Submitted URL: https://trck-ayu.sylvaingrave.com/ga/click/2-104417455-4972-161968-296735-198358-110fdc006d-9d3776b0d5
Effective URL: https://ppc.kopiherba.com/ac?st=ZH9wlG5kbWKclYGlwZpnaIF_YKCDomZraKZgY34/trisha.thomas%40nationwide.co.uk
Submission: On April 27 via manual from GB

Summary

This website contacted 5 IPs in 2 countries across 6 domains to perform 25 HTTP transactions. The main IP is 2606:4700:3035::6812:231f, located in United States and belongs to CLOUDFLARENET, US. The main domain is ppc.kopiherba.com.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on November 16th 2019. Valid for: a year.
This is the only time ppc.kopiherba.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
19 2606:4700:303... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
25 5
Domain Requested by
19 ppc.kopiherba.com ppc.kopiherba.com
3 fonts.gstatic.com ppc.kopiherba.com
1 fonts.googleapis.com ppc.kopiherba.com
1 cdn.by.wonderpush.com ppc.kopiherba.com
1 cdnjs.cloudflare.com ppc.kopiherba.com
1 trck-ayu.sylvaingrave.com 1 redirects
25 6

This site contains links to these domains. Also see Links.

Domain
mtp.capitalrtv.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2
2019-11-16 -
2020-10-09
a year crt.sh
cloudflare.com
CloudFlare Inc ECC CA-2
2020-01-07 -
2020-10-09
9 months crt.sh
*.by.wonderpush.com
Gandi Standard SSL CA 2
2019-05-27 -
2020-06-21
a year crt.sh
upload.video.google.com
GTS CA 1O1
2020-04-07 -
2020-06-30
3 months crt.sh
*.gstatic.com
GTS CA 1O1
2020-04-07 -
2020-06-30
3 months crt.sh

This page contains 1 frames:

Primary Page: https://ppc.kopiherba.com/ac?st=ZH9wlG5kbWKclYGlwZpnaIF_YKCDomZraKZgY34/trisha.thomas%40nationwide.co.uk
Frame ID: CA389C55B0D1C34DB8F26517103AFAFA
Requests: 25 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. https://trck-ayu.sylvaingrave.com/ga/click/2-104417455-4972-161968-296735-198358-110fdc006d-9d3776b0d5 HTTP 302
    https://ppc.kopiherba.com/ac?st=ZH9wlG5kbWKclYGlwZpnaIF_YKCDomZraKZgY34/trisha.thomas%40nationwide.co.uk Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i

Overall confidence: 100%
Detected patterns
  • html /<link [^>]+(?:\/([\d.]+)\/)?animate\.(?:min\.)?css/i

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i

Page Statistics

25
Requests

100 %
HTTPS

100 %
IPv6

6
Domains

6
Subdomains

5
IPs

2
Countries

649 kB
Transfer

972 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://trck-ayu.sylvaingrave.com/ga/click/2-104417455-4972-161968-296735-198358-110fdc006d-9d3776b0d5 HTTP 302
    https://ppc.kopiherba.com/ac?st=ZH9wlG5kbWKclYGlwZpnaIF_YKCDomZraKZgY34/trisha.thomas%40nationwide.co.uk Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

25 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request ac
ppc.kopiherba.com/
Redirect Chain
  • https://trck-ayu.sylvaingrave.com/ga/click/2-104417455-4972-161968-296735-198358-110fdc006d-9d3776b0d5
  • https://ppc.kopiherba.com/ac?st=ZH9wlG5kbWKclYGlwZpnaIF_YKCDomZraKZgY34/trisha.thomas%40nationwide.co.uk
21 KB
6 KB
Document
General
Full URL
https://ppc.kopiherba.com/ac?st=ZH9wlG5kbWKclYGlwZpnaIF_YKCDomZraKZgY34/trisha.thomas%40nationwide.co.uk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6812:231f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.2.1
Resource Hash
18b0ccb7e6cbf294396f88d2c0d26d086277b8564d866124a14cb9455a1b4af4

Request headers

:method
GET
:authority
ppc.kopiherba.com
:scheme
https
:path
/ac?st=ZH9wlG5kbWKclYGlwZpnaIF_YKCDomZraKZgY34/trisha.thomas%40nationwide.co.uk
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Mon, 27 Apr 2020 06:56:32 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=d661aad4fe18888f8ab193a3fdc5a06e01587970591; expires=Wed, 27-May-20 06:56:31 GMT; path=/; domain=.kopiherba.com; HttpOnly; SameSite=Lax; Secure
x-powered-by
PHP/7.2.1
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
58a6a4e5bfb016f2-FRA
content-encoding
br
cf-request-id
025c056391000016f274b4e200000001

Redirect headers

status
302 302 Found
date
Mon, 27 Apr 2020 06:56:31 GMT
content-type
text/html; charset=utf-8
set-cookie
__cfduid=d820c09d01b180dbe75fe779e255241661587970590; expires=Wed, 27-May-20 06:56:30 GMT; path=/; domain=.sylvaingrave.com; HttpOnly; SameSite=Lax; Secure
x-request-id
d5ec45010c33bf77824cafda6775e99f
x-rack-cache
miss
cache-control
no-cache, no-store, max-age=0, must-revalidate
x-ua-compatible
IE=Edge,chrome=1
x-runtime
0.038024
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
x-powered-by
Phusion Passenger 5.1.2
location
https://ppc.kopiherba.com/ac?st=ZH9wlG5kbWKclYGlwZpnaIF_YKCDomZraKZgY34/trisha.thomas%40nationwide.co.uk
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
58a6a4e159451f15-FRA
cf-request-id
025c0560d200001f156e112200000001
font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.5.0/css/
27 KB
6 KB
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.5.0/css/font-awesome.min.css
Requested by
Host: ppc.kopiherba.com
URL: https://ppc.kopiherba.com/ac?st=ZH9wlG5kbWKclYGlwZpnaIF_YKCDomZraKZgY34/trisha.thomas%40nationwide.co.uk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:84e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
https://ppc.kopiherba.com/ac?st=ZH9wlG5kbWKclYGlwZpnaIF_YKCDomZraKZgY34/trisha.thomas%40nationwide.co.uk
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 27 Apr 2020 06:56:32 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
6916043
status
200
alt-svc
h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
cf-request-id
025c05663400000625c219c200000001
served-in-seconds
0.001
timing-allow-origin
*
last-modified
Thu, 17 May 2018 09:19:12 GMT
server
cloudflare
etag
W/"5afd4910-6b4a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000; includeSubDomains
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=30672000
cf-ray
58a6a4e9e8eb0625-FRA
expires
Sat, 17 Apr 2021 06:56:32 GMT
bootstrap.min.css
ppc.kopiherba.com/allcustomfiles/NO-Jysk-2020/
118 KB
18 KB
Stylesheet
General
Full URL
https://ppc.kopiherba.com/allcustomfiles/NO-Jysk-2020/bootstrap.min.css
Requested by
Host: ppc.kopiherba.com
URL: https://ppc.kopiherba.com/ac?st=ZH9wlG5kbWKclYGlwZpnaIF_YKCDomZraKZgY34/trisha.thomas%40nationwide.co.uk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6812:231f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c

Request headers

Referer
https://ppc.kopiherba.com/ac?st=ZH9wlG5kbWKclYGlwZpnaIF_YKCDomZraKZgY34/trisha.thomas%40nationwide.co.uk
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 27 Apr 2020 06:56:32 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Fri, 24 Jan 2020 11:33:22 GMT
server
cloudflare
etag
W/"1d970-59ce1200c5d27"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=14400
cf-ray
58a6a4e9e9b616f2-FRA
cf-request-id
025c056634000016f274b77200000001
animate.css
ppc.kopiherba.com/allcustomfiles/NO-Jysk-2020/
56 KB
4 KB
Stylesheet
General
Full URL
https://ppc.kopiherba.com/allcustomfiles/NO-Jysk-2020/animate.css
Requested by
Host: ppc.kopiherba.com
URL: https://ppc.kopiherba.com/ac?st=ZH9wlG5kbWKclYGlwZpnaIF_YKCDomZraKZgY34/trisha.thomas%40nationwide.co.uk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6812:231f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
59a1460df6cb458204ec993345ff4964fa7e1a77da4ab7137e50fce8434c1d6a

Request headers

Referer
https://ppc.kopiherba.com/ac?st=ZH9wlG5kbWKclYGlwZpnaIF_YKCDomZraKZgY34/trisha.thomas%40nationwide.co.uk
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 27 Apr 2020 06:56:33 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Fri, 24 Jan 2020 11:33:22 GMT
server
cloudflare
etag
W/"df07-59ce1200b576f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=14400
cf-ray
58a6a4e9e9b716f2-FRA
cf-request-id
025c056634000016f274b78200000001
custome.css
ppc.kopiherba.com/allcustomfiles/NO-Jysk-2020/
40 KB
8 KB
Stylesheet
General
Full URL
https://ppc.kopiherba.com/allcustomfiles/NO-Jysk-2020/custome.css
Requested by
Host: ppc.kopiherba.com
URL: https://ppc.kopiherba.com/ac?st=ZH9wlG5kbWKclYGlwZpnaIF_YKCDomZraKZgY34/trisha.thomas%40nationwide.co.uk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6812:231f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7a8869c4b3bef13db68b59abf2be392dfda5c40e0112215ea5bfb49b4db5be2b

Request headers

Referer
https://ppc.kopiherba.com/ac?st=ZH9wlG5kbWKclYGlwZpnaIF_YKCDomZraKZgY34/trisha.thomas%40nationwide.co.uk
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 27 Apr 2020 06:56:32 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Thu, 23 Apr 2020 12:03:43 GMT
server
cloudflare
etag
W/"a134-5a3f40a4e13ee"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=14400
cf-ray
58a6a4e9e9b916f2-FRA
cf-request-id
025c056635000016f274b79200000001
wonderpush-loader.min.js
cdn.by.wonderpush.com/sdk/1.1/
887 B
1 KB
Script
General
Full URL
https://cdn.by.wonderpush.com/sdk/1.1/wonderpush-loader.min.js
Requested by
Host: ppc.kopiherba.com
URL: https://ppc.kopiherba.com/ac?st=ZH9wlG5kbWKclYGlwZpnaIF_YKCDomZraKZgY34/trisha.thomas%40nationwide.co.uk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:12b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e53be5e2978c46cd8becd13ba7e50752088003fcc04405400b9844d27f4ceeb

Request headers

Referer
https://ppc.kopiherba.com/ac?st=ZH9wlG5kbWKclYGlwZpnaIF_YKCDomZraKZgY34/trisha.thomas%40nationwide.co.uk
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 27 Apr 2020 06:56:32 GMT
content-encoding
gzip
cf-cache-status
HIT
age
81347
x-cache
Hit from cloudfront
status
200
access-control-max-age
86400
alt-svc
h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
content-length
497
cf-request-id
025c05665500001f418114b200000001
access-control-allow-origin
*
last-modified
Tue, 07 Apr 2020 08:20:14 GMT
server
cloudflare
etag
"a223b9e623506d76732d5f47b156c732ed6e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
HEAD, GET
content-type
application/javascript
via
1.1 78c402b74e65ae12b398b6b957ab229e.cloudfront.net (CloudFront)
cache-control
public,max-age=86400
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
cf-ray
58a6a4ea281e1f41-FRA
x-amz-cf-id
oQabZCrwooQP4ewiem1_wK6xUGwl4bBD25yWmIrCniN6SLIEPHr7eA==
elk-logo.png
ppc.kopiherba.com/allcustomfiles/NO-Jysk-2020/
7 KB
8 KB
Image
General
Full URL
https://ppc.kopiherba.com/allcustomfiles/NO-Jysk-2020/elk-logo.png
Requested by
Host: ppc.kopiherba.com
URL: https://ppc.kopiherba.com/ac?st=ZH9wlG5kbWKclYGlwZpnaIF_YKCDomZraKZgY34/trisha.thomas%40nationwide.co.uk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6812:231f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c11d52d5a63f6244af3bbd9f69bac36c582d1650a0dd58778644dcbd8d6091e

Request headers

Referer
https://ppc.kopiherba.com/ac?st=ZH9wlG5kbWKclYGlwZpnaIF_YKCDomZraKZgY34/trisha.thomas%40nationwide.co.uk
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 27 Apr 2020 06:56:32 GMT
cf-cache-status
MISS
last-modified
Thu, 23 Apr 2020 11:52:32 GMT
server
cloudflare
etag
"1ded-5a3f3e24ef12e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
58a6a4e9e9bb16f2-FRA
content-length
7661
cf-request-id
025c056635000016f274b7a200000001
sok.png
ppc.kopiherba.com/allcustomfiles/NO-Jysk-2020/
3 KB
3 KB
Image
General
Full URL
https://ppc.kopiherba.com/allcustomfiles/NO-Jysk-2020/sok.png
Requested by
Host: ppc.kopiherba.com
URL: https://ppc.kopiherba.com/ac?st=ZH9wlG5kbWKclYGlwZpnaIF_YKCDomZraKZgY34/trisha.thomas%40nationwide.co.uk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6812:231f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
00d379e036b6389441809a3d8ce4a9675acd415125552829e67624ff746f90b4

Request headers

Referer
https://ppc.kopiherba.com/ac?st=ZH9wlG5kbWKclYGlwZpnaIF_YKCDomZraKZgY34/trisha.thomas%40nationwide.co.uk
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 27 Apr 2020 06:56:32 GMT
cf-cache-status
MISS
last-modified
Fri, 24 Jan 2020 11:28:09 GMT
server
cloudflare
etag
"a30-59ce10d5e1387"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
58a6a4e9e9bc16f2-FRA
content-length
2608
cf-request-id
025c056635000016f274b7b200000001
icon.png
ppc.kopiherba.com/allcustomfiles/NO-Jysk-2020/
3 KB
3 KB
Image
General
Full URL
https://ppc.kopiherba.com/allcustomfiles/NO-Jysk-2020/icon.png
Requested by
Host: ppc.kopiherba.com
URL: https://ppc.kopiherba.com/ac?st=ZH9wlG5kbWKclYGlwZpnaIF_YKCDomZraKZgY34/trisha.thomas%40nationwide.co.uk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6812:231f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e9ef08c1068852dae25a8338dd9d7d27fcade082cec81186ee62334c8426f3dd

Request headers

Referer
https://ppc.kopiherba.com/ac?st=ZH9wlG5kbWKclYGlwZpnaIF_YKCDomZraKZgY34/trisha.thomas%40nationwide.co.uk
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 27 Apr 2020 06:56:33 GMT
cf-cache-status
REVALIDATED
last-modified
Fri, 24 Jan 2020 11:28:08 GMT
server
cloudflare
etag
"c48-59ce10d57d5df"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
58a6a4e9e9bd16f2-FRA
content-length
3144
cf-request-id
025c056635000016f274b7c200000001
ofefrssmall-bnsr.jpg
ppc.kopiherba.com/allcustomfiles/NO-Jysk-2020/
51 KB
51 KB
Image
General
Full URL
https://ppc.kopiherba.com/allcustomfiles/NO-Jysk-2020/ofefrssmall-bnsr.jpg
Requested by
Host: ppc.kopiherba.com
URL: https://ppc.kopiherba.com/ac?st=ZH9wlG5kbWKclYGlwZpnaIF_YKCDomZraKZgY34/trisha.thomas%40nationwide.co.uk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6812:231f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ac559b66bee160285bb012dc162a31af55195bb4668fa94ad07b5cf672de900

Request headers

Referer
https://ppc.kopiherba.com/ac?st=ZH9wlG5kbWKclYGlwZpnaIF_YKCDomZraKZgY34/trisha.thomas%40nationwide.co.uk
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 27 Apr 2020 06:56:32 GMT
cf-cache-status
MISS
last-modified
Fri, 24 Jan 2020 11:28:09 GMT
server
cloudflare
etag
"cc82-59ce10d5ae31f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
58a6a4e9e9be16f2-FRA
content-length
52354
cf-request-id
025c056635000016f274b7d200000001
3.gif
ppc.kopiherba.com/allcustomfiles/NO-Jysk-2020/
24 KB
24 KB
Image
General
Full URL
https://ppc.kopiherba.com/allcustomfiles/NO-Jysk-2020/3.gif
Requested by
Host: ppc.kopiherba.com
URL: https://ppc.kopiherba.com/ac?st=ZH9wlG5kbWKclYGlwZpnaIF_YKCDomZraKZgY34/trisha.thomas%40nationwide.co.uk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6812:231f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1d15c16299f844272e7ed80af216e1273440ce2136dccaeec6be011f1899e598

Request headers

Referer
https://ppc.kopiherba.com/ac?st=ZH9wlG5kbWKclYGlwZpnaIF_YKCDomZraKZgY34/trisha.thomas%40nationwide.co.uk
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 27 Apr 2020 06:56:32 GMT
cf-cache-status
MISS
last-modified
Thu, 23 Apr 2020 11:56:50 GMT
server
cloudflare
etag
"5fef-5a3f3f1a46ef6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
status
200
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
58a6a4e9e9c116f2-FRA
content-length
24559
cf-request-id
025c056635000016f274b7e200000001
gf.jpg
ppc.kopiherba.com/allcustomfiles/NO-Jysk-2020/
60 KB
60 KB
Image
General
Full URL
https://ppc.kopiherba.com/allcustomfiles/NO-Jysk-2020/gf.jpg
Requested by
Host: ppc.kopiherba.com
URL: https://ppc.kopiherba.com/ac?st=ZH9wlG5kbWKclYGlwZpnaIF_YKCDomZraKZgY34/trisha.thomas%40nationwide.co.uk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6812:231f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
10c70c79234413f93a4d90aeddf983b4709a2afaa786962bd98aceb088f8ed2e

Request headers

Referer
https://ppc.kopiherba.com/ac?st=ZH9wlG5kbWKclYGlwZpnaIF_YKCDomZraKZgY34/trisha.thomas%40nationwide.co.uk
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 27 Apr 2020 06:56:32 GMT
cf-cache-status
MISS
last-modified
Fri, 24 Jan 2020 11:28:08 GMT
server
cloudflare
etag
"efb0-59ce10d554987"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
58a6a4e9e9c416f2-FRA
content-length
61360
cf-request-id
025c056635000016f274b7f200000001
mac.png
ppc.kopiherba.com/allcustomfiles/NO-Jysk-2020/
84 KB
84 KB
Image
General
Full URL
https://ppc.kopiherba.com/allcustomfiles/NO-Jysk-2020/mac.png
Requested by
Host: ppc.kopiherba.com
URL: https://ppc.kopiherba.com/ac?st=ZH9wlG5kbWKclYGlwZpnaIF_YKCDomZraKZgY34/trisha.thomas%40nationwide.co.uk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6812:231f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
002f7743bd03f4156f3b047be192c2cccd75676d0fefc16ec0ca5010137ac309

Request headers

Referer
https://ppc.kopiherba.com/ac?st=ZH9wlG5kbWKclYGlwZpnaIF_YKCDomZraKZgY34/trisha.thomas%40nationwide.co.uk
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 27 Apr 2020 06:56:34 GMT
cf-cache-status
MISS
last-modified
Thu, 23 Apr 2020 11:52:33 GMT
server
cloudflare
etag
"14f51-5a3f3e254f056"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
58a6a4ea2a2816f2-FRA
content-length
85841
cf-request-id
025c056654000016f274b84200000001
hp.png
ppc.kopiherba.com/allcustomfiles/NO-Jysk-2020/
75 KB
75 KB
Image
General
Full URL
https://ppc.kopiherba.com/allcustomfiles/NO-Jysk-2020/hp.png
Requested by
Host: ppc.kopiherba.com
URL: https://ppc.kopiherba.com/ac?st=ZH9wlG5kbWKclYGlwZpnaIF_YKCDomZraKZgY34/trisha.thomas%40nationwide.co.uk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6812:231f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ab5e7513188c3b152325b17b6114b620eb6fb87612ec80f2ecb6b9c28e2cd8d5

Request headers

Referer
https://ppc.kopiherba.com/ac?st=ZH9wlG5kbWKclYGlwZpnaIF_YKCDomZraKZgY34/trisha.thomas%40nationwide.co.uk
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 27 Apr 2020 06:56:35 GMT
cf-cache-status
MISS
last-modified
Thu, 23 Apr 2020 11:52:32 GMT
server
cloudflare
etag
"12d18-5a3f3e251e316"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
58a6a4ea2a2a16f2-FRA
content-length
77080
cf-request-id
025c056654000016f274b85200000001
juicer.png
ppc.kopiherba.com/allcustomfiles/NO-Jysk-2020/
67 KB
67 KB
Image
General
Full URL
https://ppc.kopiherba.com/allcustomfiles/NO-Jysk-2020/juicer.png
Requested by
Host: ppc.kopiherba.com
URL: https://ppc.kopiherba.com/ac?st=ZH9wlG5kbWKclYGlwZpnaIF_YKCDomZraKZgY34/trisha.thomas%40nationwide.co.uk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6812:231f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1fdc595287f112ed2b0ef608490111dfc1cd4c81c955cf7dae7ac58d256ee19

Request headers

Referer
https://ppc.kopiherba.com/ac?st=ZH9wlG5kbWKclYGlwZpnaIF_YKCDomZraKZgY34/trisha.thomas%40nationwide.co.uk
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 27 Apr 2020 06:56:34 GMT
cf-cache-status
MISS
last-modified
Thu, 23 Apr 2020 11:52:33 GMT
server
cloudflare
etag
"10c2f-5a3f3e2546b86"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
58a6a4ea2a2d16f2-FRA
content-length
68655
cf-request-id
025c056654000016f274b86200000001
socilas.jpg
ppc.kopiherba.com/allcustomfiles/NO-Jysk-2020/
23 KB
23 KB
Image
General
Full URL
https://ppc.kopiherba.com/allcustomfiles/NO-Jysk-2020/socilas.jpg
Requested by
Host: ppc.kopiherba.com
URL: https://ppc.kopiherba.com/ac?st=ZH9wlG5kbWKclYGlwZpnaIF_YKCDomZraKZgY34/trisha.thomas%40nationwide.co.uk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6812:231f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
da82de75ec4dff89ddd6538961135d06bb764e77f84ce2c6bf33a07e75a9670d

Request headers

Referer
https://ppc.kopiherba.com/ac?st=ZH9wlG5kbWKclYGlwZpnaIF_YKCDomZraKZgY34/trisha.thomas%40nationwide.co.uk
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 27 Apr 2020 06:56:35 GMT
cf-cache-status
MISS
last-modified
Fri, 24 Jan 2020 11:28:09 GMT
server
cloudflare
etag
"5b2f-59ce10d5d6f77"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
58a6a4ea2a2e16f2-FRA
content-length
23343
cf-request-id
025c056655000016f274b87200000001
ssl.png
ppc.kopiherba.com/allcustomfiles/NO-Jysk-2020/
9 KB
9 KB
Image
General
Full URL
https://ppc.kopiherba.com/allcustomfiles/NO-Jysk-2020/ssl.png
Requested by
Host: ppc.kopiherba.com
URL: https://ppc.kopiherba.com/ac?st=ZH9wlG5kbWKclYGlwZpnaIF_YKCDomZraKZgY34/trisha.thomas%40nationwide.co.uk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6812:231f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce9f158ef5c63efa824939374ca4636699c9cbd42959b8bf05ac7c7bb7275d48

Request headers

Referer
https://ppc.kopiherba.com/ac?st=ZH9wlG5kbWKclYGlwZpnaIF_YKCDomZraKZgY34/trisha.thomas%40nationwide.co.uk
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 27 Apr 2020 06:56:35 GMT
cf-cache-status
REVALIDATED
last-modified
Fri, 24 Jan 2020 11:28:09 GMT
server
cloudflare
etag
"2453-59ce10d5ef617"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
58a6a4ea2a3116f2-FRA
content-length
9299
cf-request-id
025c056655000016f274b89200000001
lgog.jpg
ppc.kopiherba.com/allcustomfiles/NO-Jysk-2020/
8 KB
8 KB
Image
General
Full URL
https://ppc.kopiherba.com/allcustomfiles/NO-Jysk-2020/lgog.jpg
Requested by
Host: ppc.kopiherba.com
URL: https://ppc.kopiherba.com/ac?st=ZH9wlG5kbWKclYGlwZpnaIF_YKCDomZraKZgY34/trisha.thomas%40nationwide.co.uk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6812:231f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3ce4c48f3e05c71192b06a234ac5985043e0e2044a5468a0eeda8641aa6f8e0d

Request headers

Referer
https://ppc.kopiherba.com/ac?st=ZH9wlG5kbWKclYGlwZpnaIF_YKCDomZraKZgY34/trisha.thomas%40nationwide.co.uk
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 27 Apr 2020 06:56:34 GMT
cf-cache-status
MISS
last-modified
Fri, 24 Jan 2020 11:28:09 GMT
server
cloudflare
etag
"20e9-59ce10d599ee7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
58a6a4ea2a3216f2-FRA
content-length
8425
cf-request-id
025c056655000016f274b8a200000001
jquery.min.js
ppc.kopiherba.com/allcustomfiles/NO-Jysk-2020/
85 KB
29 KB
Script
General
Full URL
https://ppc.kopiherba.com/allcustomfiles/NO-Jysk-2020/jquery.min.js
Requested by
Host: ppc.kopiherba.com
URL: https://ppc.kopiherba.com/ac?st=ZH9wlG5kbWKclYGlwZpnaIF_YKCDomZraKZgY34/trisha.thomas%40nationwide.co.uk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6812:231f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a28ccf8a7b50522bdeea0cd83cdeca221c18fc1f9df3ee6b3d3c48d599206855

Request headers

Referer
https://ppc.kopiherba.com/ac?st=ZH9wlG5kbWKclYGlwZpnaIF_YKCDomZraKZgY34/trisha.thomas%40nationwide.co.uk
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 27 Apr 2020 06:56:35 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Fri, 24 Jan 2020 11:33:22 GMT
server
cloudflare
etag
W/"1538e-59ce1200e456f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=14400
cf-ray
58a6a4ea2a2616f2-FRA
cf-request-id
025c056654000016f274b83200000001
bootstrap.min.js
ppc.kopiherba.com/allcustomfiles/NO-Jysk-2020/
36 KB
9 KB
Script
General
Full URL
https://ppc.kopiherba.com/allcustomfiles/NO-Jysk-2020/bootstrap.min.js
Requested by
Host: ppc.kopiherba.com
URL: https://ppc.kopiherba.com/ac?st=ZH9wlG5kbWKclYGlwZpnaIF_YKCDomZraKZgY34/trisha.thomas%40nationwide.co.uk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6812:231f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Request headers

Referer
https://ppc.kopiherba.com/ac?st=ZH9wlG5kbWKclYGlwZpnaIF_YKCDomZraKZgY34/trisha.thomas%40nationwide.co.uk
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 27 Apr 2020 06:56:34 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Fri, 24 Jan 2020 11:33:22 GMT
server
cloudflare
etag
W/"90b5-59ce1200da15f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=14400
cf-ray
58a6a4ea2a2f16f2-FRA
cf-request-id
025c056655000016f274b88200000001
css
fonts.googleapis.com/
24 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto:100,100i,300,300i,400,400i,500,500i,700,700i
Requested by
Host: ppc.kopiherba.com
URL: https://ppc.kopiherba.com/ac?st=ZH9wlG5kbWKclYGlwZpnaIF_YKCDomZraKZgY34/trisha.thomas%40nationwide.co.uk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
869cdf77c9817e1a40651708800da8acb0e17f4b2a7d1050b1ec37f54830a947
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://ppc.kopiherba.com/ac?st=ZH9wlG5kbWKclYGlwZpnaIF_YKCDomZraKZgY34/trisha.thomas%40nationwide.co.uk
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 27 Apr 2020 06:56:33 GMT
server
ESF
date
Mon, 27 Apr 2020 06:56:33 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 27 Apr 2020 06:56:33 GMT
bg.jpg
ppc.kopiherba.com/allcustomfiles/NO-Jysk-2020/
117 KB
117 KB
Image
General
Full URL
https://ppc.kopiherba.com/allcustomfiles/NO-Jysk-2020/bg.jpg
Requested by
Host: ppc.kopiherba.com
URL: https://ppc.kopiherba.com/ac?st=ZH9wlG5kbWKclYGlwZpnaIF_YKCDomZraKZgY34/trisha.thomas%40nationwide.co.uk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6812:231f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ac1aacb1d5f1e6ccc2f3913ab2db50b0555b8f66a61a90e0520c6f029443c87

Request headers

Referer
https://ppc.kopiherba.com/allcustomfiles/NO-Jysk-2020/custome.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 27 Apr 2020 06:56:35 GMT
cf-cache-status
REVALIDATED
last-modified
Fri, 24 Jan 2020 11:28:08 GMT
server
cloudflare
etag
"1d47f-59ce10d53613f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
58a6a4f23f1316f2-FRA
content-length
119935
cf-request-id
025c056b60000016f274be4200000001
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/
11 KB
11 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
Requested by
Host: ppc.kopiherba.com
URL: https://ppc.kopiherba.com/ac?st=ZH9wlG5kbWKclYGlwZpnaIF_YKCDomZraKZgY34/trisha.thomas%40nationwide.co.uk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Roboto:100,100i,300,300i,400,400i,500,500i,700,700i
Origin
https://ppc.kopiherba.com

Response headers

date
Wed, 01 Apr 2020 18:22:23 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:50 GMT
server
sffe
age
2205250
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
11016
x-xss-protection
0
expires
Thu, 01 Apr 2021 18:22:23 GMT
KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/
11 KB
11 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
Requested by
Host: ppc.kopiherba.com
URL: https://ppc.kopiherba.com/ac?st=ZH9wlG5kbWKclYGlwZpnaIF_YKCDomZraKZgY34/trisha.thomas%40nationwide.co.uk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Roboto:100,100i,300,300i,400,400i,500,500i,700,700i
Origin
https://ppc.kopiherba.com

Response headers

date
Sat, 04 Apr 2020 12:00:18 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:48 GMT
server
sffe
age
1968975
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
11056
x-xss-protection
0
expires
Sun, 04 Apr 2021 12:00:18 GMT
KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/
11 KB
11 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
Requested by
Host: ppc.kopiherba.com
URL: https://ppc.kopiherba.com/ac?st=ZH9wlG5kbWKclYGlwZpnaIF_YKCDomZraKZgY34/trisha.thomas%40nationwide.co.uk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Roboto:100,100i,300,300i,400,400i,500,500i,700,700i
Origin
https://ppc.kopiherba.com

Response headers

date
Fri, 17 Apr 2020 00:29:51 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:58 GMT
server
sffe
age
887202
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
11020
x-xss-protection
0
expires
Sat, 17 Apr 2021 00:29:51 GMT

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| WonderPush function| chkvali function| partstep function| toSimpleJson function| $ function| jQuery object| d number| minutes string| hours string| ampm object| months object| days undefined| o undefined| two undefined| three undefined| four undefined| five function| startTimer number| srt

1 Cookies

Domain/Path Name / Value
.kopiherba.com/ Name: __cfduid
Value: d661aad4fe18888f8ab193a3fdc5a06e01587970591

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.by.wonderpush.com
cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
ppc.kopiherba.com
trck-ayu.sylvaingrave.com
2606:4700:3035::6812:231f
2606:4700:3036::6812:2a92
2606:4700::6810:84e5
2606:4700::6812:12b7
2a00:1450:4001:815::200a
2a00:1450:4001:820::2003
002f7743bd03f4156f3b047be192c2cccd75676d0fefc16ec0ca5010137ac309
00d379e036b6389441809a3d8ce4a9675acd415125552829e67624ff746f90b4
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
10c70c79234413f93a4d90aeddf983b4709a2afaa786962bd98aceb088f8ed2e
18b0ccb7e6cbf294396f88d2c0d26d086277b8564d866124a14cb9455a1b4af4
1d15c16299f844272e7ed80af216e1273440ce2136dccaeec6be011f1899e598
2ac559b66bee160285bb012dc162a31af55195bb4668fa94ad07b5cf672de900
2c11d52d5a63f6244af3bbd9f69bac36c582d1650a0dd58778644dcbd8d6091e
3ce4c48f3e05c71192b06a234ac5985043e0e2044a5468a0eeda8641aa6f8e0d
4e53be5e2978c46cd8becd13ba7e50752088003fcc04405400b9844d27f4ceeb
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
59a1460df6cb458204ec993345ff4964fa7e1a77da4ab7137e50fce8434c1d6a
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
7a8869c4b3bef13db68b59abf2be392dfda5c40e0112215ea5bfb49b4db5be2b
869cdf77c9817e1a40651708800da8acb0e17f4b2a7d1050b1ec37f54830a947
9ac1aacb1d5f1e6ccc2f3913ab2db50b0555b8f66a61a90e0520c6f029443c87
a28ccf8a7b50522bdeea0cd83cdeca221c18fc1f9df3ee6b3d3c48d599206855
ab5e7513188c3b152325b17b6114b620eb6fb87612ec80f2ecb6b9c28e2cd8d5
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
ce9f158ef5c63efa824939374ca4636699c9cbd42959b8bf05ac7c7bb7275d48
da82de75ec4dff89ddd6538961135d06bb764e77f84ce2c6bf33a07e75a9670d
ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5
e9ef08c1068852dae25a8338dd9d7d27fcade082cec81186ee62334c8426f3dd
f1fdc595287f112ed2b0ef608490111dfc1cd4c81c955cf7dae7ac58d256ee19
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c