21`	a year	crt.sh
*.dontpayfull.com AlphaSSL CA - SHA256 - G4	`2022-12-07` - `2024-01-08`	a year	crt.sh
media.tacdn.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-30` - `2024-04-22`	a year	crt.sh
pics.avs.io R3	`2023-03-16` - `2023-06-14`	3 months	crt.sh
www.aviatorcapital.com R3	`2023-03-24` - `2023-06-22`	3 months	crt.sh
*.cloudinary.com Go Daddy Secure Certificate Authority - G2	`2022-05-30` - `2023-07-01`	a year	crt.sh
edgestatic.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-07-11` - `2023-07-10`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
houstonhotels.org Go Daddy Secure Certificate Authority - G2	`2023-01-26` - `2024-01-26`	a year	crt.sh
www.heathrow.com Entrust Certification Authority - L1M	`2022-09-27` - `2023-10-21`	a year	crt.sh
storefrontdirect.com Go Daddy Secure Certificate Authority - G2	`2022-12-23` - `2023-12-17`	a year	crt.sh
www.rakuten.com GeoTrust RSA CA 2018	`2023-03-28` - `2024-02-11`	a year	crt.sh
www.iberia.com GlobalSign Extended Validation CA - SHA256 - G3	`2023-02-08` - `2024-03-11`	a year	crt.sh
*.tradingview.com Amazon RSA 2048 M02	`2023-02-20` - `2024-02-08`	a year	crt.sh
*.api.quicket.io R3	`2023-04-06` - `2023-07-05`	3 months	crt.sh
blog.myvr.com ZeroSSL RSA Domain Secure Site CA	`2023-03-05` - `2023-06-03`	3 months	crt.sh
*.uniticket.ru GTS CA 1P5	`2023-04-09` - `2023-07-08`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
*.jetblue.com R3	`2023-03-16` - `2023-06-14`	3 months	crt.sh
www.capitalpride.org R3	`2023-03-08` - `2023-06-06`	3 months	crt.sh
imperva.com GlobalSign Atlas R3 DV TLS CA 2023 Q1	`2023-03-11` - `2023-09-07`	6 months	crt.sh
*.logodix.com E1	`2023-04-04` - `2023-07-03`	3 months	crt.sh
blog.alaskaair.com R3	`2023-04-12` - `2023-07-11`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
beltel-av.ru R3	`2023-04-06` - `2023-07-05`	3 months	crt.sh
*.saskatchewan.ca DigiCert TLS RSA SHA256 2020 CA1	`2022-10-05` - `2023-11-05`	a year	crt.sh
akspic.ru R3	`2023-02-28` - `2023-05-29`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://cash-back.leqshop.ru/
Frame ID: 78B5B58A60C1EAF4124B6E5E909449BB
Requests: 69 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

CASH-BACK.BIZ.UA - Продажа аккаунтов милей, авиа, отелей с балансом.

Page URL History Show full URLs

https://cash-back.leqshop.ru/item/ HTTP 302
https://cash-back.leqshop.ru/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Cloudinary (CDN) Expand

Overall confidence: 80%
Detected patterns

<img[^>]+\.cloudinary\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery-ui.*\.js

Page Statistics

69
Requests

97 %
HTTPS

54 %
IPv6

38
Domains

43
Subdomains

38
IPs

8
Countries

3580 kB
Transfer

3545 kB
Size

6
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://href.li/?https://t.me/joinchat/AAAAAEL8s5_zaE5Yyrm9xA
Title: @cash-back.biz.ua

Search URL Search Domain Scan URL

URL: https://www.liveinternet.ru/click

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://cash-back.leqshop.ru/item/ HTTP 302
https://cash-back.leqshop.ru/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 27

https://photos.prnewswire.com/prnfull/20150615/748217 HTTP 302
https://prnewswire2-a.akamaihd.net/p/1893751/sp/189375100/thumbnail/entry_id/0_llqzoyzy/def_height/2700/def_width/2700/version/100012/type/1

Request Chain 67

https://counter.yadro.ru/hit?t40.10;r;s1600*1200*24;uhttps%3A//cash-back.leqshop.ru/;hCASH-BACK.BIZ.UA%20-%20%u041F%u0440%u043E%u0434%u0430%u0436%u0430%20%u0430%u043A%u043A%u0430%u0443%u043D%u0442%u043E%u0432%20%u043C%u0438%u043B%u0435%u0439%2C%20%u0430%u0432%u0438%u0430%2C%20%u043E%u0442%u0435%u043B%u0435%u0439%20%u0441%20%u0431%u0430%u043B%u0430%u043D%u0441%u043E%u043C.;0.09385061733786904 HTTP 302
https://counter.yadro.ru/hit?q;t40.10;r;s1600*1200*24;uhttps%3A//cash-back.leqshop.ru/;hCASH-BACK.BIZ.UA%20-%20%u041F%u0440%u043E%u0434%u0430%u0436%u0430%20%u0430%u043A%u043A%u0430%u0443%u043D%u0442%u043E%u0432%20%u043C%u0438%u043B%u0435%u0439%2C%20%u0430%u0432%u0438%u0430%2C%20%u043E%u0442%u0435%u043B%u0435%u0439%20%u0441%20%u0431%u0430%u043B%u0430%u043D%u0441%u043E%u043C.;0.09385061733786904

69 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
cash-back.leqshop.ru/
Redirect Chain

https://cash-back.leqshop.ru/item/
https://cash-back.leqshop.ru/

76 KB
76 KB

130ms
129ms

Document
text/html

45.15.159.67
AEZA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cash-back.leqshop.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.15.159.67 Amsterdam, Netherlands, ASN210644 (AEZA-AS, RU),
Reverse DNS: protect.shop.sn
Software: nginx/1.20.1 / PHP/7.1.33
Resource Hash: 1ebfb14de6a6be7a258826588275974efb02350c84065a102088435ac370841e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate
content-type: text/html; charset=UTF-8
date: Mon, 17 Apr 2023 00:15:18 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: nginx/1.20.1
x-powered-by: PHP/7.1.33

Redirect headers

cache-control: no-store, no-cache, must-revalidate
content-type: text/html; charset=UTF-8
date: Mon, 17 Apr 2023 00:15:18 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
location: /
pragma: no-cache
server: nginx/1.20.1
x-powered-by: PHP/7.1.33

GET
H2 200 bootstrap.css
cash-back.leqshop.ru/assets/LastKey/css/ 123 KB
124 KB 73ms
70ms Stylesheet
text/css 45.15.159.67
AEZA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cash-back.leqshop.ru/assets/LastKey/css/bootstrap.css
Requested by: Host: cash-back.leqshop.ru
URL: https://cash-back.leqshop.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.15.159.67 Amsterdam, Netherlands, ASN210644 (AEZA-AS, RU),
Reverse DNS: protect.shop.sn
Software: nginx/1.20.1 /
Resource Hash: 620996d855fb47d3afa34a670f93ac2c5fbbe44b2b42c99185c5bf82931f8fa9

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://cash-back.leqshop.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 00:15:18 GMT
last-modified: Fri, 04 Aug 2017 09:25:53 GMT
server: nginx/1.20.1
accept-ranges: bytes
etag: "59843da1-1edc2"
content-length: 126402
content-type: text/css

GET
H2 200 leque.css
cash-back.leqshop.ru/assets/LastKey/css/ 1 KB
1 KB 79ms
76ms Stylesheet
text/css 45.15.159.67
AEZA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cash-back.leqshop.ru/assets/LastKey/css/leque.css
Requested by: Host: cash-back.leqshop.ru
URL: https://cash-back.leqshop.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.15.159.67 Amsterdam, Netherlands, ASN210644 (AEZA-AS, RU),
Reverse DNS: protect.shop.sn
Software: nginx/1.20.1 /
Resource Hash: 3569189eff0e1f9befcacae6e6ab47362b3a0494301d48aa6452b5f65c1498fa

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://cash-back.leqshop.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 00:15:18 GMT
last-modified: Thu, 03 Aug 2017 14:51:37 GMT
server: nginx/1.20.1
accept-ranges: bytes
etag: "59833879-568"
content-length: 1384
content-type: text/css

GET
H2 200 leque-responsive.css
cash-back.leqshop.ru/assets/LastKey/css/ 858 B
992 B 74ms
71ms Stylesheet
text/css 45.15.159.67
AEZA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cash-back.leqshop.ru/assets/LastKey/css/leque-responsive.css
Requested by: Host: cash-back.leqshop.ru
URL: https://cash-back.leqshop.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.15.159.67 Amsterdam, Netherlands, ASN210644 (AEZA-AS, RU),
Reverse DNS: protect.shop.sn
Software: nginx/1.20.1 /
Resource Hash: 48d212102c9f0a1a640b60d42632e151256c73ba51c60af2d2e9cfb93dd402b4

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://cash-back.leqshop.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 00:15:18 GMT
last-modified: Fri, 04 Aug 2017 06:35:58 GMT
server: nginx/1.20.1
accept-ranges: bytes
etag: "598415ce-35a"
content-length: 858
content-type: text/css

GET
H2 200 jq.js Show response
cash-back.leqshop.ru/assets/LastKey/js/ 278 KB
279 KB 76ms
73ms Script
application/javascript 45.15.159.67
AEZA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cash-back.leqshop.ru/assets/LastKey/js/jq.js
Requested by: Host: cash-back.leqshop.ru
URL: https://cash-back.leqshop.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.15.159.67 Amsterdam, Netherlands, ASN210644 (AEZA-AS, RU),
Reverse DNS: protect.shop.sn
Software: nginx/1.20.1 /
Resource Hash: 275242be0f681c94055144b898d9c3a0942ff10e42d4d7c3e0895e0f6b68d652

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://cash-back.leqshop.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 00:15:18 GMT
last-modified: Thu, 03 Aug 2017 14:51:37 GMT
server: nginx/1.20.1
accept-ranges: bytes
etag: "59833879-457ab"
content-length: 284587
content-type: application/javascript; charset=utf8

GET
H2 200 jquery-ui.js Show response
cash-back.leqshop.ru/assets/LastKey/js/ 423 KB
424 KB 79ms
76ms Script
application/javascript 45.15.159.67
AEZA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cash-back.leqshop.ru/assets/LastKey/js/jquery-ui.js
Requested by: Host: cash-back.leqshop.ru
URL: https://cash-back.leqshop.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.15.159.67 Amsterdam, Netherlands, ASN210644 (AEZA-AS, RU),
Reverse DNS: protect.shop.sn
Software: nginx/1.20.1 /
Resource Hash: 324b0783a50c21c9b2a105b39b7cd1767e8d44f288f08be5f6e2267d5ad83920

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://cash-back.leqshop.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 00:15:18 GMT
last-modified: Thu, 03 Aug 2017 14:51:37 GMT
server: nginx/1.20.1
accept-ranges: bytes
etag: "59833879-69a15"
content-length: 432661
content-type: application/javascript; charset=utf8

GET
H2 200 jquery.toastmessage.js Show response
cash-back.leqshop.ru/assets/LastKey/js/ 29 KB
29 KB 1077ms
1075ms Script
application/javascript 45.15.159.67
AEZA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cash-back.leqshop.ru/assets/LastKey/js/jquery.toastmessage.js
Requested by: Host: cash-back.leqshop.ru
URL: https://cash-back.leqshop.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.15.159.67 Amsterdam, Netherlands, ASN210644 (AEZA-AS, RU),
Reverse DNS: protect.shop.sn
Software: nginx/1.20.1 /
Resource Hash: 89fad5cca6479583bd0434bf41accb4f26f99bc75d171518828ff93a33891cd4

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://cash-back.leqshop.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 00:15:19 GMT
last-modified: Thu, 03 Aug 2017 14:51:37 GMT
server: nginx/1.20.1
accept-ranges: bytes
etag: "59833879-7439"
content-length: 29753
content-type: application/javascript; charset=utf8

GET
H2 200 bootstrap.min.js Show response
cash-back.leqshop.ru/assets/LastKey/js/ 27 KB
27 KB 1077ms
1075ms Script
application/javascript 45.15.159.67
AEZA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cash-back.leqshop.ru/assets/LastKey/js/bootstrap.min.js
Requested by: Host: cash-back.leqshop.ru
URL: https://cash-back.leqshop.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.15.159.67 Amsterdam, Netherlands, ASN210644 (AEZA-AS, RU),
Reverse DNS: protect.shop.sn
Software: nginx/1.20.1 /
Resource Hash: 685b9588e16c3dfeff8dc8d5578000ad777574421d5186bcb3530ed80171e107

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://cash-back.leqshop.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 00:15:19 GMT
last-modified: Thu, 03 Aug 2017 14:51:37 GMT
server: nginx/1.20.1
accept-ranges: bytes
etag: "59833879-6b23"
content-length: 27427
content-type: application/javascript; charset=utf8

GET
H2 200 style.css
cash-back.leqshop.ru/assets/LastKey/css/ 838 B
973 B 1076ms
1074ms Stylesheet
text/css 45.15.159.67
AEZA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cash-back.leqshop.ru/assets/LastKey/css/style.css
Requested by: Host: cash-back.leqshop.ru
URL: https://cash-back.leqshop.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.15.159.67 Amsterdam, Netherlands, ASN210644 (AEZA-AS, RU),
Reverse DNS: protect.shop.sn
Software: nginx/1.20.1 /
Resource Hash: c601928bb1e1489369f302110cfea4896c4c1dc92fcc26eaba93726b1f147ccf

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://cash-back.leqshop.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 00:15:19 GMT
last-modified: Thu, 03 Aug 2017 14:51:37 GMT
server: nginx/1.20.1
accept-ranges: bytes
etag: "59833879-346"
content-length: 838
content-type: text/css

GET
H2 200 jquery.toastmessage.css
cash-back.leqshop.ru/assets/LastKey/css/ 2 KB
2 KB 1088ms
1086ms Stylesheet
text/css 45.15.159.67
AEZA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cash-back.leqshop.ru/assets/LastKey/css/jquery.toastmessage.css
Requested by: Host: cash-back.leqshop.ru
URL: https://cash-back.leqshop.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.15.159.67 Amsterdam, Netherlands, ASN210644 (AEZA-AS, RU),
Reverse DNS: protect.shop.sn
Software: nginx/1.20.1 /
Resource Hash: 067278dcb7aab4d11f667f9cd7e003dcff8f18d9adb90de14eea47e520937e3d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://cash-back.leqshop.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 00:15:19 GMT
last-modified: Thu, 03 Aug 2017 14:51:37 GMT
server: nginx/1.20.1
accept-ranges: bytes
etag: "59833879-923"
content-length: 2339
content-type: text/css

GET
H2 200 cash11.png
i.ibb.co/F0hXsdK/ 2 KB
2 KB 961ms
50ms Image
image/png 162.19.58.159
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ibb.co/F0hXsdK/cash11.png
Requested by: Host: cash-back.leqshop.ru
URL: https://cash-back.leqshop.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.19.58.159 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3096667.ip-162-19-58.eu
Software: nginx /
Resource Hash: 57868bc6c869cba3456dfe70748fa0778618b6b8674d865eb313fccb06418b79

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://cash-back.leqshop.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 00:15:20 GMT
last-modified: Mon, 19 Sep 2022 17:25:21 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 1795
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 RU.png
cash-back.leqshop.ru/assets/img/ 455 B
590 B 68ms
68ms Image
image/png 45.15.159.67
AEZA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cash-back.leqshop.ru/assets/img/RU.png
Requested by: Host: cash-back.leqshop.ru
URL: https://cash-back.leqshop.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.15.159.67 Amsterdam, Netherlands, ASN210644 (AEZA-AS, RU),
Reverse DNS: protect.shop.sn
Software: nginx/1.20.1 /
Resource Hash: 890eacbec1eeb44f57a265f5b8e8fd4dde6bd0891a3e891561c8b246226343ea

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://cash-back.leqshop.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 00:15:19 GMT
last-modified: Sun, 10 Nov 2019 01:18:41 GMT
server: nginx/1.20.1
accept-ranges: bytes
etag: "5dc76571-1c7"
content-length: 455
content-type: image/png

GET
H2 200 EN.png
cash-back.leqshop.ru/assets/img/ 2 KB
3 KB 72ms
68ms Image
image/png 45.15.159.67
AEZA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cash-back.leqshop.ru/assets/img/EN.png
Requested by: Host: cash-back.leqshop.ru
URL: https://cash-back.leqshop.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.15.159.67 Amsterdam, Netherlands, ASN210644 (AEZA-AS, RU),
Reverse DNS: protect.shop.sn
Software: nginx/1.20.1 /
Resource Hash: 13d9a7e559c88c9da0009c529d8a1facc463374af58f7cf272d1e401c6dfa9bc

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://cash-back.leqshop.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 00:15:19 GMT
last-modified: Sun, 10 Nov 2019 01:18:47 GMT
server: nginx/1.20.1
accept-ranges: bytes
etag: "5dc76577-97a"
content-length: 2426
content-type: image/png

GET
H2 200 256x256bb.jpg
is2-ssl.mzstatic.com/image/thumb/Purple116/v4/7a/ee/02/7aee02b7-f396-974d-fae4-8271514df298/AppIcon-1x_U007emarketing-0-7-0-85-220.png/ 10 KB
11 KB 959ms
42ms Image
image/jpeg 2a02:26f0:480:4ac::2a1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://is2-ssl.mzstatic.com/image/thumb/Purple116/v4/7a/ee/02/7aee02b7-f396-974d-fae4-8271514df298/AppIcon-1x_U007emarketing-0-7-0-85-220.png/256x256bb.jpg

Requested by

Host: cash-back.leqshop.ru
URL: https://cash-back.leqshop.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:4ac::2a1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

daiquiri/3.0.0 /

Resource Hash

9b43c0531c6ea526c27091ccd2264690f0b408df7f174119655a40ae15eb422e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://cash-back.leqshop.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

x-apple-jingle-correlation-key: 223BFG6ZYWEO2TOZILMUSQ3NOI
strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 17 Apr 2023 00:15:20 GMT
x-b3-traceid: d6b6129bd9c588ed4dd942d949436d72
x-daiquiri-instance: daiquiri:33624002:pv50p00it-hyhk12033901:7987:23RELEASE10:daiquiri-amp-processing-shared-int-001-pv
cdnuuid: 2f86aa5c-0fe0-4cb7-bd3f-ec4f80cb1038-2788148932
x-cache: TCP_MISS from a92-123-70-30.deploy.akamaitechnologies.com (AkamaiGHost/11.0.3-47547230) (-)
b3: d6b6129bd9c588ed4dd942d949436d72-b1c63b86d4456932
content-length: 10168
apple-tk: false
server: daiquiri/3.0.0
apple-seq: 0.0
last-modified: Mon, 27 Feb 2023 08:34:57 GMT
x-cache-remote: TCP_HIT from a92-123-70-49.deploy.akamaitechnologies.com (AkamaiGHost/11.0.3-47547230) (-)
etag: "MSwxLjQuMC0yM0IsVmVyc2lvbiAxMi4xIChCdWlsZCAyMUM1MiksMTY3NzQ4Njg5Nzk3MCxpc0J1aWxkVmVyc2lvbk5vdFNldCw2MDE4Nyxub0VmZmVjdA=="
apple-originating-system: UnknownOriginatingSystem
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Type,ETag,Cache-Control,Expires,Last-Modified
x-apple-request-uuid: d6b6129b-d9c5-88ed-4dd9-42d949436d72
x-b3-spanid: b1c63b86d4456932
cache-control: no-transform, max-age=14060411
timing-allow-origin: *

GET
H2 200 1200px-Air_Miles_Program_Logo.svg.png
upload.wikimedia.org/wikipedia/en/thumb/2/2e/Air_Miles_Program_Logo.svg/ 206 KB
207 KB 902ms
51ms Image
image/png 2620:0:862:ed1a::2:b
WIKIMEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://upload.wikimedia.org/wikipedia/en/thumb/2/2e/Air_Miles_Program_Logo.svg/1200px-Air_Miles_Program_Logo.svg.png

Requested by

Host: cash-back.leqshop.ru
URL: https://cash-back.leqshop.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:0:862:ed1a::2:b , United States, ASN14907 (WIKIMEDIA, US),

Reverse DNS

Software

ATS/9.1.4 /

Resource Hash

307c3ce831e2a667317e46c35411ecc3c472a0415c26aa5924112cb58f6a602b

Security Headers

Name	Value
Strict-Transport-Security	max-age=106384710; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://cash-back.leqshop.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sun, 16 Apr 2023 13:29:05 GMT
strict-transport-security: max-age=106384710; includeSubDomains; preload
x-content-type-options: nosniff
nel: { "report_to": "wm_nel", "max_age": 604800, "failure_fraction": 0.05, "success_fraction": 0.0}
age: 38775
x-cache-status: hit-local
x-cache: cp3055 hit, cp3057 miss
content-disposition: inline;filename*=UTF-8''Air_Miles_Program_Logo.svg.png
server-timing: cache;desc="hit-local", host;desc="cp3057"
content-length: 210760
x-client-ip: 2a00:1630:2:1c02::10
last-modified: Wed, 26 Jan 2022 04:33:01 GMT
server: ATS/9.1.4
etag: f1b8f065b0764547b2c2eaf084ddeaeb
report-to: { "group": "wm_nel", "max_age": 604800, "endpoints": [{ "url": "https://intake-logging.wikimedia.org/v1/events?stream=w3c.reportingapi.network_error&schema_uri=/w3c/reportingapi/network_error/1.0.0" }] }
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 lRCYL1CC_400x400.jpg
pbs.twimg.com/profile_images/724701839317291008/ 13 KB
14 KB 945ms
56ms Image
image/jpeg 2a04:4e42:8d::159
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/724701839317291008/lRCYL1CC_400x400.jpg

Requested by

Host: cash-back.leqshop.ru
URL: https://cash-back.leqshop.ru/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:8d::159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

dcde19dab54117ea21eeac3db17961985e21dc0e46eae0b8993fbdf2e36ac86a

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://cash-back.leqshop.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
date: Mon, 17 Apr 2023 00:15:20 GMT
x-content-type-options: nosniff
x-cache: HIT, HIT
server-timing: x-cache;desc=HIT, x-tw-cdn;desc=FT
content-length: 13745
x-served-by: cache-lhr7358-LHR, cache-fra-eddf8230068-FRA, cache-tw-ZZZ1
last-modified: Mon, 25 Apr 2016 20:47:17 GMT
x-tw-cdn: FT
content-type: image/jpeg
access-control-allow-origin: *
x-transaction-id: e24f10911749cc50
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
perf: 7626143928
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 mypoints.com..jpg
cdn1.dontpayfull.com/media/logos/size/300x300/ 6 KB
6 KB 960ms
71ms Image
image/jpeg 2606:4700::6812:8c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn1.dontpayfull.com/media/logos/size/300x300/mypoints.com..jpg

Requested by

Host: cash-back.leqshop.ru
URL: https://cash-back.leqshop.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:8c7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0607b7db0c9197507d86f2425fa0a8390d5d7bda30b24e2ca8a9dd824a5e1571

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Frame-Options	sameorigin

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://cash-back.leqshop.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 00:15:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5859
x-request-id: 7b907918c885b92a-AMS
cf-bgj: h2pri
server: cloudflare
etag: "a7fc6f23b0ab5c14e29f2ca12af5267cb5852ad3"
x-frame-options: sameorigin
access-control-allow-methods: GET, POST, PUT, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2678400
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 7b907918c885b92a-AMS
access-control-allow-headers: x-fancybox,x-requested-with
expires: Thu, 18 May 2023 00:15:20 GMT

GET
H2 200 hiclubvacations.jpg
media-cdn.tripadvisor.com/media/photo-s/01/a2/67/17/ 17 KB
17 KB 962ms
62ms Image
image/jpeg 2.16.123.178
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media-cdn.tripadvisor.com/media/photo-s/01/a2/67/17/hiclubvacations.jpg
Requested by: Host: cash-back.leqshop.ru
URL: https://cash-back.leqshop.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.123.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-16-123-178.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 82021a5e27777576d5d79e1a6a9056008e7fd50cd48944abc843edd58545bed9

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://cash-back.leqshop.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 00:15:20 GMT
x-media-cdn: 241692085
last-modified: Thu, 27 Mar 2014 23:42:51 GMT
etag: "b741f6462b75c6910cb9b15459c12df5"
x-media-cdn-cache-hits: 0
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=629395
accept-ranges: bytes
x-media-cdn-cache: PASS
timing-allow-origin: https://www.tripadvisor.com
content-length: 17318

GET
H2 200 FZ.png
pics.avs.io/al_square/256/256/ 3 KB
3 KB 987ms
73ms Image
image/png 188.42.198.44
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pics.avs.io/al_square/256/256/FZ.png
Requested by: Host: cash-back.leqshop.ru
URL: https://cash-back.leqshop.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 188.42.198.44 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx /
Resource Hash: e8e1655ff89e42613e20aea91c8c09d8f1413ad0b72e5d745b5fbc1283de4f0a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://cash-back.leqshop.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 00:15:20 GMT
last-modified: Sat, 01 Jan 2022 12:27:36 GMT
server: nginx
etag: "61d048b8-aae"
vary: Accept
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
content-length: 2734
expires: Tue, 18 Apr 2023 00:15:20 GMT

GET
H2 200 CIFT-SATIR-DIKEY-TIRE.jpg
www.aviatorcapital.com/wp-content/uploads/2019/09/ 40 KB
40 KB 1169ms
266ms Image
image/jpeg 104.198.186.29
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.aviatorcapital.com/wp-content/uploads/2019/09/CIFT-SATIR-DIKEY-TIRE.jpg
Requested by: Host: cash-back.leqshop.ru
URL: https://cash-back.leqshop.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.186.29 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 29.186.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 5189467b2bee06f8dde043200946261eed5ae3c3936c5940cad1ab3a61b2341a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://cash-back.leqshop.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 00:15:20 GMT
last-modified: Mon, 23 Sep 2019 12:01:49 GMT
server: nginx
etag: "5d88b42d-a0c7"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 41159

GET
H2 200 uszqx2kiat7z7imop4bc.png
res.cloudinary.com/crunchbase-production/image/upload/c_lpad,h_256,w_256,f_auto,q_auto:eco,dpr_1/v1483342337/ 2 KB
2 KB 1354ms
455ms Image
image/png 2606:4700::6813:a641
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/crunchbase-production/image/upload/c_lpad,h_256,w_256,f_auto,q_auto:eco,dpr_1/v1483342337/uszqx2kiat7z7imop4bc.png

Requested by

Host: cash-back.leqshop.ru
URL: https://cash-back.leqshop.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:a641 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

039c955da6e65d35fc434dbbe769d4056f609b5a3fc59e2dbdee8b8f522b8fef

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://cash-back.leqshop.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 00:15:20 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
server-timing: cld-cloudflare;dur=416;start=2023-04-17T00:15:20.460Z;desc=miss,rtt;dur=27;cloudinary;dur=45;start=2023-04-17T00:15:20.784Z
content-length: 1625
last-modified: Sun, 04 Dec 2022 15:02:26 GMT
server: cloudflare
etag: "37fe792dd2c57a82bcd3af52bd889d81"
vary: Accept,User-Agent, Accept-Encoding
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,Vary,x-content-type-options
cache-control: private, no-transform, immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 7b907918d88e0e18-AMS
timing-allow-origin: *

GET
H2 200 pxdPx5bpuyTzVlnpk2kThNehzD_e5aMyxb62SmUKQpA6ppn4YfidJ7gXETnxeqAalyA
play-lh.googleusercontent.com/ 88 KB
88 KB 995ms
79ms Image
image/png 2a00:1450:4001:801::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/pxdPx5bpuyTzVlnpk2kThNehzD_e5aMyxb62SmUKQpA6ppn4YfidJ7gXETnxeqAalyA

Requested by

Host: cash-back.leqshop.ru
URL: https://cash-back.leqshop.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

66921f6a635f19a25b286acee187571950d2d15e8e2bb7457f07f76301fc100b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://cash-back.leqshop.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 00:15:20 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 89977
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 18 Apr 2023 00:15:20 GMT

GET
H2 200 hhoowkvt6vdqnpuok0jz.jpg
res.cloudinary.com/crunchbase-production/image/upload/c_lpad,h_256,w_256,f_auto,q_auto:eco,dpr_1/v1466724835/ 4 KB
4 KB 1223ms
502ms Image
image/avif 2606:4700::6813:a641
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/crunchbase-production/image/upload/c_lpad,h_256,w_256,f_auto,q_auto:eco,dpr_1/v1466724835/hhoowkvt6vdqnpuok0jz.jpg

Requested by

Host: cash-back.leqshop.ru
URL: https://cash-back.leqshop.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:a641 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

147cb79b8670d38950c3b49684159543275e5f06973a314311f23bb837d606c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://cash-back.leqshop.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 00:15:20 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
server-timing: cld-cloudflare;dur=464;start=2023-04-17T00:15:20.461Z;desc=miss,rtt;dur=27;cloudinary;dur=95;start=2023-04-17T00:15:20.784Z
content-length: 4074
last-modified: Fri, 02 Dec 2022 06:33:10 GMT
server: cloudflare
etag: "ceee655471eb9b130f1f8f483c88cf4f"
vary: Accept,User-Agent, Accept-Encoding
content-type: image/avif
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,Vary,x-content-type-options
cache-control: private, no-transform, immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 7b907918d8910e18-AMS
timing-allow-origin: *

GET
H2 200 qatar-airways-logo-E096F45AE3-seeklogo.com.png
seeklogo.com/images/Q/ 12 KB
13 KB 783ms
57ms Image
image/png 2606:4700:3033::ac43:a2b4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://seeklogo.com/images/Q/qatar-airways-logo-E096F45AE3-seeklogo.com.png

Requested by

Host: cash-back.leqshop.ru
URL: https://cash-back.leqshop.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::ac43:a2b4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9b94f8528ee405f728affaf14b131383198995d7fd6ebc7414d305db5dd5abad

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://cash-back.leqshop.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 00:15:20 GMT
content-security-policy: upgrade-insecure-requests; frame-ancestors 'self'
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: MISS
x-permitted-cross-domain-policies: none
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 12642
x-xss-protection: 1; mode=block
last-modified: Sun, 27 Nov 2022 00:38:32 GMT
server: cloudflare
etag: "1d901f8935cc562"
x-download-options: noopen
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wTFOVcdCUPbzVMei0PYW6VIfmTOrkeomskrXbu%2FRtjOItOeDtsDTAyyMujZKF9vigYoP%2B4t6GZDCADvoTletBaCeNxlelUnWdDJNoJzr781c%2FRz43fGC5NPFOvzzUBnqDSSwzF1hWjo1dBI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: public, max-age=86400
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges: bytes
cf-ray: 7b907918dd0a0dfb-AMS

GET
H2 200 256x256bb.jpg
is1-ssl.mzstatic.com/image/thumb/Purple118/v4/83/4c/ab/834cab84-a0e0-e668-aa85-820db0786296/source/ 6 KB
7 KB 760ms
35ms Image
image/jpeg 2a02:26f0:480:4ac::2a1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://is1-ssl.mzstatic.com/image/thumb/Purple118/v4/83/4c/ab/834cab84-a0e0-e668-aa85-820db0786296/source/256x256bb.jpg

Requested by

Host: cash-back.leqshop.ru
URL: https://cash-back.leqshop.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:4ac::2a1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

daiquiri/3.0.0 /

Resource Hash

a9558f9c8d97d0cee81975132a35336c33232adbc402f887877d5c08273ba7ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://cash-back.leqshop.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

x-apple-jingle-correlation-key: VIGYHTMSDEYRLV3C3RCJF5ICOI
strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 17 Apr 2023 00:15:20 GMT
x-b3-traceid: f5c6e28210c9ca1e
x-daiquiri-instance: daiquiri:33624002:pv50p00it-hyhk12033901:7987:23RELEASE10:daiquiri-amp-processing-shared-int-001-pv
cdnuuid: b1323e83-6c7d-452a-b4ff-a6c0f7a639c1-1143053595
x-cache: TCP_MISS from a92-123-70-30.deploy.akamaitechnologies.com (AkamaiGHost/11.0.3-47547230) (-)
x-b3-parentspanid: bb1e4c073504944c
b3: aa0d83cd92193115d762dc4492f50272-ad8e4fd7ce2a091f
content-length: 6466
apple-tk: false
server: daiquiri/3.0.0
apple-seq: 0.0
last-modified: Sat, 25 Feb 2023 12:37:07 GMT
x-cache-remote: TCP_HIT from a92-123-70-33.deploy.akamaitechnologies.com (AkamaiGHost/11.0.3-47547230) (-)
etag: "MSwxLjQuMC0yM0IsVmVyc2lvbiAxMi4xIChCdWlsZCAyMUM1MiksMTY3NzMyODYyNzcyNixpc0J1aWxkVmVyc2lvbk5vdFNldCxlNTVhNjU3OCxub0VmZmVjdA=="
apple-originating-system: UnknownOriginatingSystem
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Type,ETag,Cache-Control,Expires,Last-Modified
x-apple-request-uuid: aa0d83cd-9219-3115-d762-dc4492f50272
x-b3-spanid: ad8e4fd7ce2a091f
cache-control: no-transform, max-age=14437544
timing-allow-origin: *

GET
H2 200 images
encrypted-tbn0.gstatic.com/ 6 KB
6 KB 815ms
77ms Image
image/jpeg 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcSLsL2qM351Gxx5FVTUZLS6i_DJTRhoZY5JBts3FU2QAWTuQyc5pCF7dnRaeDe5hWFXeB8&usqp=CAU

Requested by

Host: cash-back.leqshop.ru
URL: https://cash-back.leqshop.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bcf73cebae0f3398c07abe255f6ce614b097e5196e015c8e6192fd9ee2b282a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://cash-back.leqshop.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 00:15:20 GMT
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5767
x-xss-protection: 0
last-modified: Sat, 11 Nov 2017 04:03:13 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Tue, 16 Apr 2024 00:15:20 GMT

GET
H2 200 l_44926a6057cd547f02947e3732850391.jpg
www.houstonhotels.org/wp-content/sabai/File/files/ 21 KB
21 KB 786ms
47ms Image
image/jpeg 192.124.249.130
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.houstonhotels.org/wp-content/sabai/File/files/l_44926a6057cd547f02947e3732850391.jpg

Requested by

Host: cash-back.leqshop.ru
URL: https://cash-back.leqshop.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.130 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10130.sucuri.net

Software

nginx /

Resource Hash

d48b0a8c53ca014c645bc4871778bc2e01c1e4575b2a47dba742e542058d8948

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://cash-back.leqshop.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 00:15:20 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
last-modified: Thu, 06 Jun 2019 16:02:37 GMT
server: nginx
etag: "19e0bde-5461-58aa9d7bac140"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 19030
accept-ranges: bytes
content-length: 21601
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ET-tailfin.jpg
www.heathrow.com/content/dam/heathrow/web/common/images/airline/tailfin/ 12 KB
12 KB 1032ms
294ms Image
image/jpeg 2620:1ec:4f:1::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.heathrow.com/content/dam/heathrow/web/common/images/airline/tailfin/ET-tailfin.jpg

Requested by

Host: cash-back.leqshop.ru
URL: https://cash-back.leqshop.ru/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:1ec:4f:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

481a206b02c2e9b85b5bb385134d3a3da8c30e1e30b27cc30c923b603cf1266a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';, frame-ancestors 'self';
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://cash-back.leqshop.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

x-dispatcher: dispatcher2euwest2
date: Mon, 17 Apr 2023 00:15:20 GMT
strict-transport-security: max-age=63072000; includeSubdomains;
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self';, frame-ancestors 'self';
via: 1.1 ed56cfaa883e0c10b610c3cdd45acb40.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG3-C2
age: 13038
x-vhost: publish
x-cache: CONFIG_NOCACHE
content-length: 11889
x-xss-protection: 1; mode=block
service-worker-allowed: /
referrer-policy: no-referrer
x-frame-options: SAMEORIGIN
x-azure-ref: 20230417T001520Z-gz2vpd8te92kv5spbbytnw5sxs00000002r000000001f0ta
content-type: image/jpeg
cache-control: max-age=14400, s-maxage=14400
feature-policy: fullscreen 'none'; microphone 'none'
accept-ranges: bytes
x-amz-cf-id: L9ztfJbDOFM_osXakjp8vSMomHJTFBkcZl-4G9i90E98uHh-97564g==

GET
H/1.1

200
OK

1
prnewswire2-a.akamaihd.net/p/1893751/sp/189375100/thumbnail/entry_id/0_llqzoyzy/def_height/2700/def_width/2700/version/100012/type/
Redirect Chain

https://photos.prnewswire.com/prnfull/20150615/748217
https://prnewswire2-a.akamaihd.net/p/1893751/sp/189375100/thumbnail/entry_id/0_llqzoyzy/def_height/2700/def_width/2700/version/100012/type/1

342 KB
343 KB

316ms
41ms

Image
image/jpeg

2.19.126.82
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prnewswire2-a.akamaihd.net/p/1893751/sp/189375100/thumbnail/entry_id/0_llqzoyzy/def_height/2700/def_width/2700/version/100012/type/1
Requested by: Host: cash-back.leqshop.ru
URL: https://cash-back.leqshop.ru/
Protocol: HTTP/1.1
Server: 2.19.126.82 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-19-126-82.deploy.static.akamaitechnologies.com
Software: Kaltura /
Resource Hash: ebb853c724eda22d4ff2f8e52ebc2a3255a0de44be73614860d6df6ccc843d15

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://cash-back.leqshop.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

X-Kaltura: cached-thumb-exists,45cecd1e46875a674e40f82afd67332a
X-Me: ny-nvp1-fthumb-rd4p4
Date: Mon, 17 Apr 2023 00:15:21 GMT
X-Vod-Session: 1546983466
X-Amz-Cf-Pop: FRA60-P2
X-Proxy-Me: nvp1-vod-proxy-blue-5ffd7f486d-9nnpk
X-Kaltura-Session: 1288779939, 1678598633
Connection: keep-alive
Content-Length: 350012
Pragma
Last-Modified: Sun, 19 Nov 2000 08:52:00 GMT
Server: Kaltura
X-Proxy-Session: 9905b41f07880de008f4f191adc0a866
X-Vod-Me: nvp1-vod-packager-blue-84997c9b4-26fs8
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3600
Accept-Ranges: bytes
X-Amz-Cf-Id: OszY43jQTgHgaJeQFnkAW32WKn1ye_18FLScETeQ5khAM1DVStAQKA==
Expires: Mon, 17 Apr 2023 01:15:21 GMT

Redirect headers

date: Mon, 17 Apr 2023 00:15:20 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: ASP.NET
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html; charset=utf-8
location: https://prnewswire2-a.akamaihd.net/p/1893751/sp/189375100/thumbnail/entry_id/0_llqzoyzy/def_height/2700/def_width/2700/version/100012/type/1
access-control-allow-origin: *
cache-control: private
server-timing: intid;desc=cb64e15f3e872ff3
cf-ray: 7b907919ba0d0a5b-AMS
access-control-allow-headers: Content-Type

GET
H/1.1 200
OK best-western_gift-card_4_1.png
www.storefrontdirect.com/pub/media/catalog/product/cache/8c0cd180e440eae853fa2176b62a6ddf/b/e/ 343 KB
344 KB 938ms
242ms Image
image/png 20.63.32.201
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.storefrontdirect.com/pub/media/catalog/product/cache/8c0cd180e440eae853fa2176b62a6ddf/b/e/best-western_gift-card_4_1.png

Requested by

Host: cash-back.leqshop.ru
URL: https://cash-back.leqshop.ru/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.63.32.201 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache/2.4.53 (Ubuntu) /

Resource Hash

e000ac4d306ff9bbd94b59cd9176f74b4e8b59a4fb7015f5b663bcf2052df79f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://cash-back.leqshop.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Mon, 17 Apr 2023 00:15:21 GMT
Last-Modified: Mon, 27 Sep 2021 16:03:24 GMT
Server: Apache/2.4.53 (Ubuntu)
ETag: "55ceb-5ccfc3ca424b3"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 351467

GET
H2 200 btmz5eder3imqcrxlgob.png
res.cloudinary.com/admitad-gmbh/image/upload/v1673369857/ 22 KB
22 KB 524ms
523ms Image
image/png 2606:4700::6813:a641
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/admitad-gmbh/image/upload/v1673369857/btmz5eder3imqcrxlgob.png

Requested by

Host: cash-back.leqshop.ru
URL: https://cash-back.leqshop.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:a641 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c3763f680a7f6dc33afb01666ced34e8089a6d95c9b729df0a7b22602682684e

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://cash-back.leqshop.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 00:15:21 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
server-timing: cld-cloudflare;dur=491;start=2023-04-17T00:15:20.518Z;desc=miss,rtt;dur=27;cloudinary;dur=30;start=2023-04-17T00:15:20.842Z
content-length: 22365
last-modified: Tue, 10 Jan 2023 16:57:38 GMT
server: cloudflare
etag: "8e8b7901c16b8a45458eac818d7cb320"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,Vary,x-content-type-options
cache-control: public, no-transform, immutable, max-age=2592000
accept-ranges: bytes
cf-ray: 7b90791938f90e18-AMS
timing-allow-origin: *

GET
H2 200 UBER.png
companiesmarketcap.com/img/company-logos/256/ 5 KB
5 KB 290ms
32ms Image
image/png 2606:4700:20::ac43:48de
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://companiesmarketcap.com/img/company-logos/256/UBER.png
Requested by: Host: cash-back.leqshop.ru
URL: https://cash-back.leqshop.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:48de , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 59cb2524f1a62c2e7cb36b97b1336cc454867636f28b3b30805b21a8698d4972

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://cash-back.leqshop.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 00:15:20 GMT
cf-cache-status: HIT
last-modified: Sat, 26 Mar 2022 08:36:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 10840
etag: "120c-5db1afaa9dc30"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ch1eAkm8fED747cJ4LlXyUVuZalpzj5AIUhI7ufw%2FAb3OOH45cmxLYmwVorw%2FvpT3p1RT1dtuCAt7X6pU09xs05OnCYjfz9nlBON9aqSHGfq2DhWktoMzghAVBXT6JTsAHH0ZmJcdTHFsnFXLEY3D%2BdqkQg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 7b90791add1ab7de-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4620

GET
H2 200 de7244ee8946ec1b4faa720a7368c22d.png
res.cloudinary.com/crunchbase-production/image/upload/c_lpad,h_256,w_256,f_auto,q_auto:eco,dpr_1/v1397182075/ 2 KB
2 KB 390ms
389ms Image
image/png 2606:4700::6813:a641
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/crunchbase-production/image/upload/c_lpad,h_256,w_256,f_auto,q_auto:eco,dpr_1/v1397182075/de7244ee8946ec1b4faa720a7368c22d.png

Requested by

Host: cash-back.leqshop.ru
URL: https://cash-back.leqshop.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:a641 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a6175220d5f58c6e0e4434a08ab06681f9c04054a7c2138daac84150f709d745

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://cash-back.leqshop.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 00:15:20 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
server-timing: cld-cloudflare;dur=348;start=2023-04-17T00:15:20.519Z;desc=miss,rtt;dur=27;cloudinary;dur=247;start=2023-04-17T00:15:20.576Z
content-length: 1644
last-modified: Fri, 02 Dec 2022 06:33:10 GMT
server: cloudflare
etag: "d641ad33e0e0a2f86a89c94b93f63ecd"
vary: Accept,User-Agent, Accept-Encoding
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,Vary,x-content-type-options
cache-control: private, no-transform, immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 7b90791938fa0e18-AMS
timing-allow-origin: *

GET
H2 200 9388-hotelsdotcom-square-fullcolor.png
static.rakuten.com/img/store/9388/ 6 KB
6 KB 521ms
34ms Image
image/png 104.109.74.236
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.rakuten.com/img/store/9388/9388-hotelsdotcom-square-fullcolor.png

Requested by

Host: cash-back.leqshop.ru
URL: https://cash-back.leqshop.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.109.74.236 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-109-74-236.deploy.static.akamaitechnologies.com

Software

AmazonS3 /

Resource Hash

10f8477cebbcd664fc223a10538a4301eabfee3e3a052e5e62cb39b1e4546516

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://cash-back.leqshop.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

x-amz-version-id: 10yNrtuD7UhL6Ikxpr1vXDFOPjHXmJ_I
date: Mon, 17 Apr 2023 00:15:21 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains
last-modified: Wed, 07 Aug 2019 00:02:30 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P3
etag: "63c3c6f8ebf15d4269156c5608a57c80"
x-amz-server-side-encryption: AES256
content-type: image/png
cache-control: max-age=2592000
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-length: 6015
x-amz-cf-id: wJS0PoWj2oNuj_KUB5--3ghpGozaeJTJcjBIFhnefvWqIWtGKntKnQ==

GET
H2 200 256x256bb.jpg
is4-ssl.mzstatic.com/image/thumb/Purple124/v4/91/bf/69/91bf6950-9941-493b-b28e-770572de6434/source/ 16 KB
17 KB 65ms
34ms Image
image/jpeg 2a02:26f0:480:4ac::2a1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://is4-ssl.mzstatic.com/image/thumb/Purple124/v4/91/bf/69/91bf6950-9941-493b-b28e-770572de6434/source/256x256bb.jpg

Requested by

Host: cash-back.leqshop.ru
URL: https://cash-back.leqshop.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:4ac::2a1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

daiquiri/3.0.0 /

Resource Hash

c69ffa5c039500da532f1f719f662aa811c8a86f6b75e24199a137cc1d20772c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://cash-back.leqshop.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

x-apple-jingle-correlation-key: SDZ2WYU65GBVUHE2IERWJFBT4A
strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 17 Apr 2023 00:15:20 GMT
x-b3-traceid: 90f3ab629ee9835a1c9a4123649433e0
x-daiquiri-instance: daiquiri:43624002:st44p00it-hyhk15014701:7987:23RELEASE10:daiquiri-amp-processing-shared-int-001-st
cdnuuid: f8fd81e6-7fef-4833-98fa-98dd83584ac0-2788132387
x-cache: TCP_MISS from a92-123-70-30.deploy.akamaitechnologies.com (AkamaiGHost/11.0.3-47547230) (-)
b3: 90f3ab629ee9835a1c9a4123649433e0-472ca495b9d8c3b8
content-length: 16672
apple-tk: false
server: daiquiri/3.0.0
apple-seq: 0.0
last-modified: Mon, 27 Feb 2023 14:27:22 GMT
x-cache-remote: TCP_HIT from a92-123-70-65.deploy.akamaitechnologies.com (AkamaiGHost/11.0.3-47547230) (-)
etag: "MSwxLjQuMC0yM0IsVmVyc2lvbiAxMi4xIChCdWlsZCAyMUM1MiksMTY3NzUwODA0MjYxMCxpc0J1aWxkVmVyc2lvbk5vdFNldCw3MDQxNyxub0VmZmVjdA=="
apple-originating-system: UnknownOriginatingSystem
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Type,ETag,Cache-Control,Expires,Last-Modified
x-apple-request-uuid: 90f3ab62-9ee9-835a-1c9a-4123649433e0
x-b3-spanid: 472ca495b9d8c3b8
cache-control: no-transform, max-age=16323354
timing-allow-origin: *

GET
H2 200 256x256bb.jpg
is5-ssl.mzstatic.com/image/thumb/Purple122/v4/54/53/d2/5453d2eb-5cfa-921a-fdb5-767ddcf2b0f1/AppIcon-0-0-1x_U007emarketing-0-0-0-7-0-0-sRGB-0-0-0-GLES2_U002c0-512MB-85-220-0-0.png/ 11 KB
12 KB 35ms
34ms Image
image/jpeg 2a02:26f0:480:4ac::2a1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://is5-ssl.mzstatic.com/image/thumb/Purple122/v4/54/53/d2/5453d2eb-5cfa-921a-fdb5-767ddcf2b0f1/AppIcon-0-0-1x_U007emarketing-0-0-0-7-0-0-sRGB-0-0-0-GLES2_U002c0-512MB-85-220-0-0.png/256x256bb.jpg

Requested by

Host: cash-back.leqshop.ru
URL: https://cash-back.leqshop.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:4ac::2a1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

daiquiri/3.0.0 /

Resource Hash

440a11976da5177458416313b44ffb5765986e420528a035ab064975fe5b9587

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://cash-back.leqshop.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

x-apple-jingle-correlation-key: 7F7E5TX2K26ASOHVS3BQ3QGSFE
strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 17 Apr 2023 00:15:20 GMT
x-b3-traceid: f97e4ecefa56bc0938f596c30dc0d229
x-daiquiri-instance: daiquiri:13624002:mr85p00it-hyhk03094901:7987:23RELEASE29:daiquiri-amp-processing-shared-int-001-mr
cdnuuid: d088faa6-a25c-4fb9-bb4b-85fbf77671a6-2782029268
x-cache: TCP_MISS from a92-123-70-30.deploy.akamaitechnologies.com (AkamaiGHost/11.0.3-47547230) (-)
b3: f97e4ecefa56bc0938f596c30dc0d229-f9d6a860d89e7fd5
content-length: 10837
apple-tk: false
server: daiquiri/3.0.0
apple-seq: 0.0
last-modified: Sun, 02 Apr 2023 16:50:51 GMT
x-cache-remote: TCP_HIT from a92-123-70-49.deploy.akamaitechnologies.com (AkamaiGHost/11.0.3-47547230) (-)
etag: "MSwxLjUuMS0yM0QsVmVyc2lvbiAxMi4xIChCdWlsZCAyMUM1MiksMTY4MDQ1NDI1MTgyOCxpc0J1aWxkVmVyc2lvbk5vdFNldCw1MDI3OSxub0VmZmVjdA=="
apple-originating-system: UnknownOriginatingSystem
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Type,ETag,Cache-Control,Expires,Last-Modified
x-apple-request-uuid: f97e4ece-fa56-bc09-38f5-96c30dc0d229
x-b3-spanid: f9d6a860d89e7fd5
cache-control: no-transform, max-age=15104335
timing-allow-origin: *

GET
H2 200 iberia-rrss.png
www.iberia.com/wcs/imagenes/otros/ 6 KB
6 KB 531ms
134ms Image
image/png 104.109.72.203
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.iberia.com/wcs/imagenes/otros/iberia-rrss.png

Requested by

Host: cash-back.leqshop.ru
URL: https://cash-back.leqshop.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.109.72.203 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-109-72-203.deploy.static.akamaitechnologies.com

Software

Resource Hash

347b78a8ff559fc915c3d0f1c0b50cecca3a73f442dd14a4045ab1d66825b123

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://www.iberia.com http://www.airnostrum.es http://love2fly.iberia.com http://megustavolar.iberia.com https://www.onbusiness-programme.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM http://www.iberia.com

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://cash-back.leqshop.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

expires: Mon, 17 Apr 2023 18:26:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: frame-ancestors https://www.iberia.com http://www.airnostrum.es http://love2fly.iberia.com http://megustavolar.iberia.com https://www.onbusiness-programme.com
x-content-type-options: nosniff
date: Mon, 17 Apr 2023 00:15:21 GMT
x-cacheable: YES
ibversion: ibcomv4
server-timing: cdn-cache; desc=HIT, edge; dur=3, ak_p; desc="467136_34649468_115149190_277_64753_31_0";dur=1
content-length: 5673
referrer-policy: strict-origin
last-modified: Mon, 26 Sep 2016 20:21:32 GMT
x-frame-options: ALLOW-FROM http://www.iberia.com
content-type: image/png
content-language: en
cache-control: public, must-revalidate, max-age=65454
permissions-policy: payment 'none'; speaker 'none'; microphone 'none'; camera 'none'; geolocation 'self'
accept-ranges: bytes
x-cache-hits: 6

GET
H2 200 qantas-airways--600.png
s3-symbol-logo.tradingview.com/ 16 KB
16 KB 735ms
615ms Image
image/png 2600:9000:2057:d400:1f:2f70:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-symbol-logo.tradingview.com/qantas-airways--600.png
Requested by: Host: cash-back.leqshop.ru
URL: https://cash-back.leqshop.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:d400:1f:2f70:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0bb523be2b1ae8259942ae1c664177458ab584654833186a464952374ef57402

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://cash-back.leqshop.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 00:15:22 GMT
via: 1.1 21da0a66bafe2c8de8be4a4d8039346a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-cache: RefreshHit from cloudfront
x-amz-meta-hash: 62c7241341e3e489ad349e54a7bc0097
alt-svc: h3=":443"; ma=86400
content-length: 15963
last-modified: Wed, 08 Sep 2021 09:26:36 GMT
server: AmazonS3
etag: "62c7241341e3e489ad349e54a7bc0097"
access-control-max-age: 30
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000,s-maxage=3600
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges: bytes
x-amz-cf-id: iu3tK5a6d9y8cBhXY-GgILcpVPCfWrGpYS3t_Oyi1-8RO_ll3gvTtA==

GET
H/1.1 200
OK logo-TU.png
panorama.quicket.io/airlines/logo/ 7 KB
8 KB 418ms
55ms Image
image/png 178.128.198.159
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://panorama.quicket.io/airlines/logo/logo-TU.png
Requested by: Host: cash-back.leqshop.ru
URL: https://cash-back.leqshop.ru/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 178.128.198.159 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 544bf75113ace61a8866b4ead1b1be87db7cb19e0592a80b0d286351b63e8cf4

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://cash-back.leqshop.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Mon, 17 Apr 2023 00:15:21 GMT
Last-Modified: Tue, 10 Oct 2017 16:06:54 GMT
Server: nginx/1.20.1
ETag: "59dcf01e-1ce1"
Access-Control-Allow-Methods: GET, POST, OPTIONS, DELETE, PUT
Content-Type: image/png
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: User-Agent,Keep-Alive,Content-Type
Content-Length: 7393

GET
H2 200 Expedia-logo.jpg
blog.myvr.com/content/images/2019/03/ 35 KB
36 KB 585ms
169ms Image
image/jpeg 2a04:4e42::775
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.myvr.com/content/images/2019/03/Expedia-logo.jpg
Requested by: Host: cash-back.leqshop.ru
URL: https://cash-back.leqshop.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a04:4e42::775 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: openresty /
Resource Hash: 9c45550d81288968468140ffd6fc682496964d4adbadf6e4a6619a5b80f711de

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://cash-back.leqshop.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

ghost-age: 0
date: Mon, 17 Apr 2023 00:15:21 GMT
via: 1.1 varnish, 1.1 varnish
age: 1719142
x-cache: HIT, HIT
status: 200 OK
alt-svc: clear
content-length: 36107
ghost-fastly: true
x-request-id: bf5477c8-57a2-40d9-ac08-d98970ef4a80, bf5477c8-57a2-40d9-ac08-d98970ef4a80
x-served-by: cache-ams12738-AMS, cache-bom4726-BOM
last-modified: Fri, 01 Mar 2019 18:17:26 GMT
server: openresty
x-timer: S1681690521.248237,VS0,VE1
etag: W/"8d0b-1693a79ab0f"
vary: Cookie
content-type: image/jpeg
cache-control: public, max-age=31536000
ghost-cache: MISS
accept-ranges: bytes
x-cache-hits: 79, 1

GET
H2 200 gH0SZGuW_400x400.png
pbs.twimg.com/profile_images/627994814382878720/ 31 KB
31 KB 158ms
158ms Image
image/png 2a04:4e42:8d::159
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/627994814382878720/gH0SZGuW_400x400.png

Requested by

Host: cash-back.leqshop.ru
URL: https://cash-back.leqshop.ru/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:8d::159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

cdb9b99bff55cf18058dde2b3665bef76c661bea74b187b2fea3b7ad95e418b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://cash-back.leqshop.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
date: Mon, 17 Apr 2023 00:15:20 GMT
x-content-type-options: nosniff
x-cache: HIT, HIT
server-timing: x-cache;desc=HIT, x-tw-cdn;desc=FT
content-length: 32032
x-served-by: cache-lhr7346-LHR, cache-fra-eddf8230068-FRA, cache-tw-ZZZ1
last-modified: Mon, 03 Aug 2015 00:08:05 GMT
x-tw-cdn: FT
content-type: image/png
access-control-allow-origin: *
x-transaction-id: 639a312ba7e42ed3
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
perf: 7626143928
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 404 69E-H2NU_400x400.jpg
pbs.twimg.com/profile_images/1467867359201402895/ 0
165 B 158ms
157ms Image
image/jpeg 2a04:4e42:8d::159
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1467867359201402895/69E-H2NU_400x400.jpg

Requested by

Host: cash-back.leqshop.ru
URL: https://cash-back.leqshop.ru/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:8d::159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://cash-back.leqshop.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
date: Mon, 17 Apr 2023 00:15:20 GMT
x-content-type-options: nosniff
x-cache: MISS, MISS
server-timing: x-cache;desc=MISS, x-tw-cdn;desc=FT
content-length: 0
x-served-by: cache-lhr7369-LHR, cache-fra-eddf8230068-FRA, cache-tw-ZZZ1
x-tw-cdn: FT
content-type: image/jpeg
access-control-allow-origin: *
x-transaction-id: 6af80b813cf676f1
access-control-expose-headers: Content-Length
cache-control: max-age=3600, must-revalidate
perf: 7626143928
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 NZ.png
uniticket.ru/wp-content/uploads/2019/airlines_logo_64/ 2 KB
3 KB 275ms
41ms Image
image/png 2606:4700:20::ac43:463c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uniticket.ru/wp-content/uploads/2019/airlines_logo_64/NZ.png
Requested by: Host: cash-back.leqshop.ru
URL: https://cash-back.leqshop.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:463c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d3ceecd971b4b1fb5af44452de41b560942cdd02f35b9102e3ab9a41a9f5b9cc

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://cash-back.leqshop.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 00:15:21 GMT
cf-cache-status: HIT
last-modified: Wed, 22 Jan 2020 11:13:45 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 10841
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lf73sFL5y0CgwuQ3rzqHC6LQEBn3%2FvOnXNIF%2B0eSqbENpk6fINFIAffV5w42xjsoCntu%2FAPsR%2B2wegtftq3jN1g9pUhrakGodAKIYruMQiFnbRifbrf3A8yhz7exSAf1zTnd%2BNsgnX%2BB%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7b90791c7da11ca2-AMS
content-length: 2360
expires: Sun, 23 Apr 2023 21:14:40 GMT

GET
H3 200 vdKlC6AKAM5uzBF1quxjfGwiDL85Z1O2fMA1fvFx5Z_BWmMeq7KS7-Kd7u3HlBrXxzY=h200
lh3.googleusercontent.com/ 32 KB
32 KB 462ms
235ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/vdKlC6AKAM5uzBF1quxjfGwiDL85Z1O2fMA1fvFx5Z_BWmMeq7KS7-Kd7u3HlBrXxzY=h200

Requested by

Host: cash-back.leqshop.ru
URL: https://cash-back.leqshop.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

e29c7ce177541dd5add30d1ef1fac8ded131e4215efc512652c0a05fa56af745

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://cash-back.leqshop.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 00:15:21 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32627
x-xss-protection: 0
expires: Tue, 18 Apr 2023 00:15:21 GMT

GET
H2 200 JetBlue-og-image.jpg
www.jetblue.com/magnoliapublic/dam/ui-assets/imagery/info-assets/logos-misc/ 10 KB
10 KB 433ms
101ms Image
image/webp 151.101.2.245
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.jetblue.com/magnoliapublic/dam/ui-assets/imagery/info-assets/logos-misc/JetBlue-og-image.jpg

Requested by

Host: cash-back.leqshop.ru
URL: https://cash-back.leqshop.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.245 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

bd219de81b9e13b00458a3661518f594d42b3b28aaf72812c138b34f596aadc4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://cash-back.leqshop.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
via: 1.1 varnish, 1.1 varnish
date: Mon, 17 Apr 2023 00:15:21 GMT
e-tag: 1681137012870
age: 46
x-cache: HIT, HIT
fastly-io-info: ifsz=34940 idim=1080x1080 ifmt=jpeg ofsz=9918 odim=1080x1080 ofmt=webp
fastly-stats: io=1
content-length: 9918
x-served-by: cache-iad-kcgs7200156-IAD, cache-ewr18169-EWR
x-magnolia-registration: Registered
x-timer: S1681690521.273833,VS0,VE4
etag: "HwZeHDtXkWdEGwjXPkVKPC1KKm+mi+5GMb8KptAtdl8"
vary: Accept
access-control-allow-methods: POST, GET, OPTIONS, DELETE, PUT
content-type: image/webp
access-control-allow-origin: *
cache-control
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: Origin, x-b3-traceid, x-b3-spanid, Authorization, Content-Type, Accept, User-Agent, Referer, x-auth-token, Sec-Fetch-Dest
x-cache-hits: 3, 1

GET
H2 200 z57rs6tcaofhrsnkozhx.png
res.cloudinary.com/crunchbase-production/image/upload/c_lpad,h_256,w_256,f_auto,q_auto:eco,dpr_1/v1464072106/ 2 KB
2 KB 453ms
452ms Image
image/png 2606:4700::6813:a641
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/crunchbase-production/image/upload/c_lpad,h_256,w_256,f_auto,q_auto:eco,dpr_1/v1464072106/z57rs6tcaofhrsnkozhx.png

Requested by

Host: cash-back.leqshop.ru
URL: https://cash-back.leqshop.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:a641 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2fcbed0967cf6bbcc2d5b9474a7dcedb22535d0345200c3ece411c850199a498

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://cash-back.leqshop.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 00:15:21 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
server-timing: cld-cloudflare;dur=418;start=2023-04-17T00:15:20.912Z;desc=miss,rtt;dur=28;cloudinary;dur=59;start=2023-04-17T00:15:21.226Z
content-length: 1581
last-modified: Fri, 02 Dec 2022 06:33:11 GMT
server: cloudflare
etag: "83d3f585000b45bbc9b160e27a8d1088"
vary: Accept,User-Agent, Accept-Encoding
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,Vary,x-content-type-options
cache-control: private, no-transform, immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 7b90791baaf70e18-AMS
timing-allow-origin: *

GET
H2 200 003495.KS.png
companiesmarketcap.com/img/company-logos/256/ 8 KB
8 KB 33ms
31ms Image
image/png 2606:4700:20::ac43:48de
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://companiesmarketcap.com/img/company-logos/256/003495.KS.png
Requested by: Host: cash-back.leqshop.ru
URL: https://cash-back.leqshop.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:48de , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 66e3e67fdd47e8cc947ae4fefbf872b9127c72124a66c3676472750d536f7334

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://cash-back.leqshop.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 00:15:20 GMT
cf-cache-status: HIT
last-modified: Sat, 26 Mar 2022 11:21:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 10840
etag: "1ea5-5db1d4976d0b5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=avrbWCIlGw%2FwiyZ9E3od6wF7q83Uj9QQnfXMpwoZM2b1pSIExnGshduQfg%2Fn8DM%2F4Mzxgi0kPxnzj4jBugLV4ec73ZhSWr8OmvC0qw6JWXi4eeEDiaXSrBDg1Z2Yi%2FSu813vu3zdREGvDEOfa2eFk1yQJ1w%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 7b90791bad87b7de-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7845

GET
H2 200 vqtzmkfa5hihsuv0ezgh.png
res.cloudinary.com/crunchbase-production/image/upload/c_lpad,h_256,w_256,f_auto,q_auto:eco,dpr_1/v1450956454/ 5 KB
5 KB 190ms
188ms Image
image/avif 2606:4700::6813:a641
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/crunchbase-production/image/upload/c_lpad,h_256,w_256,f_auto,q_auto:eco,dpr_1/v1450956454/vqtzmkfa5hihsuv0ezgh.png

Requested by

Host: cash-back.leqshop.ru
URL: https://cash-back.leqshop.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:a641 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

64f2bedd87c1af7ca670b8a3dec3c878d25b3c9d43714b9b77cef16e2e488544

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://cash-back.leqshop.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 00:15:21 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
server-timing: cld-cloudflare;dur=153;start=2023-04-17T00:15:20.912Z;desc=miss,rtt;dur=28;cloudinary;dur=50;start=2023-04-17T00:15:20.967Z
content-length: 5134
last-modified: Fri, 02 Dec 2022 06:33:11 GMT
server: cloudflare
etag: "87e66fe95f2d70d75c7b7dcbdbef2380"
vary: Accept,User-Agent, Accept-Encoding
content-type: image/avif
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,Vary,x-content-type-options
cache-control: private, no-transform, immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 7b90791baaf90e18-AMS
timing-allow-origin: *

GET
H2 200 256x256bb.jpg
is3-ssl.mzstatic.com/image/thumb/Purple112/v4/84/e0/4a/84e04add-ca3f-6f35-7a41-f7a2787367df/AppIcon-1x_U007emarketing-0-5-0-85-220.png/ 14 KB
15 KB 84ms
38ms Image
image/jpeg 2a02:26f0:480:4ac::2a1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://is3-ssl.mzstatic.com/image/thumb/Purple112/v4/84/e0/4a/84e04add-ca3f-6f35-7a41-f7a2787367df/AppIcon-1x_U007emarketing-0-5-0-85-220.png/256x256bb.jpg

Requested by

Host: cash-back.leqshop.ru
URL: https://cash-back.leqshop.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:4ac::2a1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

daiquiri/3.0.0 /

Resource Hash

bb178d58a12e6179360e8cef71e48ad3208b6d4356bdcdcb77283b203e8c456f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://cash-back.leqshop.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

x-apple-jingle-correlation-key: TBQEN574UMHNUFFJTGNJGTK5AU
strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 17 Apr 2023 00:15:21 GMT
x-b3-traceid: 5f83e2d0769b481c
x-daiquiri-instance: daiquiri:13624002:mr85p00it-hyhk03094901:7987:23RELEASE10:daiquiri-amp-processing-shared-int-001-mr
cdnuuid: d997cf51-c314-47fb-a615-be5ee386ef1a-1114124957
x-cache: TCP_MISS from a92-123-70-30.deploy.akamaitechnologies.com (AkamaiGHost/11.0.3-47547230) (-)
x-b3-parentspanid: bd4d45085d6db30e
b3: 986046f7fca30eda14a9999a934d5d05-38878dac5e7eefa5
content-length: 14583
apple-tk: false
server: daiquiri/3.0.0
apple-seq: 0.0
last-modified: Fri, 03 Mar 2023 18:29:57 GMT
x-cache-remote: TCP_HIT from a92-123-70-48.deploy.akamaitechnologies.com (AkamaiGHost/11.0.3-47547230) (-)
etag: "MSwxLjQuMC0yM0IsVmVyc2lvbiAxMi4xIChCdWlsZCAyMUM1MiksMTY3Nzg2ODE5NzQxOSxpc0J1aWxkVmVyc2lvbk5vdFNldCw3ODM0OThiNSxub0VmZmVjdA=="
apple-originating-system: UnknownOriginatingSystem
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Type,ETag,Cache-Control,Expires,Last-Modified
x-apple-request-uuid: 986046f7-fca3-0eda-14a9-999a934d5d05
x-b3-spanid: 38878dac5e7eefa5
cache-control: no-transform, max-age=15653146
timing-allow-origin: *

GET
H2 200 JL-tailfin.jpg
www.heathrow.com/content/dam/heathrow/web/common/images/airline/tailfin/ 11 KB
11 KB 224ms
223ms Image
image/jpeg 2620:1ec:4f:1::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.heathrow.com/content/dam/heathrow/web/common/images/airline/tailfin/JL-tailfin.jpg

Requested by

Host: cash-back.leqshop.ru
URL: https://cash-back.leqshop.ru/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:1ec:4f:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

cffef313845754a4af53c3a815035091961d87882807824219c0ab789f96c545

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';, frame-ancestors 'self';
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://cash-back.leqshop.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

x-dispatcher: dispatcher1euwest2
date: Mon, 17 Apr 2023 00:15:21 GMT
strict-transport-security: max-age=63072000; includeSubdomains;
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self';, frame-ancestors 'self';
via: 1.1 9127bf22c332a88edd7d5939b5870d1e.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-P1
x-vhost: publish
x-cache: CONFIG_NOCACHE
content-length: 10931
x-xss-protection: 1; mode=block
service-worker-allowed: /
referrer-policy: no-referrer
x-frame-options: SAMEORIGIN
x-azure-ref: 20230417T001520Z-gz2vpd8te92kv5spbbytnw5sxs00000002r000000001f0vt
content-type: image/jpeg
cache-control: max-age=14400, s-maxage=14400
feature-policy: fullscreen 'none'; microphone 'none'
accept-ranges: bytes
x-amz-cf-id: Hw0gbuixh79nxd51lSxpO-khOmU2Y-NW7HhjKJQ5RfNrgQw73QHfwA==

GET
H2 200 256x256bb.jpg
is1-ssl.mzstatic.com/image/thumb/Purple126/v4/47/b0/8f/47b08f65-6f56-53b7-cd62-63762a9b1e65/AppIcon-staging-0-0-1x_U007emarketing-0-0-0-7-0-0-sRGB-0-0-0-GLES2_U002c0-512MB-85-220-0-0.png/ 9 KB
10 KB 35ms
35ms Image
image/jpeg 2a02:26f0:480:4ac::2a1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://is1-ssl.mzstatic.com/image/thumb/Purple126/v4/47/b0/8f/47b08f65-6f56-53b7-cd62-63762a9b1e65/AppIcon-staging-0-0-1x_U007emarketing-0-0-0-7-0-0-sRGB-0-0-0-GLES2_U002c0-512MB-85-220-0-0.png/256x256bb.jpg

Requested by

Host: cash-back.leqshop.ru
URL: https://cash-back.leqshop.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:4ac::2a1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

daiquiri/3.0.0 /

Resource Hash

ead12d8a15725e1268cd595a067a5081b434ad391931f250c7c132315555f0d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://cash-back.leqshop.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

x-apple-jingle-correlation-key: M2Z6VRSTDK76VS2XT75FGZ6E6U
strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 17 Apr 2023 00:15:20 GMT
x-b3-traceid: 66b3eac6531abfeacb579ffa5367c4f5
x-daiquiri-instance: daiquiri:43624002:st44p00it-hyhk15014701:7987:23RELEASE21:daiquiri-amp-processing-shared-int-001-st
cdnuuid: d165dd63-7ee0-49dd-a7b0-a7eec5f4412c-2803301245
x-cache: TCP_MISS from a92-123-70-30.deploy.akamaitechnologies.com (AkamaiGHost/11.0.3-47547230) (-)
b3: 66b3eac6531abfeacb579ffa5367c4f5-0dd57d6637804bbf
content-length: 9284
apple-tk: false
server: daiquiri/3.0.0
apple-seq: 0.0
last-modified: Wed, 08 Mar 2023 11:07:36 GMT
x-cache-remote: TCP_HIT from a92-123-70-33.deploy.akamaitechnologies.com (AkamaiGHost/11.0.3-47547230) (-)
etag: "MSwxLjQuMC0yM0IsVmVyc2lvbiAxMi4xIChCdWlsZCAyMUM1MiksMTY3ODI3MzY1NjYzMixpc0J1aWxkVmVyc2lvbk5vdFNldCw3MDM2Nyxub0VmZmVjdA=="
apple-originating-system: UnknownOriginatingSystem
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Type,ETag,Cache-Control,Expires,Last-Modified
x-apple-request-uuid: 66b3eac6-531a-bfea-cb57-9ffa5367c4f5
x-b3-spanid: 0dd57d6637804bbf
cache-control: no-transform, max-age=14427726
timing-allow-origin: *

GET
H2 200 1543328367-44-air-france.png
www.businesslist.co.ke/img/ke/j/ 19 KB
20 KB 748ms
58ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.businesslist.co.ke/img/ke/j/1543328367-44-air-france.png
Requested by: Host: cash-back.leqshop.ru
URL: https://cash-back.leqshop.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 13a4613461dd6b07cd5b45f9566321f1acf05f7d2c341124421ed478cf8adb49

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://cash-back.leqshop.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 00:15:21 GMT
cf-cache-status: HIT
last-modified: Tue, 27 Nov 2018 14:19:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "4db7-57ba6231639c0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M4K8M4KHG9rhkXE6SYnulqWUjJW8UtIBUjBIgEOohMmuCOrMrdI%2BctIFhY%2BjXoEys%2FGBKO38z9hYi7Fyd%2FW2os4fbC84cXjtKwK5E2vDYy2VTD6lg8vf1PTQd3%2FEiwWd6e36tqMzpoa0u9kUNu738VDSSS6%2B"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2073600
accept-ranges: bytes
cf-ray: 7b907920d9640be4-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 19895
expires: Sun, 23 Apr 2023 19:28:26 GMT

GET
H2 200 americanairlines_logo_square_new-500x321.png
www.capitalpride.org/wp-content/uploads/ 16 KB
16 KB 904ms
329ms Image
image/png 35.197.92.201
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.capitalpride.org/wp-content/uploads/americanairlines_logo_square_new-500x321.png
Requested by: Host: cash-back.leqshop.ru
URL: https://cash-back.leqshop.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.197.92.201 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 201.92.197.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: fe080af41e7d6308756763e0f2946f350d4c7d040d3a7fa02b44ad8c5484ad2e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://cash-back.leqshop.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 00:15:21 GMT
last-modified: Thu, 18 Apr 2019 18:40:24 GMT
server: nginx
etag: "5cb8c498-3fb6"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 16310

GET
H2 200 amtrak-guest-rewards-rail-transport-train-logo-png-favpng-phX3zerzprHs8fJuvEjfp8piv.jpg
img.favpng.com/13/14/23/ 58 KB
59 KB 331ms
232ms Image
image/jpeg 2606:4700:20::681a:5ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.favpng.com/13/14/23/amtrak-guest-rewards-rail-transport-train-logo-png-favpng-phX3zerzprHs8fJuvEjfp8piv.jpg

Requested by

Host: cash-back.leqshop.ru
URL: https://cash-back.leqshop.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:5ba , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f419ec4bb62fd1d8ee0defba740fd28b8efd50136936b9c76235bc23f1214943

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://cash-back.leqshop.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 00:15:21 GMT
cf-cache-status: MISS
last-modified: Fri, 11 Oct 2019 17:53:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5da0c19b-e9a2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=20PoYzU1kPzVn7Q6jnTAM5nQS684dFMOstjUfh57AnefjezQORCnQpoAxBa3ev%2BtkJ87hushowYWd1xWstnGK6Ar6wOPKeK2EWf5BIhwSDlOa%2FDIBWvThFR6Dgoy4qcKBtf8mxntHx7A41d9"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7b90791d682f0b58-AMS
content-length: 59810
x-xss-protection: 1; mode=block
expires: Tue, 16 Apr 2024 00:15:21 GMT

GET
H2 200 Delta-Skybonus.jpg
images.hertz.com/rentacar/misc/ 21 KB
22 KB 1333ms
621ms Image
image/jpeg 45.60.33.5
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.hertz.com/rentacar/misc/Delta-Skybonus.jpg
Requested by: Host: cash-back.leqshop.ru
URL: https://cash-back.leqshop.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.33.5 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: nginx /
Resource Hash: 6460a01661f0c50c07db5869c582893f85220c5cded31b0f34d7601c88c0abbe

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://cash-back.leqshop.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 00:15:22 GMT
last-modified: Tue, 28 Jul 2020 10:57:39 GMT
server: nginx
x-cdn: Imperva
etag: "5f2004a3-548c"
content-type: image/jpeg
x-iinfo: 3-86270516-86249983 2NNN RT(1681690521069 37) q(0 0 0 12) r(5 5)
accept-ranges: bytes
content-length: 21644

GET
H2 200 43245.png
logodix.com/logo/ 13 KB
13 KB 102ms
32ms Image
image/png 2606:4700:20::681a:ef6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://logodix.com/logo/43245.png

Requested by

Host: cash-back.leqshop.ru
URL: https://cash-back.leqshop.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:ef6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

459d3635aca3e34beef0bef0997fb6fc52e471c70869274f37c55ac7b41c2ba3

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://cash-back.leqshop.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 00:15:21 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 18892
cf-polished: origSize=15480, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 13179
cf-bgj: imgq:85,h2pri
last-modified: Wed, 13 Feb 2019 19:48:44 GMT
server: cloudflare
etag: "5c64749c-3c78"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GLAW460430cZ7%2FknHAAqp2lxG0nt6Y0AF7l07R3XJb5NBK4%2FhdXjfLSsNlnP9%2FTzrmYj7r7NRyVk%2FgyOHwJWPSJvd2s9zP9HkfMBLpj%2Fdvt2%2BE0m5opmNNF2LAbE0AJ1CRtFFMFzS%2FRH"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=2592000, 30d
accept-ranges: bytes
cf-ray: 7b90791dca5fb951-AMS
expires: Tue, 16 May 2023 19:00:29 GMT

GET
H2 200 logo-for-blog.jpg
blog.alaskaair.com/wp-content/uploads/2016/01/ 20 KB
20 KB 131ms
29ms Image
image/webp 2a04:fa87:fffd::c000:4212
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.alaskaair.com/wp-content/uploads/2016/01/logo-for-blog.jpg
Requested by: Host: cash-back.leqshop.ru
URL: https://cash-back.leqshop.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffd::c000:4212 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 9fbb2857cb373db3ae5595a012933ad382d2cce2dcf61c21df39a4063a3a9d85

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://cash-back.leqshop.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 00:15:21 GMT
x-rq: ams5 109 198 443
last-modified: Wed, 19 Oct 2022 06:10:51 GMT
server: nginx
etag: "56d87a10ed051cf2"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 20378

GET
H2 200 kisspng-british-airways-flight-o-r-tambo-international-a-5b03886c3c0aa6.2732257215269581882459.jpg
banner2.cleanpng.com/20180521/yfg/ 81 KB
82 KB 257ms
154ms Image
image/jpeg 2606:4700:3038::6815:e9bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://banner2.cleanpng.com/20180521/yfg/kisspng-british-airways-flight-o-r-tambo-international-a-5b03886c3c0aa6.2732257215269581882459.jpg
Requested by: Host: cash-back.leqshop.ru
URL: https://cash-back.leqshop.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:e9bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 745542d56d2d35599ffd122931c6a9ad9e0ee1bf38895fc994fa2c8009548598

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://cash-back.leqshop.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 00:15:21 GMT
cf-cache-status: MISS
last-modified: Tue, 22 May 2018 03:03:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5b03886c-144f4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GKVi3ssZya4kxvpEIsl0PY2tt0mepBW9x6zdggM2uFRLT%2Baox0jdOvq1MvvGUVpTIEIwJ1POb3nKF35%2F25xQB3%2BrvYLMu4fPM30EmlSNKUD%2FDiG7WxK8%2FOkljsKNfDLhxexvohPesJalWaFe%2FAvRDgXK1A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=864000
accept-ranges: bytes
cf-ray: 7b90791eab87b994-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 83188
expires: Thu, 27 Apr 2023 00:15:21 GMT

GET
H2 200 256x256bb.jpg
is3-ssl.mzstatic.com/image/thumb/Purple111/v4/5a/e0/30/5ae03086-bc65-eb91-80ea-965d007ed6b8/source/ 11 KB
12 KB 36ms
35ms Image
image/jpeg 2a02:26f0:480:4ac::2a1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://is3-ssl.mzstatic.com/image/thumb/Purple111/v4/5a/e0/30/5ae03086-bc65-eb91-80ea-965d007ed6b8/source/256x256bb.jpg

Requested by

Host: cash-back.leqshop.ru
URL: https://cash-back.leqshop.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:4ac::2a1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

daiquiri/3.0.0 /

Resource Hash

3b458caea0053254b95f7314a3e6f9f715ef7521f2e2165303933b0a512c894f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://cash-back.leqshop.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

x-apple-jingle-correlation-key: ZVU3OVB7HXOGF4QHB6LM5PXEFU
strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 17 Apr 2023 00:15:21 GMT
x-b3-traceid: cd69b7543f3ddc62f2070f96cebee42d
x-daiquiri-instance: daiquiri:33624002:pv50p00it-hyhk12033901:7987:23RELEASE29:daiquiri-amp-processing-shared-int-001-pv
cdnuuid: 0f52e85b-415f-40a3-8582-fad5a73198ee-2799471116
x-cache: TCP_MISS from a92-123-70-30.deploy.akamaitechnologies.com (AkamaiGHost/11.0.3-47547230) (-)
b3: cd69b7543f3ddc62f2070f96cebee42d-39315ecebd1a3162
content-length: 11258
apple-tk: false
server: daiquiri/3.0.0
apple-seq: 0.0
last-modified: Thu, 23 Mar 2023 05:30:47 GMT
x-cache-remote: TCP_HIT from a92-123-70-48.deploy.akamaitechnologies.com (AkamaiGHost/11.0.3-47547230) (-)
etag: "MSwxLjQuMi0yM0QsVmVyc2lvbiAxMi4xIChCdWlsZCAyMUM1MiksMTY3OTU0OTQ0NzE0Myxpc0J1aWxkVmVyc2lvbk5vdFNldCw2MDIxMyxub0VmZmVjdA=="
apple-originating-system: UnknownOriginatingSystem
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Type,ETag,Cache-Control,Expires,Last-Modified
x-apple-request-uuid: cd69b754-3f3d-dc62-f207-0f96cebee42d
x-b3-spanid: 39315ecebd1a3162
cache-control: no-transform, max-age=14716424
timing-allow-origin: *

GET
H2 200 south_african_airways.ai-converted.png
d1yjjnpx0p53s8.cloudfront.net/styles/logo-thumbnail/s3/052012/ 13 KB
14 KB 559ms
461ms Image
image/png 2600:9000:236e:7c00:12:832a:da00:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1yjjnpx0p53s8.cloudfront.net/styles/logo-thumbnail/s3/052012/south_african_airways.ai-converted.png
Requested by: Host: cash-back.leqshop.ru
URL: https://cash-back.leqshop.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:236e:7c00:12:832a:da00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 650b8b749bb69a447198b4c11865f5bbf4b9ac0dc511d32dc69229c2b2e25063

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://cash-back.leqshop.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

x-amz-version-id: null
date: Mon, 17 Apr 2023 00:15:22 GMT
via: 1.1 adc51edbb4dc468fb382e40b115a2f62.cloudfront.net (CloudFront)
last-modified: Wed, 30 Aug 2017 21:29:52 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1
etag: "0dfb40338ff16251ad67286d3625ee64"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 13730
x-amz-cf-id: 5aEDSv1Ss9YB1W2hXVPROq68oW_b6G0Bsfe60GsBytadIwbg6NyQHw==

GET
H2 200 27556b12c387bdabca2c485fafabd496.jpg
beltel-av.ru/upload/medialibrary/275/ 43 KB
43 KB 816ms
73ms Image
image/jpeg 87.236.16.8
BEGET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beltel-av.ru/upload/medialibrary/275/27556b12c387bdabca2c485fafabd496.jpg
Requested by: Host: cash-back.leqshop.ru
URL: https://cash-back.leqshop.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.236.16.8 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.vm5.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: adac7c5603608085855d95d4e2064f159f800e120de9b6b04570cbb6edc5a103

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://cash-back.leqshop.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 00:15:22 GMT
last-modified: Tue, 23 Nov 2021 13:47:48 GMT
server: nginx-reuseport/1.21.1
etag: "619cf104-acd6"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 44246
expires: Wed, 17 May 2023 00:15:22 GMT

GET
H2 404 I4xDSQjc_400x400.jpg
pbs.twimg.com/profile_images/841869892479528960/ 0
120 B 158ms
157ms Image
image/jpeg 2a04:4e42:8d::159
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/841869892479528960/I4xDSQjc_400x400.jpg

Requested by

Host: cash-back.leqshop.ru
URL: https://cash-back.leqshop.ru/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:8d::159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://cash-back.leqshop.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
date: Mon, 17 Apr 2023 00:15:21 GMT
x-content-type-options: nosniff
x-cache: MISS, MISS
server-timing: x-cache;desc=MISS, x-tw-cdn;desc=FT
content-length: 0
x-served-by: cache-lhr7327-LHR, cache-fra-eddf8230068-FRA, cache-tw-ZZZ1
x-tw-cdn: FT
content-type: image/jpeg
access-control-allow-origin: *
x-transaction-id: dcbfc690c2ddacdc
access-control-expose-headers: Content-Length
cache-control: max-age=3600, must-revalidate
perf: 7626143928
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 saskjobs-logo--mobile.jpg
www.saskatchewan.ca/-/media/images/ict/ 14 KB
16 KB 603ms
274ms Image
image/jpeg 64.202.124.102
RADWARE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.saskatchewan.ca/-/media/images/ict/saskjobs-logo--mobile.jpg

Requested by

Host: cash-back.leqshop.ru
URL: https://cash-back.leqshop.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

64.202.124.102 Chicago, United States, ASN48851 (RADWARE, IL),

Reverse DNS

unknown.hostforweb.net

Software

ReplaceHeaderValue /

Resource Hash

30e69cf5c513bc12001722adbb61579d9f9663fcf23c2ff47b350c4074f92294

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval'; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' https://static.cloud.coveo.com https://translate.google.com https://translate.googleapis.com https://www.google-analytics.com https://fonts.googleapis.com https://www.gstatic.com translate-pa.googleapis.com https://e.prezicdn.net https://maps.googleapis.com https://www.google.com https://www.googletagmanager.com https://cdnjs.cloudflare.com public.tableau.com https://platform.twitter.com; style-src 'self' 'unsafe-inline' https://static.cloud.coveo.com https://translate.google.com https://translate.googleapis.com https://www.google-analytics.com https://fonts.googleapis.com https://www.gstatic.com https://e.prezicdn.net https://maps.googleapis.com; img-src 'self' data: https://static.cloud.coveo.com https://translate.google.com https://translate.googleapis.com https://www.google-analytics.com https://fonts.googleapis.com https://www.gstatic.com https://e.prezicdn.net https://maps.googleapis.com https://maps.gstatic.com https://.twitter.com; font-src 'self' https://static.cloud.coveo.com https://translate.google.com https://translate.googleapis.com https://www.google-analytics.com https://fonts.googleapis.com https://www.gstatic.com https://fonts.gstatic.com https://e.prezicdn.net https://maps.googleapis.com; connect-src 'self' https://static.cloud.coveo.com https://translate.google.com https://translate.googleapis.com https://www.google-analytics.com https://fonts.googleapis.com https://www.gstatic.com translate-pa.googleapis.com https://e.prezicdn.net https://maps.googleapis.com https://publications.saskatchewan.ca; frame-src 'self' https://revsharesaskatchewan.ca https://public.tableau.com https://www.youtube.com https://immigration.saskatchewan.ca https://e.prezicdn.net https://prezi-nocookies.com https://maps.googleapis.com https://www.google.com https://fmt-public.selkirksystems.com https://www.facebook.com https://.twitter.com; upgrade-insecure-requests; block-all-mixed-content
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://cash-back.leqshop.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubdomains; preload
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval'; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' https://static.cloud.coveo.com https://translate.google.com https://translate.googleapis.com https://www.google-analytics.com https://fonts.googleapis.com https://www.gstatic.com translate-pa.googleapis.com https://e.prezicdn.net https://maps.googleapis.com https://www.google.com https://www.googletagmanager.com https://cdnjs.cloudflare.com public.tableau.com https://platform.twitter.com; style-src 'self' 'unsafe-inline' https://static.cloud.coveo.com https://translate.google.com https://translate.googleapis.com https://www.google-analytics.com https://fonts.googleapis.com https://www.gstatic.com https://e.prezicdn.net https://maps.googleapis.com; img-src 'self' data: https://static.cloud.coveo.com https://translate.google.com https://translate.googleapis.com https://www.google-analytics.com https://fonts.googleapis.com https://www.gstatic.com https://e.prezicdn.net https://maps.googleapis.com https://maps.gstatic.com https://*.twitter.com; font-src 'self' https://static.cloud.coveo.com https://translate.google.com https://translate.googleapis.com https://www.google-analytics.com https://fonts.googleapis.com https://www.gstatic.com https://fonts.gstatic.com https://e.prezicdn.net https://maps.googleapis.com; connect-src 'self' https://static.cloud.coveo.com https://translate.google.com https://translate.googleapis.com https://www.google-analytics.com https://fonts.googleapis.com https://www.gstatic.com translate-pa.googleapis.com https://e.prezicdn.net https://maps.googleapis.com https://publications.saskatchewan.ca; frame-src 'self' https://revsharesaskatchewan.ca https://public.tableau.com https://www.youtube.com https://immigration.saskatchewan.ca https://e.prezicdn.net https://prezi-nocookies.com https://maps.googleapis.com https://www.google.com https://fmt-public.selkirksystems.com https://www.facebook.com https://*.twitter.com; upgrade-insecure-requests; block-all-mixed-content
x-content-type-options: nosniff
date: Mon, 17 Apr 2023 00:15:19 GMT
last-modified: Thu, 24 Feb 2022 17:19:15 GMT
server: ReplaceHeaderValue
x-frame-options: sameorigin
content-type: image/jpeg
cache-control: private, max-age=604800
content-disposition: inline; filename="SaskJobs-Logo--mobile.jpg"
accept-ranges: bytes
content-length: 14229

GET
H2 200 256x256bb.jpg
is2-ssl.mzstatic.com/image/thumb/Purple122/v4/1b/29/51/1b295120-21c5-0ed0-04c3-e15e535865c2/AppIcon-0-0-1x_U007emarketing-0-0-0-5-0-0-sRGB-0-0-0-GLES2_U002c0-512MB-85-220-0-0.png/ 10 KB
11 KB 36ms
35ms Image
image/jpeg 2a02:26f0:480:4ac::2a1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://is2-ssl.mzstatic.com/image/thumb/Purple122/v4/1b/29/51/1b295120-21c5-0ed0-04c3-e15e535865c2/AppIcon-0-0-1x_U007emarketing-0-0-0-5-0-0-sRGB-0-0-0-GLES2_U002c0-512MB-85-220-0-0.png/256x256bb.jpg

Requested by

Host: cash-back.leqshop.ru
URL: https://cash-back.leqshop.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:4ac::2a1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

daiquiri/3.0.0 /

Resource Hash

e14e3e1be07dbe4fedd64cf6e48cd84e813a91973ec05b175246155d07789226

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://cash-back.leqshop.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

x-apple-jingle-correlation-key: GBGPUVXQRW55CU7E7ZUFMOVMS4
strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 17 Apr 2023 00:15:21 GMT
x-b3-traceid: a128bb9ef24abda4
x-daiquiri-instance: daiquiri:13624002:mr85p00it-hyhk03094901:7987:23RELEASE39:daiquiri-amp-processing-shared-int-001-mr
cdnuuid: 2f86aa5c-0fe0-4cb7-bd3f-ec4f80cb1038-2788148934
x-cache: TCP_MISS from a92-123-70-30.deploy.akamaitechnologies.com (AkamaiGHost/11.0.3-47547230) (-)
x-b3-parentspanid: 4f9ead3b94712541
b3: 304cfa56f08dbbd153e4fe68563aac97-7e3cf964aa03fe3b
content-length: 9994
apple-tk: false
server: daiquiri/3.0.0
apple-seq: 0.0
last-modified: Thu, 13 Apr 2023 07:05:57 GMT
x-cache-remote: TCP_HIT from a92-123-70-49.deploy.akamaitechnologies.com (AkamaiGHost/11.0.3-47547230) (-)
etag: "MSwxLjUuMS0yM0QsVmVyc2lvbiAxMi4xIChCdWlsZCAyMUM1MiksMTY4MTM2OTU1Nzk2NCxpc0J1aWxkVmVyc2lvbk5vdFNldCwxYjgxNmE4MSxub0VmZmVjdA=="
apple-originating-system: UnknownOriginatingSystem
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Type,ETag,Cache-Control,Expires,Last-Modified
x-apple-request-uuid: 304cfa56-f08d-bbd1-53e4-fe68563aac97
x-b3-spanid: 7e3cf964aa03fe3b
cache-control: no-transform, max-age=14909510
timing-allow-origin: *

GET
H2 200 1200px-American_Express_logo_%282018%29.svg.png
upload.wikimedia.org/wikipedia/commons/thumb/f/fa/American_Express_logo_%282018%29.svg/ 15 KB
16 KB 33ms
33ms Image
image/webp 2620:0:862:ed1a::2:b
WIKIMEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://upload.wikimedia.org/wikipedia/commons/thumb/f/fa/American_Express_logo_%282018%29.svg/1200px-American_Express_logo_%282018%29.svg.png

Requested by

Host: cash-back.leqshop.ru
URL: https://cash-back.leqshop.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:0:862:ed1a::2:b , United States, ASN14907 (WIKIMEDIA, US),

Reverse DNS

Software

ATS/9.1.4 /

Resource Hash

c00928ae75f5c4591c12352e7e46b3e0a3d1c4c4704b51f5c622a895cbe91368

Security Headers

Name	Value
Strict-Transport-Security	max-age=106384710; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://cash-back.leqshop.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sun, 16 Apr 2023 08:56:12 GMT
strict-transport-security: max-age=106384710; includeSubDomains; preload
x-content-type-options: nosniff
nel: { "report_to": "wm_nel", "max_age": 604800, "failure_fraction": 0.05, "success_fraction": 0.0}
age: 55148
x-cache-status: hit-front
x-cache: cp3055 hit, cp3057 hit/23
server-timing: cache;desc="hit-front", host;desc="cp3057"
content-length: 15660
x-client-ip: 2a00:1630:2:1c02::10
last-modified: Wed, 23 Oct 2019 23:10:52 GMT
server: ATS/9.1.4
etag: 0dbb7f8aa203771480600b9be6a8f38b
report-to: { "group": "wm_nel", "max_age": 604800, "endpoints": [{ "url": "https://intake-logging.wikimedia.org/v1/events?stream=w3c.reportingapi.network_error&schema_uri=/w3c/reportingapi/network_error/1.0.0" }] }
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 Telegram_Messenger.png
upload.wikimedia.org/wikipedia/commons/5/5c/ 47 KB
48 KB 26ms
25ms Image
image/png 2620:0:862:ed1a::2:b
WIKIMEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://upload.wikimedia.org/wikipedia/commons/5/5c/Telegram_Messenger.png

Requested by

Host: cash-back.leqshop.ru
URL: https://cash-back.leqshop.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:0:862:ed1a::2:b , United States, ASN14907 (WIKIMEDIA, US),

Reverse DNS

Software

ATS/9.1.4 /

Resource Hash

5658eac3ae05e6d24ce1b0a830ffdd2b708c2938ac8bd8c0c622a1a18ea27a8d

Security Headers

Name	Value
Strict-Transport-Security	max-age=106384710; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://cash-back.leqshop.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sun, 16 Apr 2023 19:36:35 GMT
strict-transport-security: max-age=106384710; includeSubDomains; preload
x-content-type-options: nosniff
nel: { "report_to": "wm_nel", "max_age": 604800, "failure_fraction": 0.05, "success_fraction": 0.0}
age: 16726
x-cache-status: hit-front
x-cache: cp3053 hit, cp3057 hit/36
server-timing: cache;desc="hit-front", host;desc="cp3057"
content-length: 47798
x-client-ip: 2a00:1630:2:1c02::10
x-object-meta-sha1base36: 26aiuykbk6637pn64dm0jl3f0wu9yfb
last-modified: Wed, 20 Aug 2014 17:58:19 GMT
server: ATS/9.1.4
etag: 84b4eb257e0a43a74a14e51d17d8794e
report-to: { "group": "wm_nel", "max_age": 604800, "endpoints": [{ "url": "https://intake-logging.wikimedia.org/v1/events?stream=w3c.reportingapi.network_error&schema_uri=/w3c/reportingapi/network_error/1.0.0" }] }
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 Icq_new_1024.png
upload.wikimedia.org/wikipedia/commons/3/3d/ 191 KB
192 KB 35ms
34ms Image
image/png 2620:0:862:ed1a::2:b
WIKIMEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://upload.wikimedia.org/wikipedia/commons/3/3d/Icq_new_1024.png

Requested by

Host: cash-back.leqshop.ru
URL: https://cash-back.leqshop.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:0:862:ed1a::2:b , United States, ASN14907 (WIKIMEDIA, US),

Reverse DNS

Software

ATS/9.1.4 /

Resource Hash

225cf2ca10f168a0db79541e0352bc4fab131417830e3c0ff9fba60af6eebc8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=106384710; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://cash-back.leqshop.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sun, 16 Apr 2023 04:24:17 GMT
strict-transport-security: max-age=106384710; includeSubDomains; preload
x-content-type-options: nosniff
nel: { "report_to": "wm_nel", "max_age": 604800, "failure_fraction": 0.05, "success_fraction": 0.0}
age: 71464
x-cache-status: hit-local
x-cache: cp3055 hit, cp3057 miss
server-timing: cache;desc="hit-local", host;desc="cp3057"
content-length: 195313
x-client-ip: 2a00:1630:2:1c02::10
x-object-meta-sha1base36: tufse9n4h5v8svs7arxean40q151pih
last-modified: Tue, 03 Nov 2015 17:46:01 GMT
server: ATS/9.1.4
etag: f38f78ac869e93a0946151c69b14428f
report-to: { "group": "wm_nel", "max_age": 604800, "endpoints": [{ "url": "https://intake-logging.wikimedia.org/v1/events?stream=w3c.reportingapi.network_error&schema_uri=/w3c/reportingapi/network_error/1.0.0" }] }
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 24806-polet-aviaciya-avialajner-boing_747-aviakompaniya-3149x2001.jpg
img3.akspic.ru/crops/6/0/8/4/24806/ 628 KB
629 KB 827ms
99ms Image
image/jpeg 176.9.93.71
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img3.akspic.ru/crops/6/0/8/4/24806/24806-polet-aviaciya-avialajner-boing_747-aviakompaniya-3149x2001.jpg
Requested by: Host: cash-back.leqshop.ru
URL: https://cash-back.leqshop.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 176.9.93.71 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.71.93.9.176.clients.your-server.de
Software: nginx /
Resource Hash: c09cd272ba8d1053361dd11bdb7107870b06323b71ec5beb1e1f4f94c2b082e7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://cash-back.leqshop.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

special-location: not-matched
date: Mon, 17 Apr 2023 00:15:20 GMT
last-modified: Thu, 21 Mar 2019 10:35:09 GMT
server: nginx
etag: "5c9368dd-9d1cf"
content-type: image/jpeg
cache-control: max-age=31536000, private
content-disposition: inline; filename="24806-polet-aviaciya-avialajner-boing_747-aviakompaniya-3149x2001.jpg"
accept-ranges: bytes
content-length: 643535
expires: Tue, 16 Apr 2024 00:15:20 +0000

GET
H/1.1

200
OK

hit
counter.yadro.ru/
Redirect Chain

https://counter.yadro.ru/hit?t40.10;r;s1600*1200*24;uhttps%3A//cash-back.leqshop.ru/;hCASH-BACK.BIZ.UA%20-%20%u041F%u0440%u043E%u0434%u0430%u0436%u0430%20%u0430%u043A%u043A%u0430%u0443%u043D%u0442%...
https://counter.yadro.ru/hit?q;t40.10;r;s1600*1200*24;uhttps%3A//cash-back.leqshop.ru/;hCASH-BACK.BIZ.UA%20-%20%u041F%u0440%u043E%u0434%u0430%u0436%u0430%20%u0430%u043A%u043A%u0430%u0443%u043D%u044...

133 B
619 B

67ms
66ms

Image
image/gif

88.212.202.52
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/hit?q;t40.10;r;s1600*1200*24;uhttps%3A//cash-back.leqshop.ru/;hCASH-BACK.BIZ.UA%20-%20%u041F%u0440%u043E%u0434%u0430%u0436%u0430%20%u0430%u043A%u043A%u0430%u0443%u043D%u0442%u043E%u0432%20%u043C%u0438%u043B%u0435%u0439%2C%20%u0430%u0432%u0438%u0430%2C%20%u043E%u0442%u0435%u043B%u0435%u0439%20%u0441%20%u0431%u0430%u043B%u0430%u043D%u0441%u043E%u043C.;0.09385061733786904

Requested by

Host: cash-back.leqshop.ru
URL: https://cash-back.leqshop.ru/

Protocol

HTTP/1.1

Server

88.212.202.52 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

host152.rax.ru

Software

nginx/1.17.9 /

Resource Hash

1dea112090376fd06beb4507358eb4fb0706fc503b96b40776cd2154e1cfa09c

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://cash-back.leqshop.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 17 Apr 2023 00:15:20 GMT
Strict-Transport-Security: max-age=86400
Server: nginx/1.17.9
Content-Type: image/gif
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin: *
Cache-control: no-cache
Connection: keep-alive
Content-Length: 133
Expires: Sat, 16 Apr 2022 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 17 Apr 2023 00:15:20 GMT
Strict-Transport-Security: max-age=86400
Server: nginx/1.17.9
Content-Type: text/html
Location: https://counter.yadro.ru/hit?q;t40.10;r;s1600*1200*24;uhttps%3A//cash-back.leqshop.ru/;hCASH-BACK.BIZ.UA%20-%20%u041F%u0440%u043E%u0434%u0430%u0436%u0430%20%u0430%u043A%u043A%u0430%u0443%u043D%u0442%u043E%u0432%20%u043C%u0438%u043B%u0435%u0439%2C%20%u0430%u0432%u0438%u0430%2C%20%u043E%u0442%u0435%u043B%u0435%u0439%20%u0441%20%u0431%u0430%u043B%u0430%u043D%u0441%u043E%u043C.;0.09385061733786904
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Cache-control: no-cache
Connection: keep-alive
Content-Length: 32
Expires: Sat, 16 Apr 2022 21:00:00 GMT

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
cash-back.leqshop.ru/	1970-01-20 11:08:53	Name: PHPSESSID Value: nt8452steksuse7spnhl47037j
.dontpayfull.com/	1970-01-20 11:08:12	Name: __cf_bm Value: bIJlgDCnxT44n0lKp6x57kEoNzpLRcOmu9To8odXCmg-1681690520-0-AdwUnzcVfilkGOAogDNKLa7jtrbpu7+Gb3nUEXhjKmLjKkxZFuKHnP+TxAHTGAfMJn1IoEqWrFXuXRv3PAmHkuU=
.yadro.ru/	1970-01-20 19:53:34	Name: FTID Value: 1aF8-O0W1LeX1aF8-O0033wb
.yadro.ru/	1970-01-20 19:53:34	Name: VID Value: 1cxtmB08VO8X1aF8-O0033xD
.prnewswire.com/	1970-01-20 11:08:12	Name: __cf_bm Value: fyh7V_eVuABo4sWVkKByfQH2wAV6CktuiUC0bBQwevc-1681690520-0-ARG7VcfISVmUg45mvEZPrl5yNaNx40wSM0rVOLtv4JVx1gbJlaQ7spCeXAdaeNhLM1eFY72mAcos4yTEb4voVG8=
images.hertz.com/	1970-01-20 11:08:12	Name: DC-Cookie Value: PROD2

10 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://cash-back.leqshop.ru/ Message: Mixed Content: The page at 'https://cash-back.leqshop.ru/' was loaded over HTTPS, but requested an insecure element 'http://photos.prnewswire.com/prnfull/20150615/748217'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://cash-back.leqshop.ru/ Message: Mixed Content: The page at 'https://cash-back.leqshop.ru/' was loaded over HTTPS, but requested an insecure element 'http://photos.prnewswire.com/prnfull/20150615/748217'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://cash-back.leqshop.ru/ Message: Mixed Content: The page at 'https://cash-back.leqshop.ru/' was loaded over HTTPS, but requested an insecure element 'http://photos.prnewswire.com/prnfull/20150615/748217'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://cash-back.leqshop.ru/ Message: Mixed Content: The page at 'https://cash-back.leqshop.ru/' was loaded over HTTPS, but requested an insecure element 'http://photos.prnewswire.com/prnfull/20150615/748217'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://cash-back.leqshop.ru/(Line 911) Message: Mixed Content: The page at 'https://cash-back.leqshop.ru/' was loaded over HTTPS, but requested an insecure element 'http://photos.prnewswire.com/prnfull/20150615/748217'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://cash-back.leqshop.ru/(Line 911) Message: Mixed Content: The page at 'https://cash-back.leqshop.ru/' was loaded over HTTPS, but requested an insecure element 'http://photos.prnewswire.com/prnfull/20150615/748217'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://cash-back.leqshop.ru/(Line 911) Message: Mixed Content: The page at 'https://cash-back.leqshop.ru/' was loaded over HTTPS, but requested an insecure element 'http://photos.prnewswire.com/prnfull/20150615/748217'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://cash-back.leqshop.ru/(Line 911) Message: Mixed Content: The page at 'https://cash-back.leqshop.ru/' was loaded over HTTPS, but requested an insecure element 'http://photos.prnewswire.com/prnfull/20150615/748217'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network	error	URL: https://pbs.twimg.com/profile_images/1467867359201402895/69E-H2NU_400x400.jpg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://pbs.twimg.com/profile_images/841869892479528960/I4xDSQjc_400x400.jpg Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

banner2.cleanpng.com
beltel-av.ru
blog.alaskaair.com
blog.myvr.com
cash-back.leqshop.ru
cdn1.dontpayfull.com
companiesmarketcap.com
counter.yadro.ru
d1yjjnpx0p53s8.cloudfront.net
encrypted-tbn0.gstatic.com
i.ibb.co
images.hertz.com
img.favpng.com
img3.akspic.ru
is1-ssl.mzstatic.com
is2-ssl.mzstatic.com
is3-ssl.mzstatic.com
is4-ssl.mzstatic.com
is5-ssl.mzstatic.com
lh3.googleusercontent.com
logodix.com
media-cdn.tripadvisor.com
panorama.quicket.io
pbs.twimg.com
photos.prnewswire.com
pics.avs.io
play-lh.googleusercontent.com
prnewswire2-a.akamaihd.net
res.cloudinary.com
s3-symbol-logo.tradingview.com
seeklogo.com
static.rakuten.com
uniticket.ru
upload.wikimedia.org
www.aviatorcapital.com
www.businesslist.co.ke
www.capitalpride.org
www.heathrow.com
www.houstonhotels.org
www.iberia.com
www.jetblue.com
www.saskatchewan.ca
www.storefrontdirect.com
104.109.72.203
104.109.74.236
104.198.186.29
151.101.2.245
162.19.58.159
176.9.93.71
178.128.198.159
188.42.198.44
192.124.249.130
2.16.123.178
2.19.126.82
20.63.32.201
2600:9000:2057:d400:1f:2f70:3e80:93a1
2600:9000:236e:7c00:12:832a:da00:21
2606:4700:20::681a:5ba
2606:4700:20::681a:ef6
2606:4700:20::ac43:463c
2606:4700:20::ac43:48de
2606:4700:3033::ac43:a2b4
2606:4700:3038::6815:e9bf
2606:4700::6812:13d1
2606:4700::6812:8c7
2606:4700::6813:a641
2620:0:862:ed1a::2:b
2620:1ec:4f:1::45
2a00:1450:4001:801::2016
2a00:1450:4001:808::2001
2a00:1450:4001:82a::200e
2a02:26f0:480:4ac::2a1
2a04:4e42:8d::159
2a04:4e42::775
2a04:fa87:fffd::c000:4212
2a06:98c1:3121::3
35.197.92.201
45.15.159.67
45.60.33.5
64.202.124.102
87.236.16.8
88.212.202.52
039c955da6e65d35fc434dbbe769d4056f609b5a3fc59e2dbdee8b8f522b8fef
0607b7db0c9197507d86f2425fa0a8390d5d7bda30b24e2ca8a9dd824a5e1571
067278dcb7aab4d11f667f9cd7e003dcff8f18d9adb90de14eea47e520937e3d
0bb523be2b1ae8259942ae1c664177458ab584654833186a464952374ef57402
10f8477cebbcd664fc223a10538a4301eabfee3e3a052e5e62cb39b1e4546516
13a4613461dd6b07cd5b45f9566321f1acf05f7d2c341124421ed478cf8adb49
13d9a7e559c88c9da0009c529d8a1facc463374af58f7cf272d1e401c6dfa9bc
147cb79b8670d38950c3b49684159543275e5f06973a314311f23bb837d606c3
1dea112090376fd06beb4507358eb4fb0706fc503b96b40776cd2154e1cfa09c
1ebfb14de6a6be7a258826588275974efb02350c84065a102088435ac370841e
225cf2ca10f168a0db79541e0352bc4fab131417830e3c0ff9fba60af6eebc8f
275242be0f681c94055144b898d9c3a0942ff10e42d4d7c3e0895e0f6b68d652
2fcbed0967cf6bbcc2d5b9474a7dcedb22535d0345200c3ece411c850199a498
307c3ce831e2a667317e46c35411ecc3c472a0415c26aa5924112cb58f6a602b
30e69cf5c513bc12001722adbb61579d9f9663fcf23c2ff47b350c4074f92294
324b0783a50c21c9b2a105b39b7cd1767e8d44f288f08be5f6e2267d5ad83920
347b78a8ff559fc915c3d0f1c0b50cecca3a73f442dd14a4045ab1d66825b123
3569189eff0e1f9befcacae6e6ab47362b3a0494301d48aa6452b5f65c1498fa
3b458caea0053254b95f7314a3e6f9f715ef7521f2e2165303933b0a512c894f
440a11976da5177458416313b44ffb5765986e420528a035ab064975fe5b9587
459d3635aca3e34beef0bef0997fb6fc52e471c70869274f37c55ac7b41c2ba3
481a206b02c2e9b85b5bb385134d3a3da8c30e1e30b27cc30c923b603cf1266a
48d212102c9f0a1a640b60d42632e151256c73ba51c60af2d2e9cfb93dd402b4
5189467b2bee06f8dde043200946261eed5ae3c3936c5940cad1ab3a61b2341a
544bf75113ace61a8866b4ead1b1be87db7cb19e0592a80b0d286351b63e8cf4
5658eac3ae05e6d24ce1b0a830ffdd2b708c2938ac8bd8c0c622a1a18ea27a8d
57868bc6c869cba3456dfe70748fa0778618b6b8674d865eb313fccb06418b79
59cb2524f1a62c2e7cb36b97b1336cc454867636f28b3b30805b21a8698d4972
620996d855fb47d3afa34a670f93ac2c5fbbe44b2b42c99185c5bf82931f8fa9
6460a01661f0c50c07db5869c582893f85220c5cded31b0f34d7601c88c0abbe
64f2bedd87c1af7ca670b8a3dec3c878d25b3c9d43714b9b77cef16e2e488544
650b8b749bb69a447198b4c11865f5bbf4b9ac0dc511d32dc69229c2b2e25063
66921f6a635f19a25b286acee187571950d2d15e8e2bb7457f07f76301fc100b
66e3e67fdd47e8cc947ae4fefbf872b9127c72124a66c3676472750d536f7334
685b9588e16c3dfeff8dc8d5578000ad777574421d5186bcb3530ed80171e107
745542d56d2d35599ffd122931c6a9ad9e0ee1bf38895fc994fa2c8009548598
82021a5e27777576d5d79e1a6a9056008e7fd50cd48944abc843edd58545bed9
890eacbec1eeb44f57a265f5b8e8fd4dde6bd0891a3e891561c8b246226343ea
89fad5cca6479583bd0434bf41accb4f26f99bc75d171518828ff93a33891cd4
9b43c0531c6ea526c27091ccd2264690f0b408df7f174119655a40ae15eb422e
9b94f8528ee405f728affaf14b131383198995d7fd6ebc7414d305db5dd5abad
9c45550d81288968468140ffd6fc682496964d4adbadf6e4a6619a5b80f711de
9fbb2857cb373db3ae5595a012933ad382d2cce2dcf61c21df39a4063a3a9d85
a6175220d5f58c6e0e4434a08ab06681f9c04054a7c2138daac84150f709d745
a9558f9c8d97d0cee81975132a35336c33232adbc402f887877d5c08273ba7ca
adac7c5603608085855d95d4e2064f159f800e120de9b6b04570cbb6edc5a103
bb178d58a12e6179360e8cef71e48ad3208b6d4356bdcdcb77283b203e8c456f
bcf73cebae0f3398c07abe255f6ce614b097e5196e015c8e6192fd9ee2b282a0
bd219de81b9e13b00458a3661518f594d42b3b28aaf72812c138b34f596aadc4
c00928ae75f5c4591c12352e7e46b3e0a3d1c4c4704b51f5c622a895cbe91368
c09cd272ba8d1053361dd11bdb7107870b06323b71ec5beb1e1f4f94c2b082e7
c3763f680a7f6dc33afb01666ced34e8089a6d95c9b729df0a7b22602682684e
c601928bb1e1489369f302110cfea4896c4c1dc92fcc26eaba93726b1f147ccf
c69ffa5c039500da532f1f719f662aa811c8a86f6b75e24199a137cc1d20772c
cdb9b99bff55cf18058dde2b3665bef76c661bea74b187b2fea3b7ad95e418b2
cffef313845754a4af53c3a815035091961d87882807824219c0ab789f96c545
d3ceecd971b4b1fb5af44452de41b560942cdd02f35b9102e3ab9a41a9f5b9cc
d48b0a8c53ca014c645bc4871778bc2e01c1e4575b2a47dba742e542058d8948
dcde19dab54117ea21eeac3db17961985e21dc0e46eae0b8993fbdf2e36ac86a
e000ac4d306ff9bbd94b59cd9176f74b4e8b59a4fb7015f5b663bcf2052df79f
e14e3e1be07dbe4fedd64cf6e48cd84e813a91973ec05b175246155d07789226
e29c7ce177541dd5add30d1ef1fac8ded131e4215efc512652c0a05fa56af745
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8e1655ff89e42613e20aea91c8c09d8f1413ad0b72e5d745b5fbc1283de4f0a
ead12d8a15725e1268cd595a067a5081b434ad391931f250c7c132315555f0d5
ebb853c724eda22d4ff2f8e52ebc2a3255a0de44be73614860d6df6ccc843d15
f419ec4bb62fd1d8ee0defba740fd28b8efd50136936b9c76235bc23f1214943
fe080af41e7d6308756763e0f2946f350d4c7d040d3a7fa02b44ad8c5484ad2e

cash-back.leqshop.ru Open in urlscan Pro 45.15.159.67 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

69 Requests

97 %HTTPS

54 %IPv6

38 Domains

43 Subdomains

38 IPs

8 Countries

3580 kBTransfer

3545 kBSize

6 Cookies

2 Outgoing links

Page URL History

Redirected requests

69 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

cash-back.leqshop.ru Open in urlscan Pro
45.15.159.67 Public Scan

Screenshot
Live screenshot

Full Image

69
Requests

97 %
HTTPS

54 %
IPv6

38
Domains

43
Subdomains

38
IPs

8
Countries

3580 kB
Transfer

3545 kB
Size

6
Cookies

69 HTTP transactions
0 data transactions