www.vinnettpris.com Open in urlscan Pro
185.3.185.190 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.cashbackdeals.se/user/wk-tp.php?sk=7fd8acf0b1e2ff629ea98b4a6ed3c82881721c87&e=71d4457018f29598bed6f09268c9f2c6ae8...
Effective URL:
https://www.vinnettpris.com/cgi-bin/wingame.pl?partner_pk=396&wingame_pk=81&freetest_pk=235&wingame_special_prize1=pregame_p...
Submission: On October 09 via manual (October 9th 2020, 9:37:56 am UTC) from PH

Summary HTTP 53 Redirects Behaviour Indicators

Summary

This website contacted 12 IPs in 5 countries across 13 domains to perform 53 HTTP transactions. The main IP is 185.3.185.190, located in Germany and belongs to CLARANET-AS ClaraNET LTD, GB. The main domain is www.vinnettpris.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on August 25th 2020. Valid for: 3 months.

This is the only time www.vinnettpris.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	78.137.118.22 78.137.118.22	61323 (UKFAST) (UKFAST)
11	2a02:21a8:0:3... 2a02:21a8:0:3::ca6b:ba66	61323 (UKFAST) (UKFAST)
2	2a00:1450:400... 2a00:1450:4001:800::200a	15169 (GOOGLE) (GOOGLE)
1	2001:4de0:ac1... 2001:4de0:ac19::1:b:1a	20446 (HIGHWINDS3) (HIGHWINDS3)
2	2a00:1450:400... 2a00:1450:4001:81e::200e	15169 (GOOGLE) (GOOGLE)
1 1	52.210.2.133 52.210.2.133	16509 (AMAZON-02) (AMAZON-02)
2 2	52.50.177.251 52.50.177.251	16509 (AMAZON-02) (AMAZON-02)
22	185.3.185.190 185.3.185.190	8426 (CLARANET-...) (CLARANET-AS ClaraNET LTD)
2	2a00:1450:400... 2a00:1450:4001:803::2004	15169 (GOOGLE) (GOOGLE)
2	34.252.194.50 34.252.194.50	16509 (AMAZON-02) (AMAZON-02)
3	2606:4700:10:... 2606:4700:10::6816:78f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:824::2003	15169 (GOOGLE) (GOOGLE)
3	2600:9000:206... 2600:9000:206e:9600:13:7c59:6e80:21	16509 (AMAZON-02) (AMAZON-02)
53	12

3 78.137.118.22 (Manchester, United Kingdom)

ASN61323 (UKFAST, GB)
PTR: 78.137.118.22.srvlist.ukfast.net

www.cashbackdeals.se	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a02:21a8:0:3::ca6b:ba66 (United Kingdom)

ASN61323 (UKFAST, GB)

static.orangebuddies.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac19::1:b:1a (Netherlands)

ASN20446 (HIGHWINDS3, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.210.2.133 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-2-133.eu-west-1.compute.amazonaws.com

tracking.basibe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.50.177.251 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-50-177-251.eu-west-1.compute.amazonaws.com

trk.adstrck123.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 185.3.185.190 (Germany)

ASN8426 (CLARANET-AS ClaraNET LTD, GB)

www.vinnettpris.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.252.194.50 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-252-194-50.eu-west-1.compute.amazonaws.com

live.r3engage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:10::6816:78f (United States)

ASN13335 (CLOUDFLARENET, US)

eu.winnernotification.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:824::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:206e:9600:13:7c59:6e80:21 (United States)

ASN16509 (AMAZON-02, US)

d3v6q7097edepm.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	vinnettpris.com www.vinnettpris.com	464 KB
11	orangebuddies.com static.orangebuddies.com	261 KB
3	cloudfront.net d3v6q7097edepm.cloudfront.net	73 KB
3	winnernotification.com eu.winnernotification.com	32 KB
3	cashbackdeals.se www.cashbackdeals.se	37 KB
2	r3engage.com live.r3engage.com	21 KB
2	google.com www.google.com	1 KB
2	adstrck123.com 2 redirects trk.adstrck123.com	3 KB
2	google-analytics.com www.google-analytics.com	18 KB
2	googleapis.com fonts.googleapis.com	1 KB
1	gstatic.com www.gstatic.com	134 KB
1	basibe.com 1 redirects tracking.basibe.com	2 KB
1	bootstrapcdn.com maxcdn.bootstrapcdn.com	6 KB
53	13

	Domain	Requested by
22	www.vinnettpris.com	www.vinnettpris.com
11	static.orangebuddies.com	www.cashbackdeals.se static.orangebuddies.com
3	d3v6q7097edepm.cloudfront.net	www.cashbackdeals.se www.vinnettpris.com
3	eu.winnernotification.com	www.vinnettpris.com eu.winnernotification.com
3	www.cashbackdeals.se	www.cashbackdeals.se
2	live.r3engage.com	www.vinnettpris.com live.r3engage.com
2	www.google.com	www.vinnettpris.com www.gstatic.com
2	trk.adstrck123.com	2 redirects
2	www.google-analytics.com	www.cashbackdeals.se www.google-analytics.com
2	fonts.googleapis.com	static.orangebuddies.com www.cashbackdeals.se
1	www.gstatic.com	www.google.com
1	tracking.basibe.com	1 redirects
1	maxcdn.bootstrapcdn.com	www.cashbackdeals.se
53	13

This site contains no links.

Subject Issuer	Validity	Valid
www.cashbackkorting.nl Sectigo RSA Domain Validation Secure Server CA	`2019-05-06` - `2021-05-21`	2 years	crt.sh
static.orangebuddies.com Sectigo RSA Domain Validation Secure Server CA	`2019-06-17` - `2021-06-17`	2 years	crt.sh
upload.video.google.com GTS CA 1O1	`2020-09-03` - `2020-11-26`	3 months	crt.sh
*.bootstrapcdn.com Sectigo RSA Domain Validation Secure Server CA	`2020-09-22` - `2021-10-12`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-09-22` - `2020-12-15`	3 months	crt.sh
www.vinnettpris.com Let's Encrypt Authority X3	`2020-08-25` - `2020-11-23`	3 months	crt.sh
www.google.com GTS CA 1O1	`2020-09-22` - `2020-12-15`	3 months	crt.sh
*.r3engage.com Go Daddy Secure Certificate Authority - G2	`2020-05-14` - `2021-01-21`	8 months	crt.sh
winnernotification.com Cloudflare Inc ECC CA-3	`2020-07-01` - `2021-07-01`	a year	crt.sh
*.gstatic.com GTS CA 1O1	`2020-09-22` - `2020-12-15`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-09-22` - `2020-12-15`	3 months	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2020-05-26` - `2021-04-21`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://www.vinnettpris.com/cgi-bin/wingame.pl?partner_pk=396&wingame_pk=81&freetest_pk=235&wingame_special_prize1=pregame_prize_selection_1_name_5858&sub_id=10013-&sub_id_postback=102f623b5ea1caa5777ba1ed3d6d37
Frame ID: 96D4442354D809C9CAC6F16BEE0E7F05
Requests: 49 HTTP requests in this frame

Frame: https://www.vinnettpris.com/sc/knyWgMkowoLgiirlphHKiRKkPimwJOqkwprkshwmoLzlGOgjmtoMinoJOqngjikJkmQinNmQgkrlskoGgrOwihGkrggKomQiPhGiilzkrQlhhgjmGwoylOjwowhxqvOMgigwGQrikmhvwgMqnLsNKgxsHwxiHgKKgNOshxmmsNisLxjqLpGmxzjothHsPzIuKxGmxyzitzhmtwzsLNikJgsQuxvIOvlmOgGKNOKRqqsRzwNkqHiLsLGkImggKoMiluwHvwpXthtkooiGoxIh
Frame ID: BAD30BA7AE82C8D08C88518777AC394D
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcxjocUAAAAAHtmQlr7eMt2R5JaC8MSulqCArz-&co=aHR0cHM6Ly93d3cudmlubmV0dHByaXMuY29tOjQ0Mw..&hl=en&v=48TunWH-ZrLteSwFVbw6tVnx&size=invisible&cb=etffttxps6xm
Frame ID: B6C3EAC8BA1BB57A6FBA0CC6B210A949
Requests: 1 HTTP requests in this frame

Frame: https://eu.winnernotification.com/pushweb/assets/m_main.html
Frame ID: 3EE2F17242B2B66BFD52F8DA81ED995D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://www.cashbackdeals.se/user/wk-tp.php?sk=7fd8acf0b1e2ff629ea98b4a6ed3c82881721c87&e=71d4457018f2959... Page URL
https://www.cashbackdeals.se/visit/netflix-se.php Page URL
http://tracking.basibe.com/aff_c?offer_id=4565&aff_id=1047&aff_sub=82-OBS-5f802f649da7482 HTTP 302
https://trk.adstrck123.com/aff_c?offer_id=15803&aff_id=10013&url_id=19837&aff_sub3=1023c038f18268ae7a7b... HTTP 302
https://trk.adstrck123.com/aff_r?offer_id=15803&aff_id=10013&url=https%3A%2F%2Fwww.vinnettpris.com%2Fcg... HTTP 302
https://www.vinnettpris.com/cgi-bin/wingame.pl?partner_pk=396&wingame_pk=81&freetest_pk=235&wingame_spec... Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

url /\.php(?:$|\?)/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

MooTools (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

script /mootools.*\.js/i

Page Statistics

53
Requests

98 %
HTTPS

62 %
IPv6

13
Domains

13
Subdomains

12
IPs

5
Countries

1049 kB
Transfer

2183 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.cashbackdeals.se/user/wk-tp.php?sk=7fd8acf0b1e2ff629ea98b4a6ed3c82881721c87&e=71d4457018f29598bed6f09268c9f2c6ae837848-1443&cm=07d41dc23a70566d6b81b33f5be00d094dc210bd-18791 Page URL
https://www.cashbackdeals.se/visit/netflix-se.php Page URL
http://tracking.basibe.com/aff_c?offer_id=4565&aff_id=1047&aff_sub=82-OBS-5f802f649da7482 HTTP 302
https://trk.adstrck123.com/aff_c?offer_id=15803&aff_id=10013&url_id=19837&aff_sub3=1023c038f18268ae7a7b523bf6bf36 HTTP 302
https://trk.adstrck123.com/aff_r?offer_id=15803&aff_id=10013&url=https%3A%2F%2Fwww.vinnettpris.com%2Fcgi-bin%2Fwingame.pl%3Fpartner_pk%3D396%26wingame_pk%3D81%26freetest_pk%3D235%26wingame_special_prize1%3Dpregame_prize_selection_1_name_5858%26sub_id%3D10013-%26sub_id_postback%3D102f623b5ea1caa5777ba1ed3d6d37&urlauth=323460984896682876345542621826 HTTP 302
https://www.vinnettpris.com/cgi-bin/wingame.pl?partner_pk=396&wingame_pk=81&freetest_pk=235&wingame_special_prize1=pregame_prize_selection_1_name_5858&sub_id=10013-&sub_id_postback=102f623b5ea1caa5777ba1ed3d6d37 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

53 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Cookie set wk-tp.php Show response
www.cashbackdeals.se/user/ 3 KB
2 KB 304ms
198ms Document
text/html 78.137.118.22
UKFAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cashbackdeals.se/user/wk-tp.php?sk=7fd8acf0b1e2ff629ea98b4a6ed3c82881721c87&e=71d4457018f29598bed6f09268c9f2c6ae837848-1443&cm=07d41dc23a70566d6b81b33f5be00d094dc210bd-18791

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

78.137.118.22 Manchester, United Kingdom, ASN61323 (UKFAST, GB),

Reverse DNS

78.137.118.22.srvlist.ukfast.net

Software

nginx /

Resource Hash

b4afd7d5b6bfe90aa49fc0a4f1622fb4863aea873fe650a5a59393932f092711

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload max-age=31536000; includeSubdomains
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Host: www.cashbackdeals.se
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Server: nginx
Date: Fri, 09 Oct 2020 09:37:37 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 1076
Connection: keep-alive
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload max-age=31536000; includeSubdomains
X-Xss-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Set-Cookie: PHPSESSID=sb1ob7qkc2ipb56jas0k56trt4; path=/; secure; HttpOnly
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Content-Encoding: gzip
Vary: Accept-Encoding
Access-Control-Allow-Origin: *

GET
H2 200 layout.css
static.orangebuddies.com/templates/www.cashbackdeals.se/march16/css/ 248 KB
52 KB 103ms
65ms Stylesheet
text/css 2a02:21a8:0:3::ca6b:ba66
UKFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://static.orangebuddies.com/templates/www.cashbackdeals.se/march16/css/layout.css
Requested by: Host: www.cashbackdeals.se
URL: https://www.cashbackdeals.se/user/wk-tp.php?sk=7fd8acf0b1e2ff629ea98b4a6ed3c82881721c87&e=71d4457018f29598bed6f09268c9f2c6ae837848-1443&cm=07d41dc23a70566d6b81b33f5be00d094dc210bd-18791
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:21a8:0:3::ca6b:ba66 , United Kingdom, ASN61323 (UKFAST, GB),
Reverse DNS
Software: nginx/1.4.7 /
Resource Hash: 9f229c77d4188ae5577e9cda8657239b3d7ec33725397ead73ed83d45f8b25f0

Request headers

Referer: https://www.cashbackdeals.se/user/wk-tp.php?sk=7fd8acf0b1e2ff629ea98b4a6ed3c82881721c87&e=71d4457018f29598bed6f09268c9f2c6ae837848-1443&cm=07d41dc23a70566d6b81b33f5be00d094dc210bd-18791
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 09 Oct 2020 09:37:37 GMT
content-encoding: gzip
last-modified: Wed, 05 Aug 2020 05:25:05 GMT
server: nginx/1.4.7
status: 200
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ddosx-request-id: 7de0f9db924ad28cf73a162ecbbf5feb

GET
H/1.1 200
OK jquery.min.js Show response
www.cashbackdeals.se/general.assets/js/ 91 KB
33 KB 94ms
94ms Script
text/javascript 78.137.118.22
UKFAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cashbackdeals.se/general.assets/js/jquery.min.js

Requested by

Host: www.cashbackdeals.se
URL: https://www.cashbackdeals.se/user/wk-tp.php?sk=7fd8acf0b1e2ff629ea98b4a6ed3c82881721c87&e=71d4457018f29598bed6f09268c9f2c6ae837848-1443&cm=07d41dc23a70566d6b81b33f5be00d094dc210bd-18791

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

78.137.118.22 Manchester, United Kingdom, ASN61323 (UKFAST, GB),

Reverse DNS

78.137.118.22.srvlist.ukfast.net

Software

nginx /

Resource Hash

61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload, max-age=31536000; includeSubdomains
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.cashbackdeals.se/user/wk-tp.php?sk=7fd8acf0b1e2ff629ea98b4a6ed3c82881721c87&e=71d4457018f29598bed6f09268c9f2c6ae837848-1443&cm=07d41dc23a70566d6b81b33f5be00d094dc210bd-18791
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 09 Oct 2020 09:37:37 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Server: nginx
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload, max-age=31536000; includeSubdomains
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=864000, public, must-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 33430
X-Xss-Protection: 1; mode=block

GET
H2 200 logo.png
static.orangebuddies.com/templates/www.cashbackdeals.se/march16/assets/ 24 KB
25 KB 47ms
47ms Image
image/png 2a02:21a8:0:3::ca6b:ba66
UKFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.orangebuddies.com/templates/www.cashbackdeals.se/march16/assets/logo.png
Requested by: Host: www.cashbackdeals.se
URL: https://www.cashbackdeals.se/user/wk-tp.php?sk=7fd8acf0b1e2ff629ea98b4a6ed3c82881721c87&e=71d4457018f29598bed6f09268c9f2c6ae837848-1443&cm=07d41dc23a70566d6b81b33f5be00d094dc210bd-18791
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:21a8:0:3::ca6b:ba66 , United Kingdom, ASN61323 (UKFAST, GB),
Reverse DNS
Software: nginx/1.4.7 /
Resource Hash: 3efc98426f9dc813245e8ad33b5869e863f094b7f174464e6752e05e1712ed7c

Request headers

Referer: https://www.cashbackdeals.se/user/wk-tp.php?sk=7fd8acf0b1e2ff629ea98b4a6ed3c82881721c87&e=71d4457018f29598bed6f09268c9f2c6ae837848-1443&cm=07d41dc23a70566d6b81b33f5be00d094dc210bd-18791
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 09 Oct 2020 09:37:37 GMT
last-modified: Wed, 02 Nov 2016 07:31:44 GMT
server: nginx/1.4.7
etag: "58199660-6149"
status: 200
content-type: image/png
access-control-allow-origin: *
content-length: 24905
accept-ranges: bytes
x-ddosx-request-id: bcb45142247ce1e843add018e7399d22

GET
H2 200 cashmail_text.jpg
static.orangebuddies.com/templates/www.cashbackdeals.se/march16/assets/ 5 KB
5 KB 32ms
29ms Image
image/jpeg 2a02:21a8:0:3::ca6b:ba66
UKFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.orangebuddies.com/templates/www.cashbackdeals.se/march16/assets/cashmail_text.jpg
Requested by: Host: www.cashbackdeals.se
URL: https://www.cashbackdeals.se/user/wk-tp.php?sk=7fd8acf0b1e2ff629ea98b4a6ed3c82881721c87&e=71d4457018f29598bed6f09268c9f2c6ae837848-1443&cm=07d41dc23a70566d6b81b33f5be00d094dc210bd-18791
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:21a8:0:3::ca6b:ba66 , United Kingdom, ASN61323 (UKFAST, GB),
Reverse DNS
Software: nginx/1.4.7 /
Resource Hash: 0fd7a18faba1374f4dee2758f8b9d3b83f7ffb8d3af4f7eab5a9e651376b5d80

Request headers

Referer: https://www.cashbackdeals.se/user/wk-tp.php?sk=7fd8acf0b1e2ff629ea98b4a6ed3c82881721c87&e=71d4457018f29598bed6f09268c9f2c6ae837848-1443&cm=07d41dc23a70566d6b81b33f5be00d094dc210bd-18791
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 09 Oct 2020 09:37:37 GMT
last-modified: Mon, 27 Jun 2016 08:10:11 GMT
server: nginx/1.4.7
etag: "5770df63-147f"
status: 200
content-type: image/jpeg
access-control-allow-origin: *
content-length: 5247
accept-ranges: bytes
x-ddosx-request-id: ed7468987c1bfe56d2a9ad2df3ceef00

GET
H2 200 css
fonts.googleapis.com/ 2 KB
724 B 18ms
15ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=PT+Sans+Narrow

Requested by

Host: static.orangebuddies.com
URL: https://static.orangebuddies.com/templates/www.cashbackdeals.se/march16/css/layout.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5393e0e461c715eeefbbc338804e7c68b17ba9a5ba749f17e2ad5401b5d9e881

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://static.orangebuddies.com/templates/www.cashbackdeals.se/march16/css/layout.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 09 Oct 2020 09:32:32 GMT
server: ESF
date: Fri, 09 Oct 2020 09:37:37 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 09 Oct 2020 09:37:37 GMT

GET
H2 200 bg.jpg
static.orangebuddies.com/templates/www.cashbackdeals.se/march16/assets/ 14 KB
15 KB 29ms
29ms Image
image/jpeg 2a02:21a8:0:3::ca6b:ba66
UKFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.orangebuddies.com/templates/www.cashbackdeals.se/march16/assets/bg.jpg
Requested by: Host: static.orangebuddies.com
URL: https://static.orangebuddies.com/templates/www.cashbackdeals.se/march16/css/layout.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:21a8:0:3::ca6b:ba66 , United Kingdom, ASN61323 (UKFAST, GB),
Reverse DNS
Software: nginx/1.4.7 /
Resource Hash: 276ed23fdaae28019edf73bb462d0738ec8312b97f26698518bb303fc5a9bd9f

Request headers

Referer: https://static.orangebuddies.com/templates/www.cashbackdeals.se/march16/css/layout.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 09 Oct 2020 09:37:37 GMT
last-modified: Wed, 02 Nov 2016 07:31:44 GMT
server: nginx/1.4.7
etag: "58199660-39c1"
status: 200
content-type: image/jpeg
access-control-allow-origin: *
content-length: 14785
accept-ranges: bytes
x-ddosx-request-id: 8c862a38b25ab449f3c30de68c1036f7

GET
H/1.1 200
OK Cookie set netflix-se.php Show response
www.cashbackdeals.se/visit/ 5 KB
2 KB 228ms
227ms Document
text/html 78.137.118.22
UKFAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cashbackdeals.se/visit/netflix-se.php

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

78.137.118.22 Manchester, United Kingdom, ASN61323 (UKFAST, GB),

Reverse DNS

78.137.118.22.srvlist.ukfast.net

Software

nginx /

Resource Hash

a348a4e6ba49f6775396b5d3fbdf63436b05f643361445915389cd2a362f0828

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload max-age=31536000; includeSubdomains
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Host: www.cashbackdeals.se
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
Referer: https://www.cashbackdeals.se/user/wk-tp.php?sk=7fd8acf0b1e2ff629ea98b4a6ed3c82881721c87&e=71d4457018f29598bed6f09268c9f2c6ae837848-1443&cm=07d41dc23a70566d6b81b33f5be00d094dc210bd-18791
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.cashbackdeals.se/user/wk-tp.php?sk=7fd8acf0b1e2ff629ea98b4a6ed3c82881721c87&e=71d4457018f29598bed6f09268c9f2c6ae837848-1443&cm=07d41dc23a70566d6b81b33f5be00d094dc210bd-18791

Response headers

Server: nginx
Date: Fri, 09 Oct 2020 09:37:40 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 1545
Connection: keep-alive
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload max-age=31536000; includeSubdomains
X-Xss-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Set-Cookie: PHPSESSID=s1ggohtrjt7sb8s22etk4fvl00; path=/; secure; HttpOnly
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Content-Encoding: gzip
Vary: Accept-Encoding
Access-Control-Allow-Origin: *

GET
H2 200 layout.css
static.orangebuddies.com/templates/www.cashbackdeals.se/march16/css/ 248 KB
52 KB 57ms
56ms Stylesheet
text/css 2a02:21a8:0:3::ca6b:ba66
UKFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://static.orangebuddies.com/templates/www.cashbackdeals.se/march16/css/layout.css
Requested by: Host: www.cashbackdeals.se
URL: https://www.cashbackdeals.se/visit/netflix-se.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:21a8:0:3::ca6b:ba66 , United Kingdom, ASN61323 (UKFAST, GB),
Reverse DNS
Software: nginx/1.4.7 /
Resource Hash: 9f229c77d4188ae5577e9cda8657239b3d7ec33725397ead73ed83d45f8b25f0

Request headers

Referer: https://www.cashbackdeals.se/visit/netflix-se.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 09 Oct 2020 09:37:40 GMT
content-encoding: gzip
last-modified: Wed, 05 Aug 2020 05:25:05 GMT
server: nginx/1.4.7
status: 200
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ddosx-request-id: fb1a7424758eeb1a15d856935df5ee91

GET
H2 200 responsive.css
static.orangebuddies.com/templates/www.cashbackdeals.se/march16/css/ 65 KB
13 KB 56ms
55ms Stylesheet
text/css 2a02:21a8:0:3::ca6b:ba66
UKFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://static.orangebuddies.com/templates/www.cashbackdeals.se/march16/css/responsive.css
Requested by: Host: www.cashbackdeals.se
URL: https://www.cashbackdeals.se/visit/netflix-se.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:21a8:0:3::ca6b:ba66 , United Kingdom, ASN61323 (UKFAST, GB),
Reverse DNS
Software: nginx/1.4.7 /
Resource Hash: 2e3f77512871aecec1adb825903fe883437bd1a3174b4a22a54f197754c7d8f7

Request headers

Referer: https://www.cashbackdeals.se/visit/netflix-se.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 09 Oct 2020 09:37:40 GMT
content-encoding: gzip
last-modified: Wed, 26 Sep 2018 10:09:11 GMT
server: nginx/1.4.7
status: 200
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ddosx-request-id: 5bc4ca2956eb7c1de2ed01486d333a8e

GET
H2 200 popup.css
static.orangebuddies.com/templates/www.cashbackdeals.se/march16/css/popup/ 9 KB
3 KB 56ms
55ms Stylesheet
text/css 2a02:21a8:0:3::ca6b:ba66
UKFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://static.orangebuddies.com/templates/www.cashbackdeals.se/march16/css/popup/popup.css
Requested by: Host: www.cashbackdeals.se
URL: https://www.cashbackdeals.se/visit/netflix-se.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:21a8:0:3::ca6b:ba66 , United Kingdom, ASN61323 (UKFAST, GB),
Reverse DNS
Software: nginx/1.4.7 /
Resource Hash: 5ba8e2ef82bae978ae26c47375fc121aa0f40d8a73521dc83195f0b3ed2c9653

Request headers

Referer: https://www.cashbackdeals.se/visit/netflix-se.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 09 Oct 2020 09:37:40 GMT
content-encoding: gzip
last-modified: Fri, 26 Jun 2020 12:32:29 GMT
server: nginx/1.4.7
status: 200
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ddosx-request-id: eefe2a68531a86c835c3e10017fad6a2

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.4.0/css/ 26 KB
6 KB 29ms
8ms Stylesheet
text/css 2001:4de0:ac19::1:b:1a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.4.0/css/font-awesome.min.css

Requested by

Host: www.cashbackdeals.se
URL: https://www.cashbackdeals.se/visit/netflix-se.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4de0:ac19::1:b:1a , Netherlands, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Resource Hash

936ffccdc35bc55221e669d0e76034af76ba8c080c1b1149144dbbd3b5311829

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.cashbackdeals.se/visit/netflix-se.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 09 Oct 2020 09:37:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 12 Dec 2018 18:35:19 GMT
status: 200
etag: "1544639719"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 6079

GET
H2 200 120517.jpg
static.orangebuddies.com/image/stores/ 29 KB
29 KB 66ms
64ms Image
image/jpeg 2a02:21a8:0:3::ca6b:ba66
UKFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.orangebuddies.com/image/stores/120517.jpg
Requested by: Host: www.cashbackdeals.se
URL: https://www.cashbackdeals.se/visit/netflix-se.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:21a8:0:3::ca6b:ba66 , United Kingdom, ASN61323 (UKFAST, GB),
Reverse DNS
Software: nginx/1.4.7 /
Resource Hash: c586bcf08fcfc4d771f1319cbebb7abe1c0169853bb69631a4fe3a4332f48878

Request headers

Referer: https://www.cashbackdeals.se/visit/netflix-se.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 09 Oct 2020 09:37:40 GMT
last-modified: Thu, 21 May 2020 10:56:38 GMT
server: nginx/1.4.7
etag: "5ec65e66-7201"
status: 200
content-type: image/jpeg
access-control-allow-origin: *
content-length: 29185
accept-ranges: bytes
x-ddosx-request-id: 60e6b50289ed54c69558f198d57fadcb

GET
H2 200 53719-ExitPage468x60.jpg
static.orangebuddies.com/image/banners/ 50 KB
51 KB 138ms
137ms Image
image/jpeg 2a02:21a8:0:3::ca6b:ba66
UKFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.orangebuddies.com/image/banners/53719-ExitPage468x60.jpg
Requested by: Host: www.cashbackdeals.se
URL: https://www.cashbackdeals.se/visit/netflix-se.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:21a8:0:3::ca6b:ba66 , United Kingdom, ASN61323 (UKFAST, GB),
Reverse DNS
Software: nginx/1.4.7 /
Resource Hash: 3c9dfe795329e9e7bc9eb3a4f3e2c6600f5bb95603633b8ffe39694ba6e04569

Request headers

Referer: https://www.cashbackdeals.se/visit/netflix-se.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 09 Oct 2020 09:37:40 GMT
last-modified: Wed, 12 Aug 2020 14:07:12 GMT
server: nginx/1.4.7
etag: "5f33f790-c928"
status: 200
content-type: image/jpeg
access-control-allow-origin: *
content-length: 51496
accept-ranges: bytes
x-ddosx-request-id: 59a59e400dd1067001f91c2ad6a6318e

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 45 KB
18 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:81e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.cashbackdeals.se
URL: https://www.cashbackdeals.se/visit/netflix-se.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.cashbackdeals.se/visit/netflix-se.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Sep 2020 01:50:37 GMT
server: Golfe2
age: 1321
date: Fri, 09 Oct 2020 09:15:39 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18650
expires: Fri, 09 Oct 2020 11:15:39 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
68 B 13ms
13ms XHR
text/plain 2a00:1450:4001:81e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j86&a=47317257&t=pageview&_s=1&dl=https%3A%2F%2Fwww.cashbackdeals.se%2Fvisit%2Fnetflix-se.php&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1007763231&gjid=183289960&cid=1073668522.1602236261&tid=UA-56573835-1&_gid=963070401.1602236261&_r=1&_slc=1&z=534576045

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.cashbackdeals.se/visit/netflix-se.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 09 Oct 2020 09:37:40 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: text/plain
access-control-allow-origin: https://www.cashbackdeals.se
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
586 B 15ms
15ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=PT+Sans+Narrow

Requested by

Host: static.orangebuddies.com
URL: https://static.orangebuddies.com/templates/www.cashbackdeals.se/march16/css/layout.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5393e0e461c715eeefbbc338804e7c68b17ba9a5ba749f17e2ad5401b5d9e881

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://static.orangebuddies.com/templates/www.cashbackdeals.se/march16/css/layout.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 09 Oct 2020 09:37:40 GMT
server: ESF
date: Fri, 09 Oct 2020 09:37:40 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 09 Oct 2020 09:37:40 GMT

GET css
fonts.googleapis.com/ 0
0

GET
H2 200 bg.jpg
static.orangebuddies.com/templates/www.cashbackdeals.se/march16/assets/ 14 KB
15 KB 29ms
29ms Image
image/jpeg 2a02:21a8:0:3::ca6b:ba66
UKFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.orangebuddies.com/templates/www.cashbackdeals.se/march16/assets/bg.jpg
Requested by: Host: static.orangebuddies.com
URL: https://static.orangebuddies.com/templates/www.cashbackdeals.se/march16/css/layout.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:21a8:0:3::ca6b:ba66 , United Kingdom, ASN61323 (UKFAST, GB),
Reverse DNS
Software: nginx/1.4.7 /
Resource Hash: 276ed23fdaae28019edf73bb462d0738ec8312b97f26698518bb303fc5a9bd9f

Request headers

Referer: https://static.orangebuddies.com/templates/www.cashbackdeals.se/march16/css/layout.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 09 Oct 2020 09:37:40 GMT
last-modified: Wed, 02 Nov 2016 07:31:44 GMT
server: nginx/1.4.7
etag: "58199660-39c1"
status: 200
content-type: image/jpeg
access-control-allow-origin: *
content-length: 14785
accept-ranges: bytes
x-ddosx-request-id: 465166f1c57a4c8363e26f157ac88c52

GET
H2 200 bar-loading.gif
static.orangebuddies.com/templates/www.cashbackdeals.se/march16/assets/ 3 KB
3 KB 29ms
29ms Image
image/gif 2a02:21a8:0:3::ca6b:ba66
UKFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.orangebuddies.com/templates/www.cashbackdeals.se/march16/assets/bar-loading.gif
Requested by: Host: static.orangebuddies.com
URL: https://static.orangebuddies.com/templates/www.cashbackdeals.se/march16/css/popup/popup.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:21a8:0:3::ca6b:ba66 , United Kingdom, ASN61323 (UKFAST, GB),
Reverse DNS
Software: nginx/1.4.7 /
Resource Hash: a03a0e52f0f18d00375e4358ede5ec2ab934ea7a739e916c7c1caa702833e1b2

Request headers

Referer: https://static.orangebuddies.com/templates/www.cashbackdeals.se/march16/css/popup/popup.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 09 Oct 2020 09:37:40 GMT
last-modified: Fri, 01 Jul 2016 06:21:37 GMT
server: nginx/1.4.7
etag: "57760bf1-c59"
status: 200
content-type: image/gif
access-control-allow-origin: *
content-length: 3161
accept-ranges: bytes
x-ddosx-request-id: 6b1f14e7a9cd1a1a75c8e4fbb8e57054

GET
H2

200

Primary Request wingame.pl Show response
www.vinnettpris.com/cgi-bin/
Redirect Chain

http://tracking.basibe.com/aff_c?offer_id=4565&aff_id=1047&aff_sub=82-OBS-5f802f649da7482
https://trk.adstrck123.com/aff_c?offer_id=15803&aff_id=10013&url_id=19837&aff_sub3=1023c038f18268ae7a7b523bf6bf36
https://trk.adstrck123.com/aff_r?offer_id=15803&aff_id=10013&url=https%3A%2F%2Fwww.vinnettpris.com%2Fcgi-bin%2Fwingame.pl%3Fpartner_pk%3D396%26wingame_pk%3D81%26freetest_pk%3D235%26wingame_special_...
https://www.vinnettpris.com/cgi-bin/wingame.pl?partner_pk=396&wingame_pk=81&freetest_pk=235&wingame_special_prize1=pregame_prize_selection_1_name_5858&sub_id=10013-&sub_id_postback=102f623b5ea1caa5...

40 KB
13 KB

447ms
354ms

Document
text/html

185.3.185.190
CLARANET-AS Clara...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.vinnettpris.com/cgi-bin/wingame.pl?partner_pk=396&wingame_pk=81&freetest_pk=235&wingame_special_prize1=pregame_prize_selection_1_name_5858&sub_id=10013-&sub_id_postback=102f623b5ea1caa5777ba1ed3d6d37
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.3.185.190 , Germany, ASN8426 (CLARANET-AS ClaraNET LTD, GB),
Reverse DNS
Software: nginx /
Resource Hash: c22e6683da25ad96a6137691d0315c6d1a17fa6fbd1a6bee665675b4b9f4a8d9

Request headers

:method: GET
:authority: www.vinnettpris.com
:scheme: https
:path: /cgi-bin/wingame.pl?partner_pk=396&wingame_pk=81&freetest_pk=235&wingame_special_prize1=pregame_prize_selection_1_name_5858&sub_id=10013-&sub_id_postback=102f623b5ea1caa5777ba1ed3d6d37
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.cashbackdeals.se/visit/netflix-se.php

Response headers

status: 200
server: nginx
date: Fri, 09 Oct 2020 09:37:42 GMT
content-type: text/html;charset=ISO-8859-1
x-firstpage: 0
x-page: reg_half
x-map-context: se
x-served-by: d-03
content-encoding: gzip

Redirect headers

Server: nginx
Date: Fri, 09 Oct 2020 09:37:42 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 415
Connection: keep-alive
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
Location: https://www.vinnettpris.com/cgi-bin/wingame.pl?partner_pk=396&wingame_pk=81&freetest_pk=235&wingame_special_prize1=pregame_prize_selection_1_name_5858&sub_id=10013-&sub_id_postback=102f623b5ea1caa5777ba1ed3d6d37
Access-Control-Allow-Origin: *
X-Request-Id: 8b3eaa4178880b1513bdaaa2a1180be4
Access-Control-Allow-Headers: Tune-SDK-Version

GET
H2 200 tl_report.min.js Show response
www.vinnettpris.com/_global/js/ 20 B
240 B 28ms
25ms Script
application/javascript 185.3.185.190
CLARANET-AS Clara...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.vinnettpris.com/_global/js/tl_report.min.js?2020-10-09.3
Requested by: Host: www.vinnettpris.com
URL: https://www.vinnettpris.com/cgi-bin/wingame.pl?partner_pk=396&wingame_pk=81&freetest_pk=235&wingame_special_prize1=pregame_prize_selection_1_name_5858&sub_id=10013-&sub_id_postback=102f623b5ea1caa5777ba1ed3d6d37
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.3.185.190 , Germany, ASN8426 (CLARANET-AS ClaraNET LTD, GB),
Reverse DNS
Software: nginx /
Resource Hash: ab00214620a8a0deedc6fe0cc66e9f674a76b89dfaa222d49dc22f79f4754de1

Request headers

Referer: https://www.vinnettpris.com/cgi-bin/wingame.pl?partner_pk=396&wingame_pk=81&freetest_pk=235&wingame_special_prize1=pregame_prize_selection_1_name_5858&sub_id=10013-&sub_id_postback=102f623b5ea1caa5777ba1ed3d6d37
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 09 Oct 2020 09:37:42 GMT
last-modified: Thu, 09 Jul 2020 13:19:04 GMT
server: nginx
x-map-context: se
etag: "5f071948-14"
x-served-by: d-04
content-type: application/javascript
status: 200
cache-control: max-age=86400
accept-ranges: bytes
content-length: 20
expires: Sat, 10 Oct 2020 09:37:42 GMT

GET
H2 200 sweepstake.bundle.css
www.vinnettpris.com/dist/81/ 100 KB
18 KB 63ms
61ms Stylesheet
text/css 185.3.185.190
CLARANET-AS Clara...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.vinnettpris.com/dist/81/sweepstake.bundle.css?2020-10-09.3
Requested by: Host: www.vinnettpris.com
URL: https://www.vinnettpris.com/cgi-bin/wingame.pl?partner_pk=396&wingame_pk=81&freetest_pk=235&wingame_special_prize1=pregame_prize_selection_1_name_5858&sub_id=10013-&sub_id_postback=102f623b5ea1caa5777ba1ed3d6d37
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.3.185.190 , Germany, ASN8426 (CLARANET-AS ClaraNET LTD, GB),
Reverse DNS
Software: nginx /
Resource Hash: 97fcba0c0b34585992132987855655c101a313af1f2c6ed1057031071972623e

Request headers

Referer: https://www.vinnettpris.com/cgi-bin/wingame.pl?partner_pk=396&wingame_pk=81&freetest_pk=235&wingame_special_prize1=pregame_prize_selection_1_name_5858&sub_id=10013-&sub_id_postback=102f623b5ea1caa5777ba1ed3d6d37
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 09 Oct 2020 09:37:42 GMT
content-encoding: gzip
last-modified: Fri, 02 Oct 2020 07:55:06 GMT
server: nginx
x-map-context: se
etag: W/"5f76dcda-18e04"
x-served-by: d-03
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=86400
expires: Sat, 10 Oct 2020 09:37:42 GMT

GET
H2 200 MooTools-Core-1.6.0-compressed.js Show response
www.vinnettpris.com/_global/js/framework/ 88 KB
28 KB 37ms
34ms Script
application/javascript 185.3.185.190
CLARANET-AS Clara...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.vinnettpris.com/_global/js/framework/MooTools-Core-1.6.0-compressed.js?2020-10-09.3
Requested by: Host: www.vinnettpris.com
URL: https://www.vinnettpris.com/cgi-bin/wingame.pl?partner_pk=396&wingame_pk=81&freetest_pk=235&wingame_special_prize1=pregame_prize_selection_1_name_5858&sub_id=10013-&sub_id_postback=102f623b5ea1caa5777ba1ed3d6d37
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.3.185.190 , Germany, ASN8426 (CLARANET-AS ClaraNET LTD, GB),
Reverse DNS
Software: nginx /
Resource Hash: be0e66141e099739e90785e74a75e7aba4a5a3aa36c414e867c41f0ced9b0a36

Request headers

Referer: https://www.vinnettpris.com/cgi-bin/wingame.pl?partner_pk=396&wingame_pk=81&freetest_pk=235&wingame_special_prize1=pregame_prize_selection_1_name_5858&sub_id=10013-&sub_id_postback=102f623b5ea1caa5777ba1ed3d6d37
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 09 Oct 2020 09:37:42 GMT
content-encoding: gzip
last-modified: Fri, 10 Nov 2017 11:48:17 GMT
server: nginx
x-map-context: se
etag: W/"5a059201-15e64"
x-served-by: d-02
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=86400
expires: Sat, 10 Oct 2020 09:37:42 GMT

GET
H2 200 moolidator.js Show response
www.vinnettpris.com/_global/js/ 43 KB
8 KB 51ms
49ms Script
application/javascript 185.3.185.190
CLARANET-AS Clara...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.vinnettpris.com/_global/js/moolidator.js?2020-10-09.3
Requested by: Host: www.vinnettpris.com
URL: https://www.vinnettpris.com/cgi-bin/wingame.pl?partner_pk=396&wingame_pk=81&freetest_pk=235&wingame_special_prize1=pregame_prize_selection_1_name_5858&sub_id=10013-&sub_id_postback=102f623b5ea1caa5777ba1ed3d6d37
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.3.185.190 , Germany, ASN8426 (CLARANET-AS ClaraNET LTD, GB),
Reverse DNS
Software: nginx /
Resource Hash: 43e7a58b43464b2a609b9c8de11c70280749591d10dd82dd016481d36d3d1a28

Request headers

Referer: https://www.vinnettpris.com/cgi-bin/wingame.pl?partner_pk=396&wingame_pk=81&freetest_pk=235&wingame_special_prize1=pregame_prize_selection_1_name_5858&sub_id=10013-&sub_id_postback=102f623b5ea1caa5777ba1ed3d6d37
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 09 Oct 2020 09:37:42 GMT
content-encoding: gzip
last-modified: Wed, 06 May 2020 10:20:06 GMT
server: nginx
x-map-context: se
etag: W/"5eb28f56-ab89"
x-served-by: d-04
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=86400
expires: Sat, 10 Oct 2020 09:37:42 GMT

GET
H2 200 moolidator_rules.js Show response
www.vinnettpris.com/_global/js/ 27 KB
3 KB 53ms
51ms Script
application/javascript 185.3.185.190
CLARANET-AS Clara...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.vinnettpris.com/_global/js/moolidator_rules.js?2020-10-09.3
Requested by: Host: www.vinnettpris.com
URL: https://www.vinnettpris.com/cgi-bin/wingame.pl?partner_pk=396&wingame_pk=81&freetest_pk=235&wingame_special_prize1=pregame_prize_selection_1_name_5858&sub_id=10013-&sub_id_postback=102f623b5ea1caa5777ba1ed3d6d37
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.3.185.190 , Germany, ASN8426 (CLARANET-AS ClaraNET LTD, GB),
Reverse DNS
Software: nginx /
Resource Hash: 0cee7cffbd5da273e458205bab70184a98ad48169fc8ec65485ac74782242990

Request headers

Referer: https://www.vinnettpris.com/cgi-bin/wingame.pl?partner_pk=396&wingame_pk=81&freetest_pk=235&wingame_special_prize1=pregame_prize_selection_1_name_5858&sub_id=10013-&sub_id_postback=102f623b5ea1caa5777ba1ed3d6d37
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 09 Oct 2020 09:37:42 GMT
content-encoding: gzip
last-modified: Mon, 31 Aug 2020 08:43:45 GMT
server: nginx
x-map-context: se
etag: W/"5f4cb841-6c12"
x-served-by: d-01
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=86400
expires: Sat, 10 Oct 2020 09:37:42 GMT

GET
H2 200 scripts.js Show response
www.vinnettpris.com/_global/js/ 54 KB
13 KB 56ms
55ms Script
application/javascript 185.3.185.190
CLARANET-AS Clara...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.vinnettpris.com/_global/js/scripts.js?2020-10-09.3
Requested by: Host: www.vinnettpris.com
URL: https://www.vinnettpris.com/cgi-bin/wingame.pl?partner_pk=396&wingame_pk=81&freetest_pk=235&wingame_special_prize1=pregame_prize_selection_1_name_5858&sub_id=10013-&sub_id_postback=102f623b5ea1caa5777ba1ed3d6d37
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.3.185.190 , Germany, ASN8426 (CLARANET-AS ClaraNET LTD, GB),
Reverse DNS
Software: nginx /
Resource Hash: 08f70c47f25f8c0642238ec55a03c68859a3e2bbe2f65599772eb8c73ba92aab

Request headers

Referer: https://www.vinnettpris.com/cgi-bin/wingame.pl?partner_pk=396&wingame_pk=81&freetest_pk=235&wingame_special_prize1=pregame_prize_selection_1_name_5858&sub_id=10013-&sub_id_postback=102f623b5ea1caa5777ba1ed3d6d37
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 09 Oct 2020 09:37:42 GMT
content-encoding: gzip
last-modified: Wed, 09 Sep 2020 11:05:31 GMT
server: nginx
x-map-context: se
etag: W/"5f58b6fb-d72c"
x-served-by: d-02
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=86400
expires: Sat, 10 Oct 2020 09:37:42 GMT

GET
H2 200 global.js Show response
www.vinnettpris.com/wingame/global/js/ 650 B
871 B 59ms
57ms Script
application/javascript 185.3.185.190
CLARANET-AS Clara...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.vinnettpris.com/wingame/global/js/global.js?2020-10-09.3
Requested by: Host: www.vinnettpris.com
URL: https://www.vinnettpris.com/cgi-bin/wingame.pl?partner_pk=396&wingame_pk=81&freetest_pk=235&wingame_special_prize1=pregame_prize_selection_1_name_5858&sub_id=10013-&sub_id_postback=102f623b5ea1caa5777ba1ed3d6d37
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.3.185.190 , Germany, ASN8426 (CLARANET-AS ClaraNET LTD, GB),
Reverse DNS
Software: nginx /
Resource Hash: 433e4627dd2a39216ce7d407f44cdfbec1525461a3850d13322dc189392ed0f3

Request headers

Referer: https://www.vinnettpris.com/cgi-bin/wingame.pl?partner_pk=396&wingame_pk=81&freetest_pk=235&wingame_special_prize1=pregame_prize_selection_1_name_5858&sub_id=10013-&sub_id_postback=102f623b5ea1caa5777ba1ed3d6d37
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 09 Oct 2020 09:37:42 GMT
last-modified: Fri, 01 May 2020 13:12:11 GMT
server: nginx
x-map-context: se
etag: "5eac202b-28a"
x-served-by: d-04
content-type: application/javascript
status: 200
cache-control: max-age=86400
accept-ranges: bytes
content-length: 650
expires: Sat, 10 Oct 2020 09:37:42 GMT

GET
H2 200 series.js Show response
www.vinnettpris.com/_global/wingame/76/js/ 8 KB
3 KB 60ms
58ms Script
application/javascript 185.3.185.190
CLARANET-AS Clara...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.vinnettpris.com/_global/wingame/76/js/series.js?2020-10-09.3
Requested by: Host: www.vinnettpris.com
URL: https://www.vinnettpris.com/cgi-bin/wingame.pl?partner_pk=396&wingame_pk=81&freetest_pk=235&wingame_special_prize1=pregame_prize_selection_1_name_5858&sub_id=10013-&sub_id_postback=102f623b5ea1caa5777ba1ed3d6d37
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.3.185.190 , Germany, ASN8426 (CLARANET-AS ClaraNET LTD, GB),
Reverse DNS
Software: nginx /
Resource Hash: 63b93ce6ea02afbc6e0903c0161e37f66370c4f4a286600f8ac9c0c00389bc31

Request headers

Referer: https://www.vinnettpris.com/cgi-bin/wingame.pl?partner_pk=396&wingame_pk=81&freetest_pk=235&wingame_special_prize1=pregame_prize_selection_1_name_5858&sub_id=10013-&sub_id_postback=102f623b5ea1caa5777ba1ed3d6d37
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 09 Oct 2020 09:37:42 GMT
content-encoding: gzip
last-modified: Thu, 26 Mar 2020 08:57:19 GMT
server: nginx
x-map-context: se
etag: W/"5e7c6e6f-21e6"
x-served-by: d-04
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=86400
expires: Sat, 10 Oct 2020 09:37:42 GMT

GET
H2 200 sweepstake.js Show response
www.vinnettpris.com/wingame/81/js/ 2 KB
886 B 66ms
65ms Script
application/javascript 185.3.185.190
CLARANET-AS Clara...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.vinnettpris.com/wingame/81/js/sweepstake.js?2020-10-09.3
Requested by: Host: www.vinnettpris.com
URL: https://www.vinnettpris.com/cgi-bin/wingame.pl?partner_pk=396&wingame_pk=81&freetest_pk=235&wingame_special_prize1=pregame_prize_selection_1_name_5858&sub_id=10013-&sub_id_postback=102f623b5ea1caa5777ba1ed3d6d37
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.3.185.190 , Germany, ASN8426 (CLARANET-AS ClaraNET LTD, GB),
Reverse DNS
Software: nginx /
Resource Hash: 5d44e50c41baeacbee2e6d6229ebf2571eec03890285ddc1c637f5d9fa0cd3aa

Request headers

Referer: https://www.vinnettpris.com/cgi-bin/wingame.pl?partner_pk=396&wingame_pk=81&freetest_pk=235&wingame_special_prize1=pregame_prize_selection_1_name_5858&sub_id=10013-&sub_id_postback=102f623b5ea1caa5777ba1ed3d6d37
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 09 Oct 2020 09:37:42 GMT
content-encoding: gzip
last-modified: Fri, 01 May 2020 13:12:11 GMT
server: nginx
x-map-context: se
etag: W/"5eac202b-817"
x-served-by: d-01
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=86400
expires: Sat, 10 Oct 2020 09:37:42 GMT

GET
H2 200 image_235_1028_1587030862_cp_image_225_1028_1586978153_cp_image_246_1028_1586940173_cp_image_371_1028_1585318698_cp_image_1168_1028_1582904407_cp_image_1167_1028_1582904361_cp_image_255_1028_157953...
www.vinnettpris.com/files/web/freetest/_images/ 7 KB
7 KB 28ms
27ms Image
image/png 185.3.185.190
CLARANET-AS Clara...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.vinnettpris.com/files/web/freetest/_images/image_235_1028_1587030862_cp_image_225_1028_1586978153_cp_image_246_1028_1586940173_cp_image_371_1028_1585318698_cp_image_1168_1028_1582904407_cp_image_1167_1028_1582904361_cp_image_255_1028_1579530624.png
Requested by: Host: www.vinnettpris.com
URL: https://www.vinnettpris.com/cgi-bin/wingame.pl?partner_pk=396&wingame_pk=81&freetest_pk=235&wingame_special_prize1=pregame_prize_selection_1_name_5858&sub_id=10013-&sub_id_postback=102f623b5ea1caa5777ba1ed3d6d37
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.3.185.190 , Germany, ASN8426 (CLARANET-AS ClaraNET LTD, GB),
Reverse DNS
Software: nginx /
Resource Hash: 5d1b1106fadacca0e81d822bdb294f6c6cefe30986badcbe7f721152a5a9b86d

Request headers

Referer: https://www.vinnettpris.com/cgi-bin/wingame.pl?partner_pk=396&wingame_pk=81&freetest_pk=235&wingame_special_prize1=pregame_prize_selection_1_name_5858&sub_id=10013-&sub_id_postback=102f623b5ea1caa5777ba1ed3d6d37
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 09 Oct 2020 09:37:42 GMT
last-modified: Thu, 16 Apr 2020 09:54:22 GMT
server: nginx
x-map-context: se
etag: "5e982b4e-1c2c"
x-served-by: d-04
content-type: image/png
status: 200
cache-control: max-age=86400
accept-ranges: bytes
content-length: 7212
expires: Sat, 10 Oct 2020 09:37:42 GMT

GET
H2 200 img-hbo-devices.jpg
www.vinnettpris.com/_static/_global/_supload/images/ 7 KB
7 KB 30ms
29ms Image
image/jpeg 185.3.185.190
CLARANET-AS Clara...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.vinnettpris.com/_static/_global/_supload/images/img-hbo-devices.jpg
Requested by: Host: www.vinnettpris.com
URL: https://www.vinnettpris.com/cgi-bin/wingame.pl?partner_pk=396&wingame_pk=81&freetest_pk=235&wingame_special_prize1=pregame_prize_selection_1_name_5858&sub_id=10013-&sub_id_postback=102f623b5ea1caa5777ba1ed3d6d37
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.3.185.190 , Germany, ASN8426 (CLARANET-AS ClaraNET LTD, GB),
Reverse DNS
Software: nginx /
Resource Hash: 4bbeaf16c41a42ffd42222778f643a411ba0578ed920f2b810b7878256a0ce0a

Request headers

Referer: https://www.vinnettpris.com/cgi-bin/wingame.pl?partner_pk=396&wingame_pk=81&freetest_pk=235&wingame_special_prize1=pregame_prize_selection_1_name_5858&sub_id=10013-&sub_id_postback=102f623b5ea1caa5777ba1ed3d6d37
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 09 Oct 2020 09:37:42 GMT
last-modified: Mon, 20 Jan 2020 12:51:03 GMT
server: nginx
etag: "1370299958"
content-type: image/jpeg
status: 200
cache-control: max-age=86400
accept-ranges: bytes
content-length: 6695
expires: Sat, 10 Oct 2020 09:37:42 GMT

GET
H2 200 imgStreaming.png
www.vinnettpris.com/_static/_global/_supload/images/ 67 KB
67 KB 30ms
29ms Image
image/png 185.3.185.190
CLARANET-AS Clara...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.vinnettpris.com/_static/_global/_supload/images/imgStreaming.png
Requested by: Host: www.vinnettpris.com
URL: https://www.vinnettpris.com/cgi-bin/wingame.pl?partner_pk=396&wingame_pk=81&freetest_pk=235&wingame_special_prize1=pregame_prize_selection_1_name_5858&sub_id=10013-&sub_id_postback=102f623b5ea1caa5777ba1ed3d6d37
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.3.185.190 , Germany, ASN8426 (CLARANET-AS ClaraNET LTD, GB),
Reverse DNS
Software: nginx /
Resource Hash: 6dc811068db68f73985e7c84b1a426386b93b7c67e42dd2f7802e0625e930613

Request headers

Referer: https://www.vinnettpris.com/cgi-bin/wingame.pl?partner_pk=396&wingame_pk=81&freetest_pk=235&wingame_special_prize1=pregame_prize_selection_1_name_5858&sub_id=10013-&sub_id_postback=102f623b5ea1caa5777ba1ed3d6d37
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 09 Oct 2020 09:37:42 GMT
last-modified: Wed, 15 Apr 2020 12:21:42 GMT
server: nginx
etag: "1754497324"
content-type: image/png
status: 200
cache-control: max-age=86400
accept-ranges: bytes
content-length: 68453
expires: Sat, 10 Oct 2020 09:37:42 GMT

GET
H2 200 close.png
www.vinnettpris.com/_global/wingame/default/bba/images/ 1 KB
1 KB 27ms
26ms Image
image/png 185.3.185.190
CLARANET-AS Clara...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.vinnettpris.com/_global/wingame/default/bba/images/close.png
Requested by: Host: www.vinnettpris.com
URL: https://www.vinnettpris.com/cgi-bin/wingame.pl?partner_pk=396&wingame_pk=81&freetest_pk=235&wingame_special_prize1=pregame_prize_selection_1_name_5858&sub_id=10013-&sub_id_postback=102f623b5ea1caa5777ba1ed3d6d37
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.3.185.190 , Germany, ASN8426 (CLARANET-AS ClaraNET LTD, GB),
Reverse DNS
Software: nginx /
Resource Hash: 6a0d30a4b3dc6eee3adbff72319c017932c011da39da3ed564200cd530a89b1d

Request headers

Referer: https://www.vinnettpris.com/cgi-bin/wingame.pl?partner_pk=396&wingame_pk=81&freetest_pk=235&wingame_special_prize1=pregame_prize_selection_1_name_5858&sub_id=10013-&sub_id_postback=102f623b5ea1caa5777ba1ed3d6d37
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 09 Oct 2020 09:37:42 GMT
last-modified: Tue, 06 Dec 2016 13:05:32 GMT
server: nginx
x-map-context: se
etag: "5846b79c-4dd"
x-served-by: d-01
content-type: image/png
status: 200
cache-control: max-age=86400
accept-ranges: bytes
content-length: 1245
expires: Sat, 10 Oct 2020 09:37:42 GMT

GET
H2 200 20159413288_bba-logo.png
www.vinnettpris.com/_global/wingame/default/bba/images/ 4 KB
4 KB 28ms
27ms Image
image/png 185.3.185.190
CLARANET-AS Clara...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.vinnettpris.com/_global/wingame/default/bba/images/20159413288_bba-logo.png
Requested by: Host: www.vinnettpris.com
URL: https://www.vinnettpris.com/cgi-bin/wingame.pl?partner_pk=396&wingame_pk=81&freetest_pk=235&wingame_special_prize1=pregame_prize_selection_1_name_5858&sub_id=10013-&sub_id_postback=102f623b5ea1caa5777ba1ed3d6d37
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.3.185.190 , Germany, ASN8426 (CLARANET-AS ClaraNET LTD, GB),
Reverse DNS
Software: nginx /
Resource Hash: 0edb4d4dacef152307427cbf965443eb70c695e6a7c7e22418b29c3d94805d35

Request headers

Referer: https://www.vinnettpris.com/cgi-bin/wingame.pl?partner_pk=396&wingame_pk=81&freetest_pk=235&wingame_special_prize1=pregame_prize_selection_1_name_5858&sub_id=10013-&sub_id_postback=102f623b5ea1caa5777ba1ed3d6d37
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 09 Oct 2020 09:37:42 GMT
last-modified: Tue, 08 Dec 2015 14:28:55 GMT
server: nginx
x-map-context: se
etag: "5666e927-e71"
x-served-by: d-02
content-type: image/png
status: 200
cache-control: max-age=86400
accept-ranges: bytes
content-length: 3697
expires: Sat, 10 Oct 2020 09:37:42 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 884 B
1 KB 38ms
19ms Script
text/javascript 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6LcxjocUAAAAAHtmQlr7eMt2R5JaC8MSulqCArz-

Requested by

Host: www.vinnettpris.com
URL: https://www.vinnettpris.com/cgi-bin/wingame.pl?partner_pk=396&wingame_pk=81&freetest_pk=235&wingame_special_prize1=pregame_prize_selection_1_name_5858&sub_id=10013-&sub_id_postback=102f623b5ea1caa5777ba1ed3d6d37

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

9869149729dccf1d9360e620124872f97db5084bf1732d68654f3f29af432e49

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.vinnettpris.com/cgi-bin/wingame.pl?partner_pk=396&wingame_pk=81&freetest_pk=235&wingame_special_prize1=pregame_prize_selection_1_name_5858&sub_id=10013-&sub_id_postback=102f623b5ea1caa5777ba1ed3d6d37
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 09 Oct 2020 09:37:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 584
x-xss-protection: 1; mode=block
expires: Fri, 09 Oct 2020 09:37:42 GMT

GET
H2 200 1568 Show response
live.r3engage.com/ 5 KB
5 KB 265ms
173ms Script
text/javascript 34.252.194.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://live.r3engage.com/1568
Requested by: Host: www.vinnettpris.com
URL: https://www.vinnettpris.com/cgi-bin/wingame.pl?partner_pk=396&wingame_pk=81&freetest_pk=235&wingame_special_prize1=pregame_prize_selection_1_name_5858&sub_id=10013-&sub_id_postback=102f623b5ea1caa5777ba1ed3d6d37
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.252.194.50 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-252-194-50.eu-west-1.compute.amazonaws.com
Software: Apache/2.4.41 () OpenSSL/1.0.2k-fips / PHP/7.2.26
Resource Hash: 82e90da6908541334d406c9e3157303b85830c2b9c0264b2b2722caa0baf26fe

Request headers

Referer: https://www.vinnettpris.com/cgi-bin/wingame.pl?partner_pk=396&wingame_pk=81&freetest_pk=235&wingame_special_prize1=pregame_prize_selection_1_name_5858&sub_id=10013-&sub_id_postback=102f623b5ea1caa5777ba1ed3d6d37
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Fri, 09 Oct 2020 09:37:42 GMT
server: Apache/2.4.41 () OpenSSL/1.0.2k-fips
x-powered-by: PHP/7.2.26
content-type: text/javascript;charset=UTF-8

GET
H2 200 bgNetflixNutral.jpg
www.vinnettpris.com/_static/_global/_supload/images/ 92 KB
93 KB 29ms
28ms Image
image/jpeg 185.3.185.190
CLARANET-AS Clara...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.vinnettpris.com/_static/_global/_supload/images/bgNetflixNutral.jpg
Requested by: Host: www.vinnettpris.com
URL: https://www.vinnettpris.com/cgi-bin/wingame.pl?partner_pk=396&wingame_pk=81&freetest_pk=235&wingame_special_prize1=pregame_prize_selection_1_name_5858&sub_id=10013-&sub_id_postback=102f623b5ea1caa5777ba1ed3d6d37
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.3.185.190 , Germany, ASN8426 (CLARANET-AS ClaraNET LTD, GB),
Reverse DNS
Software: nginx /
Resource Hash: 393924af5d2dfa6d2d25337c82972b7f0b39cb71b3d7b6b76d4afa897b2b6436

Request headers

Referer: https://www.vinnettpris.com/cgi-bin/wingame.pl?partner_pk=396&wingame_pk=81&freetest_pk=235&wingame_special_prize1=pregame_prize_selection_1_name_5858&sub_id=10013-&sub_id_postback=102f623b5ea1caa5777ba1ed3d6d37
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 09 Oct 2020 09:37:42 GMT
last-modified: Wed, 15 Apr 2020 12:25:12 GMT
server: nginx
etag: "3761350746"
content-type: image/jpeg
status: 200
cache-control: max-age=86400
accept-ranges: bytes
content-length: 94657
expires: Sat, 10 Oct 2020 09:37:42 GMT

GET
H2 200 Roboto-Black.woff2
www.vinnettpris.com/_static/_global/_supload/fonts/ 65 KB
65 KB 26ms
26ms Font
font/woff2 185.3.185.190
CLARANET-AS Clara...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.vinnettpris.com/_static/_global/_supload/fonts/Roboto-Black.woff2
Requested by: Host: www.vinnettpris.com
URL: https://www.vinnettpris.com/cgi-bin/wingame.pl?partner_pk=396&wingame_pk=81&freetest_pk=235&wingame_special_prize1=pregame_prize_selection_1_name_5858&sub_id=10013-&sub_id_postback=102f623b5ea1caa5777ba1ed3d6d37
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.3.185.190 , Germany, ASN8426 (CLARANET-AS ClaraNET LTD, GB),
Reverse DNS
Software: nginx /
Resource Hash: 026d836bb00b979293032a9221da04e71faf87f79f48b6bb92e3f9935f5315bc

Request headers

Origin: https://www.vinnettpris.com
Referer: https://www.vinnettpris.com/cgi-bin/wingame.pl?partner_pk=396&wingame_pk=81&freetest_pk=235&wingame_special_prize1=pregame_prize_selection_1_name_5858&sub_id=10013-&sub_id_postback=102f623b5ea1caa5777ba1ed3d6d37
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 09 Oct 2020 09:37:42 GMT
last-modified: Thu, 24 Sep 2020 13:54:39 GMT
server: nginx
etag: "941120815"
content-type: font/woff2
status: 200
cache-control: max-age=86400
accept-ranges: bytes
content-length: 66148
expires: Sat, 10 Oct 2020 09:37:42 GMT

GET
H2 200 Roboto-Regular.woff2
www.vinnettpris.com/_static/_global/_supload/fonts/ 64 KB
65 KB 36ms
36ms Font
font/woff2 185.3.185.190
CLARANET-AS Clara...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.vinnettpris.com/_static/_global/_supload/fonts/Roboto-Regular.woff2
Requested by: Host: www.vinnettpris.com
URL: https://www.vinnettpris.com/cgi-bin/wingame.pl?partner_pk=396&wingame_pk=81&freetest_pk=235&wingame_special_prize1=pregame_prize_selection_1_name_5858&sub_id=10013-&sub_id_postback=102f623b5ea1caa5777ba1ed3d6d37
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.3.185.190 , Germany, ASN8426 (CLARANET-AS ClaraNET LTD, GB),
Reverse DNS
Software: nginx /
Resource Hash: 8cef08634dc57d6519717c5a99a9e502bdc96586fe64770520a4820b0b089920

Request headers

Origin: https://www.vinnettpris.com
Referer: https://www.vinnettpris.com/cgi-bin/wingame.pl?partner_pk=396&wingame_pk=81&freetest_pk=235&wingame_special_prize1=pregame_prize_selection_1_name_5858&sub_id=10013-&sub_id_postback=102f623b5ea1caa5777ba1ed3d6d37
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 09 Oct 2020 09:37:42 GMT
last-modified: Thu, 24 Sep 2020 13:54:40 GMT
server: nginx
etag: "5364368"
content-type: font/woff2
status: 200
cache-control: max-age=86400
accept-ranges: bytes
content-length: 65916
expires: Sat, 10 Oct 2020 09:37:42 GMT

GET
H2 200 Roboto-Bold.woff2
www.vinnettpris.com/_static/_global/_supload/fonts/ 64 KB
65 KB 49ms
48ms Font
font/woff2 185.3.185.190
CLARANET-AS Clara...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.vinnettpris.com/_static/_global/_supload/fonts/Roboto-Bold.woff2
Requested by: Host: www.vinnettpris.com
URL: https://www.vinnettpris.com/cgi-bin/wingame.pl?partner_pk=396&wingame_pk=81&freetest_pk=235&wingame_special_prize1=pregame_prize_selection_1_name_5858&sub_id=10013-&sub_id_postback=102f623b5ea1caa5777ba1ed3d6d37
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.3.185.190 , Germany, ASN8426 (CLARANET-AS ClaraNET LTD, GB),
Reverse DNS
Software: nginx /
Resource Hash: 4d7dd6e02d849e181e51db84d9d230d369b8ce7412dbcee9d7d1d19ad8a16741

Request headers

Origin: https://www.vinnettpris.com
Referer: https://www.vinnettpris.com/cgi-bin/wingame.pl?partner_pk=396&wingame_pk=81&freetest_pk=235&wingame_special_prize1=pregame_prize_selection_1_name_5858&sub_id=10013-&sub_id_postback=102f623b5ea1caa5777ba1ed3d6d37
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 09 Oct 2020 09:37:42 GMT
last-modified: Thu, 24 Sep 2020 13:54:40 GMT
server: nginx
etag: "1686198371"
content-type: font/woff2
status: 200
cache-control: max-age=86400
accept-ranges: bytes
content-length: 65972
expires: Sat, 10 Oct 2020 09:37:42 GMT

GET
H2 200 init.js Show response
eu.winnernotification.com/pushweb/assets/ 2 KB
1 KB 50ms
25ms Script
application/javascript 2606:4700:10::6816:78f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://eu.winnernotification.com/pushweb/assets/init.js
Requested by: Host: www.vinnettpris.com
URL: https://www.vinnettpris.com/cgi-bin/wingame.pl?partner_pk=396&wingame_pk=81&freetest_pk=235&wingame_special_prize1=pregame_prize_selection_1_name_5858&sub_id=10013-&sub_id_postback=102f623b5ea1caa5777ba1ed3d6d37
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:78f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5a00a1da7009d9b1dc462dc71bf132eafb0f5505a40f53af672af9f10fe24777

Request headers

Referer: https://www.vinnettpris.com/cgi-bin/wingame.pl?partner_pk=396&wingame_pk=81&freetest_pk=235&wingame_special_prize1=pregame_prize_selection_1_name_5858&sub_id=10013-&sub_id_postback=102f623b5ea1caa5777ba1ed3d6d37
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 09 Oct 2020 09:37:42 GMT
content-encoding: gzip
cf-cache-status: EXPIRED
access-control-allow-origin: *
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
status: 200
cf-request-id: 05ae5241ff00002b29f23d7200000001
server: cloudflare
etag: W/"6da-kIfwFe4hG6qMlAw4pS4JQFrGpro"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET,PUT,POST,DELETE
content-type: application/javascript; charset=utf-8
via: 1.1 google
cache-control: max-age=14400
cf-ray: 5df71fe33cd02b29-FRA
access-control-allow-headers: Content-Type, Authorization, Accengage-Time, Accengage-Signature

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/48TunWH-ZrLteSwFVbw6tVnx/ 341 KB
134 KB 25ms
6ms Script
text/javascript 2a00:1450:4001:824::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/48TunWH-ZrLteSwFVbw6tVnx/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LcxjocUAAAAAHtmQlr7eMt2R5JaC8MSulqCArz-

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

68575ad691a70cbdbe9e806567291969d2813ac54ae3a6e26f4778ba568b522e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.vinnettpris.com
Referer: https://www.vinnettpris.com/cgi-bin/wingame.pl?partner_pk=396&wingame_pk=81&freetest_pk=235&wingame_special_prize1=pregame_prize_selection_1_name_5858&sub_id=10013-&sub_id_postback=102f623b5ea1caa5777ba1ed3d6d37
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 09 Oct 2020 09:25:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 754
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 136438
x-xss-protection: 0
last-modified: Mon, 05 Oct 2020 17:20:56 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 09 Oct 2021 09:25:08 GMT

GET
H2 200 knyWgMkowoLgiirlphHKiRKkPimwJOqkwprkshwmoLzlGOgjmtoMinoJOqngjikJkmQinNmQgkrlskoGgrOwihGkrggKomQiPhGiilzkrQlhhgjmGwoylOjwowhxqvOMgigwGQrikmhvwgMqnLsNKgxsHwxiHgKKgNOshxmmsNisLxjqLpGmxzjothHsPzIuKxGmx... Show response
www.vinnettpris.com/sc/ Frame BAD3 244 B
336 B 41ms
41ms Document
text/html 185.3.185.190
CLARANET-AS Clara...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.vinnettpris.com/sc/knyWgMkowoLgiirlphHKiRKkPimwJOqkwprkshwmoLzlGOgjmtoMinoJOqngjikJkmQinNmQgkrlskoGgrOwihGkrggKomQiPhGiilzkrQlhhgjmGwoylOjwowhxqvOMgigwGQrikmhvwgMqnLsNKgxsHwxiHgKKgNOshxmmsNisLxjqLpGmxzjothHsPzIuKxGmxyzitzhmtwzsLNikJgsQuxvIOvlmOgGKNOKRqqsRzwNkqHiLsLGkImggKoMiluwHvwpXthtkooiGoxIh
Requested by: Host: www.vinnettpris.com
URL: https://www.vinnettpris.com/cgi-bin/wingame.pl?partner_pk=396&wingame_pk=81&freetest_pk=235&wingame_special_prize1=pregame_prize_selection_1_name_5858&sub_id=10013-&sub_id_postback=102f623b5ea1caa5777ba1ed3d6d37
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.3.185.190 , Germany, ASN8426 (CLARANET-AS ClaraNET LTD, GB),
Reverse DNS
Software: nginx /
Resource Hash: 503172b43ae85d677edcfd15664690ff066fef462b998b8d2ff413fd54cba267

Request headers

:method: GET
:authority: www.vinnettpris.com
:scheme: https
:path: /sc/knyWgMkowoLgiirlphHKiRKkPimwJOqkwprkshwmoLzlGOgjmtoMinoJOqngjikJkmQinNmQgkrlskoGgrOwihGkrggKomQiPhGiilzkrQlhhgjmGwoylOjwowhxqvOMgigwGQrikmhvwgMqnLsNKgxsHwxiHgKKgNOshxmmsNisLxjqLpGmxzjothHsPzIuKxGmxyzitzhmtwzsLNikJgsQuxvIOvlmOgGKNOKRqqsRzwNkqHiLsLGkImggKoMiluwHvwpXthtkooiGoxIh
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.vinnettpris.com/cgi-bin/wingame.pl?partner_pk=396&wingame_pk=81&freetest_pk=235&wingame_special_prize1=pregame_prize_selection_1_name_5858&sub_id=10013-&sub_id_postback=102f623b5ea1caa5777ba1ed3d6d37
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.vinnettpris.com/cgi-bin/wingame.pl?partner_pk=396&wingame_pk=81&freetest_pk=235&wingame_special_prize1=pregame_prize_selection_1_name_5858&sub_id=10013-&sub_id_postback=102f623b5ea1caa5777ba1ed3d6d37

Response headers

status: 200
server: nginx
date: Fri, 09 Oct 2020 09:37:42 GMT
content-type: text/html;charset=ISO-8859-1
x-map-context: se
x-served-by: d-02
content-encoding: gzip

GET
H2 200 s5-bfp.js Show response
www.vinnettpris.com/_global/js/ 12 KB
4 KB 29ms
28ms Script
application/javascript 185.3.185.190
CLARANET-AS Clara...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.vinnettpris.com/_global/js/s5-bfp.js?2338585139
Requested by: Host: www.vinnettpris.com
URL: https://www.vinnettpris.com/_global/js/scripts.js?2020-10-09.3
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.3.185.190 , Germany, ASN8426 (CLARANET-AS ClaraNET LTD, GB),
Reverse DNS
Software: nginx /
Resource Hash: 82e17635bd84d9c2f72b3d9ae284d3e84d9d4c990faf27b3ddb4169229f0bcd1

Request headers

Referer: https://www.vinnettpris.com/cgi-bin/wingame.pl?partner_pk=396&wingame_pk=81&freetest_pk=235&wingame_special_prize1=pregame_prize_selection_1_name_5858&sub_id=10013-&sub_id_postback=102f623b5ea1caa5777ba1ed3d6d37
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 09 Oct 2020 09:37:42 GMT
content-encoding: gzip
last-modified: Thu, 12 Mar 2020 13:46:39 GMT
server: nginx
x-map-context: se
etag: W/"5e6a3d3f-2e71"
x-served-by: d-03
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=86400
expires: Sat, 10 Oct 2020 09:37:42 GMT

GET
H3-Q050 200 anchor
www.google.com/recaptcha/api2/ Frame B6C3 0
0 52ms
38ms Document
text/html 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcxjocUAAAAAHtmQlr7eMt2R5JaC8MSulqCArz-&co=aHR0cHM6Ly93d3cudmlubmV0dHByaXMuY29tOjQ0Mw..&hl=en&v=48TunWH-ZrLteSwFVbw6tVnx&size=invisible&cb=etffttxps6xm

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/48TunWH-ZrLteSwFVbw6tVnx/recaptcha__en.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-CaRK+fnVrkvIAaAFhuxTNA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/anchor?ar=1&k=6LcxjocUAAAAAHtmQlr7eMt2R5JaC8MSulqCArz-&co=aHR0cHM6Ly93d3cudmlubmV0dHByaXMuY29tOjQ0Mw..&hl=en&v=48TunWH-ZrLteSwFVbw6tVnx&size=invisible&cb=etffttxps6xm
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.vinnettpris.com/cgi-bin/wingame.pl?partner_pk=396&wingame_pk=81&freetest_pk=235&wingame_special_prize1=pregame_prize_selection_1_name_5858&sub_id=10013-&sub_id_postback=102f623b5ea1caa5777ba1ed3d6d37
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.vinnettpris.com/cgi-bin/wingame.pl?partner_pk=396&wingame_pk=81&freetest_pk=235&wingame_special_prize1=pregame_prize_selection_1_name_5858&sub_id=10013-&sub_id_postback=102f623b5ea1caa5777ba1ed3d6d37

Response headers

status: 200
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 09 Oct 2020 09:37:43 GMT
content-security-policy: script-src 'report-sample' 'nonce-CaRK+fnVrkvIAaAFhuxTNA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 10062
server: GSE
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 t_main.js Show response
eu.winnernotification.com/pushweb/assets/ 118 KB
30 KB 11ms
11ms Script
application/javascript 2606:4700:10::6816:78f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://eu.winnernotification.com/pushweb/assets/t_main.js?
Requested by: Host: eu.winnernotification.com
URL: https://eu.winnernotification.com/pushweb/assets/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:78f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ca6a25c33e89a6f06512bbd890db4021ee92ce2730d8c536d460da29d7f96ad0

Request headers

Referer: https://www.vinnettpris.com/cgi-bin/wingame.pl?partner_pk=396&wingame_pk=81&freetest_pk=235&wingame_special_prize1=pregame_prize_selection_1_name_5858&sub_id=10013-&sub_id_postback=102f623b5ea1caa5777ba1ed3d6d37
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 09 Oct 2020 09:37:43 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 3289
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
status: 200
cf-request-id: 05ae52428800002b29f23e9200000001
access-control-allow-origin: *
server: cloudflare
etag: W/"1d92e-wj0wST+ob5Troq3eZfJHd1vje+o"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET,PUT,POST,DELETE
content-type: application/javascript; charset=utf-8
via: 1.1 google
cache-control: max-age=14400
cf-ray: 5df71fe40eec2b29-FRA
access-control-allow-headers: Content-Type, Authorization, Accengage-Time, Accengage-Signature

GET
H2 200 QoqWgoxgkqkgkIoIkKnIOvlmOgGKNOKRqqsRzwNkqHjnoMRKkPimwJwwjjyKkLhwItOgoIqKXmwssglzmwyKKgjhjKoGHnQtghgoIJlxijgJKgtljGQrXihjkopsGsmJgP
www.vinnettpris.com/sc/ Frame BAD3 79 B
269 B 45ms
44ms Image
image/gif 185.3.185.190
CLARANET-AS Clara...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.vinnettpris.com/sc/QoqWgoxgkqkgkIoIkKnIOvlmOgGKNOKRqqsRzwNkqHjnoMRKkPimwJwwjjyKkLhwItOgoIqKXmwssglzmwyKKgjhjKoGHnQtghgoIJlxijgJKgtljGQrXihjkopsGsmJgP
Requested by: Host: www.vinnettpris.com
URL: https://www.vinnettpris.com/sc/knyWgMkowoLgiirlphHKiRKkPimwJOqkwprkshwmoLzlGOgjmtoMinoJOqngjikJkmQinNmQgkrlskoGgrOwihGkrggKomQiPhGiilzkrQlhhgjmGwoylOjwowhxqvOMgigwGQrikmhvwgMqnLsNKgxsHwxiHgKKgNOshxmmsNisLxjqLpGmxzjothHsPzIuKxGmxyzitzhmtwzsLNikJgsQuxvIOvlmOgGKNOKRqqsRzwNkqHiLsLGkImggKoMiluwHvwpXthtkooiGoxIh
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.3.185.190 , Germany, ASN8426 (CLARANET-AS ClaraNET LTD, GB),
Reverse DNS
Software: nginx /
Resource Hash: f925565d71d0205f39767c109555e35cdbfa3a3bece71e737027114758c9d3ab

Request headers

Referer: https://www.vinnettpris.com/sc/knyWgMkowoLgiirlphHKiRKkPimwJOqkwprkshwmoLzlGOgjmtoMinoJOqngjikJkmQinNmQgkrlskoGgrOwihGkrggKomQiPhGiilzkrQlhhgjmGwoylOjwowhxqvOMgigwGQrikmhvwgMqnLsNKgxsHwxiHgKKgNOshxmmsNisLxjqLpGmxzjothHsPzIuKxGmxyzitzhmtwzsLNikJgsQuxvIOvlmOgGKNOKRqqsRzwNkqHiLsLGkImggKoMiluwHvwpXthtkooiGoxIh
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 09 Oct 2020 09:37:43 GMT
server: nginx
x-map-context: se
p3p: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
status: 200
content-type: image/gif
content-length: 79
x-served-by: d-01

GET
H2 200 m_main.html
eu.winnernotification.com/pushweb/assets/ Frame 3EE2 0
0 26ms
25ms Document
text/html 2606:4700:10::6816:78f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://eu.winnernotification.com/pushweb/assets/m_main.html?
Requested by: Host: eu.winnernotification.com
URL: https://eu.winnernotification.com/pushweb/assets/t_main.js?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:78f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: eu.winnernotification.com
:scheme: https
:path: /pushweb/assets/m_main.html?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.vinnettpris.com/cgi-bin/wingame.pl?partner_pk=396&wingame_pk=81&freetest_pk=235&wingame_special_prize1=pregame_prize_selection_1_name_5858&sub_id=10013-&sub_id_postback=102f623b5ea1caa5777ba1ed3d6d37
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.vinnettpris.com/cgi-bin/wingame.pl?partner_pk=396&wingame_pk=81&freetest_pk=235&wingame_special_prize1=pregame_prize_selection_1_name_5858&sub_id=10013-&sub_id_postback=102f623b5ea1caa5777ba1ed3d6d37

Response headers

status: 200
date: Fri, 09 Oct 2020 09:37:43 GMT
content-type: text/html; charset=utf-8
set-cookie: __cfduid=d442bd52b1404a2003b8b011012318f831602236263; expires=Sun, 08-Nov-20 09:37:43 GMT; path=/; domain=.winnernotification.com; HttpOnly; SameSite=Lax
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
access-control-allow-origin: *
access-control-allow-methods: GET,PUT,POST,DELETE
access-control-allow-headers: Content-Type, Authorization, Accengage-Time, Accengage-Signature
cache-control: no-cache
vary: Accept-Encoding
via: 1.1 google
cf-cache-status: DYNAMIC
cf-request-id: 05ae5242b500002b29f23eb200000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 5df71fe45fb82b29-FRA
content-encoding: gzip

GET
H2 200 r3engage.php Show response
live.r3engage.com/ 15 KB
15 KB 196ms
196ms Script
text/html 34.252.194.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://live.r3engage.com/r3engage.php?r3move=1&r3cache=0&testsess6876=028f08a8d984ab81fa5ff8dea14fe682&referrer=&fp=_&ce=a&res=b&cnv=f&ver=d&res_av=c&ver_os=e&campaign_id=1568&s1=&t1=&t2=&t3=
Requested by: Host: live.r3engage.com
URL: https://live.r3engage.com/1568
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.252.194.50 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-252-194-50.eu-west-1.compute.amazonaws.com
Software: Apache/2.4.41 () OpenSSL/1.0.2k-fips / PHP/7.2.26
Resource Hash: 3ba4f3be56cfdd8608290088499bd0e8d5a4394dd4cd85938ed5c365fa084d58

Request headers

Referer: https://www.vinnettpris.com/cgi-bin/wingame.pl?partner_pk=396&wingame_pk=81&freetest_pk=235&wingame_special_prize1=pregame_prize_selection_1_name_5858&sub_id=10013-&sub_id_postback=102f623b5ea1caa5777ba1ed3d6d37
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Oct 2020 09:37:43 GMT
server: Apache/2.4.41 () OpenSSL/1.0.2k-fips
x-powered-by: PHP/7.2.26
content-type: text/html; charset=UTF-8
status: 200
cache-control: no-store, no-cache, must-revalidate
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 animate3.css
d3v6q7097edepm.cloudfront.net/css/ 71 KB
71 KB 65ms
20ms Stylesheet
text/css 2600:9000:206e:9600:13:7c59:6e80:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3v6q7097edepm.cloudfront.net/css/animate3.css
Requested by: Host: www.cashbackdeals.se
URL: https://www.cashbackdeals.se/user/wk-tp.php?sk=7fd8acf0b1e2ff629ea98b4a6ed3c82881721c87&e=71d4457018f29598bed6f09268c9f2c6ae837848-1443&cm=07d41dc23a70566d6b81b33f5be00d094dc210bd-18791
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206e:9600:13:7c59:6e80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a5549023d853f3c320a369d0488a225e0af4a4226f8728f2df9c375cfb00ec86

Request headers

Referer: https://www.vinnettpris.com/cgi-bin/wingame.pl?partner_pk=396&wingame_pk=81&freetest_pk=235&wingame_special_prize1=pregame_prize_selection_1_name_5858&sub_id=10013-&sub_id_postback=102f623b5ea1caa5777ba1ed3d6d37
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 08 Oct 2020 19:23:55 GMT
via: 1.1 8041ecf6e768a41bc9c64e0c75dc923d.cloudfront.net (CloudFront)
last-modified: Fri, 31 Jan 2020 17:33:11 GMT
server: AmazonS3
age: 51229
etag: "6cafe138e48efead0052fcf75e8d7ec1"
x-cache: Hit from cloudfront
content-type: text/css
status: 200
x-amz-cf-pop: VIE50-C1
accept-ranges: bytes
content-length: 72489
x-amz-cf-id: BVyOpXamkkdPdshYovAJnargcZfQUcnj7UFm9S6pls9aKv88GtUBrA==

GET
H2 200 font_style.egentic.css
d3v6q7097edepm.cloudfront.net/fonts/ 1 B
315 B 66ms
22ms Stylesheet
text/css 2600:9000:206e:9600:13:7c59:6e80:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3v6q7097edepm.cloudfront.net/fonts/font_style.egentic.css
Requested by: Host: www.cashbackdeals.se
URL: https://www.cashbackdeals.se/user/wk-tp.php?sk=7fd8acf0b1e2ff629ea98b4a6ed3c82881721c87&e=71d4457018f29598bed6f09268c9f2c6ae837848-1443&cm=07d41dc23a70566d6b81b33f5be00d094dc210bd-18791
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206e:9600:13:7c59:6e80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer: https://www.vinnettpris.com/cgi-bin/wingame.pl?partner_pk=396&wingame_pk=81&freetest_pk=235&wingame_special_prize1=pregame_prize_selection_1_name_5858&sub_id=10013-&sub_id_postback=102f623b5ea1caa5777ba1ed3d6d37
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 08 Oct 2020 10:42:30 GMT
via: 1.1 8041ecf6e768a41bc9c64e0c75dc923d.cloudfront.net (CloudFront)
last-modified: Thu, 08 Oct 2020 10:42:28 GMT
server: AmazonS3
age: 82514
etag: "7215ee9c7d9dc229d2921a40e899ec5f"
x-cache: Hit from cloudfront
content-type: text/css
status: 200
x-amz-cf-pop: VIE50-C1
accept-ranges: bytes
content-length: 1
x-amz-cf-id: GAKTS8y688RG1qwdxTkrd9FYJ-6ul2ZB62hF4TJQy66O2YNj8hukTw==

GET
H2 206 1kb.mp3
d3v6q7097edepm.cloudfront.net/mp3/ 1 KB
1 KB 83ms
40ms Media
audio/mp3 2600:9000:206e:9600:13:7c59:6e80:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3v6q7097edepm.cloudfront.net/mp3/1kb.mp3
Requested by: Host: www.vinnettpris.com
URL: https://www.vinnettpris.com/cgi-bin/wingame.pl?partner_pk=396&wingame_pk=81&freetest_pk=235&wingame_special_prize1=pregame_prize_selection_1_name_5858&sub_id=10013-&sub_id_postback=102f623b5ea1caa5777ba1ed3d6d37
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206e:9600:13:7c59:6e80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d2ee72fe4af84edbfbfb9ebbfc9a8206f62e6d3fb2ccced42ff6ac5d92966aff

Request headers

Referer: https://www.vinnettpris.com/cgi-bin/wingame.pl?partner_pk=396&wingame_pk=81&freetest_pk=235&wingame_special_prize1=pregame_prize_selection_1_name_5858&sub_id=10013-&sub_id_postback=102f623b5ea1caa5777ba1ed3d6d37
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Range: bytes=0-

Response headers

date: Thu, 08 Oct 2020 16:21:19 GMT
via: 1.1 8041ecf6e768a41bc9c64e0c75dc923d.cloudfront.net (CloudFront)
last-modified: Fri, 31 Jan 2020 17:32:24 GMT
server: AmazonS3
age: 62185
etag: "2fab401479fc569b1d333e5c561fa50a"
x-cache: Hit from cloudfront
content-type: audio/mp3
status: 206
Content-Range: bytes 0-1151/1152
x-amz-cf-pop: VIE50-C1
accept-ranges: bytes
Content-Length: 1152
x-amz-cf-id: aqZ867dtxixskFkDObw4N4AUhf2bhhYugfbVUbh-BgkP_WmGcua-Ng==

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Open+Sans:400italic,400|Open+Sans+Condensed:700

Verdicts & Comments Add Verdict or Comment

257 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	(Line 1) Message: ck_6876 = 0
console-api	log	(Line 1) Message: 6876back!
console-api	log	(Line 1) Message: ?partner_pk=396&wingame_pk=81&freetest_pk=235&wingame_special_prize1=pregame_prize_selection_1_name_5858&sub_id=10013-&sub_id_postback=102f623b5ea1caa5777ba1ed3d6d37

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload max-age=31536000; includeSubdomains
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

d3v6q7097edepm.cloudfront.net
eu.winnernotification.com
fonts.googleapis.com
live.r3engage.com
maxcdn.bootstrapcdn.com
static.orangebuddies.com
tracking.basibe.com
trk.adstrck123.com
www.cashbackdeals.se
www.google-analytics.com
www.google.com
www.gstatic.com
www.vinnettpris.com
fonts.googleapis.com
185.3.185.190
2001:4de0:ac19::1:b:1a
2600:9000:206e:9600:13:7c59:6e80:21
2606:4700:10::6816:78f
2a00:1450:4001:800::200a
2a00:1450:4001:803::2004
2a00:1450:4001:81e::200e
2a00:1450:4001:824::2003
2a02:21a8:0:3::ca6b:ba66
34.252.194.50
52.210.2.133
52.50.177.251
78.137.118.22
026d836bb00b979293032a9221da04e71faf87f79f48b6bb92e3f9935f5315bc
08f70c47f25f8c0642238ec55a03c68859a3e2bbe2f65599772eb8c73ba92aab
0cee7cffbd5da273e458205bab70184a98ad48169fc8ec65485ac74782242990
0edb4d4dacef152307427cbf965443eb70c695e6a7c7e22418b29c3d94805d35
0fd7a18faba1374f4dee2758f8b9d3b83f7ffb8d3af4f7eab5a9e651376b5d80
276ed23fdaae28019edf73bb462d0738ec8312b97f26698518bb303fc5a9bd9f
2e3f77512871aecec1adb825903fe883437bd1a3174b4a22a54f197754c7d8f7
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
393924af5d2dfa6d2d25337c82972b7f0b39cb71b3d7b6b76d4afa897b2b6436
3ba4f3be56cfdd8608290088499bd0e8d5a4394dd4cd85938ed5c365fa084d58
3c9dfe795329e9e7bc9eb3a4f3e2c6600f5bb95603633b8ffe39694ba6e04569
3efc98426f9dc813245e8ad33b5869e863f094b7f174464e6752e05e1712ed7c
433e4627dd2a39216ce7d407f44cdfbec1525461a3850d13322dc189392ed0f3
43e7a58b43464b2a609b9c8de11c70280749591d10dd82dd016481d36d3d1a28
4bbeaf16c41a42ffd42222778f643a411ba0578ed920f2b810b7878256a0ce0a
4d7dd6e02d849e181e51db84d9d230d369b8ce7412dbcee9d7d1d19ad8a16741
503172b43ae85d677edcfd15664690ff066fef462b998b8d2ff413fd54cba267
5393e0e461c715eeefbbc338804e7c68b17ba9a5ba749f17e2ad5401b5d9e881
5a00a1da7009d9b1dc462dc71bf132eafb0f5505a40f53af672af9f10fe24777
5ba8e2ef82bae978ae26c47375fc121aa0f40d8a73521dc83195f0b3ed2c9653
5d1b1106fadacca0e81d822bdb294f6c6cefe30986badcbe7f721152a5a9b86d
5d44e50c41baeacbee2e6d6229ebf2571eec03890285ddc1c637f5d9fa0cd3aa
60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef
61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf
63b93ce6ea02afbc6e0903c0161e37f66370c4f4a286600f8ac9c0c00389bc31
68575ad691a70cbdbe9e806567291969d2813ac54ae3a6e26f4778ba568b522e
6a0d30a4b3dc6eee3adbff72319c017932c011da39da3ed564200cd530a89b1d
6dc811068db68f73985e7c84b1a426386b93b7c67e42dd2f7802e0625e930613
82e17635bd84d9c2f72b3d9ae284d3e84d9d4c990faf27b3ddb4169229f0bcd1
82e90da6908541334d406c9e3157303b85830c2b9c0264b2b2722caa0baf26fe
8cef08634dc57d6519717c5a99a9e502bdc96586fe64770520a4820b0b089920
936ffccdc35bc55221e669d0e76034af76ba8c080c1b1149144dbbd3b5311829
97fcba0c0b34585992132987855655c101a313af1f2c6ed1057031071972623e
9869149729dccf1d9360e620124872f97db5084bf1732d68654f3f29af432e49
9f229c77d4188ae5577e9cda8657239b3d7ec33725397ead73ed83d45f8b25f0
a03a0e52f0f18d00375e4358ede5ec2ab934ea7a739e916c7c1caa702833e1b2
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a348a4e6ba49f6775396b5d3fbdf63436b05f643361445915389cd2a362f0828
a5549023d853f3c320a369d0488a225e0af4a4226f8728f2df9c375cfb00ec86
ab00214620a8a0deedc6fe0cc66e9f674a76b89dfaa222d49dc22f79f4754de1
b4afd7d5b6bfe90aa49fc0a4f1622fb4863aea873fe650a5a59393932f092711
be0e66141e099739e90785e74a75e7aba4a5a3aa36c414e867c41f0ced9b0a36
c22e6683da25ad96a6137691d0315c6d1a17fa6fbd1a6bee665675b4b9f4a8d9
c586bcf08fcfc4d771f1319cbebb7abe1c0169853bb69631a4fe3a4332f48878
ca6a25c33e89a6f06512bbd890db4021ee92ce2730d8c536d460da29d7f96ad0
d2ee72fe4af84edbfbfb9ebbfc9a8206f62e6d3fb2ccced42ff6ac5d92966aff
f925565d71d0205f39767c109555e35cdbfa3a3bece71e737027114758c9d3ab

www.vinnettpris.com Open in urlscan Pro 185.3.185.190 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

53 Requests

98 %HTTPS

62 %IPv6

13 Domains

13 Subdomains

12 IPs

5 Countries

1049 kBTransfer

2183 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

53 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.vinnettpris.com Open in urlscan Pro
185.3.185.190 Public Scan

Screenshot
Live screenshot

Full Image

53
Requests

98 %
HTTPS

62 %
IPv6

13
Domains

13
Subdomains

12
IPs

5
Countries

1049 kB
Transfer

2183 kB
Size

0
Cookies

53 HTTP transactions
0 data transactions