cash-back.leqshop.ru Open in urlscan Pro
45.15.159.67  Public Scan

3 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 31

• https://photos.prnewswire.com/prnfull/20150615/748217 HTTP 302
• https://prnewswire2-a.akamaihd.net/p/1893751/sp/189375100/thumbnail/entry_id/0_llqzoyzy/def_height/2700/def_width/2700/version/100012/type/1

Request Chain 62

• https://counter.yadro.ru/hit?t40.10;r;s1600*1200*24;uhttps%3A//cash-back.leqshop.ru/;hCASH-BACK.BIZ.UA%20-%20%u041F%u0440%u043E%u0434%u0430%u0436%u0430%20%u0430%u043A%u043A%u0430%u0443%u043D%u0442%u043E%u0432%20%u043C%u0438%u043B%u0435%u0439%2C%20%u0430%u0432%u0438%u0430%2C%20%u043E%u0442%u0435%u043B%u0435%u0439%20%u0441%20%u0431%u0430%u043B%u0430%u043D%u0441%u043E%u043C.;0.0861990724555326 HTTP 302
• https://counter.yadro.ru/hit?q;t40.10;r;s1600*1200*24;uhttps%3A//cash-back.leqshop.ru/;hCASH-BACK.BIZ.UA%20-%20%u041F%u0440%u043E%u0434%u0430%u0436%u0430%20%u0430%u043A%u043A%u0430%u0443%u043D%u0442%u043E%u0432%20%u043C%u0438%u043B%u0435%u0439%2C%20%u0430%u0432%u0438%u0430%2C%20%u043E%u0442%u0435%u043B%u0435%u0439%20%u0441%20%u0431%u0430%u043B%u0430%u043D%u0441%u043E%u043C.;0.0861990724555326

Request Chain 65

• https://mc.yandex.com/sync_cookie_image_check HTTP 302
• https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10299.rTKGljbKQ7taFscFgLxb5zoj2EhmWjuCJFkBv2u3IGgbuf8zshVyAOJC8RIVbkEX.VFu2y6qm4Zrd5kwFzFfMUkiw334%2C HTTP 302
• https://mc.yandex.com/sync_cookie_image_decide?token=10299.71EQZgczdeQpjdopT_uSoSKAH8GZCDp-ZjvsX_0sd1hzGk7CkVYTcIxw76xKU2cXvz7TOU0aAW7A-e7kZ46G0lU19Ceg2QrgSwNzeqIcfDmcQ31NW50j-tSBRIIxwWr2rmh5_Zo3j88SkVAiU-KF2MiJ77wlLHrplzC95iz8pxUe0JTJ9VUvflkV74yM6JgSdMIscKgloed17YV2IoZ0lNybAGAavNxj782DCm6WdX4%2C.ghWtebhE96Fq0ffqI_bnkcv1EWY%2C HTTP 302
• https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10299.JOWuX9wbkxe8qSWeYPzqSdAKR_ZsSg6cq6UeW8xLF03qQ1tSIyAIPrSPUKOb_mc7FvMRLTxQJpe5JHIGFVdqlhOLvhsfDAdvKti8PoRpzycL7G_gihh9msuFLDMPXqTVa3X8dXPA0QgnsXmblCc4T_02Mz4k2TUpR1HrgDOAjKAdq2WLnp6PF_X4-ZhPYJNO8KnhPpll-vCtBAZ9xUHBlg%2C%2C.lF3rFPzolEEZEFwO01fPV3JlLy8%2C

Request Chain 67

• https://mc.yandex.com/watch/93483812?wmode=7&page-url=https%3A%2F%2Fcash-back.leqshop.ru%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Aqfujqr3nyxpmy96xs6n0cesb%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1261%3Acn%3A1%3Adp%3A0%3Als%3A43581231067%3Ahid%3A581530157%3Az%3A60%3Ai%3A20240305102104%3Aet%3A1709630465%3Ac%3A1%3Arn%3A440524147%3Arqn%3A1%3Au%3A1709630465255871425%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A860%3Awv%3A2%3Ads%3A0%2C70%2C124%2C146%2C%2C0%2C%2C390%2C2%2C%2C%2C%2C847%3Aco%3A0%3Acpf%3A1%3Ans%3A1709630462637%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1709630465%3At%3ACASH-BACK.BIZ.UA%20-%20%D0%9F%D1%80%D0%BE%D0%B4%D0%B0%D0%B6%D0%B0%20%D0%B0%D0%BA%D0%BA%D0%B0%D1%83%D0%BD%D1%82%D0%BE%D0%B2%20%D0%BC%D0%B8%D0%BB%D0%B5%D0%B9%2C%20%D0%B0%D0%B2%D0%B8%D0%B0%2C%20%D0%BE%D1%82%D0%B5%D0%BB%D0%B5%D0%B9%20%D1%81%20%D0%B1%D0%B0%D0%BB%D0%B0%D0%BD%D1%81%D0%BE%D0%BC.&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rcm(1)cdl(na)ti(1) HTTP 302
• https://mc.yandex.com/watch/93483812/1?wmode=7&page-url=https%3A%2F%2Fcash-back.leqshop.ru%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Aqfujqr3nyxpmy96xs6n0cesb%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1261%3Acn%3A1%3Adp%3A0%3Als%3A43581231067%3Ahid%3A581530157%3Az%3A60%3Ai%3A20240305102104%3Aet%3A1709630465%3Ac%3A1%3Arn%3A440524147%3Arqn%3A1%3Au%3A1709630465255871425%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A860%3Awv%3A2%3Ads%3A0%2C70%2C124%2C146%2C%2C0%2C%2C390%2C2%2C%2C%2C%2C847%3Aco%3A0%3Acpf%3A1%3Ans%3A1709630462637%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1709630465%3At%3ACASH-BACK.BIZ.UA%20-%20%D0%9F%D1%80%D0%BE%D0%B4%D0%B0%D0%B6%D0%B0%20%D0%B0%D0%BA%D0%BA%D0%B0%D1%83%D0%BD%D1%82%D0%BE%D0%B2%20%D0%BC%D0%B8%D0%BB%D0%B5%D0%B9%2C%20%D0%B0%D0%B2%D0%B8%D0%B0%2C%20%D0%BE%D1%82%D0%B5%D0%BB%D0%B5%D0%B9%20%D1%81%20%D0%B1%D0%B0%D0%BB%D0%B0%D0%BD%D1%81%D0%BE%D0%BC.&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29ti%281%29

69 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response cash-back.leqshop.ru/	82 KB 82 KB	310ms 123ms	Document text/html	45.15.159.67 AEZA-AS
General Check archive.org Show headers Download Go to Full URL https://cash-back.leqshop.ru/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 45.15.159.67 Amsterdam, Netherlands, ASN210644 (AEZA-AS, GB), Reverse DNS protect.shop.sn Software nginx/1.20.1 / PHP/7.1.33 Resource Hash a6d14fbae5ce949c31d1b8419d01f5bb87e55b4ce06ce2cebf93be543371276c Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers cache-control no-store, no-cache, must-revalidate content-type text/html; charset=UTF-8 date Tue, 05 Mar 2024 09:21:02 GMT expires Thu, 19 Nov 1981 08:52:00 GMT pragma no-cache server nginx/1.20.1 x-powered-by PHP/7.1.33
GET H2	200	bootstrap.css cash-back.leqshop.ru/assets/LastKey/css/	123 KB 124 KB	104ms 102ms	Stylesheet text/css	45.15.159.67 AEZA-AS
General Check archive.org Show headers Download Go to Full URL https://cash-back.leqshop.ru/assets/LastKey/css/bootstrap.css Requested by Host: cash-back.leqshop.ru URL: https://cash-back.leqshop.ru/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 45.15.159.67 Amsterdam, Netherlands, ASN210644 (AEZA-AS, GB), Reverse DNS protect.shop.sn Software nginx/1.20.1 / Resource Hash 620996d855fb47d3afa34a670f93ac2c5fbbe44b2b42c99185c5bf82931f8fa9 Request headers accept-language nl-NL,nl;q=0.9 Referer https://cash-back.leqshop.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers date Tue, 05 Mar 2024 09:21:02 GMT last-modified Fri, 04 Aug 2017 09:25:53 GMT server nginx/1.20.1 accept-ranges bytes etag "59843da1-1edc2" content-length 126402 content-type text/css
GET H2	200	leque.css cash-back.leqshop.ru/assets/LastKey/css/	1 KB 1 KB	67ms 66ms	Stylesheet text/css	45.15.159.67 AEZA-AS
General Check archive.org Show headers Download Go to Full URL https://cash-back.leqshop.ru/assets/LastKey/css/leque.css Requested by Host: cash-back.leqshop.ru URL: https://cash-back.leqshop.ru/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 45.15.159.67 Amsterdam, Netherlands, ASN210644 (AEZA-AS, GB), Reverse DNS protect.shop.sn Software nginx/1.20.1 / Resource Hash 3569189eff0e1f9befcacae6e6ab47362b3a0494301d48aa6452b5f65c1498fa Request headers accept-language nl-NL,nl;q=0.9 Referer https://cash-back.leqshop.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers date Tue, 05 Mar 2024 09:21:02 GMT last-modified Thu, 03 Aug 2017 14:51:37 GMT server nginx/1.20.1 accept-ranges bytes etag "59833879-568" content-length 1384 content-type text/css
GET H2	200	leque-responsive.css cash-back.leqshop.ru/assets/LastKey/css/	858 B 992 B	66ms 65ms	Stylesheet text/css	45.15.159.67 AEZA-AS
General Check archive.org Show headers Download Go to Full URL https://cash-back.leqshop.ru/assets/LastKey/css/leque-responsive.css Requested by Host: cash-back.leqshop.ru URL: https://cash-back.leqshop.ru/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 45.15.159.67 Amsterdam, Netherlands, ASN210644 (AEZA-AS, GB), Reverse DNS protect.shop.sn Software nginx/1.20.1 / Resource Hash 48d212102c9f0a1a640b60d42632e151256c73ba51c60af2d2e9cfb93dd402b4 Request headers accept-language nl-NL,nl;q=0.9 Referer https://cash-back.leqshop.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers date Tue, 05 Mar 2024 09:21:02 GMT last-modified Fri, 04 Aug 2017 06:35:58 GMT server nginx/1.20.1 accept-ranges bytes etag "598415ce-35a" content-length 858 content-type text/css
GET H2	200	jq.js Show response cash-back.leqshop.ru/assets/LastKey/js/	278 KB 279 KB	142ms 141ms	Script application/javascript	45.15.159.67 AEZA-AS
General Check archive.org Show headers Download Go to Full URL https://cash-back.leqshop.ru/assets/LastKey/js/jq.js Requested by Host: cash-back.leqshop.ru URL: https://cash-back.leqshop.ru/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 45.15.159.67 Amsterdam, Netherlands, ASN210644 (AEZA-AS, GB), Reverse DNS protect.shop.sn Software nginx/1.20.1 / Resource Hash 275242be0f681c94055144b898d9c3a0942ff10e42d4d7c3e0895e0f6b68d652 Request headers accept-language nl-NL,nl;q=0.9 Referer https://cash-back.leqshop.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers date Tue, 05 Mar 2024 09:21:03 GMT last-modified Thu, 03 Aug 2017 14:51:37 GMT server nginx/1.20.1 accept-ranges bytes etag "59833879-457ab" content-length 284587 content-type application/javascript; charset=utf8
GET H2	200	jquery-ui.js Show response cash-back.leqshop.ru/assets/LastKey/js/	423 KB 423 KB	104ms 103ms	Script application/javascript	45.15.159.67 AEZA-AS
General Check archive.org Show headers Download Go to Full URL https://cash-back.leqshop.ru/assets/LastKey/js/jquery-ui.js Requested by Host: cash-back.leqshop.ru URL: https://cash-back.leqshop.ru/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 45.15.159.67 Amsterdam, Netherlands, ASN210644 (AEZA-AS, GB), Reverse DNS protect.shop.sn Software nginx/1.20.1 / Resource Hash 324b0783a50c21c9b2a105b39b7cd1767e8d44f288f08be5f6e2267d5ad83920 Request headers accept-language nl-NL,nl;q=0.9 Referer https://cash-back.leqshop.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers date Tue, 05 Mar 2024 09:21:03 GMT last-modified Thu, 03 Aug 2017 14:51:37 GMT server nginx/1.20.1 accept-ranges bytes etag "59833879-69a15" content-length 432661 content-type application/javascript; charset=utf8
GET H2	200	jquery.toastmessage.js Show response cash-back.leqshop.ru/assets/LastKey/js/	29 KB 29 KB	103ms 102ms	Script application/javascript	45.15.159.67 AEZA-AS
General Check archive.org Show headers Download Go to Full URL https://cash-back.leqshop.ru/assets/LastKey/js/jquery.toastmessage.js Requested by Host: cash-back.leqshop.ru URL: https://cash-back.leqshop.ru/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 45.15.159.67 Amsterdam, Netherlands, ASN210644 (AEZA-AS, GB), Reverse DNS protect.shop.sn Software nginx/1.20.1 / Resource Hash 89fad5cca6479583bd0434bf41accb4f26f99bc75d171518828ff93a33891cd4 Request headers accept-language nl-NL,nl;q=0.9 Referer https://cash-back.leqshop.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers date Tue, 05 Mar 2024 09:21:02 GMT last-modified Thu, 03 Aug 2017 14:51:37 GMT server nginx/1.20.1 accept-ranges bytes etag "59833879-7439" content-length 29753 content-type application/javascript; charset=utf8
GET H2	200	bootstrap.min.js Show response cash-back.leqshop.ru/assets/LastKey/js/	27 KB 27 KB	68ms 67ms	Script application/javascript	45.15.159.67 AEZA-AS
General Check archive.org Show headers Download Go to Full URL https://cash-back.leqshop.ru/assets/LastKey/js/bootstrap.min.js Requested by Host: cash-back.leqshop.ru URL: https://cash-back.leqshop.ru/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 45.15.159.67 Amsterdam, Netherlands, ASN210644 (AEZA-AS, GB), Reverse DNS protect.shop.sn Software nginx/1.20.1 / Resource Hash 685b9588e16c3dfeff8dc8d5578000ad777574421d5186bcb3530ed80171e107 Request headers accept-language nl-NL,nl;q=0.9 Referer https://cash-back.leqshop.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers date Tue, 05 Mar 2024 09:21:02 GMT last-modified Thu, 03 Aug 2017 14:51:37 GMT server nginx/1.20.1 accept-ranges bytes etag "59833879-6b23" content-length 27427 content-type application/javascript; charset=utf8
GET H2	200	style.css cash-back.leqshop.ru/assets/LastKey/css/	838 B 973 B	103ms 102ms	Stylesheet text/css	45.15.159.67 AEZA-AS
General Check archive.org Show headers Download Go to Full URL https://cash-back.leqshop.ru/assets/LastKey/css/style.css Requested by Host: cash-back.leqshop.ru URL: https://cash-back.leqshop.ru/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 45.15.159.67 Amsterdam, Netherlands, ASN210644 (AEZA-AS, GB), Reverse DNS protect.shop.sn Software nginx/1.20.1 / Resource Hash c601928bb1e1489369f302110cfea4896c4c1dc92fcc26eaba93726b1f147ccf Request headers accept-language nl-NL,nl;q=0.9 Referer https://cash-back.leqshop.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers date Tue, 05 Mar 2024 09:21:02 GMT last-modified Thu, 03 Aug 2017 14:51:37 GMT server nginx/1.20.1 accept-ranges bytes etag "59833879-346" content-length 838 content-type text/css
GET H2	200	jquery.toastmessage.css cash-back.leqshop.ru/assets/LastKey/css/	2 KB 2 KB	88ms 88ms	Stylesheet text/css	45.15.159.67 AEZA-AS
General Check archive.org Show headers Download Go to Full URL https://cash-back.leqshop.ru/assets/LastKey/css/jquery.toastmessage.css Requested by Host: cash-back.leqshop.ru URL: https://cash-back.leqshop.ru/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 45.15.159.67 Amsterdam, Netherlands, ASN210644 (AEZA-AS, GB), Reverse DNS protect.shop.sn Software nginx/1.20.1 / Resource Hash 067278dcb7aab4d11f667f9cd7e003dcff8f18d9adb90de14eea47e520937e3d Request headers accept-language nl-NL,nl;q=0.9 Referer https://cash-back.leqshop.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers date Tue, 05 Mar 2024 09:21:02 GMT last-modified Thu, 03 Aug 2017 14:51:37 GMT server nginx/1.20.1 accept-ranges bytes etag "59833879-923" content-length 2339 content-type text/css
GET H2	200	cash11.png i.ibb.co/F0hXsdK/	2 KB 2 KB	367ms 308ms	Image image/png	162.19.58.156 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://i.ibb.co/F0hXsdK/cash11.png Requested by Host: cash-back.leqshop.ru URL: https://cash-back.leqshop.ru/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 162.19.58.156 , France, ASN16276 (OVH, FR), Reverse DNS ns3096358.ip-162-19-58.eu Software nginx / Resource Hash 57868bc6c869cba3456dfe70748fa0778618b6b8674d865eb313fccb06418b79 Request headers accept-language nl-NL,nl;q=0.9 Referer https://cash-back.leqshop.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers date Tue, 05 Mar 2024 09:21:03 GMT last-modified Mon, 19 Sep 2022 17:25:21 GMT server nginx access-control-allow-methods GET, OPTIONS content-type image/png access-control-allow-origin * cache-control max-age=315360000, public accept-ranges bytes content-length 1795 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	RU.png cash-back.leqshop.ru/assets/img/	455 B 590 B	89ms 89ms	Image image/png	45.15.159.67 AEZA-AS
General Check archive.org Show headers Download Go to Show image Full URL https://cash-back.leqshop.ru/assets/img/RU.png Requested by Host: cash-back.leqshop.ru URL: https://cash-back.leqshop.ru/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 45.15.159.67 Amsterdam, Netherlands, ASN210644 (AEZA-AS, GB), Reverse DNS protect.shop.sn Software nginx/1.20.1 / Resource Hash 890eacbec1eeb44f57a265f5b8e8fd4dde6bd0891a3e891561c8b246226343ea Request headers accept-language nl-NL,nl;q=0.9 Referer https://cash-back.leqshop.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers date Tue, 05 Mar 2024 09:21:02 GMT last-modified Sun, 10 Nov 2019 01:18:41 GMT server nginx/1.20.1 accept-ranges bytes etag "5dc76571-1c7" content-length 455 content-type image/png
GET H2	200	EN.png cash-back.leqshop.ru/assets/img/	2 KB 3 KB	122ms 122ms	Image image/png	45.15.159.67 AEZA-AS
General Check archive.org Show headers Download Go to Show image Full URL https://cash-back.leqshop.ru/assets/img/EN.png Requested by Host: cash-back.leqshop.ru URL: https://cash-back.leqshop.ru/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 45.15.159.67 Amsterdam, Netherlands, ASN210644 (AEZA-AS, GB), Reverse DNS protect.shop.sn Software nginx/1.20.1 / Resource Hash 13d9a7e559c88c9da0009c529d8a1facc463374af58f7cf272d1e401c6dfa9bc Request headers accept-language nl-NL,nl;q=0.9 Referer https://cash-back.leqshop.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers date Tue, 05 Mar 2024 09:21:03 GMT last-modified Sun, 10 Nov 2019 01:18:47 GMT server nginx/1.20.1 accept-ranges bytes etag "5dc76577-97a" content-length 2426 content-type image/png
GET H2	200	wY1QpRpU4JK7n-R6T7PTDdeYwrZ3L1X1uE_5L3XiUoKp003u49WrECWUg7E39LjooA play-lh.googleusercontent.com/	22 KB 22 KB	105ms 39ms	Image image/png	2a00:1450:4001:813::2016 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://play-lh.googleusercontent.com/wY1QpRpU4JK7n-R6T7PTDdeYwrZ3L1X1uE_5L3XiUoKp003u49WrECWUg7E39LjooA Requested by Host: cash-back.leqshop.ru URL: https://cash-back.leqshop.ru/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software fife / Resource Hash 87e864ee752f47601bc4dfe12a6e334e193c01e168f7cf867947a5b2a2b5d3d4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://cash-back.leqshop.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers date Tue, 05 Mar 2024 09:21:03 GMT x-content-type-options nosniff age 0 content-disposition inline;filename="unnamed.png" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 22318 x-xss-protection 0 server fife etag "v1" vary Origin content-type image/png access-control-allow-origin * access-control-expose-headers Content-Length cache-control public, max-age=86400, no-transform timing-allow-origin * expires Wed, 06 Mar 2024 09:21:03 GMT
GET H2	200	KC.png uniticket.in/wp-content/uploads/airlines_64/	2 KB 2 KB	384ms 28ms	Image image/png	2606:4700:3035::ac43:d53b CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://uniticket.in/wp-content/uploads/airlines_64/KC.png Requested by Host: cash-back.leqshop.ru URL: https://cash-back.leqshop.ru/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::ac43:d53b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash bac4a0a05073a6300d2a1eedc56067765d226f8b8a88a496dc9b9a521d1e2f9d Request headers accept-language nl-NL,nl;q=0.9 Referer https://cash-back.leqshop.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers date Tue, 05 Mar 2024 09:21:03 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 166953 alt-svc h3=":443"; ma=86400 content-length 1775 last-modified Tue, 28 Jul 2020 15:16:25 GMT server cloudflare vary User-Agent, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tMieGhAaoq6X84b98QMI7l7l6AV0BZmcFPArEqVYKr2vWtSPgqaRaZdncrzmWaL4sPG81YJbZpABNeRwVmT578M7K8gR%2BZVao3PAbEx41XydAUg2VRFFxTeAfrVr5Nku8Er2JYMxoznrt30%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed accept-ranges bytes cf-ray 85f9089e5e6d06d4-AMS expires Sun, 10 Mar 2024 10:58:29 GMT
GET H2	200	1200px-Air_Miles_Program_Logo.svg.png upload.wikimedia.org/wikipedia/en/thumb/2/2e/Air_Miles_Program_Logo.svg/	206 KB 207 KB	334ms 33ms	Image image/png	2a02:ec80:300:ed1a::2:b WIKIMEDIA
General Check archive.org Show headers Download Go to Show image Full URL https://upload.wikimedia.org/wikipedia/en/thumb/2/2e/Air_Miles_Program_Logo.svg/1200px-Air_Miles_Program_Logo.svg.png Requested by Host: cash-back.leqshop.ru URL: https://cash-back.leqshop.ru/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:ec80:300:ed1a::2:b , United States, ASN14907 (WIKIMEDIA, US), Reverse DNS Software envoy / Resource Hash 307c3ce831e2a667317e46c35411ecc3c472a0415c26aa5924112cb58f6a602b Security Headers Name Value Strict-Transport-Security max-age=106384710; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language nl-NL,nl;q=0.9 Referer https://cash-back.leqshop.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers date Mon, 04 Mar 2024 14:46:49 GMT strict-transport-security max-age=106384710; includeSubDomains; preload x-content-type-options nosniff nel { "report_to": "wm_nel", "max_age": 604800, "failure_fraction": 0.05, "success_fraction": 0.0} age 66854 x-cache-status hit-local x-cache cp3077 hit, cp3077 miss content-disposition inline;filename*=UTF-8''Air_Miles_Program_Logo.svg.png server-timing cache;desc="hit-local", host;desc="cp3077" content-length 210760 x-client-ip 2a00:1630:2:602::3 last-modified Wed, 26 Jan 2022 04:33:01 GMT server envoy etag f1b8f065b0764547b2c2eaf084ddeaeb report-to { "group": "wm_nel", "max_age": 604800, "endpoints": [{ "url": "https://intake-logging.wikimedia.org/v1/events?stream=w3c.reportingapi.network_error&schema_uri=/w3c/reportingapi/network_error/1.0.0" }] } content-type image/png access-control-allow-origin * access-control-expose-headers Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache accept-ranges bytes timing-allow-origin *
GET H2	200	lRCYL1CC_400x400.jpg pbs.twimg.com/profile_images/724701839317291008/	13 KB 14 KB	299ms 17ms	Image image/jpeg	2606:2800:134:1a0d:1429:742:782:b6 EDGECAST
General Check archive.org Show headers Download Go to Show image Full URL https://pbs.twimg.com/profile_images/724701839317291008/lRCYL1CC_400x400.jpg Requested by Host: cash-back.leqshop.ru URL: https://cash-back.leqshop.ru/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECS (amb/6BB6) / Resource Hash dcde19dab54117ea21eeac3db17961985e21dc0e46eae0b8993fbdf2e36ac86a Security Headers Name Value Strict-Transport-Security max-age=631138519 X-Content-Type-Options nosniff Request headers accept-language nl-NL,nl;q=0.9 Referer https://cash-back.leqshop.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers date Tue, 05 Mar 2024 09:21:03 GMT strict-transport-security max-age=631138519 x-content-type-options nosniff age 313923 x-cache HIT server-timing x-cache;desc= HIT,x-tw-cdn;desc=VZ content-length 13745 x-response-time 121 surrogate-key profile_images profile_images/bucket/2 profile_images/724701839317291008 last-modified Mon, 25 Apr 2016 20:47:17 GMT server ECS (amb/6BB6) x-tw-cdn VZ content-type image/jpeg access-control-allow-origin * x-transaction-id 08704e901bc23a57 access-control-expose-headers Content-Length cache-control max-age=604800, must-revalidate perf 7469935968 x-connection-hash 14572feec5bdda9939136e0774a06e1d40e1ec56a863f9a31172b20fb2dd3c9f accept-ranges bytes timing-allow-origin https://twitter.com, https://mobile.twitter.com
GET H2	200	mypoints.com..jpg cdn1.dontpayfull.com/media/logos/size/300x300/	6 KB 6 KB	324ms 32ms	Image image/jpeg	2606:4700::6812:8c7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn1.dontpayfull.com/media/logos/size/300x300/mypoints.com..jpg Requested by Host: cash-back.leqshop.ru URL: https://cash-back.leqshop.ru/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:8c7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0607b7db0c9197507d86f2425fa0a8390d5d7bda30b24e2ca8a9dd824a5e1571 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Frame-Options sameorigin Request headers accept-language nl-NL,nl;q=0.9 Referer https://cash-back.leqshop.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers date Tue, 05 Mar 2024 09:21:03 GMT strict-transport-security max-age=31536000; includeSubDomains; preload cf-cache-status HIT age 1105704 alt-svc h3=":443"; ma=86400 content-length 5859 x-request-id 85f9089e7e8266b6-AMS cf-bgj h2pri server cloudflare etag "a7fc6f23b0ab5c14e29f2ca12af5267cb5852ad3" x-frame-options sameorigin access-control-allow-methods GET, POST, PUT, OPTIONS content-type image/jpeg access-control-allow-origin * cache-control public, max-age=2678400 vary Accept-Encoding accept-ranges bytes cf-ray 85f9089e7e8266b6-AMS access-control-allow-headers x-fancybox,x-requested-with expires Fri, 05 Apr 2024 09:21:03 GMT
GET H2	200	logo-accorhotels.jpg www.ipzen.com/app/uploads/2017/10/	13 KB 14 KB	307ms 25ms	Image image/jpeg	62.4.9.234 Online SAS
General Check archive.org Show headers Download Go to Show image Full URL https://www.ipzen.com/app/uploads/2017/10/logo-accorhotels.jpg Requested by Host: cash-back.leqshop.ru URL: https://cash-back.leqshop.ru/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 62.4.9.234 , France, ASN12876 (Online SAS, FR), Reverse DNS Software nginx / Resource Hash 4a020a9672866b7d63c977f352ecb64d3aa6167459b3d1ab4d11e0cf25d7b5fb Security Headers Name Value Content-Security-Policy frame-ancestors 'self' Strict-Transport-Security max-age=31536000; includeSubDomains; X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language nl-NL,nl;q=0.9 Referer https://cash-back.leqshop.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers date Tue, 05 Mar 2024 09:12:47 GMT strict-transport-security max-age=31536000; includeSubDomains; x-content-type-options nosniff content-security-policy frame-ancestors 'self' last-modified Sun, 24 Dec 2017 10:50:40 GMT server nginx etag "5a3f8680-3524" x-frame-options SAMEORIGIN content-type image/jpeg accept-ranges bytes content-length 13604 x-xss-protection 1; mode=block x-ua-compatible IE=Edge
GET H2	200	hiclubvacations.jpg media-cdn.tripadvisor.com/media/photo-s/01/a2/67/17/	17 KB 17 KB	305ms 24ms	Image image/jpeg	151.101.194.38 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://media-cdn.tripadvisor.com/media/photo-s/01/a2/67/17/hiclubvacations.jpg Requested by Host: cash-back.leqshop.ru URL: https://cash-back.leqshop.ru/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.194.38 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 82021a5e27777576d5d79e1a6a9056008e7fd50cd48944abc843edd58545bed9 Request headers accept-language nl-NL,nl;q=0.9 Referer https://cash-back.leqshop.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers date Tue, 05 Mar 2024 09:21:03 GMT via 1.1 varnish, 1.1 varnish x-media-cdn 482951130 age 491502 x-cache HIT, HIT content-length 17318 x-served-by cache-iad-kiad7000136-IAD, cache-ams21032-AMS last-modified Tue, 17 Dec 2013 06:51:18 GMT x-timer S1709630464.743224,VS0,VE2 etag "b741f6462b75c6910cb9b15459c12df5" x-media-cdn-cache-hits 0 content-type image/jpeg access-control-allow-origin * cache-control max-age=2592000 accept-ranges bytes x-media-cdn-cache PASS timing-allow-origin https://www.tripadvisor.com x-cache-hits 8, 1
GET H2	200	FZ.png pics.avs.io/al_square/256/256/	3 KB 4 KB	310ms 29ms	Image image/avif	2600:9000:223f:b400:c:33b4:9f00:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://pics.avs.io/al_square/256/256/FZ.png Requested by Host: cash-back.leqshop.ru URL: https://cash-back.leqshop.ru/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:223f:b400:c:33b4:9f00:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash cdb2ecdeaaa39650b5218884be5c1e0cfb271c54662ce8bf34f1cc0be192f726 Security Headers Name Value Content-Security-Policy script-src 'none' Request headers accept-language nl-NL,nl;q=0.9 Referer https://cash-back.leqshop.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers date Mon, 29 Jan 2024 13:55:11 GMT content-security-policy script-src 'none' via 1.1 edffe6978db53d114a80cda421e0b6b8.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P5 age 3093952 etag "xJAnHcus-pQASHjTN2MyZrCkAUDVSZUpUIHw6eVdbkk/RIjQ4YTg1ZWM5Y2ZmMzIwOThjYTQ0MzQ1MWQ3OWQ4ZmEzIg" vary Accept x-cache Hit from cloudfront content-type image/avif cache-control public,s-maxage=31536000,max-age=900 content-disposition inline; filename="FZ.avif" alt-svc h3=":443"; ma=86400 content-length 3341 x-amz-cf-id STOkVGeCahtulHULZU-4Hd-gIixXAvwDQkGERVHm9LQ5rlx_C7QGfw== x-request-id vJTrm22x7JuMd7SHZMCFZ
GET H2	403	668515002.jpg apprecs.org/ios/images/app-icons/256/ba/	0 0	904ms 624ms	Image application/xml	13.224.189.22 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://apprecs.org/ios/images/app-icons/256/ba/668515002.jpg Requested by Host: cash-back.leqshop.ru URL: https://cash-back.leqshop.ru/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.189.22 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-189-22.fra2.r.cloudfront.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language nl-NL,nl;q=0.9 Referer https://cash-back.leqshop.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers
GET H2	200	CIFT-SATIR-DIKEY-TIRE.jpg www.aviatorcapital.com/wp-content/uploads/2019/09/	40 KB 40 KB	1003ms 241ms	Image image/jpeg	104.198.186.29 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.aviatorcapital.com/wp-content/uploads/2019/09/CIFT-SATIR-DIKEY-TIRE.jpg Requested by Host: cash-back.leqshop.ru URL: https://cash-back.leqshop.ru/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.198.186.29 Council Bluffs, United States, ASN15169 (GOOGLE, US), Reverse DNS 29.186.198.104.bc.googleusercontent.com Software nginx / Resource Hash 5189467b2bee06f8dde043200946261eed5ae3c3936c5940cad1ab3a61b2341a Request headers accept-language nl-NL,nl;q=0.9 Referer https://cash-back.leqshop.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers date Tue, 05 Mar 2024 09:21:04 GMT last-modified Mon, 23 Sep 2019 12:01:49 GMT server nginx etag "5d88b42d-a0c7" vary Accept-Encoding content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes content-length 41159
GET H2	200	pxdPx5bpuyTzVlnpk2kThNehzD_e5aMyxb62SmUKQpA6ppn4YfidJ7gXETnxeqAalyA play-lh.googleusercontent.com/	88 KB 88 KB	50ms 44ms	Image image/png	2a00:1450:4001:813::2016 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://play-lh.googleusercontent.com/pxdPx5bpuyTzVlnpk2kThNehzD_e5aMyxb62SmUKQpA6ppn4YfidJ7gXETnxeqAalyA Requested by Host: cash-back.leqshop.ru URL: https://cash-back.leqshop.ru/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software fife / Resource Hash 66921f6a635f19a25b286acee187571950d2d15e8e2bb7457f07f76301fc100b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://cash-back.leqshop.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers date Tue, 05 Mar 2024 09:21:03 GMT x-content-type-options nosniff age 0 content-disposition inline;filename="unnamed.png" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 89977 x-xss-protection 0 server fife etag "v1" vary Origin content-type image/png access-control-allow-origin * access-control-expose-headers Content-Length cache-control public, max-age=86400, no-transform timing-allow-origin * expires Wed, 06 Mar 2024 09:21:03 GMT
GET H2	200	256x256bb.jpg is4-ssl.mzstatic.com/image/thumb/Purple124/v4/85/3b/ac/853bacc7-1334-3327-97de-33039fce6f99/source/	16 KB 17 KB	337ms 46ms	Image image/jpeg	2a02:26f0:7100:3a9::2a1 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://is4-ssl.mzstatic.com/image/thumb/Purple124/v4/85/3b/ac/853bacc7-1334-3327-97de-33039fce6f99/source/256x256bb.jpg Requested by Host: cash-back.leqshop.ru URL: https://cash-back.leqshop.ru/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:7100:3a9::2a1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software 4.0.0 / Resource Hash d56a5c2f3efa3be0b7778eba688df32f780bb3cda8128c48cdd08606b453269f Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language nl-NL,nl;q=0.9 Referer https://cash-back.leqshop.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers x-apple-jingle-correlation-key RFRF3XPCZV3CVNJQWEVG3OKYD4 strict-transport-security max-age=31536000; includeSubDomains date Tue, 05 Mar 2024 09:21:03 GMT x-b3-traceid 2a4e67bcb7181143 x-daiquiri-instance daiquiri:43624002:st44p00it-hyhk15014701:7987:24RELEASE17:daiquiri-amp-processing-shared-int-001-st, daiquiri:41338002:st47p00it-qujn13041702:7987:24RELEASE17:daiquiri-amp-all-l7shared-int-001-st cdnuuid 22295277-b071-4bf6-8053-49b9b2188348-3794754427 x-cache TCP_MISS from a2-17-100-150.deploy.akamaitechnologies.com (AkamaiGHost/11.4.2.2-54697487) (-) x-b3-parentspanid ba174c86d9090e67 b3 89625ddde2cd762ab530b12a6db9581f-9308348a1a286cb5 content-length 16678 apple-tk false server 4.0.0 apple-seq 0.0 last-modified Tue, 23 Jan 2024 00:18:42 GMT x-cache-remote TCP_HIT from a23-62-213-19.deploy.akamaitechnologies.com (AkamaiGHost/11.4.2.2-54697487) (-) etag "MSwxLjczLjAtMjNPLFZlcnNpb24gMTMuNS4yIChCdWlsZCAyMkc5MSksMTcwNTk2OTEyMjY5NSxpc0J1aWxkVmVyc2lvbk5vdFNldCw2YTRiMGJlNCxub0VmZmVjdA==" apple-originating-system UnknownOriginatingSystem content-type image/jpeg access-control-allow-origin * access-control-expose-headers Content-Length,Content-Type,ETag,Cache-Control,Expires,Last-Modified x-apple-request-uuid 89625ddd-e2cd-762a-b530-b12a6db9581f x-b3-spanid 9308348a1a286cb5 cache-control no-transform, max-age=14827547 timing-allow-origin *
GET H2	200	785a336a9e3a0c5baa7182ae49333664.jpg i.pinimg.com/736x/78/5a/33/	31 KB 31 KB	298ms 32ms	Image image/jpeg	2a04:4e42:6f::84 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://i.pinimg.com/736x/78/5a/33/785a336a9e3a0c5baa7182ae49333664.jpg Requested by Host: cash-back.leqshop.ru URL: https://cash-back.leqshop.ru/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:6f::84 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 8c53169482d016acf3023c129ea10f497ad8d8899f9569b625a9d6be5f43b4d5 Request headers accept-language nl-NL,nl;q=0.9 Referer https://cash-back.leqshop.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers date Tue, 05 Mar 2024 09:21:03 GMT x-cdn fastly etag "8bbe58b05ba6505d2342b403aa0e0e82" vary Origin content-type image/jpeg accept-ranges bytes alt-svc h3=":443";ma=600 content-length 31355 expires Fri, 25 Dec 2037 23:59:59 GMT
GET H2	200	qatar-airways-logo-E096F45AE3-seeklogo.com.png seeklogo.com/images/Q/	12 KB 13 KB	297ms 30ms	Image image/png	2606:4700:3036::ac43:be4c CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://seeklogo.com/images/Q/qatar-airways-logo-E096F45AE3-seeklogo.com.png Requested by Host: cash-back.leqshop.ru URL: https://cash-back.leqshop.ru/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::ac43:be4c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9b94f8528ee405f728affaf14b131383198995d7fd6ebc7414d305db5dd5abad Security Headers Name Value Content-Security-Policy upgrade-insecure-requests; frame-ancestors 'self' Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language nl-NL,nl;q=0.9 Referer https://cash-back.leqshop.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers date Tue, 05 Mar 2024 09:21:03 GMT content-security-policy upgrade-insecure-requests; frame-ancestors 'self' x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains cf-cache-status HIT x-permitted-cross-domain-policies none age 82473 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 content-length 12642 x-xss-protection 1; mode=block last-modified Sun, 27 Nov 2022 00:38:32 GMT server cloudflare etag "1d901f8935cc562" x-download-options noopen x-frame-options SAMEORIGIN report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ejmeucI8SYkdIdVjDxwqb%2FrbZlpClXnqkQApeYTbhfxvTahFsAcrUi9uZlKmAjpeFmuWiHMEXCsiMS%2FJk5UFre3qHKakXMUYYRm9J8%2FoxtUZ%2BgMGYGI4OcmS6wAzOBbosY6MXkpsZsrg%2Fo4%3D"}],"group":"cf-nel","max_age":604800} content-type image/png vary Accept-Encoding cache-control public, max-age=31536000 permissions-policy accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=() accept-ranges bytes cf-ray 85f9089e786ab73c-AMS
GET H2	200	Vender-Milhas-Gol-Smiles-hotmilhas.png gironacidade.com.br/wp-content/uploads/2020/09/	16 KB 16 KB	921ms 231ms	Image image/png	162.241.60.96 NETWORK-SOLUTIONS...
General Check archive.org Show headers Download Go to Show image Full URL https://gironacidade.com.br/wp-content/uploads/2020/09/Vender-Milhas-Gol-Smiles-hotmilhas.png Requested by Host: cash-back.leqshop.ru URL: https://cash-back.leqshop.ru/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 162.241.60.96 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US), Reverse DNS 162-241-60-96.unifiedlayer.com Software Apache / Resource Hash 4ba2bacce9bd70cb59878048a21adcd258739d189b882ad6aa4f8a2da86fd432 Request headers accept-language nl-NL,nl;q=0.9 Referer https://cash-back.leqshop.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers date Tue, 05 Mar 2024 09:21:04 GMT last-modified Tue, 29 Sep 2020 19:52:25 GMT server Apache content-type image/png cache-control max-age=86400 accept-ranges bytes content-length 16534 expires Wed, 06 Mar 2024 09:21:04 GMT
GET H2	200	256x256bb.jpg is1-ssl.mzstatic.com/image/thumb/Purple118/v4/83/4c/ab/834cab84-a0e0-e668-aa85-820db0786296/source/	6 KB 7 KB	474ms 216ms	Image image/jpeg	2a02:26f0:7100:39f::2a1 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://is1-ssl.mzstatic.com/image/thumb/Purple118/v4/83/4c/ab/834cab84-a0e0-e668-aa85-820db0786296/source/256x256bb.jpg Requested by Host: cash-back.leqshop.ru URL: https://cash-back.leqshop.ru/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:7100:39f::2a1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software 4.0.0 / Resource Hash 499176ba86ccb6bcb57b36647ca670cbd51a49d7cc4f71b14ed6b31435ff90ff Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language nl-NL,nl;q=0.9 Referer https://cash-back.leqshop.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers x-apple-jingle-correlation-key ZQQJSLIO3T6DBDCC7SORU2E5GE strict-transport-security max-age=31536000; includeSubDomains date Tue, 05 Mar 2024 09:21:03 GMT x-b3-traceid d7802be60494f069 x-daiquiri-instance daiquiri:43624002:st44p00it-hyhk15014701:7987:24RELEASE17:daiquiri-amp-processing-shared-int-001-st, daiquiri:41338001:st47p00it-qujn13151502:7987:24RELEASE17:daiquiri-amp-all-l7shared-int-001-st cdnuuid f51e3cdc-98ca-4c3c-9da0-98d52a052779-1059856545 x-cache TCP_MISS from a2-17-100-150.deploy.akamaitechnologies.com (AkamaiGHost/11.4.2.2-54697487) (-) x-b3-parentspanid 3c337a1bc9746b9b b3 cc20992d0edcfc308c42fc9d1a689d31-7845d429322c5771 content-length 6468 apple-tk false server 4.0.0 apple-seq 0.0 last-modified Tue, 30 Jan 2024 13:54:55 GMT x-cache-remote TCP_HIT from a23-62-213-5.deploy.akamaitechnologies.com (AkamaiGHost/11.4.2.2-54697487) (-) etag "MSwxLjc0LjAtMjNQLFZlcnNpb24gMTMuNS4yIChCdWlsZCAyMkc5MSksMTcwNjYyMjg5NTU3OCxpc0J1aWxkVmVyc2lvbk5vdFNldCw5YjMyNDc3Myxub0VmZmVjdA==" apple-originating-system UnknownOriginatingSystem content-type image/jpeg access-control-allow-origin * access-control-expose-headers Content-Length,Content-Type,ETag,Cache-Control,Expires,Last-Modified x-apple-request-uuid cc20992d-0edc-fc30-8c42-fc9d1a689d31 x-b3-spanid 7845d429322c5771 cache-control no-transform, max-age=14159158 timing-allow-origin *
GET H2	200	images encrypted-tbn0.gstatic.com/	6 KB 6 KB	256ms 52ms	Image image/jpeg	2a00:1450:4001:811::200e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcSLsL2qM351Gxx5FVTUZLS6i_DJTRhoZY5JBts3FU2QAWTuQyc5pCF7dnRaeDe5hWFXeB8&usqp=CAU Requested by Host: cash-back.leqshop.ru URL: https://cash-back.leqshop.ru/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash bcf73cebae0f3398c07abe255f6ce614b097e5196e015c8e6192fd9ee2b282a0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://cash-back.leqshop.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers date Tue, 05 Mar 2024 09:21:03 GMT x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 5767 x-xss-protection 0 last-modified Sat, 11 Nov 2017 04:03:13 GMT server sffe report-to {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="images-tbn" expires Wed, 05 Mar 2025 09:21:03 GMT
GET H2	200	l_44926a6057cd547f02947e3732850391.jpg www.houstonhotels.org/wp-content/sabai/File/files/	21 KB 21 KB	237ms 17ms	Image image/jpeg	192.124.249.130 SUCURI-SEC
General Check archive.org Show headers Download Go to Show image Full URL https://www.houstonhotels.org/wp-content/sabai/File/files/l_44926a6057cd547f02947e3732850391.jpg Requested by Host: cash-back.leqshop.ru URL: https://cash-back.leqshop.ru/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 192.124.249.130 Menifee, United States, ASN30148 (SUCURI-SEC, US), Reverse DNS cloudproxy10130.sucuri.net Software nginx / Resource Hash d48b0a8c53ca014c645bc4871778bc2e01c1e4575b2a47dba742e542058d8948 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests; X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language nl-NL,nl;q=0.9 Referer https://cash-back.leqshop.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers date Tue, 05 Mar 2024 09:21:03 GMT content-security-policy upgrade-insecure-requests; x-content-type-options nosniff last-modified Thu, 06 Jun 2019 16:02:37 GMT server nginx etag "19e0bde-5461-58aa9d7bac140" x-frame-options SAMEORIGIN content-type image/jpeg x-sucuri-cache HIT cache-control max-age=315360000 x-sucuri-id 19030 accept-ranges bytes content-length 21601 x-xss-protection 1; mode=block expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	ET-tailfin.jpg www.heathrow.com/content/dam/heathrow/web/common/images/airline/tailfin/	12 KB 12 KB	222ms 86ms	Image image/jpeg	2620:1ec:bdf::60 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://www.heathrow.com/content/dam/heathrow/web/common/images/airline/tailfin/ET-tailfin.jpg Requested by Host: cash-back.leqshop.ru URL: https://cash-back.leqshop.ru/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:bdf::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 481a206b02c2e9b85b5bb385134d3a3da8c30e1e30b27cc30c923b603cf1266a Security Headers Name Value Content-Security-Policy frame-ancestors 'self';, frame-ancestors 'self'; Strict-Transport-Security max-age=63072000; includeSubdomains; X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language nl-NL,nl;q=0.9 Referer https://cash-back.leqshop.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers x-dispatcher dispatcher2euwest2 date Tue, 05 Mar 2024 09:21:03 GMT strict-transport-security max-age=63072000; includeSubdomains; x-content-type-options nosniff content-security-policy frame-ancestors 'self';, frame-ancestors 'self'; via 1.1 196da8dbede310a18cd917665afeaa22.cloudfront.net (CloudFront) x-amz-cf-pop AMS50-C1 x-vhost publish x-cache TCP_MISS x-fd-int-roxy-purgeid 65738608 content-length 11889 x-xss-protection 1; mode=block service-worker-allowed / referrer-policy no-referrer x-frame-options SAMEORIGIN x-azure-ref 20240305T092103Z-8kvxne2u296051fn5u56kcscpn000000020g00000000ez98 content-type image/jpeg cache-control max-age=14400, s-maxage=14400 feature-policy fullscreen 'none'; microphone 'none' accept-ranges bytes x-amz-cf-id 72mXUWu9czdNA7cVjaJ_wAJtTwjdkdzLVzMHGjKTOiQbid8Z52Aw2A==
GET H/1.1	200 OK	1 prnewswire2-a.akamaihd.net/p/1893751/sp/189375100/thumbnail/entry_id/0_llqzoyzy/def_height/2700/def_width/2700/version/100012/type/ Redirect Chain https://photos.prnewswire.com/prnfull/20150615/748217 https://prnewswire2-a.akamaihd.net/p/1893751/sp/189375100/thumbnail/entry_id/0_llqzoyzy/def_height/2700/def_width/2700/version/100012/type/1	342 KB 343 KB	599ms 209ms	Image image/jpeg	2.19.172.205 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://prnewswire2-a.akamaihd.net/p/1893751/sp/189375100/thumbnail/entry_id/0_llqzoyzy/def_height/2700/def_width/2700/version/100012/type/1 Requested by Host: cash-back.leqshop.ru URL: https://cash-back.leqshop.ru/ Protocol HTTP/1.1 Server 2.19.172.205 Bogotá, Colombia, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-19-172-205.deploy.static.akamaitechnologies.com Software Kaltura / Resource Hash ebb853c724eda22d4ff2f8e52ebc2a3255a0de44be73614860d6df6ccc843d15 Request headers accept-language nl-NL,nl;q=0.9 Referer https://cash-back.leqshop.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers X-Kaltura cached-thumb-exists,45cecd1e46875a674e40f82afd67332a X-Me nvp1-fthumb-lkfmt Date Tue, 05 Mar 2024 09:21:04 GMT X-Vod-Session 551169643 X-Amz-Cf-Pop MIA3-P5 X-Proxy-Me nvp1-vod-proxy-green-ng-699856cbbd-ql4dd X-Kaltura-Session 1079397967, 1709462776 Connection keep-alive Content-Length 350012 Pragma Last-Modified Sun, 19 Nov 2000 08:52:00 GMT Server Kaltura X-Proxy-Session f6d85fcf3472e7ad0e0e0042b2968691 X-Vod-Me nvp1-vod-packager-green-ng-b8c76984b-vpq86 Content-Type image/jpeg Access-Control-Allow-Origin * Cache-Control public, max-age=3600 Accept-Ranges bytes X-Amz-Cf-Id s8Wcb5OP5cU-Nc2GzksPrioRlBS6hANyZlulciSnOsJYGkEuXR3DGA== Expires Tue, 05 Mar 2024 10:21:04 GMT Redirect headers date Tue, 05 Mar 2024 09:21:04 GMT cf-cache-status DYNAMIC server cloudflare x-powered-by ASP.NET vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type text/html; charset=utf-8 location https://prnewswire2-a.akamaihd.net/p/1893751/sp/189375100/thumbnail/entry_id/0_llqzoyzy/def_height/2700/def_width/2700/version/100012/type/1 access-control-allow-origin * cache-control private server-timing intid;desc=e701247fd7355402 cf-ray 85f9089efad6b957-AMS access-control-allow-headers Content-Type
GET H/1.1	200 OK	best-western_gift-card_4_1.png www.storefrontdirect.com/pub/media/catalog/product/cache/8c0cd180e440eae853fa2176b62a6ddf/b/e/	343 KB 344 KB	690ms 225ms	Image image/png	20.63.32.201 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://www.storefrontdirect.com/pub/media/catalog/product/cache/8c0cd180e440eae853fa2176b62a6ddf/b/e/best-western_gift-card_4_1.png Requested by Host: cash-back.leqshop.ru URL: https://cash-back.leqshop.ru/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 20.63.32.201 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Apache/2.4.58 (Ubuntu) / Resource Hash e000ac4d306ff9bbd94b59cd9176f74b4e8b59a4fb7015f5b663bcf2052df79f Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers accept-language nl-NL,nl;q=0.9 Referer https://cash-back.leqshop.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers Date Tue, 05 Mar 2024 09:21:04 GMT Referrer-Policy no-referrer Last-Modified Mon, 27 Sep 2021 16:03:24 GMT Server Apache/2.4.58 (Ubuntu) ETag "55ceb-5ccfc3ca424b3" X-Frame-Options SAMEORIGIN Content-Type image/png Cache-Control public Connection keep-alive Accept-Ranges bytes Content-Length 351467
GET H2	200	256x256bb.jpg is2-ssl.mzstatic.com/image/thumb/Purple112/v4/72/52/70/725270eb-4e27-8430-ee08-5692d9b8978a/AppIcon-1x_U007emarketing-8-0-85-220.png/	27 KB 28 KB	156ms 146ms	Image image/jpeg	2a02:26f0:7100:39f::2a1 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://is2-ssl.mzstatic.com/image/thumb/Purple112/v4/72/52/70/725270eb-4e27-8430-ee08-5692d9b8978a/AppIcon-1x_U007emarketing-8-0-85-220.png/256x256bb.jpg Requested by Host: cash-back.leqshop.ru URL: https://cash-back.leqshop.ru/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:7100:39f::2a1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software 4.0.0 / Resource Hash 754e5fad06dfadbb900f62920f2c9974d7bca353060bf044f93c76abfa5165c6 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language nl-NL,nl;q=0.9 Referer https://cash-back.leqshop.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers x-apple-jingle-correlation-key A7ZV6OC7KRUFSSWORY575RG4SE strict-transport-security max-age=31536000; includeSubDomains date Tue, 05 Mar 2024 09:21:03 GMT x-b3-traceid d4cea0cb82009368 x-daiquiri-instance daiquiri:43624002:st44p00it-hyhk15014701:7987:24RELEASE17:daiquiri-amp-processing-shared-int-001-st, daiquiri:41338003:st47p00it-qujn13041901:7987:24RELEASE17:daiquiri-amp-all-l7shared-int-001-st cdnuuid 9a65d5fa-0aef-4b2e-b29a-15d4a7a10c88-2930181047 x-cache TCP_MISS from a2-17-100-150.deploy.akamaitechnologies.com (AkamaiGHost/11.4.2.2-54697487) (-) x-b3-parentspanid 189a48d0dbb96ee3 b3 07f35f385f5468594ace8e3bfec4dc91-6798489711b18df1 content-length 27892 apple-tk false server 4.0.0 apple-seq 0.0 last-modified Fri, 16 Feb 2024 14:22:53 GMT x-cache-remote TCP_MISS from a23-62-213-5.deploy.akamaitechnologies.com (AkamaiGHost/11.4.2.2-54697487) (-) etag "MSwxLjgxLjEsVmVyc2lvbiAxMy41LjIgKEJ1aWxkIDIyRzkxKSwxNzA4MDkzMzczNjc1LDI0QjE3LDIzODRjM2Y1LG5vRWZmZWN0" apple-originating-system UnknownOriginatingSystem content-type image/jpeg access-control-allow-origin * access-control-expose-headers Content-Length,Content-Type,ETag,Cache-Control,Expires,Last-Modified x-apple-request-uuid 07f35f38-5f54-6859-4ace-8e3bfec4dc91 x-b3-spanid 6798489711b18df1 cache-control no-transform, max-age=14027428 timing-allow-origin *
GET H2	200	256x256bb.jpg is2-ssl.mzstatic.com/image/thumb/Purple116/v4/05/c4/ab/05c4abab-eb0a-71af-9938-ed34c6bc6285/ITA_Airways_icon-0-0-1x_U007emarketing-0-0-0-6-0-0-sRGB-0-0-0-GLES2_U002c0-512MB-85-220-0-0.png/	9 KB 10 KB	187ms 186ms	Image image/jpeg	2a02:26f0:7100:39f::2a1 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://is2-ssl.mzstatic.com/image/thumb/Purple116/v4/05/c4/ab/05c4abab-eb0a-71af-9938-ed34c6bc6285/ITA_Airways_icon-0-0-1x_U007emarketing-0-0-0-6-0-0-sRGB-0-0-0-GLES2_U002c0-512MB-85-220-0-0.png/256x256bb.jpg Requested by Host: cash-back.leqshop.ru URL: https://cash-back.leqshop.ru/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:7100:39f::2a1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software 4.0.0 / Resource Hash fe14267afe7f04a23a801f360d9afbe8b887e6111bdad907faa74e41aed2d7a0 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language nl-NL,nl;q=0.9 Referer https://cash-back.leqshop.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers x-apple-jingle-correlation-key L5WOIUUDSOAVVSCTULJLCJ5ZMM strict-transport-security max-age=31536000; includeSubDomains date Tue, 05 Mar 2024 09:21:03 GMT x-b3-traceid 74549b80f0c952e5 x-daiquiri-instance daiquiri:43624002:st44p00it-hyhk15014701:7987:23HOTFIX13:daiquiri-amp-processing-shared-int-001-st, daiquiri:41338001:st47p00it-qujn13151502:7987:23HOTFIX13:daiquiri-amp-all-l7shared-int-001-st cdnuuid c358d4dc-33b9-4ae3-aafe-01c24e1e7732-1447458943 x-cache TCP_MISS from a2-17-100-150.deploy.akamaitechnologies.com (AkamaiGHost/11.4.2.2-54697487) (-) x-b3-parentspanid ac9ad55c11b2b5c4 b3 5f6ce4528393815ac853a2d2b127b963-1ed3ff19b4acb28f content-length 8755 apple-tk false server 4.0.0 apple-seq 0.0 last-modified Sat, 13 Jan 2024 04:14:56 GMT x-cache-remote TCP_MISS from a2-16-240-30.deploy.akamaitechnologies.com (AkamaiGHost/11.4.2.2-54697487) (-) etag "MSwxLjczLjAtMjNPLFZlcnNpb24gMTMuNS4yIChCdWlsZCAyMkc5MSksMTcwNTExOTI5NjE3Nyxpc0J1aWxkVmVyc2lvbk5vdFNldCxjNmJjMTRmMSxub0VmZmVjdA==" apple-originating-system UnknownOriginatingSystem content-type image/jpeg access-control-allow-origin * access-control-expose-headers Content-Length,Content-Type,ETag,Cache-Control,Expires,Last-Modified x-apple-request-uuid 5f6ce452-8393-815a-c853-a2d2b127b963 x-b3-spanid 1ed3ff19b4acb28f cache-control no-transform, max-age=16675048 timing-allow-origin *
GET H2	200	unnamed.png i.dansdeals.com/wp-content/uploads/2020/12/29011903/	28 KB 28 KB	112ms 26ms	Image image/png	18.66.122.46 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://i.dansdeals.com/wp-content/uploads/2020/12/29011903/unnamed.png Requested by Host: cash-back.leqshop.ru URL: https://cash-back.leqshop.ru/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.122.46 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-122-46.fra60.r.cloudfront.net Software AmazonS3 / Resource Hash c02fffd07457f8a54faeda05f23cce816e231db2318ab65837b4e2a99712be72 Request headers accept-language nl-NL,nl;q=0.9 Referer https://cash-back.leqshop.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers date Sun, 28 Jan 2024 14:28:19 GMT x-amz-version-id 3FlMLiTat1hZ9_qpB9kb.DSDo4XkDl7M via 1.1 a4233498d2bd44dbd411d60d86f8334e.cloudfront.net (CloudFront) last-modified Tue, 29 Dec 2020 06:19:04 GMT server AmazonS3 x-amz-cf-pop FRA60-P2 age 3178366 etag "b687f3fe9d9cba9e1e69c919abf401f5" x-cache Hit from cloudfront content-type image/png cache-control max-age=31536000 accept-ranges bytes content-length 28375 x-amz-cf-id V3lI_Jnz_axvGsMy_YIJRFQGIqAgfOYYhmzEJZNsVYdzvLyfLyG5Eg== expires Wed, 29 Dec 2021 06:19:03 GMT
GET H2	200	256x256bb.jpg is4-ssl.mzstatic.com/image/thumb/Purple124/v4/91/bf/69/91bf6950-9941-493b-b28e-770572de6434/source/	16 KB 17 KB	31ms 31ms	Image image/jpeg	2a02:26f0:7100:3a9::2a1 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://is4-ssl.mzstatic.com/image/thumb/Purple124/v4/91/bf/69/91bf6950-9941-493b-b28e-770572de6434/source/256x256bb.jpg Requested by Host: cash-back.leqshop.ru URL: https://cash-back.leqshop.ru/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:7100:3a9::2a1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software 4.0.0 / Resource Hash d80705e5834f5ac9f2d74bfa5a5b5fb579004d7718d6b60b3b6125215399fc8e Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language nl-NL,nl;q=0.9 Referer https://cash-back.leqshop.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers x-apple-jingle-correlation-key OPAFSOWAUFGOEU63P6WKXV2IXI strict-transport-security max-age=31536000; includeSubDomains date Tue, 05 Mar 2024 09:21:03 GMT x-b3-traceid f7961243025881ad x-daiquiri-instance daiquiri:33624002:pv50p00it-hyhk12033901:7987:24RELEASE37:daiquiri-amp-processing-shared-int-001-pv, daiquiri:31338001:pv52p00it-qujn08063302:7987:24RELEASE37:daiquiri-amp-all-l7shared-int-001-pv cdnuuid da994ae3-77d1-4d7b-b014-35d24b4610a7-2344752321 x-cache TCP_MISS from a2-17-100-150.deploy.akamaitechnologies.com (AkamaiGHost/11.4.2.2-54697487) (-) x-b3-parentspanid e84ce3145b69257f b3 73c0593ac0a14ce253db7facabd748ba-5249ea4b7dabd8ab content-length 16670 apple-tk false server 4.0.0 apple-seq 0.0 last-modified Sat, 24 Feb 2024 06:51:19 GMT x-cache-remote TCP_MISS from a23-38-99-107.deploy.akamaitechnologies.com (AkamaiGHost/11.4.2.2-54697487) (-) etag "MSwxLjgzLjAsVmVyc2lvbiAxMy41LjIgKEJ1aWxkIDIyRzkxKSwxNzA4NzU3NDc5MTIxLDI0QjI1LDJkNzhkNmI4LG5vRWZmZWN0" apple-originating-system UnknownOriginatingSystem content-type image/jpeg access-control-allow-origin * access-control-expose-headers Content-Length,Content-Type,ETag,Cache-Control,Expires,Last-Modified x-apple-request-uuid 73c0593a-c0a1-4ce2-53db-7facabd748ba x-b3-spanid 5249ea4b7dabd8ab cache-control no-transform, max-age=13894286 timing-allow-origin *
GET H2	200	256x256bb.jpg is5-ssl.mzstatic.com/image/thumb/Purple122/v4/54/53/d2/5453d2eb-5cfa-921a-fdb5-767ddcf2b0f1/AppIcon-0-0-1x_U007emarketing-0-0-0-7-0-0-sRGB-0-0-0-GLES2_U002c0-512MB-85-220-0-0.png/	11 KB 12 KB	59ms 58ms	Image image/jpeg	2a02:26f0:7100:39f::2a1 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://is5-ssl.mzstatic.com/image/thumb/Purple122/v4/54/53/d2/5453d2eb-5cfa-921a-fdb5-767ddcf2b0f1/AppIcon-0-0-1x_U007emarketing-0-0-0-7-0-0-sRGB-0-0-0-GLES2_U002c0-512MB-85-220-0-0.png/256x256bb.jpg Requested by Host: cash-back.leqshop.ru URL: https://cash-back.leqshop.ru/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:7100:39f::2a1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software 4.0.0 / Resource Hash b8b9e296e7b5eddca4764990bc25f487f9638c124d4397b554f53f21f546c945 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language nl-NL,nl;q=0.9 Referer https://cash-back.leqshop.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers x-apple-jingle-correlation-key 7XNLLF4RTBG4GNALBFPZEJ6XHE strict-transport-security max-age=31536000; includeSubDomains date Tue, 05 Mar 2024 09:21:04 GMT x-b3-traceid ef59efa8ed62981d x-daiquiri-instance daiquiri:43624002:st44p00it-hyhk15014701:7987:24RELEASE37:daiquiri-amp-processing-shared-int-001-st, daiquiri:41338002:st47p00it-qujn13041702:7987:24RELEASE37:daiquiri-amp-all-l7shared-int-001-st cdnuuid 86cb35a0-6f37-44ae-b284-a6cd4f236abd-1629595498 x-cache TCP_MISS from a2-17-100-150.deploy.akamaitechnologies.com (AkamaiGHost/11.4.2.2-54697487) (-) x-b3-parentspanid 54a53c980fae77c5 b3 fddab59791984dc3340b095f9227d739-af5c5d0ad59b9e1d content-length 10835 apple-tk false server 4.0.0 apple-seq 0.0 last-modified Mon, 04 Mar 2024 20:10:02 GMT x-cache-remote TCP_HIT from a23-206-213-215.deploy.akamaitechnologies.com (AkamaiGHost/11.4.2.2-54697487) (-) etag "MSwxLjgzLjAsVmVyc2lvbiAxMy41LjIgKEJ1aWxkIDIyRzkxKSwxNzA5NTgzMDAyOTU3LDI0QzMyLDU0YjMyZjgwLG5vRWZmZWN0" apple-originating-system UnknownOriginatingSystem content-type image/jpeg access-control-allow-origin * access-control-expose-headers Content-Length,Content-Type,ETag,Cache-Control,Expires,Last-Modified x-apple-request-uuid fddab597-9198-4dc3-340b-095f9227d739 x-b3-spanid af5c5d0ad59b9e1d cache-control no-transform, max-age=14811225 timing-allow-origin *
GET H2	200	logo-TU.png panorama.quicket.io/airlines/logo/	7 KB 7 KB	267ms 70ms	Image image/png	178.128.198.159 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Show image Full URL https://panorama.quicket.io/airlines/logo/logo-TU.png Requested by Host: cash-back.leqshop.ru URL: https://cash-back.leqshop.ru/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 178.128.198.159 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx/1.20.1 / Resource Hash 544bf75113ace61a8866b4ead1b1be87db7cb19e0592a80b0d286351b63e8cf4 Request headers accept-language nl-NL,nl;q=0.9 Referer https://cash-back.leqshop.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers date Tue, 05 Mar 2024 09:21:04 GMT last-modified Tue, 10 Oct 2017 16:06:54 GMT server nginx/1.20.1 etag "59dcf01e-1ce1" access-control-allow-methods GET, POST, OPTIONS, DELETE, PUT content-type image/png access-control-allow-credentials true accept-ranges bytes access-control-allow-headers User-Agent,Keep-Alive,Content-Type content-length 7393
GET H2	200	NZ.png uniticket.ru/wp-content/uploads/2019/airlines_logo_64/	2 KB 3 KB	673ms 477ms	Image image/png	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://uniticket.ru/wp-content/uploads/2019/airlines_logo_64/NZ.png Requested by Host: cash-back.leqshop.ru URL: https://cash-back.leqshop.ru/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d3ceecd971b4b1fb5af44452de41b560942cdd02f35b9102e3ab9a41a9f5b9cc Request headers accept-language nl-NL,nl;q=0.9 Referer https://cash-back.leqshop.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers date Tue, 05 Mar 2024 09:21:04 GMT cf-cache-status MISS last-modified Wed, 22 Jan 2020 11:13:45 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary User-Agent, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AcSkD3oBgl%2BELjsBBTnxBq5bg%2BNNlI2h6x%2FuUiQYy6mWBVPmm3a7vF%2FZiTARYtT7hqYbl9fY35ld7ZIQdHboEQ%2Bo0ST6vy3sPULQ21I4LzqLYO4Ee7oaztW2PwjqFFUk5Y4J2IF7vmsDwwo%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed accept-ranges bytes cf-ray 85f908a138c306d8-AMS alt-svc h3=":443"; ma=86400 content-length 2360 expires Tue, 12 Mar 2024 09:21:03 GMT
GET H2	200	JetBlue-og-image.jpg www.jetblue.com/magnoliapublic/dam/ui-assets/imagery/info-assets/logos-misc/	10 KB 10 KB	279ms 130ms	Image image/webp	151.101.66.245 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://www.jetblue.com/magnoliapublic/dam/ui-assets/imagery/info-assets/logos-misc/JetBlue-og-image.jpg Requested by Host: cash-back.leqshop.ru URL: https://cash-back.leqshop.ru/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.66.245 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash bd219de81b9e13b00458a3661518f594d42b3b28aaf72812c138b34f596aadc4 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers accept-language nl-NL,nl;q=0.9 Referer https://cash-back.leqshop.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers strict-transport-security max-age=15724800; includeSubDomains via 1.1 varnish, 1.1 varnish, 1.1 varnish date Tue, 05 Mar 2024 09:21:04 GMT e-tag 1708446001386 fastly-io-served-by vpop-kiad7010230 age 0 x-cache MISS, HIT, HIT fastly-io-info ifsz=34940 idim=1080x1080 ifmt=jpeg ofsz=9918 odim=1080x1080 ofmt=webp fastly-stats io=1 content-length 9918 x-served-by cache-iad-kcgs7200141-IAD, cache-iad-kjyo7100106-IAD, cache-ams21048-AMS x-magnolia-registration Registered x-timer S1709630464.200845,VS0,VE88 etag "HwZeHDtXkWdEGwjXPkVKPC1KKm+mi+5GMb8KptAtdl8" vary Accept access-control-allow-methods POST, GET, OPTIONS, DELETE, PUT content-type image/webp access-control-allow-origin * cache-control access-control-allow-credentials true accept-ranges bytes access-control-allow-headers Origin, x-b3-traceid, x-b3-spanid, Authorization, Content-Type, Accept, User-Agent, Referer, x-auth-token, Sec-Fetch-Dest x-cache-hits 0, 865, 1
GET H2	404	z57rs6tcaofhrsnkozhx.png res.cloudinary.com/crunchbase-production/image/upload/c_lpad,h_256,w_256,f_auto,q_auto:eco,dpr_1/v1464072106/	0 519 B	366ms 270ms	Image image/gif	2a02:26f0:480:588::523 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://res.cloudinary.com/crunchbase-production/image/upload/c_lpad,h_256,w_256,f_auto,q_auto:eco,dpr_1/v1464072106/z57rs6tcaofhrsnkozhx.png Requested by Host: cash-back.leqshop.ru URL: https://cash-back.leqshop.ru/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2a02:26f0:480:588::523 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software Cloudinary / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=604800 Request headers accept-language nl-NL,nl;q=0.9 Referer https://cash-back.leqshop.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers date Tue, 05 Mar 2024 09:21:04 GMT strict-transport-security max-age=604800 x-cld-error Resource not found - z57rs6tcaofhrsnkozhx server-timing cld-akam;dur=246;cpu=74;start=2024-03-05T09:21:04.158Z;desc=miss,rtt;dur=21,cloudinary;dur=11;start=2024-03-05T09:21:04.283Z,cld-error;desc="Resource not found - z57rs6tcaofhrsnkozhx" content-length 0 last-modified Mon, 04 Mar 2024 18:41:05 GMT server Cloudinary etag "d41d8cd98f00b204e9800998ecf8427e" vary Accept,User-Agent content-type image/gif access-control-allow-origin * access-control-expose-headers Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error cache-control private, no-transform, max-age=0, no-cache accept-ranges bytes timing-allow-origin * expires Tue, 05 Mar 2024 18:41:04 GMT
GET H2	200	003495.KS.png companiesmarketcap.com/img/company-logos/256/	8 KB 8 KB	74ms 28ms	Image image/png	2606:4700:20::681a:876 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://companiesmarketcap.com/img/company-logos/256/003495.KS.png Requested by Host: cash-back.leqshop.ru URL: https://cash-back.leqshop.ru/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:876 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 66e3e67fdd47e8cc947ae4fefbf872b9127c72124a66c3676472750d536f7334 Request headers accept-language nl-NL,nl;q=0.9 Referer https://cash-back.leqshop.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers date Tue, 05 Mar 2024 09:21:04 GMT cf-cache-status HIT last-modified Sat, 26 Mar 2022 11:21:56 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 47463 etag "1ea5-5db1d4976d0b5" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rm%2Fulxqls8beRTBC%2Fka1FblaumjiTJeJnzrWL395wZceb1mYVkM9nUCWSdA2JE0pbY1%2BQxFBQn6XMLed%2FCKsQJcD6b%2BXp7ZUFB8GgbE8g8C%2BLGI3GlyUQJwPjyl1Dh4RseUoTTS5XvtvhOmkgbhl8JC%2F%2FrM%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control public, max-age=1209600 accept-ranges bytes cf-ray 85f908a0df1cb8f1-AMS alt-svc h3=":443"; ma=86400 content-length 7845
GET H2	404	vqtzmkfa5hihsuv0ezgh.png res.cloudinary.com/crunchbase-production/image/upload/c_lpad,h_256,w_256,f_auto,q_auto:eco,dpr_1/v1450956454/	0 519 B	230ms 230ms	Image image/gif	2a02:26f0:480:588::523 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://res.cloudinary.com/crunchbase-production/image/upload/c_lpad,h_256,w_256,f_auto,q_auto:eco,dpr_1/v1450956454/vqtzmkfa5hihsuv0ezgh.png Requested by Host: cash-back.leqshop.ru URL: https://cash-back.leqshop.ru/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2a02:26f0:480:588::523 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software Cloudinary / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=604800 Request headers accept-language nl-NL,nl;q=0.9 Referer https://cash-back.leqshop.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers date Tue, 05 Mar 2024 09:21:04 GMT strict-transport-security max-age=604800 x-cld-error Resource not found - vqtzmkfa5hihsuv0ezgh server-timing cld-akam;dur=207;cpu=33;start=2024-03-05T09:21:04.171Z;desc=miss,rtt;dur=21,cloudinary;dur=13;start=2024-03-05T09:21:04.267Z,cld-error;desc="Resource not found - vqtzmkfa5hihsuv0ezgh" content-length 0 last-modified Tue, 05 Mar 2024 01:56:40 GMT server Cloudinary etag "d41d8cd98f00b204e9800998ecf8427e" vary Accept,User-Agent content-type image/gif access-control-allow-origin * access-control-expose-headers Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error cache-control private, no-transform, max-age=0, no-cache accept-ranges bytes timing-allow-origin * expires Wed, 06 Mar 2024 01:56:39 GMT
GET H2	200	256x256bb.jpg is3-ssl.mzstatic.com/image/thumb/Purple112/v4/84/e0/4a/84e04add-ca3f-6f35-7a41-f7a2787367df/AppIcon-1x_U007emarketing-0-5-0-85-220.png/	14 KB 15 KB	140ms 132ms	Image image/jpeg	2a02:26f0:7100:39f::2a1 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://is3-ssl.mzstatic.com/image/thumb/Purple112/v4/84/e0/4a/84e04add-ca3f-6f35-7a41-f7a2787367df/AppIcon-1x_U007emarketing-0-5-0-85-220.png/256x256bb.jpg Requested by Host: cash-back.leqshop.ru URL: https://cash-back.leqshop.ru/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:7100:39f::2a1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software 4.0.0 / Resource Hash e4a30c466b04a8c77c1e8d6b456bfca22db158149d46aa7e1b77238a74002594 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language nl-NL,nl;q=0.9 Referer https://cash-back.leqshop.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers x-apple-jingle-correlation-key WATNNJIJFFXTCUCPXQZD3ILNHY strict-transport-security max-age=31536000; includeSubDomains date Tue, 05 Mar 2024 09:21:04 GMT x-b3-traceid 5c2a1706abe340eb x-daiquiri-instance daiquiri:33624002:pv50p00it-hyhk12033901:7987:24RELEASE17:daiquiri-amp-processing-shared-int-001-pv, daiquiri:31338003:pv52p00it-qujn10223301:7987:24RELEASE17:daiquiri-amp-all-l7shared-int-001-pv cdnuuid a5ce62b9-21c2-4f72-889e-534565f9ae99-1031298051 x-cache TCP_MISS from a2-17-100-150.deploy.akamaitechnologies.com (AkamaiGHost/11.4.2.2-54697487) (-) x-b3-parentspanid dfbfc0e90fc2c54f b3 b026d6a509296f31504fbc323da16d3e-a91c01ca4e6dab08 content-length 14581 apple-tk false server 4.0.0 apple-seq 0.0 last-modified Mon, 19 Feb 2024 16:16:58 GMT x-cache-remote TCP_MISS from a23-206-213-203.deploy.akamaitechnologies.com (AkamaiGHost/11.4.2.2-54697487) (-) etag "MSwxLjgyLjAsVmVyc2lvbiAxMy41LjIgKEJ1aWxkIDIyRzkxKSwxNzA4MzU5NDE4NjkyLDI0QjIwLGQ3NzI4YWJkLG5vRWZmZWN0" apple-originating-system UnknownOriginatingSystem content-type image/jpeg access-control-allow-origin * access-control-expose-headers Content-Length,Content-Type,ETag,Cache-Control,Expires,Last-Modified x-apple-request-uuid b026d6a5-0929-6f31-504f-bc323da16d3e x-b3-spanid a91c01ca4e6dab08 cache-control no-transform, max-age=15580871 timing-allow-origin *
GET H/1.1	200 OK	welcome_logo.jpg www.premierclubrewards.org/images/	7 KB 8 KB	182ms 25ms	Image image/jpeg	139.162.215.96 AKAMAI-LINODE-AP ...
General Check archive.org Show headers Download Go to Show image Full URL https://www.premierclubrewards.org/images/welcome_logo.jpg Requested by Host: cash-back.leqshop.ru URL: https://cash-back.leqshop.ru/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 139.162.215.96 London, United Kingdom, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG), Reverse DNS 139-162-215-96.ip.linodeusercontent.com Software nginx / Resource Hash 4a6fa3cb6f793b2cc44a2b07da542b349e866ca3f78742b0f1f3b4bf2678327c Security Headers Name Value X-Frame-Options sameorigin Request headers accept-language nl-NL,nl;q=0.9 Referer https://cash-back.leqshop.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers Date Tue, 05 Mar 2024 09:21:04 GMT Last-Modified Thu, 22 Mar 2018 13:37:42 GMT Server nginx Vary Accept-Encoding,User-Agent X-Frame-Options sameorigin Content-Type image/jpeg Front-End-Https on Cache-Control max-age=2592000, public Connection keep-alive Accept-Ranges bytes Content-Length 7332 Expires Wed, 05 Mar 2025 09:21:04 GMT
GET H2	200	256x256bb.jpg is5-ssl.mzstatic.com/image/thumb/Purple116/v4/47/62/cf/4762cf36-74d7-ef23-2c30-6decc5fb7727/AppIcon-0-0-1x_U007emarketing-0-0-0-7-0-0-sRGB-0-0-0-GLES2_U002c0-512MB-85-220-0-0.png/	8 KB 9 KB	38ms 38ms	Image image/jpeg	2a02:26f0:7100:39f::2a1 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://is5-ssl.mzstatic.com/image/thumb/Purple116/v4/47/62/cf/4762cf36-74d7-ef23-2c30-6decc5fb7727/AppIcon-0-0-1x_U007emarketing-0-0-0-7-0-0-sRGB-0-0-0-GLES2_U002c0-512MB-85-220-0-0.png/256x256bb.jpg Requested by Host: cash-back.leqshop.ru URL: https://cash-back.leqshop.ru/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:7100:39f::2a1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software 4.0.0 / Resource Hash a5460efe0f2d693f41ddc5e0331689c1ed08561349429ba84df4e9aaa2444d9d Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language nl-NL,nl;q=0.9 Referer https://cash-back.leqshop.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers x-apple-jingle-correlation-key P27BP7EQC5UT7RCX5W3ZM6NLRM strict-transport-security max-age=31536000; includeSubDomains date Tue, 05 Mar 2024 09:21:04 GMT x-b3-traceid 0386ff9a048801ea x-daiquiri-instance daiquiri:43624002:st44p00it-hyhk15014701:7987:24RELEASE37:daiquiri-amp-processing-shared-int-001-st, daiquiri:41338003:st47p00it-qujn13041901:7987:24RELEASE37:daiquiri-amp-all-l7shared-int-001-st cdnuuid f4ff1ff3-8552-4f34-bc08-cadd87f1e8f4-1824941120 x-cache TCP_MISS from a2-17-100-150.deploy.akamaitechnologies.com (AkamaiGHost/11.4.2.2-54697487) (-) x-b3-parentspanid de190d2344611e1b b3 7ebe17fc9017693fc457edb79679ab8b-8bd5b31e2fcfc810 content-length 8432 apple-tk false server 4.0.0 apple-seq 0.0 last-modified Fri, 23 Feb 2024 01:14:31 GMT x-cache-remote TCP_HIT from a2-16-240-33.deploy.akamaitechnologies.com (AkamaiGHost/11.4.2.2-54697487) (-) etag "MSwxLjgyLjAsVmVyc2lvbiAxMy41LjIgKEJ1aWxkIDIyRzkxKSwxNzA4NjUwODcxODAzLDI0QjI0LGVlZjVjYTY2LG5vRWZmZWN0" apple-originating-system UnknownOriginatingSystem content-type image/jpeg access-control-allow-origin * access-control-expose-headers Content-Length,Content-Type,ETag,Cache-Control,Expires,Last-Modified x-apple-request-uuid 7ebe17fc-9017-693f-c457-edb79679ab8b x-b3-spanid 8bd5b31e2fcfc810 cache-control no-transform, max-age=14360903 timing-allow-origin *
GET H2	200	air-france-icon-filled-256.png cdn-1.webcatalog.io/catalog/air-france/	5 KB 6 KB	76ms 29ms	Image image/png	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn-1.webcatalog.io/catalog/air-france/air-france-icon-filled-256.png Requested by Host: cash-back.leqshop.ru URL: https://cash-back.leqshop.ru/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash eecf5635a366ed161b0737a1ec746bd4c06c309f4861c146db5de1f50d6600c1 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload Request headers accept-language nl-NL,nl;q=0.9 Referer https://cash-back.leqshop.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers date Tue, 05 Mar 2024 09:21:04 GMT strict-transport-security max-age=15552000; includeSubDomains; preload cf-cache-status HIT last-modified Sun, 04 Feb 2024 10:07:47 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 785 etag "d5baa719230c4c32d18d2211cd6fcd04" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8H4fJhkkU6DegdzzQKOXG0%2B7Y1W%2FECKJlWPppk91QsF3pDGHf3vgIhoRmGAoqsO7JtAkCsgsXBoCYjN6bjWuZ577oqWDedi5FPFqIG%2BHSxna5OxrLW6cTGjFi4zRs%2F26YosxNBoBO1aVHxWZUuz7ax1t"}],"group":"cf-nel","max_age":604800} content-type image/png accept-ranges bytes cf-ray 85f908a238820ae1-AMS alt-svc h3=":443"; ma=86400 content-length 5442
GET H2	200	UX.png cdn.airpaz.com/cdn-cgi/image/w=512,h=512,f=webp,fit=scale-down/rel-0275/airlines/201x201/	2 KB 3 KB	99ms 47ms	Image image/webp	2606:4700::6812:f16 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.airpaz.com/cdn-cgi/image/w=512,h=512,f=webp,fit=scale-down/rel-0275/airlines/201x201/UX.png Requested by Host: cash-back.leqshop.ru URL: https://cash-back.leqshop.ru/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:f16 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 514d4607c53ed96ba82d93cc8cb7088e1fc21cd496f40fd1bfe1faf210e8051d Security Headers Name Value Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none' Strict-Transport-Security max-age=15724800; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language nl-NL,nl;q=0.9 Referer https://cash-back.leqshop.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers date Tue, 05 Mar 2024 09:21:04 GMT strict-transport-security max-age=15724800; includeSubDomains x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} content-security-policy default-src 'none'; navigate-to 'none'; form-action 'none' alt-svc h3=":443"; ma=86400 content-length 2274 cf-resized internal=ok/h q=0 n=18+0 c=0+3 v=2024.2.2 l=2274 last-modified Mon, 23 Nov 2020 08:57:40 GMT cf-bgj imgq:100,h2pri server cloudflare etag "cfga2onX3xMEBjF92EwHTlXcZVI4fViEuLzGbq8Q1JDQ:efadf681d4a5a6205cc55fa22ae57e83" vary Accept, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pLrODWEgOpfT7cgyWBMT%2BSDmQBpjnt7fIsIlwPQilx1%2F14u0JEaaRg6dNe0EJdd%2F2aDJ%2FRGFQ13DtOz5%2B9aAW0HmeHm2EBaskFZA%2B4Mxn%2BjQjJ%2BfiJTs2Z4f2lhKdf%2BldvFu6Ko1jKPImAjv"}],"group":"cf-nel","max_age":604800} content-type image/webp access-control-allow-origin * cache-control public, max-age=2678400 accept-ranges bytes cf-ray 85f908a27a326687-AMS
GET H2	200	americanairlines_logo_square_new-500x321.png www.capitalpride.org/wp-content/uploads/	11 KB 11 KB	104ms 41ms	Image image/webp	141.193.213.21 CLOUDFLARESPECTRU...
General Check archive.org Show headers Download Go to Show image Full URL https://www.capitalpride.org/wp-content/uploads/americanairlines_logo_square_new-500x321.png Requested by Host: cash-back.leqshop.ru URL: https://cash-back.leqshop.ru/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash bd21195a9da854ccf3e49f01f230ab282d3df7bfeccc71df7e0f691ae0632e7a Request headers accept-language nl-NL,nl;q=0.9 Referer https://cash-back.leqshop.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers date Tue, 05 Mar 2024 09:21:04 GMT cf-cache-status HIT age 2072231 cf-polished origFmt=png, origSize=16310 content-disposition inline; filename="americanairlines_logo_square_new-500x321.webp" alt-svc h3=":443"; ma=86400 content-length 10764 cf-bgj imgq:100,h2pri last-modified Thu, 18 Apr 2019 18:40:24 GMT server cloudflare etag "5cb8c498-3fb6" vary Accept content-type image/webp access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes cf-ray 85f908a2aa336712-AMS
GET H2	200	43245.png logodix.com/logo/	15 KB 16 KB	421ms 364ms	Image image/png	2606:4700:20::681a:ef6 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://logodix.com/logo/43245.png Requested by Host: cash-back.leqshop.ru URL: https://cash-back.leqshop.ru/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:ef6 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 04562dfd86b37c83a900995cab3930e74c2592f5b94566a40700a3722df2d333 Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers accept-language nl-NL,nl;q=0.9 Referer https://cash-back.leqshop.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers date Tue, 05 Mar 2024 09:21:04 GMT cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 content-length 15452 last-modified Fri, 14 Jul 2023 14:15:08 GMT server cloudflare etag "64b1586c-3c5c" x-frame-options SAMEORIGIN report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j7tJQ4xuUSb1ztUQoM44RSz8pxqBGCxwR1N5O06ZKg%2BQopkJYTmJW%2Fm1t6%2FM61CiSNOd5KGmusfbdl7gRXAkvQjMKLoIFGQt4uIPItU00sv5BQVgyWuJZMVyeIcBSRNhPYKvS%2BhVa%2ByJ"}],"group":"cf-nel","max_age":604800} content-type image/png vary Accept-Encoding cache-control max-age=2592000, 30d accept-ranges bytes cf-ray 85f908a2cd036673-AMS expires Thu, 04 Apr 2024 09:21:04 GMT
GET H2	200	logo-for-blog.jpg blog.alaskaair.com/wp-content/uploads/2016/01/	9 KB 9 KB	82ms 17ms	Image image/webp	2a04:fa87:fffd::c000:4212 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://blog.alaskaair.com/wp-content/uploads/2016/01/logo-for-blog.jpg Requested by Host: cash-back.leqshop.ru URL: https://cash-back.leqshop.ru/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:fa87:fffd::c000:4212 , Ireland, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash 5c906a36e6d8b004558d61cfa03cdcc4280a02d8b496d89446c2e2c28700085d Request headers accept-language nl-NL,nl;q=0.9 Referer https://cash-back.leqshop.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers date Tue, 05 Mar 2024 09:21:04 GMT x-rq ams5 109 198 443 last-modified Sat, 10 Feb 2024 20:12:16 GMT server nginx etag "8b9ebd17ad8ee8ca" vary Accept x-cache HIT content-type image/webp cache-control max-age=31536000 accept-ranges bytes content-length 9242
GET H2	200	kisspng-british-airways-flight-o-r-tambo-international-a-5b03886c3c0aa6.2732257215269581882459.jpg banner2.cleanpng.com/20180521/yfg/	81 KB 82 KB	70ms 23ms	Image image/jpeg	2606:4700:3038::6815:ebd0 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://banner2.cleanpng.com/20180521/yfg/kisspng-british-airways-flight-o-r-tambo-international-a-5b03886c3c0aa6.2732257215269581882459.jpg Requested by Host: cash-back.leqshop.ru URL: https://cash-back.leqshop.ru/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3038::6815:ebd0 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 745542d56d2d35599ffd122931c6a9ad9e0ee1bf38895fc994fa2c8009548598 Request headers accept-language nl-NL,nl;q=0.9 Referer https://cash-back.leqshop.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers date Tue, 05 Mar 2024 09:21:04 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 395420 alt-svc h3=":443"; ma=86400 content-length 83188 last-modified Tue, 22 May 2018 03:03:08 GMT server cloudflare etag "5b03886c-144f4" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n63xK1U5R2TwSCQB%2BmtcuYYxh2X8MuDQfBqAgwRFDEhiC8gNwqdNOxIKYa9Tvi3wkHZtlXQr5G6P7T5QQYafc%2F0Sm%2FZFhQSo0KrePflnUi1ftOh3n9be1Uo7Dc6HlkCYMdgYzHvfwg%2FfIHpXRxR8fv%2F25A%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=864000 accept-ranges bytes cf-ray 85f908a2fbc36610-AMS expires Sun, 10 Mar 2024 19:30:28 GMT
GET H2	200	256x256bb.jpg is3-ssl.mzstatic.com/image/thumb/Purple111/v4/5a/e0/30/5ae03086-bc65-eb91-80ea-965d007ed6b8/source/	11 KB 12 KB	210ms 210ms	Image image/jpeg	2a02:26f0:7100:39f::2a1 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://is3-ssl.mzstatic.com/image/thumb/Purple111/v4/5a/e0/30/5ae03086-bc65-eb91-80ea-965d007ed6b8/source/256x256bb.jpg Requested by Host: cash-back.leqshop.ru URL: https://cash-back.leqshop.ru/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:7100:39f::2a1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software 4.0.0 / Resource Hash 8b776db9d3e1047ac827491b5ec0121583d5e8281181885e5802652154f88630 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language nl-NL,nl;q=0.9 Referer https://cash-back.leqshop.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers x-apple-jingle-correlation-key XUYUZEAOQ7Q7XW4463TUPFXMFE strict-transport-security max-age=31536000; includeSubDomains date Tue, 05 Mar 2024 09:21:04 GMT x-b3-traceid 81640f49c999bd2f x-daiquiri-instance daiquiri:43624002:st44p00it-hyhk15014701:7987:24RELEASE17:daiquiri-amp-processing-shared-int-001-st, daiquiri:41338003:st47p00it-qujn13041901:7987:24RELEASE17:daiquiri-amp-all-l7shared-int-001-st cdnuuid 1da53727-82ae-4ace-9d30-a91c25ed366d-2943932884 x-cache TCP_MISS from a2-17-100-150.deploy.akamaitechnologies.com (AkamaiGHost/11.4.2.2-54697487) (-) x-b3-parentspanid f750e1d00bd4b405 b3 bd314c900e87e1fbdb9cf6e74796ec29-331e23d15b659997 content-length 11256 apple-tk false server 4.0.0 apple-seq 0.0 last-modified Wed, 07 Feb 2024 18:03:45 GMT x-cache-remote TCP_MISS from a23-206-213-209.deploy.akamaitechnologies.com (AkamaiGHost/11.4.2.2-54697487) (-) etag "MSwxLjgxLjEsVmVyc2lvbiAxMy41LjIgKEJ1aWxkIDIyRzkxKSwxNzA3MzI5MDI1MjQzLDI0QjE0LGRiMWI4ZWMyLG5vRWZmZWN0" apple-originating-system UnknownOriginatingSystem content-type image/jpeg access-control-allow-origin * access-control-expose-headers Content-Length,Content-Type,ETag,Cache-Control,Expires,Last-Modified x-apple-request-uuid bd314c90-0e87-e1fb-db9c-f6e74796ec29 x-b3-spanid 331e23d15b659997 cache-control no-transform, max-age=14816779 timing-allow-origin *
GET H2	200	south_african_airways.ai-converted.png d1yjjnpx0p53s8.cloudfront.net/styles/logo-thumbnail/s3/052012/	13 KB 14 KB	98ms 27ms	Image image/png	2600:9000:2240:5a00:12:832a:da00:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d1yjjnpx0p53s8.cloudfront.net/styles/logo-thumbnail/s3/052012/south_african_airways.ai-converted.png Requested by Host: cash-back.leqshop.ru URL: https://cash-back.leqshop.ru/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2240:5a00:12:832a:da00:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 650b8b749bb69a447198b4c11865f5bbf4b9ac0dc511d32dc69229c2b2e25063 Request headers accept-language nl-NL,nl;q=0.9 Referer https://cash-back.leqshop.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers date Tue, 05 Mar 2024 07:03:42 GMT x-amz-version-id null via 1.1 8c08c39035033b8c904aa0e3f734d6c6.cloudfront.net (CloudFront) last-modified Wed, 30 Aug 2017 21:29:52 GMT server AmazonS3 x-amz-cf-pop FRA60-P1 age 8243 etag "0dfb40338ff16251ad67286d3625ee64" x-cache Hit from cloudfront content-type image/png accept-ranges bytes content-length 13730 x-amz-cf-id g73mvEQ4cbTHH4f0pa9Ohq5nTsrxRCzZtKqDbbW9UnPj5Uln9JsAfw==
GET H2	200	256x256bb.jpg is1-ssl.mzstatic.com/image/thumb/Purple116/v4/8a/76/43/8a7643e5-755c-6cdf-205f-eb158483aea7/AppIcon-1x_U007emarketing-0-6-0-85-220.jpeg/	12 KB 13 KB	29ms 28ms	Image image/jpeg	2a02:26f0:7100:39f::2a1 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://is1-ssl.mzstatic.com/image/thumb/Purple116/v4/8a/76/43/8a7643e5-755c-6cdf-205f-eb158483aea7/AppIcon-1x_U007emarketing-0-6-0-85-220.jpeg/256x256bb.jpg Requested by Host: cash-back.leqshop.ru URL: https://cash-back.leqshop.ru/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:7100:39f::2a1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software 4.0.0 / Resource Hash 0002707132f2c63467565819cd0accca6ac8c8477f9fe162ed8b7e6fe88b486c Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language nl-NL,nl;q=0.9 Referer https://cash-back.leqshop.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers x-apple-jingle-correlation-key XBYN3X2WG473RDKWABYQMPQYSA strict-transport-security max-age=31536000; includeSubDomains date Tue, 05 Mar 2024 09:21:04 GMT x-b3-traceid c18243ae01a14063 x-daiquiri-instance daiquiri:33624002:pv50p00it-hyhk12033901:7987:24RELEASE37:daiquiri-amp-processing-shared-int-001-pv, daiquiri:31338002:pv52p00it-qujn10213502:7987:24RELEASE37:daiquiri-amp-all-l7shared-int-001-pv cdnuuid 4f721bcc-dcdf-46ef-8d96-d13cbe65c229-1646664778 x-cache TCP_MISS from a2-17-100-150.deploy.akamaitechnologies.com (AkamaiGHost/11.4.2.2-54697487) (-) x-b3-parentspanid 4638d2e8a4eb4dc5 b3 b870dddf56373fb88d560071063e1890-7364ca6ec2020653 content-length 12279 apple-tk false server 4.0.0 apple-seq 0.0 last-modified Wed, 21 Feb 2024 21:00:52 GMT x-cache-remote TCP_MISS from a2-16-240-4.deploy.akamaitechnologies.com (AkamaiGHost/11.4.2.2-54697487) (-) etag "MSwxLjgyLjAsVmVyc2lvbiAxMy41LjIgKEJ1aWxkIDIyRzkxKSwxNzA4NTQ5MjUyNDIyLDI0QjIzLDZmZTdmYmFlLG5vRWZmZWN0" apple-originating-system UnknownOriginatingSystem content-type image/jpeg access-control-allow-origin * access-control-expose-headers Content-Length,Content-Type,ETag,Cache-Control,Expires,Last-Modified x-apple-request-uuid b870dddf-5637-3fb8-8d56-0071063e1890 x-b3-spanid 7364ca6ec2020653 cache-control no-transform, max-age=14017368 timing-allow-origin *
GET H2	200	saskjobs-logo--mobile.jpg www.saskatchewan.ca/-/media/images/ict/	14 KB 16 KB	722ms 227ms	Image image/jpeg	64.202.124.102 RADWARE-CLOUD-SER...
General Check archive.org Show headers Download Go to Show image Full URL https://www.saskatchewan.ca/-/media/images/ict/saskjobs-logo--mobile.jpg Requested by Host: cash-back.leqshop.ru URL: https://cash-back.leqshop.ru/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 64.202.124.102 , United States, ASN25773 (RADWARE-CLOUD-SERVICES, US), Reverse DNS unknown.hostforweb.net Software ReplaceHeaderValue / Resource Hash 30e69cf5c513bc12001722adbb61579d9f9663fcf23c2ff47b350c4074f92294 Security Headers Name Value Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval'; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' https://static.cloud.coveo.com https://translate.google.com https://translate.googleapis.com https://www.google-analytics.com https://fonts.googleapis.com https://www.gstatic.com translate-pa.googleapis.com https://e.prezicdn.net https://maps.googleapis.com https://www.google.com https://www.googletagmanager.com https://cdnjs.cloudflare.com public.tableau.com https://platform.twitter.com https://maxcdn.bootstrapcdn.com https://*.ecdev.org https://apis.google.com; style-src 'self' 'unsafe-inline' https://static.cloud.coveo.com https://translate.google.com https://translate.googleapis.com https://www.google-analytics.com https://fonts.googleapis.com https://www.gstatic.com https://e.prezicdn.net https://maps.googleapis.com https://*.ecdev.org; img-src 'self' data: https://static.cloud.coveo.com https://translate.google.com https://translate.googleapis.com https://www.google-analytics.com https://fonts.googleapis.com https://www.gstatic.com https://e.prezicdn.net https://maps.googleapis.com https://*.gstatic.com https://*.twitter.com https://i.ytimg.com; font-src 'self' https://static.cloud.coveo.com https://translate.google.com https://translate.googleapis.com https://www.google-analytics.com https://fonts.googleapis.com https://www.gstatic.com https://fonts.gstatic.com https://e.prezicdn.net https://maps.googleapis.com https://*.ecdev.org; connect-src 'self' https://static.cloud.coveo.com https://translate.google.com https://translate.googleapis.com https://www.google-analytics.com https://fonts.googleapis.com https://www.gstatic.com translate-pa.googleapis.com https://e.prezicdn.net https://maps.googleapis.com https://publications.saskatchewan.ca; frame-src 'self' https://revsharesaskatchewan.ca https://public.tableau.com https://www.youtube.com https://immigration.saskatchewan.ca https://e.prezicdn.net https://prezi-nocookies.com https://maps.googleapis.com https://www.google.com https://fmt-public.selkirksystems.com https://www.facebook.com https://*.twitter.com https://*.ecdev.org https://*.googleapis.com; upgrade-insecure-requests; block-all-mixed-content Strict-Transport-Security max-age=63072000; includeSubdomains; preload X-Content-Type-Options nosniff X-Frame-Options sameorigin Request headers accept-language nl-NL,nl;q=0.9 Referer https://cash-back.leqshop.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers strict-transport-security max-age=63072000; includeSubdomains; preload content-security-policy default-src 'self' 'unsafe-inline' 'unsafe-eval'; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' https://static.cloud.coveo.com https://translate.google.com https://translate.googleapis.com https://www.google-analytics.com https://fonts.googleapis.com https://www.gstatic.com translate-pa.googleapis.com https://e.prezicdn.net https://maps.googleapis.com https://www.google.com https://www.googletagmanager.com https://cdnjs.cloudflare.com public.tableau.com https://platform.twitter.com https://maxcdn.bootstrapcdn.com https://*.ecdev.org https://apis.google.com; style-src 'self' 'unsafe-inline' https://static.cloud.coveo.com https://translate.google.com https://translate.googleapis.com https://www.google-analytics.com https://fonts.googleapis.com https://www.gstatic.com https://e.prezicdn.net https://maps.googleapis.com https://*.ecdev.org; img-src 'self' data: https://static.cloud.coveo.com https://translate.google.com https://translate.googleapis.com https://www.google-analytics.com https://fonts.googleapis.com https://www.gstatic.com https://e.prezicdn.net https://maps.googleapis.com https://*.gstatic.com https://*.twitter.com https://i.ytimg.com; font-src 'self' https://static.cloud.coveo.com https://translate.google.com https://translate.googleapis.com https://www.google-analytics.com https://fonts.googleapis.com https://www.gstatic.com https://fonts.gstatic.com https://e.prezicdn.net https://maps.googleapis.com https://*.ecdev.org; connect-src 'self' https://static.cloud.coveo.com https://translate.google.com https://translate.googleapis.com https://www.google-analytics.com https://fonts.googleapis.com https://www.gstatic.com translate-pa.googleapis.com https://e.prezicdn.net https://maps.googleapis.com https://publications.saskatchewan.ca; frame-src 'self' https://revsharesaskatchewan.ca https://public.tableau.com https://www.youtube.com https://immigration.saskatchewan.ca https://e.prezicdn.net https://prezi-nocookies.com https://maps.googleapis.com https://www.google.com https://fmt-public.selkirksystems.com https://www.facebook.com https://*.twitter.com https://*.ecdev.org https://*.googleapis.com; upgrade-insecure-requests; block-all-mixed-content x-content-type-options nosniff date Tue, 05 Mar 2024 09:21:04 GMT last-modified Wed, 24 May 2023 16:11:41 GMT server ReplaceHeaderValue x-frame-options sameorigin content-type image/jpeg cache-control private, max-age=604800 content-disposition inline; filename="SaskJobs-Logo--mobile.jpg" accept-ranges bytes content-length 14229
GET H2	200	256x256bb.jpg is4-ssl.mzstatic.com/image/thumb/Purple113/v4/1e/2a/14/1e2a141c-0d64-acb4-9335-83c81af88df7/source/	8 KB 9 KB	55ms 55ms	Image image/jpeg	2a02:26f0:7100:3a9::2a1 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://is4-ssl.mzstatic.com/image/thumb/Purple113/v4/1e/2a/14/1e2a141c-0d64-acb4-9335-83c81af88df7/source/256x256bb.jpg Requested by Host: cash-back.leqshop.ru URL: https://cash-back.leqshop.ru/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:7100:3a9::2a1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software 4.0.0 / Resource Hash ee7bf15d756b52cc80568f82ae9710e48138c24f58aa25ec5cf75d4d4f878642 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language nl-NL,nl;q=0.9 Referer https://cash-back.leqshop.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers x-apple-jingle-correlation-key RQ5EE3Y34QKILOVVDCIPXPQ2ZY strict-transport-security max-age=31536000; includeSubDomains date Tue, 05 Mar 2024 09:21:04 GMT x-b3-traceid 46995aa3edce9347 x-daiquiri-instance daiquiri:43624002:st44p00it-hyhk15014701:7987:24RELEASE17:daiquiri-amp-processing-shared-int-001-st, daiquiri:41338001:st47p00it-qujn13151502:7987:24RELEASE17:daiquiri-amp-all-l7shared-int-001-st cdnuuid f4ff1ff3-8552-4f34-bc08-cadd87f1e8f4-1824941116 x-cache TCP_MISS from a2-17-100-150.deploy.akamaitechnologies.com (AkamaiGHost/11.4.2.2-54697487) (-) x-b3-parentspanid 7dd9a7f21e4b1807 b3 8c3a426f1be41485bab51890fbbe1ace-b3cb7b381f652383 content-length 8458 apple-tk false server 4.0.0 apple-seq 0.0 last-modified Thu, 25 Jan 2024 19:01:46 GMT x-cache-remote TCP_MISS from a23-62-213-50.deploy.akamaitechnologies.com (AkamaiGHost/11.4.2.2-54697487) (-) etag "MSwxLjczLjAtMjNPLFZlcnNpb24gMTMuNS4yIChCdWlsZCAyMkc5MSksMTcwNjIwOTMwNjY1MSxpc0J1aWxkVmVyc2lvbk5vdFNldCxiYjAzNzhkNyxub0VmZmVjdA==" apple-originating-system UnknownOriginatingSystem content-type image/jpeg access-control-allow-origin * access-control-expose-headers Content-Length,Content-Type,ETag,Cache-Control,Expires,Last-Modified x-apple-request-uuid 8c3a426f-1be4-1485-bab5-1890fbbe1ace x-b3-spanid b3cb7b381f652383 cache-control no-transform, max-age=16895615 timing-allow-origin *
GET H2	200	256x256bb.jpg is2-ssl.mzstatic.com/image/thumb/Purple122/v4/1b/29/51/1b295120-21c5-0ed0-04c3-e15e535865c2/AppIcon-0-0-1x_U007emarketing-0-0-0-5-0-0-sRGB-0-0-0-GLES2_U002c0-512MB-85-220-0-0.png/	10 KB 11 KB	56ms 55ms	Image image/jpeg	2a02:26f0:7100:39f::2a1 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://is2-ssl.mzstatic.com/image/thumb/Purple122/v4/1b/29/51/1b295120-21c5-0ed0-04c3-e15e535865c2/AppIcon-0-0-1x_U007emarketing-0-0-0-5-0-0-sRGB-0-0-0-GLES2_U002c0-512MB-85-220-0-0.png/256x256bb.jpg Requested by Host: cash-back.leqshop.ru URL: https://cash-back.leqshop.ru/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:7100:39f::2a1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software 4.0.0 / Resource Hash fa7dcfb38d7e1e050b7e0c92a12d7045115f51e909da998318b0cca1a9706d6f Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language nl-NL,nl;q=0.9 Referer https://cash-back.leqshop.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers x-apple-jingle-correlation-key MYG3OLWW75DHHCE4FHAH3KIQFQ strict-transport-security max-age=31536000; includeSubDomains date Tue, 05 Mar 2024 09:21:04 GMT x-b3-traceid 2bc105f083208a31 x-daiquiri-instance daiquiri:33624002:pv50p00it-hyhk12033901:7987:24RELEASE17:daiquiri-amp-processing-shared-int-001-pv, daiquiri:31338003:pv52p00it-qujn10223301:7987:24RELEASE17:daiquiri-amp-all-l7shared-int-001-pv cdnuuid c358d4dc-33b9-4ae3-aafe-01c24e1e7732-1448192124 x-cache TCP_MISS from a2-17-100-150.deploy.akamaitechnologies.com (AkamaiGHost/11.4.2.2-54697487) (-) x-b3-parentspanid c94baacf14906232 b3 660db72ed6ff4673889c29c07da9102c-f61f0ffb66d482c1 content-length 9996 apple-tk false server 4.0.0 apple-seq 0.0 last-modified Wed, 31 Jan 2024 06:34:17 GMT x-cache-remote TCP_MISS from a23-62-213-25.deploy.akamaitechnologies.com (AkamaiGHost/11.4.2.2-54697487) (-) etag "MSwxLjc0LjAtMjNQLFZlcnNpb24gMTMuNS4yIChCdWlsZCAyMkc5MSksMTcwNjY4Mjg1NzU0NiwyNEE1Nyw5M2NlNDliYyxub0VmZmVjdA==" apple-originating-system UnknownOriginatingSystem content-type image/jpeg access-control-allow-origin * access-control-expose-headers Content-Length,Content-Type,ETag,Cache-Control,Expires,Last-Modified x-apple-request-uuid 660db72e-d6ff-4673-889c-29c07da9102c x-b3-spanid f61f0ffb66d482c1 cache-control no-transform, max-age=14349652 timing-allow-origin *
GET H2	200	kQ3sFwLV_400x400.jpg pbs.twimg.com/profile_images/659027662317428736/	7 KB 7 KB	18ms 18ms	Image image/jpeg	2606:2800:134:1a0d:1429:742:782:b6 EDGECAST
General Check archive.org Show headers Download Go to Show image Full URL https://pbs.twimg.com/profile_images/659027662317428736/kQ3sFwLV_400x400.jpg Requested by Host: cash-back.leqshop.ru URL: https://cash-back.leqshop.ru/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECS (amb/6B9B) / Resource Hash 59ce28467687abcb4419050419c134a4a85de74573662ef64b5fce71e25ba57e Security Headers Name Value Strict-Transport-Security max-age=631138519 X-Content-Type-Options nosniff Request headers accept-language nl-NL,nl;q=0.9 Referer https://cash-back.leqshop.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers date Tue, 05 Mar 2024 09:21:04 GMT strict-transport-security max-age=631138519 x-content-type-options nosniff age 527750 x-cache HIT server-timing x-cache;desc= HIT,x-tw-cdn;desc=VZ content-length 7312 x-response-time 111 surrogate-key profile_images profile_images/bucket/6 profile_images/659027662317428736 last-modified Tue, 27 Oct 2015 15:21:33 GMT server ECS (amb/6B9B) x-tw-cdn VZ content-type image/jpeg access-control-allow-origin * x-transaction-id 62483438f2191f56 access-control-expose-headers Content-Length cache-control max-age=604800, must-revalidate perf 7469935968 x-connection-hash 6b74b686ba264a5dfdf87bca0ba032410d46d91c8eca7fc68bdab26f3d4db970 accept-ranges bytes timing-allow-origin https://twitter.com, https://mobile.twitter.com
GET H2	200	Telegram_Messenger.png upload.wikimedia.org/wikipedia/commons/5/5c/	47 KB 48 KB	17ms 17ms	Image image/png	2a02:ec80:300:ed1a::2:b WIKIMEDIA
General Check archive.org Show headers Download Go to Show image Full URL https://upload.wikimedia.org/wikipedia/commons/5/5c/Telegram_Messenger.png Requested by Host: cash-back.leqshop.ru URL: https://cash-back.leqshop.ru/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:ec80:300:ed1a::2:b , United States, ASN14907 (WIKIMEDIA, US), Reverse DNS Software ATS/9.1.4 / Resource Hash 5658eac3ae05e6d24ce1b0a830ffdd2b708c2938ac8bd8c0c622a1a18ea27a8d Security Headers Name Value Strict-Transport-Security max-age=106384710; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language nl-NL,nl;q=0.9 Referer https://cash-back.leqshop.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers date Tue, 05 Mar 2024 01:47:20 GMT strict-transport-security max-age=106384710; includeSubDomains; preload x-content-type-options nosniff nel { "report_to": "wm_nel", "max_age": 604800, "failure_fraction": 0.05, "success_fraction": 0.0} age 27224 x-cache-status hit-front x-cache cp3077 hit, cp3077 hit/115 server-timing cache;desc="hit-front", host;desc="cp3077" content-length 47798 x-client-ip 2a00:1630:2:602::3 x-object-meta-sha1base36 26aiuykbk6637pn64dm0jl3f0wu9yfb last-modified Wed, 20 Aug 2014 17:58:19 GMT server ATS/9.1.4 etag 84b4eb257e0a43a74a14e51d17d8794e report-to { "group": "wm_nel", "max_age": 604800, "endpoints": [{ "url": "https://intake-logging.wikimedia.org/v1/events?stream=w3c.reportingapi.network_error&schema_uri=/w3c/reportingapi/network_error/1.0.0" }] } content-type image/png access-control-allow-origin * access-control-expose-headers Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache accept-ranges bytes timing-allow-origin *
GET H2	200	Icq_new_1024.png upload.wikimedia.org/wikipedia/commons/3/3d/	191 KB 192 KB	20ms 20ms	Image image/png	2a02:ec80:300:ed1a::2:b WIKIMEDIA
General Check archive.org Show headers Download Go to Show image Full URL https://upload.wikimedia.org/wikipedia/commons/3/3d/Icq_new_1024.png Requested by Host: cash-back.leqshop.ru URL: https://cash-back.leqshop.ru/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:ec80:300:ed1a::2:b , United States, ASN14907 (WIKIMEDIA, US), Reverse DNS Software envoy / Resource Hash 225cf2ca10f168a0db79541e0352bc4fab131417830e3c0ff9fba60af6eebc8f Security Headers Name Value Strict-Transport-Security max-age=106384710; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language nl-NL,nl;q=0.9 Referer https://cash-back.leqshop.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers date Mon, 04 Mar 2024 13:59:20 GMT strict-transport-security max-age=106384710; includeSubDomains; preload x-content-type-options nosniff nel { "report_to": "wm_nel", "max_age": 604800, "failure_fraction": 0.05, "success_fraction": 0.0} age 69703 x-cache-status hit-front x-cache cp3077 hit, cp3077 hit/1 server-timing cache;desc="hit-front", host;desc="cp3077" content-length 195313 x-client-ip 2a00:1630:2:602::3 x-object-meta-sha1base36 tufse9n4h5v8svs7arxean40q151pih last-modified Tue, 03 Nov 2015 17:46:01 GMT server envoy etag f38f78ac869e93a0946151c69b14428f report-to { "group": "wm_nel", "max_age": 604800, "endpoints": [{ "url": "https://intake-logging.wikimedia.org/v1/events?stream=w3c.reportingapi.network_error&schema_uri=/w3c/reportingapi/network_error/1.0.0" }] } content-type image/png access-control-allow-origin * access-control-expose-headers Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache accept-ranges bytes timing-allow-origin *
GET H/1.1	200 OK	hit counter.yadro.ru/ Redirect Chain https://counter.yadro.ru/hit?t40.10;r;s1600*1200*24;uhttps%3A//cash-back.leqshop.ru/;hCASH-BACK.BIZ.UA%20-%20%u041F%u0440%u043E%u0434%u0430%u0436%u0430%20%u0430%u043A%u043A%u0430%u0443%u043D%u0442%... https://counter.yadro.ru/hit?q;t40.10;r;s1600*1200*24;uhttps%3A//cash-back.leqshop.ru/;hCASH-BACK.BIZ.UA%20-%20%u041F%u0440%u043E%u0434%u0430%u0436%u0430%20%u0430%u043A%u043A%u0430%u0443%u043D%u044...	133 B 619 B	59ms 59ms	Image image/gif	88.212.202.52 UNITEDNET
General Check archive.org Show headers Download Go to Show image Full URL https://counter.yadro.ru/hit?q;t40.10;r;s1600*1200*24;uhttps%3A//cash-back.leqshop.ru/;hCASH-BACK.BIZ.UA%20-%20%u041F%u0440%u043E%u0434%u0430%u0436%u0430%20%u0430%u043A%u043A%u0430%u0443%u043D%u0442%u043E%u0432%20%u043C%u0438%u043B%u0435%u0439%2C%20%u0430%u0432%u0438%u0430%2C%20%u043E%u0442%u0435%u043B%u0435%u0439%20%u0441%20%u0431%u0430%u043B%u0430%u043D%u0441%u043E%u043C.;0.0861990724555326 Requested by Host: cash-back.leqshop.ru URL: https://cash-back.leqshop.ru/ Protocol HTTP/1.1 Server 88.212.202.52 , Russian Federation, ASN39134 (UNITEDNET, RU), Reverse DNS host152.rax.ru Software nginx/1.17.9 / Resource Hash 1dea112090376fd06beb4507358eb4fb0706fc503b96b40776cd2154e1cfa09c Security Headers Name Value Strict-Transport-Security max-age=86400 Request headers accept-language nl-NL,nl;q=0.9 Referer https://cash-back.leqshop.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers Pragma no-cache Date Tue, 05 Mar 2024 09:21:05 GMT Strict-Transport-Security max-age=86400 Server nginx/1.17.9 Content-Type image/gif P3P policyref="/w3c/p3p.xml", CP="UNI" Access-Control-Allow-Origin * Cache-control no-cache Connection keep-alive Content-Length 133 Expires Sun, 05 Mar 2023 21:00:00 GMT Redirect headers Pragma no-cache Date Tue, 05 Mar 2024 09:21:04 GMT Strict-Transport-Security max-age=86400 Server nginx/1.17.9 Content-Type text/html Location https://counter.yadro.ru/hit?q;t40.10;r;s1600*1200*24;uhttps%3A//cash-back.leqshop.ru/;hCASH-BACK.BIZ.UA%20-%20%u041F%u0440%u043E%u0434%u0430%u0436%u0430%20%u0430%u043A%u043A%u0430%u0443%u043D%u0442%u043E%u0432%20%u043C%u0438%u043B%u0435%u0439%2C%20%u0430%u0432%u0438%u0430%2C%20%u043E%u0442%u0435%u043B%u0435%u0439%20%u0441%20%u0431%u0430%u043B%u0430%u043D%u0441%u043E%u043C.;0.0861990724555326 P3P policyref="/w3c/p3p.xml", CP="UNI" Cache-control no-cache Connection keep-alive Content-Length 32 Expires Sun, 05 Mar 2023 21:00:00 GMT
GET H2	200	tag.js Show response mc.yandex.ru/metrika/	204 KB 71 KB	284ms 159ms	Script application/javascript	2a02:6b8::1:119 TELETECH
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.ru/metrika/tag.js Requested by Host: cash-back.leqshop.ru URL: https://cash-back.leqshop.ru/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::1:119 , Russian Federation, ASN208398 (TELETECH, RS), Reverse DNS Software / Resource Hash bfa43032d563ab661974f76827ef4d21ccadf44541439a72d0297f46d5d2ec58 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language nl-NL,nl;q=0.9 Referer https://cash-back.leqshop.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers date Tue, 05 Mar 2024 09:21:04 GMT content-encoding br strict-transport-security max-age=31536000 last-modified Fri, 01 Mar 2024 11:37:40 GMT accept-ch Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA etag "65e1be04-1192e" content-type application/javascript access-control-allow-origin * cache-control max-age=3600 timing-allow-origin * content-length 71982 expires Tue, 05 Mar 2024 10:21:04 GMT
GET H2	200	24806-polet-aviaciya-avialajner-boing_747-aviakompaniya-3149x2001.jpg img3.akspic.ru/crops/6/0/8/4/24806/	628 KB 629 KB	314ms 56ms	Image image/jpeg	176.9.93.71 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://img3.akspic.ru/crops/6/0/8/4/24806/24806-polet-aviaciya-avialajner-boing_747-aviakompaniya-3149x2001.jpg Requested by Host: cash-back.leqshop.ru URL: https://cash-back.leqshop.ru/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 176.9.93.71 Bayreuth, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.71.93.9.176.clients.your-server.de Software nginx / Resource Hash c09cd272ba8d1053361dd11bdb7107870b06323b71ec5beb1e1f4f94c2b082e7 Request headers accept-language nl-NL,nl;q=0.9 Referer https://cash-back.leqshop.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers special-location not-matched date Tue, 05 Mar 2024 09:21:03 GMT last-modified Thu, 21 Mar 2019 10:35:09 GMT server nginx etag "5c9368dd-9d1cf" content-type image/jpeg cache-control max-age=31536000, private content-disposition inline; filename="24806-polet-aviaciya-avialajner-boing_747-aviakompaniya-3149x2001.jpg" accept-ranges bytes content-length 643535 expires Wed, 05 Mar 2025 09:21:03 +0000
GET H2	200	sync_cookie_image_finish mc.yandex.ru/ Redirect Chain https://mc.yandex.com/sync_cookie_image_check https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10299.rTKGljbKQ7taFscFgLxb5zoj2EhmWjuCJFkBv2u3IGgbuf8zshVyAOJC8RIVbkEX.VFu2y6qm4Zrd5kwFzFfMUkiw334%2C https://mc.yandex.com/sync_cookie_image_decide?token=10299.71EQZgczdeQpjdopT_uSoSKAH8GZCDp-ZjvsX_0sd1hzGk7CkVYTcIxw76xKU2cXvz7TOU0aAW7A-e7kZ46G0lU19Ceg2QrgSwNzeqIcfDmcQ31NW50j-tSBRIIxwWr2rmh5_Zo3j8... https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10299.JOWuX9wbkxe8qSWeYPzqSdAKR_ZsSg6cq6UeW8xLF03qQ1tSIyAIPrSPUKOb_mc7FvMRLTxQJpe5JHIGFVdqlhOLvhsfDAdvKti8PoRpzycL7...	43 B 583 B	82ms 82ms	Image image/gif	2a02:6b8::1:119 TELETECH
General Check archive.org Show headers Download Go to Show image Full URL https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10299.JOWuX9wbkxe8qSWeYPzqSdAKR_ZsSg6cq6UeW8xLF03qQ1tSIyAIPrSPUKOb_mc7FvMRLTxQJpe5JHIGFVdqlhOLvhsfDAdvKti8PoRpzycL7G_gihh9msuFLDMPXqTVa3X8dXPA0QgnsXmblCc4T_02Mz4k2TUpR1HrgDOAjKAdq2WLnp6PF_X4-ZhPYJNO8KnhPpll-vCtBAZ9xUHBlg%2C%2C.lF3rFPzolEEZEFwO01fPV3JlLy8%2C Requested by Host: cash-back.leqshop.ru URL: https://cash-back.leqshop.ru/ Protocol H2 Server 2a02:6b8::1:119 , Russian Federation, ASN208398 (TELETECH, RS), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers accept-language nl-NL,nl;q=0.9 Referer https://cash-back.leqshop.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers date Tue, 05 Mar 2024 09:21:05 GMT strict-transport-security max-age=31536000 content-length 43 x-xss-protection 1; mode=block content-type image/gif Redirect headers location https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10299.JOWuX9wbkxe8qSWeYPzqSdAKR_ZsSg6cq6UeW8xLF03qQ1tSIyAIPrSPUKOb_mc7FvMRLTxQJpe5JHIGFVdqlhOLvhsfDAdvKti8PoRpzycL7G_gihh9msuFLDMPXqTVa3X8dXPA0QgnsXmblCc4T_02Mz4k2TUpR1HrgDOAjKAdq2WLnp6PF_X4-ZhPYJNO8KnhPpll-vCtBAZ9xUHBlg%2C%2C.lF3rFPzolEEZEFwO01fPV3JlLy8%2C date Tue, 05 Mar 2024 09:21:05 GMT strict-transport-security max-age=31536000 x-xss-protection 1; mode=block
GET H2	200	advert.gif mc.yandex.com/metrika/	43 B 477 B	69ms 69ms	Image image/gif	2a02:6b8::1:119 TELETECH
General Check archive.org Show headers Download Go to Show image Full URL https://mc.yandex.com/metrika/advert.gif Requested by Host: cash-back.leqshop.ru URL: https://cash-back.leqshop.ru/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::1:119 , Russian Federation, ASN208398 (TELETECH, RS), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language nl-NL,nl;q=0.9 Referer https://cash-back.leqshop.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers date Tue, 05 Mar 2024 09:21:04 GMT strict-transport-security max-age=31536000 last-modified Fri, 01 Mar 2024 11:37:40 GMT accept-ch Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA etag "65e1be04-2b" content-type image/gif access-control-allow-origin * cache-control max-age=3600 accept-ranges bytes timing-allow-origin * content-length 43 expires Tue, 05 Mar 2024 10:21:04 GMT
GET H2	200	1 Show response mc.yandex.com/watch/93483812/ Redirect Chain https://mc.yandex.com/watch/93483812?wmode=7&page-url=https%3A%2F%2Fcash-back.leqshop.ru%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Aqfujqr3nyxpmy96xs6n0cesb%3Afu%3A0%3Aen%3Autf-8%3A... https://mc.yandex.com/watch/93483812/1?wmode=7&page-url=https%3A%2F%2Fcash-back.leqshop.ru%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Aqfujqr3nyxpmy96xs6n0cesb%3Afu%3A0%3Aen%3Autf-8%...	447 B 614 B	3214ms 3214ms	Fetch application/json	2a02:6b8::1:119 TELETECH
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.com/watch/93483812/1?wmode=7&page-url=https%3A%2F%2Fcash-back.leqshop.ru%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Aqfujqr3nyxpmy96xs6n0cesb%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1261%3Acn%3A1%3Adp%3A0%3Als%3A43581231067%3Ahid%3A581530157%3Az%3A60%3Ai%3A20240305102104%3Aet%3A1709630465%3Ac%3A1%3Arn%3A440524147%3Arqn%3A1%3Au%3A1709630465255871425%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A860%3Awv%3A2%3Ads%3A0%2C70%2C124%2C146%2C%2C0%2C%2C390%2C2%2C%2C%2C%2C847%3Aco%3A0%3Acpf%3A1%3Ans%3A1709630462637%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1709630465%3At%3ACASH-BACK.BIZ.UA%20-%20%D0%9F%D1%80%D0%BE%D0%B4%D0%B0%D0%B6%D0%B0%20%D0%B0%D0%BA%D0%BA%D0%B0%D1%83%D0%BD%D1%82%D0%BE%D0%B2%20%D0%BC%D0%B8%D0%BB%D0%B5%D0%B9%2C%20%D0%B0%D0%B2%D0%B8%D0%B0%2C%20%D0%BE%D1%82%D0%B5%D0%BB%D0%B5%D0%B9%20%D1%81%20%D0%B1%D0%B0%D0%BB%D0%B0%D0%BD%D1%81%D0%BE%D0%BC.&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29ti%281%29 Requested by Host: cash-back.leqshop.ru URL: https://cash-back.leqshop.ru/ Protocol H2 Server 2a02:6b8::1:119 , Russian Federation, ASN208398 (TELETECH, RS), Reverse DNS Software / Resource Hash 9536702a4ad679c03d85db03dd7099a5229830f15345069aaa43d1e5bf92ced8 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language nl-NL,nl;q=0.9 Referer https://cash-back.leqshop.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers pragma no-cache date Tue, 05 Mar 2024 09:21:08 GMT strict-transport-security max-age=31536000 x-content-type-options nosniff last-modified Tue, 05-Mar-2024 09:21:08 GMT accept-ch Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA content-type application/json; charset=utf-8 access-control-allow-origin https://cash-back.leqshop.ru cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true content-length 447 x-xss-protection 1; mode=block expires Tue, 05-Mar-2024 09:21:08 GMT Redirect headers pragma no-cache date Tue, 05 Mar 2024 09:21:05 GMT strict-transport-security max-age=31536000 last-modified Tue, 05-Mar-2024 09:21:05 GMT accept-ch Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA location /watch/93483812/1?wmode=7&page-url=https%3A%2F%2Fcash-back.leqshop.ru%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Aqfujqr3nyxpmy96xs6n0cesb%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1261%3Acn%3A1%3Adp%3A0%3Als%3A43581231067%3Ahid%3A581530157%3Az%3A60%3Ai%3A20240305102104%3Aet%3A1709630465%3Ac%3A1%3Arn%3A440524147%3Arqn%3A1%3Au%3A1709630465255871425%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A860%3Awv%3A2%3Ads%3A0%2C70%2C124%2C146%2C%2C0%2C%2C390%2C2%2C%2C%2C%2C847%3Aco%3A0%3Acpf%3A1%3Ans%3A1709630462637%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1709630465%3At%3ACASH-BACK.BIZ.UA%20-%20%D0%9F%D1%80%D0%BE%D0%B4%D0%B0%D0%B6%D0%B0%20%D0%B0%D0%BA%D0%BA%D0%B0%D1%83%D0%BD%D1%82%D0%BE%D0%B2%20%D0%BC%D0%B8%D0%BB%D0%B5%D0%B9%2C%20%D0%B0%D0%B2%D0%B8%D0%B0%2C%20%D0%BE%D1%82%D0%B5%D0%BB%D0%B5%D0%B9%20%D1%81%20%D0%B1%D0%B0%D0%BB%D0%B0%D0%BD%D1%81%D0%BE%D0%BC.&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29ti%281%29 access-control-allow-origin https://cash-back.leqshop.ru cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true x-xss-protection 1; mode=block expires Tue, 05-Mar-2024 09:21:05 GMT