search.squoter.com Open in urlscan Pro
176.119.28.52 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://arguinely.club/GJC?tag_id=738147&sub_id1=&sub_id2=636504116646406693&cookie_id=26db3138-fdee-46ff-99b9-443ac91c...
Effective URL:
https://search.squoter.com/v3/de/de/list/offer?source=prl&campaign=prl&subid=1ouvfk518jo8ml
Submission: On October 07 via manual (October 7th 2020, 12:33:11 am UTC) from RO

Summary HTTP 22 Redirects Behaviour Indicators

Summary

This website contacted 8 IPs in 4 countries across 10 domains to perform 22 HTTP transactions. The main IP is 176.119.28.52, located in Ukraine and belongs to YURTEH-AS, UA. The main domain is search.squoter.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on August 18th 2020. Valid for: 3 months.

This is the only time search.squoter.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	52.86.219.129 52.86.219.129	14618 (AMAZON-AES) (AMAZON-AES)
1 1	143.204.201.115 143.204.201.115	16509 (AMAZON-02) (AMAZON-02)
2 2	2606:4700:20:... 2606:4700:20::ac43:44f2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	2606:4700:20:... 2606:4700:20::681a:ac2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
14	176.119.28.52 176.119.28.52	30860 (YURTEH-AS) (YURTEH-AS)
1	2a00:1450:400... 2a00:1450:4001:825::200a	15169 (GOOGLE) (GOOGLE)
1	2001:4de0:ac1... 2001:4de0:ac19::1:b:1b	20446 (HIGHWINDS3) (HIGHWINDS3)
1	2a00:1450:400... 2a00:1450:4001:815::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:819::200e	15169 (GOOGLE) (GOOGLE)
22	8

2 52.86.219.129 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-86-219-129.compute-1.amazonaws.com

arguinely.club	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.201.115 (Seattle, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-143-204-201-115.fra53.r.cloudfront.net

bishedlesb.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::ac43:44f2 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

splendidprizeforyou.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:ac2 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

bestwinexperience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 176.119.28.52 (Ukraine)

ASN30860 (YURTEH-AS, UA)
PTR: dedicated.vsys.host

search.squoter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:825::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac19::1:b:1b (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:815::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:819::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	squoter.com search.squoter.com	2 MB
2	google-analytics.com www.google-analytics.com	19 KB
2	bestwinexperience.com 2 redirects bestwinexperience.com	2 KB
2	splendidprizeforyou.com 2 redirects splendidprizeforyou.com	1 KB
2	arguinely.club arguinely.club	55 KB
1	gstatic.com fonts.gstatic.com	15 KB
1	googletagmanager.com www.googletagmanager.com	30 KB
1	jquery.com code.jquery.com	30 KB
1	googleapis.com fonts.googleapis.com	420 B
1	bishedlesb.top 1 redirects bishedlesb.top	538 B
22	10

	Domain	Requested by
14	search.squoter.com	arguinely.club search.squoter.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	bestwinexperience.com	2 redirects
2	splendidprizeforyou.com	2 redirects
2	arguinely.club	arguinely.club
1	fonts.gstatic.com	fonts.googleapis.com
1	www.googletagmanager.com	search.squoter.com
1	code.jquery.com	search.squoter.com
1	fonts.googleapis.com	search.squoter.com
1	bishedlesb.top	1 redirects
22	10

This site contains no links.

Subject Issuer	Validity	Valid
arguinely.club Let's Encrypt Authority X3	`2020-09-22` - `2020-12-21`	3 months	crt.sh
search.squoter.com Let's Encrypt Authority X3	`2020-08-18` - `2020-11-16`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2020-09-03` - `2020-11-26`	3 months	crt.sh
jquery.org COMODO RSA Domain Validation Secure Server CA	`2018-10-17` - `2020-10-16`	2 years	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-09-03` - `2020-11-26`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-09-03` - `2020-11-26`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://search.squoter.com/v3/de/de/list/offer?source=prl&campaign=prl&subid=1ouvfk518jo8ml
Frame ID: C0265D537077149E0C2B9A110D75BE08
Requests: 26 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://arguinely.club/GJC?tag_id=738147&sub_id1=&sub_id2=636504116646406693&cookie_id=26db3138-fde... Page URL
https://bishedlesb.top/?tid=738147&noocp=1 HTTP 302
https://splendidprizeforyou.com/pl/tar/surbox-350/59/MjM3NTMyk9x/?transaction_id=7465312782907122645 HTTP 301
https://splendidprizeforyou.com/pl/tar/surbox-350/59/MjM3NTMyk9x?transaction_id=7465312782907122645 HTTP 302
https://bestwinexperience.com/de/not/banks-p?partner_param=7465312782907122645&source=arguinely.club HTTP 302
https://bestwinexperience.com/de/not/banks-basp?partner_param={transaction_id}&source=arguinely.club HTTP 302
https://search.squoter.com/v3/de/de/list/offer?source=prl&campaign=prl&subid=1ouvfk518jo8ml Page URL

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

html //i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]([\d.]*\d)[^/]*\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

22
Requests

100 %
HTTPS

70 %
IPv6

10
Domains

10
Subdomains

8
IPs

4
Countries

1784 kB
Transfer

2024 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://arguinely.club/GJC?tag_id=738147&sub_id1=&sub_id2=636504116646406693&cookie_id=26db3138-fdee-46ff-99b9-443ac91cf6a3&lp=not_robot_2&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Fbishedlesb.top%2F%3Ftid%3D738147%26noocp%3D1&hop=7&geo=NL Page URL
https://bishedlesb.top/?tid=738147&noocp=1 HTTP 302
https://splendidprizeforyou.com/pl/tar/surbox-350/59/MjM3NTMyk9x/?transaction_id=7465312782907122645 HTTP 301
https://splendidprizeforyou.com/pl/tar/surbox-350/59/MjM3NTMyk9x?transaction_id=7465312782907122645 HTTP 302
https://bestwinexperience.com/de/not/banks-p?partner_param=7465312782907122645&source=arguinely.club HTTP 302
https://bestwinexperience.com/de/not/banks-basp?partner_param={transaction_id}&source=arguinely.club HTTP 302
https://search.squoter.com/v3/de/de/list/offer?source=prl&campaign=prl&subid=1ouvfk518jo8ml Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 GJC Show response
arguinely.club/ 12 KB
5 KB 409ms
133ms Document
text/html 52.86.219.129
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://arguinely.club/GJC?tag_id=738147&sub_id1=&sub_id2=636504116646406693&cookie_id=26db3138-fdee-46ff-99b9-443ac91cf6a3&lp=not_robot_2&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Fbishedlesb.top%2F%3Ftid%3D738147%26noocp%3D1&hop=7&geo=NL
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.86.219.129 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-86-219-129.compute-1.amazonaws.com
Software: / Express
Resource Hash: a3a9f385ea944f0c9c8ab4fba9c4442f4a67d8c0034b6a0fddef723a9d0108d6

Request headers

:method: GET
:authority: arguinely.club
:scheme: https
:path: /GJC?tag_id=738147&sub_id1=&sub_id2=636504116646406693&cookie_id=26db3138-fdee-46ff-99b9-443ac91cf6a3&lp=not_robot_2&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Fbishedlesb.top%2F%3Ftid%3D738147%26noocp%3D1&hop=7&geo=NL
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
content-type: text/html; charset=utf-8
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-methods: GET, POST
access-control-allow-headers: X-Requested-With,content-type
etag: W/"317f-EvXBjVT5bCUWYo76ygRBMacd+t0"
vary: Accept-Encoding
content-encoding: gzip

GET
H2 200 dlp
arguinely.club/ 96 KB
50 KB 142ms
142ms XHR
text/html 52.86.219.129
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://arguinely.club/dlp?st=1&lp=not_robot_2&geo=NL
Requested by: Host: arguinely.club
URL: https://arguinely.club/GJC?tag_id=738147&sub_id1=&sub_id2=636504116646406693&cookie_id=26db3138-fdee-46ff-99b9-443ac91cf6a3&lp=not_robot_2&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Fbishedlesb.top%2F%3Ftid%3D738147%26noocp%3D1&hop=7&geo=NL
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.86.219.129 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-86-219-129.compute-1.amazonaws.com
Software: / Express
Resource Hash

Request headers

Referer: https://arguinely.club/GJC?tag_id=738147&sub_id1=&sub_id2=636504116646406693&cookie_id=26db3138-fdee-46ff-99b9-443ac91cf6a3&lp=not_robot_2&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Fbishedlesb.top%2F%3Ftid%3D738147%26noocp%3D1&hop=7&geo=NL
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-encoding: gzip
etag: W/"1801c-pejXP6fl6O3/KorKP/AzMipVluI"
status: 200
x-powered-by: Express
vary: Accept-Encoding
access-control-allow-methods: GET, POST
content-type: text/html; charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With,content-type

GET
H/1.1

200
OK

Primary Request offer Show response
search.squoter.com/v3/de/de/list/
Redirect Chain

https://bishedlesb.top/?tid=738147&noocp=1
https://splendidprizeforyou.com/pl/tar/surbox-350/59/MjM3NTMyk9x/?transaction_id=7465312782907122645
https://splendidprizeforyou.com/pl/tar/surbox-350/59/MjM3NTMyk9x?transaction_id=7465312782907122645
https://bestwinexperience.com/de/not/banks-p?partner_param=7465312782907122645&source=arguinely.club
https://bestwinexperience.com/de/not/banks-basp?partner_param={transaction_id}&source=arguinely.club
https://search.squoter.com/v3/de/de/list/offer?source=prl&campaign=prl&subid=1ouvfk518jo8ml

41 KB
12 KB

439ms
184ms

Document
text/html

176.119.28.52
YURTEH-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.squoter.com/v3/de/de/list/offer?source=prl&campaign=prl&subid=1ouvfk518jo8ml
Requested by: Host: arguinely.club
URL: https://arguinely.club/GJC?tag_id=738147&sub_id1=&sub_id2=636504116646406693&cookie_id=26db3138-fdee-46ff-99b9-443ac91cf6a3&lp=not_robot_2&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Fbishedlesb.top%2F%3Ftid%3D738147%26noocp%3D1&hop=7&geo=NL
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 176.119.28.52 , Ukraine, ASN30860 (YURTEH-AS, UA),
Reverse DNS: dedicated.vsys.host
Software: nginx/1.17.10 (Ubuntu) /
Resource Hash: d5895c3fa649b201f51f8ecada9b6e5e2f388f42d03605364bdcfc51b034e1ab

Request headers

Host: search.squoter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
Referer: https://arguinely.club/GJC?tag_id=738147&sub_id1=&sub_id2=636504116646406693&cookie_id=26db3138-fdee-46ff-99b9-443ac91cf6a3&lp=not_robot_2&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Fbishedlesb.top%2F%3Ftid%3D738147%26noocp%3D1&hop=7&geo=NL
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://arguinely.club/GJC?tag_id=738147&sub_id1=&sub_id2=636504116646406693&cookie_id=26db3138-fdee-46ff-99b9-443ac91cf6a3&lp=not_robot_2&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Fbishedlesb.top%2F%3Ftid%3D738147%26noocp%3D1&hop=7&geo=NL

Response headers

Server: nginx/1.17.10 (Ubuntu)
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-cache, private
Date: Wed, 07 Oct 2020 00:32:56 GMT
Content-Encoding: gzip

Redirect headers

status: 302
date: Wed, 07 Oct 2020 00:32:56 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
set-cookie: _subid=1ouvfk518jo8ml; expires=Thu, 08-Oct-2020 00:32:56 GMT; Max-Age=86400; path=/; domain=.bestwinexperience.com _token=uuid_1ouvfk518jo8ml_1ouvfk518jo8ml5f7d0dc806b454.74751403; expires=Thu, 08-Oct-2020 00:32:56 GMT; Max-Age=86400; path=/; domain=.bestwinexperience.com a12d5=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjcwOFwiOjE2MDIwMzEwNDcsXCI2NzZcIjoxNjAyMDMxMDQ3LFwiNjg0XCI6MTYwMjAzMTA0NyxcIjY3NFwiOjE2MDIwMzEwNDgsXCI1NThcIjoxNjAyMDMxMDQ4LFwiNTY5XCI6MTYwMjAzMTA0OH0sXCJjYW1wYWlnbnNcIjp7XCIxMDFcIjoxNjAyMDMxMDQ3LFwiNzBcIjoxNjAyMDMxMDQ3LFwiOTlcIjoxNjAyMDMxMDQ3LFwiOThcIjoxNjAyMDMxMDQ4LFwiODlcIjoxNjAyMDMxMDQ4fSxcInRpbWVcIjoxNjAyMDMxMDQ3fSJ9.vGSke5VEDcQmSXbf1_snjaFwGRNdZZ3WM-xX9_7KYpI; expires=Thu, 08-Oct-2020 00:32:56 GMT; Max-Age=86400; path=/; domain=.bestwinexperience.com
location: https://search.squoter.com/v3/de/de/list/offer?source=prl&campaign=prl&subid=1ouvfk518jo8ml
cf-cache-status: DYNAMIC
cf-request-id: 05a212c7930000c2d1f90b3200000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 5de3871f5cbbc2d1-FRA

GET
DATA 200
OK truncated
/ 24 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 css
fonts.googleapis.com/ 433 B
420 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:825::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Fredoka+One

Requested by

Host: search.squoter.com
URL: https://search.squoter.com/v3/de/de/list/offer?source=prl&campaign=prl&subid=1ouvfk518jo8ml

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5048bdc5328953b56337c37ba1456224eed50562c09c8e1ba9ab2d8742ac978c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://search.squoter.com/v3/de/de/list/offer?source=prl&campaign=prl&subid=1ouvfk518jo8ml
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 06 Oct 2020 23:53:45 GMT
server: ESF
date: Wed, 07 Oct 2020 00:32:57 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 07 Oct 2020 00:32:57 GMT

GET
H/1.1 200
OK offer.css
search.squoter.com/assets/offer_v1/css/ 81 KB
81 KB 128ms
126ms Stylesheet
text/css 176.119.28.52
YURTEH-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.squoter.com/assets/offer_v1/css/offer.css
Requested by: Host: search.squoter.com
URL: https://search.squoter.com/v3/de/de/list/offer?source=prl&campaign=prl&subid=1ouvfk518jo8ml
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 176.119.28.52 , Ukraine, ASN30860 (YURTEH-AS, UA),
Reverse DNS: dedicated.vsys.host
Software: nginx/1.17.10 (Ubuntu) /
Resource Hash: bd7e5e66fb5a635a2a2ce761c1435a1a35c98653268e9a16ae81de71b5bc0f78

Request headers

Referer: https://search.squoter.com/v3/de/de/list/offer?source=prl&campaign=prl&subid=1ouvfk518jo8ml
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 07 Oct 2020 00:32:57 GMT
Last-Modified: Fri, 10 Jul 2020 09:19:57 GMT
Server: nginx/1.17.10 (Ubuntu)
ETag: "5f0832bd-142a8"
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 82600

GET
H/1.1 200
OK landing_v2.css
search.squoter.com/assets/offer_v1/css/ 6 KB
6 KB 337ms
119ms Stylesheet
text/css 176.119.28.52
YURTEH-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.squoter.com/assets/offer_v1/css/landing_v2.css
Requested by: Host: search.squoter.com
URL: https://search.squoter.com/v3/de/de/list/offer?source=prl&campaign=prl&subid=1ouvfk518jo8ml
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 176.119.28.52 , Ukraine, ASN30860 (YURTEH-AS, UA),
Reverse DNS: dedicated.vsys.host
Software: nginx/1.17.10 (Ubuntu) /
Resource Hash: 9d9b0c6582ba120acaa1523e1464b7b9db77671fec84579b2f2919175181f782

Request headers

Referer: https://search.squoter.com/v3/de/de/list/offer?source=prl&campaign=prl&subid=1ouvfk518jo8ml
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 07 Oct 2020 00:32:57 GMT
Last-Modified: Fri, 10 Jul 2020 09:19:57 GMT
Server: nginx/1.17.10 (Ubuntu)
ETag: "5f0832bd-1696"
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5782

GET
H/1.1 200
OK slider.css
search.squoter.com/assets/offer_v1/css/ 1 KB
2 KB 355ms
116ms Stylesheet
text/css 176.119.28.52
YURTEH-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.squoter.com/assets/offer_v1/css/slider.css
Requested by: Host: search.squoter.com
URL: https://search.squoter.com/v3/de/de/list/offer?source=prl&campaign=prl&subid=1ouvfk518jo8ml
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 176.119.28.52 , Ukraine, ASN30860 (YURTEH-AS, UA),
Reverse DNS: dedicated.vsys.host
Software: nginx/1.17.10 (Ubuntu) /
Resource Hash: 8c390be8f422e8f276785864b4246fb49a60112a6675848fc57f46a3247ee203

Request headers

Referer: https://search.squoter.com/v3/de/de/list/offer?source=prl&campaign=prl&subid=1ouvfk518jo8ml
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 07 Oct 2020 00:32:57 GMT
Last-Modified: Fri, 10 Jul 2020 09:19:57 GMT
Server: nginx/1.17.10 (Ubuntu)
ETag: "5f0832bd-583"
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1411

GET
H/1.1 200
OK modal.css
search.squoter.com/assets/offer_v1/css/ 2 KB
2 KB 368ms
122ms Stylesheet
text/css 176.119.28.52
YURTEH-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.squoter.com/assets/offer_v1/css/modal.css
Requested by: Host: search.squoter.com
URL: https://search.squoter.com/v3/de/de/list/offer?source=prl&campaign=prl&subid=1ouvfk518jo8ml
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 176.119.28.52 , Ukraine, ASN30860 (YURTEH-AS, UA),
Reverse DNS: dedicated.vsys.host
Software: nginx/1.17.10 (Ubuntu) /
Resource Hash: 71b9d8b714cb0dcaf96eeb3d19f8b9fc734b3a770cf8c8eff9128141d13b2d01

Request headers

Referer: https://search.squoter.com/v3/de/de/list/offer?source=prl&campaign=prl&subid=1ouvfk518jo8ml
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 07 Oct 2020 00:32:57 GMT
Last-Modified: Fri, 10 Jul 2020 09:19:57 GMT
Server: nginx/1.17.10 (Ubuntu)
ETag: "5f0832bd-783"
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1923

GET
H2 200 jquery-3.5.0.min.js Show response
code.jquery.com/ 87 KB
30 KB 3171ms
9ms Script
application/javascript 2001:4de0:ac19::1:b:1b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.5.0.min.js
Requested by: Host: search.squoter.com
URL: https://search.squoter.com/v3/de/de/list/offer?source=prl&campaign=prl&subid=1ouvfk518jo8ml
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac19::1:b:1b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: c4dccdd9ae25b64078e0c73f273de94f8894d5c99e4741645ece29aeefc9c5a4

Request headers

Origin: https://search.squoter.com
Referer: https://search.squoter.com/v3/de/de/list/offer?source=prl&campaign=prl&subid=1ouvfk518jo8ml
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 07 Oct 2020 00:33:00 GMT
content-encoding: gzip
last-modified: Fri, 10 Apr 2020 15:24:08 GMT
server: nginx
status: 200
etag: W/"5e908f98-15d95"
vary: Accept-Encoding
x-hw: 1602030780.dop123.fr8.t,1602030780.cds292.fr8.hn,1602030780.cds139.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30880

GET
H/1.1 200
OK logo-s-a.png
search.squoter.com/assets/offer_v1/img/ 19 KB
19 KB 190ms
189ms Image
image/png 176.119.28.52
YURTEH-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://search.squoter.com/assets/offer_v1/img/logo-s-a.png
Requested by: Host: search.squoter.com
URL: https://search.squoter.com/v3/de/de/list/offer?source=prl&campaign=prl&subid=1ouvfk518jo8ml
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 176.119.28.52 , Ukraine, ASN30860 (YURTEH-AS, UA),
Reverse DNS: dedicated.vsys.host
Software: nginx/1.17.10 (Ubuntu) /
Resource Hash: bf60f4c5b1694084c6d7628a2c9bba14d5ce312341e9738ac109f71c3c6660b6

Request headers

Referer: https://search.squoter.com/v3/de/de/list/offer?source=prl&campaign=prl&subid=1ouvfk518jo8ml
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 07 Oct 2020 00:32:57 GMT
Last-Modified: Fri, 10 Jul 2020 09:19:57 GMT
Server: nginx/1.17.10 (Ubuntu)
ETag: "5f0832bd-4c22"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 19490

GET
H/1.1 200
OK tarjeta-superquoter.png
search.squoter.com/assets/offer_v1/img/ 44 KB
44 KB 130ms
130ms Image
image/png 176.119.28.52
YURTEH-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://search.squoter.com/assets/offer_v1/img/tarjeta-superquoter.png
Requested by: Host: search.squoter.com
URL: https://search.squoter.com/v3/de/de/list/offer?source=prl&campaign=prl&subid=1ouvfk518jo8ml
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 176.119.28.52 , Ukraine, ASN30860 (YURTEH-AS, UA),
Reverse DNS: dedicated.vsys.host
Software: nginx/1.17.10 (Ubuntu) /
Resource Hash: 2377a36a79a945af17eb3c0f6f9e1e3f3beacc57f734592a2043dd16ca370a0c

Request headers

Referer: https://search.squoter.com/v3/de/de/list/offer?source=prl&campaign=prl&subid=1ouvfk518jo8ml
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 07 Oct 2020 00:32:57 GMT
Last-Modified: Fri, 10 Jul 2020 09:19:57 GMT
Server: nginx/1.17.10 (Ubuntu)
ETag: "5f0832bd-b0b9"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 45241

GET
H/1.1 200
OK superheroe5.png
search.squoter.com/assets/offer_v1/img/ 32 KB
32 KB 129ms
128ms Image
image/png 176.119.28.52
YURTEH-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://search.squoter.com/assets/offer_v1/img/superheroe5.png
Requested by: Host: search.squoter.com
URL: https://search.squoter.com/v3/de/de/list/offer?source=prl&campaign=prl&subid=1ouvfk518jo8ml
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 176.119.28.52 , Ukraine, ASN30860 (YURTEH-AS, UA),
Reverse DNS: dedicated.vsys.host
Software: nginx/1.17.10 (Ubuntu) /
Resource Hash: fd04a4d27b86f72ef7bf7752366238a345d8fa79e52a94cf9156304411bbd91f

Request headers

Referer: https://search.squoter.com/v3/de/de/list/offer?source=prl&campaign=prl&subid=1ouvfk518jo8ml
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 07 Oct 2020 00:32:57 GMT
Last-Modified: Fri, 10 Jul 2020 09:19:57 GMT
Server: nginx/1.17.10 (Ubuntu)
ETag: "5f0832bd-7e37"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 32311

GET
H/1.1 200
OK superheroe6.png
search.squoter.com/assets/offer_v1/img/ 36 KB
36 KB 127ms
127ms Image
image/png 176.119.28.52
YURTEH-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://search.squoter.com/assets/offer_v1/img/superheroe6.png
Requested by: Host: search.squoter.com
URL: https://search.squoter.com/v3/de/de/list/offer?source=prl&campaign=prl&subid=1ouvfk518jo8ml
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 176.119.28.52 , Ukraine, ASN30860 (YURTEH-AS, UA),
Reverse DNS: dedicated.vsys.host
Software: nginx/1.17.10 (Ubuntu) /
Resource Hash: b2e000626c37ba8ada46a777a7a99a88160f85c394070658049efc7ca6b5ae81

Request headers

Referer: https://search.squoter.com/v3/de/de/list/offer?source=prl&campaign=prl&subid=1ouvfk518jo8ml
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 07 Oct 2020 00:32:58 GMT
Last-Modified: Fri, 10 Jul 2020 09:19:57 GMT
Server: nginx/1.17.10 (Ubuntu)
ETag: "5f0832bd-8e80"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 36480

GET
H/1.1 200
OK 010127.jpg
search.squoter.com/assets/offer_v1/img/slider/ 549 KB
549 KB 127ms
126ms Image
image/jpeg 176.119.28.52
YURTEH-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://search.squoter.com/assets/offer_v1/img/slider/010127.jpg
Requested by: Host: search.squoter.com
URL: https://search.squoter.com/v3/de/de/list/offer?source=prl&campaign=prl&subid=1ouvfk518jo8ml
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 176.119.28.52 , Ukraine, ASN30860 (YURTEH-AS, UA),
Reverse DNS: dedicated.vsys.host
Software: nginx/1.17.10 (Ubuntu) /
Resource Hash: 8be34efd618896952878a3b3fced19990f9f1d73f832dd3fe8f3889f5518702c

Request headers

Referer: https://search.squoter.com/v3/de/de/list/offer?source=prl&campaign=prl&subid=1ouvfk518jo8ml
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 07 Oct 2020 00:32:58 GMT
Last-Modified: Fri, 10 Jul 2020 09:19:57 GMT
Server: nginx/1.17.10 (Ubuntu)
ETag: "5f0832bd-89456"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 562262

GET
H/1.1 200
OK 000083.jpg
search.squoter.com/assets/offer_v1/img/slider/ 574 KB
574 KB 123ms
123ms Image
image/jpeg 176.119.28.52
YURTEH-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://search.squoter.com/assets/offer_v1/img/slider/000083.jpg
Requested by: Host: search.squoter.com
URL: https://search.squoter.com/v3/de/de/list/offer?source=prl&campaign=prl&subid=1ouvfk518jo8ml
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 176.119.28.52 , Ukraine, ASN30860 (YURTEH-AS, UA),
Reverse DNS: dedicated.vsys.host
Software: nginx/1.17.10 (Ubuntu) /
Resource Hash: 3b1c0df398ef5d96de2083de4db4a38fcbc559f6d683ba49e269b22478c23f1f

Request headers

Referer: https://search.squoter.com/v3/de/de/list/offer?source=prl&campaign=prl&subid=1ouvfk518jo8ml
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 07 Oct 2020 00:32:58 GMT
Last-Modified: Fri, 10 Jul 2020 09:19:57 GMT
Server: nginx/1.17.10 (Ubuntu)
ETag: "5f0832bd-8f832"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 587826

GET
H/1.1 200
OK foto_01.jpg
search.squoter.com/assets/offer_v1/img/slider/ 15 KB
15 KB 124ms
123ms Image
image/jpeg 176.119.28.52
YURTEH-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://search.squoter.com/assets/offer_v1/img/slider/foto_01.jpg
Requested by: Host: search.squoter.com
URL: https://search.squoter.com/v3/de/de/list/offer?source=prl&campaign=prl&subid=1ouvfk518jo8ml
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 176.119.28.52 , Ukraine, ASN30860 (YURTEH-AS, UA),
Reverse DNS: dedicated.vsys.host
Software: nginx/1.17.10 (Ubuntu) /
Resource Hash: 1c8ce75c6a2fe9c0b79253ea4e459d0a9669946d1deacb8296cf4874c51e5c83

Request headers

Referer: https://search.squoter.com/v3/de/de/list/offer?source=prl&campaign=prl&subid=1ouvfk518jo8ml
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 07 Oct 2020 00:32:58 GMT
Last-Modified: Fri, 10 Jul 2020 09:19:57 GMT
Server: nginx/1.17.10 (Ubuntu)
ETag: "5f0832bd-3cc2"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 15554

GET
H/1.1 404
Not Found tarjeta-amazon.png
search.squoter.com/assets/offer_v1/img/ 0
276 B 126ms
125ms Image
text/html 176.119.28.52
YURTEH-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://search.squoter.com/assets/offer_v1/img/tarjeta-amazon.png
Requested by: Host: search.squoter.com
URL: https://search.squoter.com/v3/de/de/list/offer?source=prl&campaign=prl&subid=1ouvfk518jo8ml
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 176.119.28.52 , Ukraine, ASN30860 (YURTEH-AS, UA),
Reverse DNS: dedicated.vsys.host
Software: nginx/1.17.10 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://search.squoter.com/v3/de/de/list/offer?source=prl&campaign=prl&subid=1ouvfk518jo8ml
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 07 Oct 2020 00:32:58 GMT
Cache-Control: no-cache, private
Server: nginx/1.17.10 (Ubuntu)
Connection: keep-alive
Content-Encoding: gzip
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 78 KB
30 KB 15ms
14ms Script
application/javascript 2a00:1450:4001:815::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MNL5V5R

Requested by

Host: search.squoter.com
URL: https://search.squoter.com/v3/de/de/list/offer?source=prl&campaign=prl&subid=1ouvfk518jo8ml

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

58eca664641554b9d9f61f50eebd5d07ca9809d11fa9e2588e598761dbb39e23

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://search.squoter.com/v3/de/de/list/offer?source=prl&campaign=prl&subid=1ouvfk518jo8ml
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 07 Oct 2020 00:33:00 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31009
x-xss-protection: 0
last-modified: Wed, 07 Oct 2020 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 07 Oct 2020 00:33:00 GMT

GET
H/1.1 200
OK logo_superquoter-amazon.jpg
search.squoter.com/assets/offer_v1/img/ 260 KB
260 KB 188ms
188ms Image
image/jpeg 176.119.28.52
YURTEH-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://search.squoter.com/assets/offer_v1/img/logo_superquoter-amazon.jpg
Requested by: Host: search.squoter.com
URL: https://search.squoter.com/assets/offer_v1/css/landing_v2.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 176.119.28.52 , Ukraine, ASN30860 (YURTEH-AS, UA),
Reverse DNS: dedicated.vsys.host
Software: nginx/1.17.10 (Ubuntu) /
Resource Hash: 9219d99a06a452c54c40095d25b89dffda6ab09213a39e89d225ff07232b2719

Request headers

Referer: https://search.squoter.com/assets/offer_v1/css/landing_v2.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 07 Oct 2020 00:33:00 GMT
Last-Modified: Fri, 10 Jul 2020 09:19:57 GMT
Server: nginx/1.17.10 (Ubuntu)
ETag: "5f0832bd-410d2"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 266450

GET
DATA 200
OK truncated
/ 536 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 922a5d643f1a8ff8a7f2fa33de4214faf11a68adfaf1acc7675780d1737b8a46

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 k3kUo8kEI-tA1RRcTZGmTlHGCaen8wf-.woff2
fonts.gstatic.com/s/fredokaone/v8/ 15 KB
15 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/fredokaone/v8/k3kUo8kEI-tA1RRcTZGmTlHGCaen8wf-.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Fredoka+One

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92d8a6ee13c7e1df306a1ccfb7809c9ef0bd9117926b7195a7f54147cdad3e29

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://search.squoter.com
Referer: https://fonts.googleapis.com/css?family=Fredoka+One
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 06 Oct 2020 14:45:57 GMT
x-content-type-options: nosniff
last-modified: Tue, 01 Sep 2020 06:33:32 GMT
server: sffe
age: 35223
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15516
x-xss-protection: 0
expires: Wed, 06 Oct 2021 14:45:57 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 45 KB
18 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:819::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MNL5V5R

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://search.squoter.com/v3/de/de/list/offer?source=prl&campaign=prl&subid=1ouvfk518jo8ml
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Sep 2020 01:50:37 GMT
server: Golfe2
age: 4641
date: Tue, 06 Oct 2020 23:15:39 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18650
expires: Wed, 07 Oct 2020 01:15:39 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 1 B
397 B 38ms
12ms XHR
text/plain 2a00:1450:4001:819::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j86&a=1288136897&t=pageview&_s=1&dl=https%3A%2F%2Fsearch.squoter.com%2Fv3%2Fde%2Fde%2Flist%2Foffer%3Fsource%3Dprl%26campaign%3Dprl%26subid%3D1ouvfk518jo8ml&dr=https%3A%2F%2Farguinely.club%2FGJC%3Ftag_id%3D738147%26sub_id1%3D%26sub_id2%3D636504116646406693%26cookie_id%3D26db3138-fdee-46ff-99b9-443ac91cf6a3%26lp%3Dnot_robot_2%26tb%3Dredirect%26allb%3Dredirect%26ob%3Dredirect%26href%3Dhttps%253A%252F%252Fbishedlesb.top%252F%253Ftid%253D738147%2526noocp%253D1%26hop%3D7%26geo%3DNL&ul=en-us&de=UTF-8&dt=Finden%20Sie%20bei%20Superquoter%20alles%20was%20Sie%20suchen&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=1584022803&gjid=1749485301&cid=867534845.1602030780&tid=UA-164814535-1&_gid=533984490.1602030780&_r=1&gtm=2wg9n1MNL5V5R&z=1519978730

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:819::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://search.squoter.com/v3/de/de/list/offer?source=prl&campaign=prl&subid=1ouvfk518jo8ml
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 07 Oct 2020 00:33:00 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: text/plain
access-control-allow-origin: https://search.squoter.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.squoter.com/	1970-01-19 13:00:30	Name: _gat_UA-164814535-1 Value: 1
.squoter.com/	1970-01-19 13:01:57	Name: _gid Value: GA1.2.533984490.1602030780
.squoter.com/	1970-01-20 06:31:42	Name: _ga Value: GA1.2.867534845.1602030780

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

arguinely.club
bestwinexperience.com
bishedlesb.top
code.jquery.com
fonts.googleapis.com
fonts.gstatic.com
search.squoter.com
splendidprizeforyou.com
www.google-analytics.com
www.googletagmanager.com
143.204.201.115
176.119.28.52
2001:4de0:ac19::1:b:1b
2606:4700:20::681a:ac2
2606:4700:20::ac43:44f2
2a00:1450:4001:80b::2003
2a00:1450:4001:815::2008
2a00:1450:4001:819::200e
2a00:1450:4001:825::200a
52.86.219.129
1c8ce75c6a2fe9c0b79253ea4e459d0a9669946d1deacb8296cf4874c51e5c83
2377a36a79a945af17eb3c0f6f9e1e3f3beacc57f734592a2043dd16ca370a0c
3b1c0df398ef5d96de2083de4db4a38fcbc559f6d683ba49e269b22478c23f1f
5048bdc5328953b56337c37ba1456224eed50562c09c8e1ba9ab2d8742ac978c
58eca664641554b9d9f61f50eebd5d07ca9809d11fa9e2588e598761dbb39e23
60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
71b9d8b714cb0dcaf96eeb3d19f8b9fc734b3a770cf8c8eff9128141d13b2d01
8be34efd618896952878a3b3fced19990f9f1d73f832dd3fe8f3889f5518702c
8c390be8f422e8f276785864b4246fb49a60112a6675848fc57f46a3247ee203
9219d99a06a452c54c40095d25b89dffda6ab09213a39e89d225ff07232b2719
922a5d643f1a8ff8a7f2fa33de4214faf11a68adfaf1acc7675780d1737b8a46
92d8a6ee13c7e1df306a1ccfb7809c9ef0bd9117926b7195a7f54147cdad3e29
9d9b0c6582ba120acaa1523e1464b7b9db77671fec84579b2f2919175181f782
a3a9f385ea944f0c9c8ab4fba9c4442f4a67d8c0034b6a0fddef723a9d0108d6
b2e000626c37ba8ada46a777a7a99a88160f85c394070658049efc7ca6b5ae81
bd7e5e66fb5a635a2a2ce761c1435a1a35c98653268e9a16ae81de71b5bc0f78
bf60f4c5b1694084c6d7628a2c9bba14d5ce312341e9738ac109f71c3c6660b6
c4dccdd9ae25b64078e0c73f273de94f8894d5c99e4741645ece29aeefc9c5a4
d5895c3fa649b201f51f8ecada9b6e5e2f388f42d03605364bdcfc51b034e1ab
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fd04a4d27b86f72ef7bf7752366238a345d8fa79e52a94cf9156304411bbd91f

search.squoter.com Open in urlscan Pro 176.119.28.52 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

22 Requests

100 %HTTPS

70 %IPv6

10 Domains

10 Subdomains

8 IPs

4 Countries

1784 kBTransfer

2024 kBSize

3 Cookies

0 Outgoing links

Page URL History

Redirected requests

22 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

3 Cookies

Indicators

search.squoter.com Open in urlscan Pro
176.119.28.52 Public Scan

Screenshot
Live screenshot

Full Image

22
Requests

100 %
HTTPS

70 %
IPv6

10
Domains

10
Subdomains

8
IPs

4
Countries

1784 kB
Transfer

2024 kB
Size

3
Cookies

22 HTTP transactions
4 data transactions