urlscan.io logo urlscan.io
SecurityTrails logo

search.squoter.com Open in urlscan Pro
176.119.28.52  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://fortunatedday.com/
Effective URL: https://search.squoter.com/v3/de/de/list/offer?source=prl&campaign=prl&subid=1ouvfk5gdvl8k
Submission: On June 05 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 5 countries across 8 domains to perform 20 HTTP transactions. The main IP is 176.119.28.52, located in Ukraine and belongs to YURTEH-AS, UA. The main domain is search.squoter.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on April 21st 2020. Valid for: 3 months.
This is the only time search.squoter.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    194.48.152.34 (Russian Federation)

ASN35196 (IHOR-AS, RU)
PTR: free.ds
fortunatedday.com
1    2606:4700:20::ac43:49eb (United States)

ASN13335 (CLOUDFLARENET, US)
triumphantplace.com
14    176.119.28.52 (Ukraine)

ASN30860 (YURTEH-AS, UA)
PTR: dedicated.vsys.host
search.squoter.com
1    2a00:1450:4001:821::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2001:4de0:ac19::1:b:2a (Netherlands)

ASN20446 (HIGHWINDS3, US)
code.jquery.com
1    2a00:1450:4001:81c::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a00:1450:4001:820::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a00:1450:4001:81d::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
Domain Requested by
14 search.squoter.com search.squoter.com
2 www.google-analytics.com www.googletagmanager.com
search.squoter.com
1 fonts.gstatic.com search.squoter.com
1 www.googletagmanager.com search.squoter.com
1 code.jquery.com search.squoter.com
1 fonts.googleapis.com search.squoter.com
1 triumphantplace.com 1 redirects
1 fortunatedday.com 1 redirects
20 8

This site contains no links.

Subject Issuer Validity Valid
search.squoter.com
Let's Encrypt Authority X3		 2020-04-21 -
2020-07-20		 3 months crt.sh
upload.video.google.com
GTS CA 1O1		 2020-05-05 -
2020-07-28		 3 months crt.sh
jquery.org
COMODO RSA Domain Validation Secure Server CA		 2018-10-17 -
2020-10-16		 2 years crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-05-20 -
2020-08-12		 3 months crt.sh
*.gstatic.com
GTS CA 1O1		 2020-05-20 -
2020-08-12		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://search.squoter.com/v3/de/de/list/offer?source=prl&campaign=prl&subid=1ouvfk5gdvl8k
Frame ID: 699B1990B748938792E8DDE764FA2E0E
Requests: 21 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://fortunatedday.com/ HTTP 302
    https://triumphantplace.com/landing/roulette?sub_id_7= HTTP 302
    https://search.squoter.com/v3/de/de/list/offer?source=prl&campaign=prl&subid=1ouvfk5gdvl8k Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /Ubuntu/i
Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Overall confidence: 100%
Detected patterns
  • html /<!-- (?:End )?Google Tag Manager -->/i
Overall confidence: 100%
Detected patterns
  • script /jquery[.-]([\d.]*\d)[^/]*\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

20
Requests

100 %
HTTPS

75 %
IPv6

8
Domains

8
Subdomains

7
IPs

5
Countries

1984 kB
Transfer

2136 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://fortunatedday.com/ HTTP 302
    https://triumphantplace.com/landing/roulette?sub_id_7= HTTP 302
    https://search.squoter.com/v3/de/de/list/offer?source=prl&campaign=prl&subid=1ouvfk5gdvl8k Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request offer
search.squoter.com/v3/de/de/list/
Redirect Chain
  • http://fortunatedday.com/
  • https://triumphantplace.com/landing/roulette?sub_id_7=
  • https://search.squoter.com/v3/de/de/list/offer?source=prl&campaign=prl&subid=1ouvfk5gdvl8k
41 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://search.squoter.com/v3/de/de/list/offer?source=prl&campaign=prl&subid=1ouvfk5gdvl8k
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
176.119.28.52 , Ukraine, ASN30860 (YURTEH-AS, UA),
Reverse DNS
dedicated.vsys.host
Software
nginx/1.17.10 (Ubuntu) /
Resource Hash
5960fa6ab345042e2ee7a230f859e0ed9798fbc7744c93f6c436b3bb25ae3702

Request headers

Host
search.squoter.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Server
nginx/1.17.10 (Ubuntu)
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Cache-Control
no-cache, private
Date
Fri, 05 Jun 2020 18:41:56 GMT
Content-Encoding
gzip

Redirect headers

status
302
date
Fri, 05 Jun 2020 18:41:56 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=d9be10f85a1c93b20183c151134bb1f1b1591382515; expires=Sun, 05-Jul-20 18:41:55 GMT; path=/; domain=.triumphantplace.com; HttpOnly; SameSite=Lax PHPSESSID=ejv1v6gjd2egakc728ud0us7pq; path=/ _subid=1ouvfk5gdvl8k; expires=Sat, 06-Jun-2020 18:41:56 GMT; Max-Age=86400; path=/; domain=.triumphantplace.com a12d5=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjM4MlwiOjE1OTEzODI1MjcsXCI1NThcIjoxNTkxMzgyNTI3LFwiNTY5XCI6MTU5MTM4MjUyN30sXCJjYW1wYWlnbnNcIjp7XCI3MVwiOjE1OTEzODI1MjcsXCI3MFwiOjE1OTEzODI1MjcsXCI4OVwiOjE1OTEzODI1Mjd9LFwidGltZVwiOjE1OTEzODI1Mjd9In0.z1pcKxmNrnPHmN8yAZ0M4iqcYj0Nyj_QThrxyF5pcbc; expires=Sat, 06-Jun-2020 18:41:56 GMT; Max-Age=86400; path=/; domain=.triumphantplace.com _token=uuid_1ouvfk5gdvl8k_1ouvfk5gdvl8k5eda91ffe128c6.17044959; expires=Sat, 06-Jun-2020 18:41:56 GMT; Max-Age=86400; path=/; domain=.triumphantplace.com
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
location
https://search.squoter.com/v3/de/de/list/offer?source=prl&campaign=prl&subid=1ouvfk5gdvl8k
cf-cache-status
DYNAMIC
cf-request-id
0327633867000097c60307b200000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
59ec07d3dd2b97c6-FRA
css
fonts.googleapis.com/ 		433 B
419 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Fredoka+One
Requested by
Host: search.squoter.com
URL: https://search.squoter.com/v3/de/de/list/offer?source=prl&campaign=prl&subid=1ouvfk5gdvl8k
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5ded0b4b366b8da956a22a7c4ab370b3e6b79d021ef990549dbc3a36102e718f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://search.squoter.com/v3/de/de/list/offer?source=prl&campaign=prl&subid=1ouvfk5gdvl8k
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 05 Jun 2020 18:32:31 GMT
server
ESF
date
Fri, 05 Jun 2020 18:41:56 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 05 Jun 2020 18:41:56 GMT
offer.css
search.squoter.com/assets/offer_v1/css/ 		81 KB
81 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://search.squoter.com/assets/offer_v1/css/offer.css
Requested by
Host: search.squoter.com
URL: https://search.squoter.com/v3/de/de/list/offer?source=prl&campaign=prl&subid=1ouvfk5gdvl8k
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
176.119.28.52 , Ukraine, ASN30860 (YURTEH-AS, UA),
Reverse DNS
dedicated.vsys.host
Software
nginx/1.17.10 (Ubuntu) /
Resource Hash
bd7e5e66fb5a635a2a2ce761c1435a1a35c98653268e9a16ae81de71b5bc0f78

Request headers

Referer
https://search.squoter.com/v3/de/de/list/offer?source=prl&campaign=prl&subid=1ouvfk5gdvl8k
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 05 Jun 2020 18:41:56 GMT
Last-Modified
Mon, 18 May 2020 12:49:18 GMT
Server
nginx/1.17.10 (Ubuntu)
ETag
"5ec2844e-142a8"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
82600
landing_v2.css
search.squoter.com/assets/offer_v1/css/ 		6 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://search.squoter.com/assets/offer_v1/css/landing_v2.css
Requested by
Host: search.squoter.com
URL: https://search.squoter.com/v3/de/de/list/offer?source=prl&campaign=prl&subid=1ouvfk5gdvl8k
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
176.119.28.52 , Ukraine, ASN30860 (YURTEH-AS, UA),
Reverse DNS
dedicated.vsys.host
Software
nginx/1.17.10 (Ubuntu) /
Resource Hash
9d9b0c6582ba120acaa1523e1464b7b9db77671fec84579b2f2919175181f782

Request headers

Referer
https://search.squoter.com/v3/de/de/list/offer?source=prl&campaign=prl&subid=1ouvfk5gdvl8k
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 05 Jun 2020 18:41:56 GMT
Last-Modified
Mon, 18 May 2020 12:49:18 GMT
Server
nginx/1.17.10 (Ubuntu)
ETag
"5ec2844e-1696"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5782
slider.css
search.squoter.com/assets/offer_v1/css/ 		1 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://search.squoter.com/assets/offer_v1/css/slider.css
Requested by
Host: search.squoter.com
URL: https://search.squoter.com/v3/de/de/list/offer?source=prl&campaign=prl&subid=1ouvfk5gdvl8k
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
176.119.28.52 , Ukraine, ASN30860 (YURTEH-AS, UA),
Reverse DNS
dedicated.vsys.host
Software
nginx/1.17.10 (Ubuntu) /
Resource Hash
8c390be8f422e8f276785864b4246fb49a60112a6675848fc57f46a3247ee203

Request headers

Referer
https://search.squoter.com/v3/de/de/list/offer?source=prl&campaign=prl&subid=1ouvfk5gdvl8k
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 05 Jun 2020 18:41:56 GMT
Last-Modified
Mon, 18 May 2020 12:49:18 GMT
Server
nginx/1.17.10 (Ubuntu)
ETag
"5ec2844e-583"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1411
modal.css
search.squoter.com/assets/offer_v1/css/ 		2 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://search.squoter.com/assets/offer_v1/css/modal.css
Requested by
Host: search.squoter.com
URL: https://search.squoter.com/v3/de/de/list/offer?source=prl&campaign=prl&subid=1ouvfk5gdvl8k
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
176.119.28.52 , Ukraine, ASN30860 (YURTEH-AS, UA),
Reverse DNS
dedicated.vsys.host
Software
nginx/1.17.10 (Ubuntu) /
Resource Hash
71b9d8b714cb0dcaf96eeb3d19f8b9fc734b3a770cf8c8eff9128141d13b2d01

Request headers

Referer
https://search.squoter.com/v3/de/de/list/offer?source=prl&campaign=prl&subid=1ouvfk5gdvl8k
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 05 Jun 2020 18:41:56 GMT
Last-Modified
Mon, 18 May 2020 12:49:18 GMT
Server
nginx/1.17.10 (Ubuntu)
ETag
"5ec2844e-783"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1923
jquery-3.5.0.min.js
code.jquery.com/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.5.0.min.js
Requested by
Host: search.squoter.com
URL: https://search.squoter.com/v3/de/de/list/offer?source=prl&campaign=prl&subid=1ouvfk5gdvl8k
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:2a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
c4dccdd9ae25b64078e0c73f273de94f8894d5c99e4741645ece29aeefc9c5a4

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://search.squoter.com/v3/de/de/list/offer?source=prl&campaign=prl&subid=1ouvfk5gdvl8k
Origin
https://search.squoter.com

Response headers

Date
Fri, 05 Jun 2020 18:41:56 GMT
Content-Encoding
gzip
Last-Modified
Fri, 10 Apr 2020 15:24:08 GMT
Server
nginx
ETag
W/"5e908f98-15d95"
Vary
Accept-Encoding
X-HW
1591382516.dop057.fr8.shc,1591382516.dop057.fr8.t,1591382516.cds139.fr8.c
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
30880
logo-s-a.png
search.squoter.com/assets/offer_v1/img/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://search.squoter.com/assets/offer_v1/img/logo-s-a.png
Requested by
Host: search.squoter.com
URL: https://search.squoter.com/v3/de/de/list/offer?source=prl&campaign=prl&subid=1ouvfk5gdvl8k
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
176.119.28.52 , Ukraine, ASN30860 (YURTEH-AS, UA),
Reverse DNS
dedicated.vsys.host
Software
nginx/1.17.10 (Ubuntu) /
Resource Hash
bf60f4c5b1694084c6d7628a2c9bba14d5ce312341e9738ac109f71c3c6660b6

Request headers

Referer
https://search.squoter.com/v3/de/de/list/offer?source=prl&campaign=prl&subid=1ouvfk5gdvl8k
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 05 Jun 2020 18:41:56 GMT
Last-Modified
Mon, 18 May 2020 12:49:18 GMT
Server
nginx/1.17.10 (Ubuntu)
ETag
"5ec2844e-4c22"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
19490
tarjeta-amazon.png
search.squoter.com/assets/offer_v1/img/ 		187 KB
187 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://search.squoter.com/assets/offer_v1/img/tarjeta-amazon.png
Requested by
Host: search.squoter.com
URL: https://search.squoter.com/v3/de/de/list/offer?source=prl&campaign=prl&subid=1ouvfk5gdvl8k
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
176.119.28.52 , Ukraine, ASN30860 (YURTEH-AS, UA),
Reverse DNS
dedicated.vsys.host
Software
nginx/1.17.10 (Ubuntu) /
Resource Hash
0b493ac9fed4007a0d8d3759a8704e887b816d9ef96483b7b79b76e9c2e1255f

Request headers

Referer
https://search.squoter.com/v3/de/de/list/offer?source=prl&campaign=prl&subid=1ouvfk5gdvl8k
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 05 Jun 2020 18:41:56 GMT
Last-Modified
Mon, 18 May 2020 12:49:18 GMT
Server
nginx/1.17.10 (Ubuntu)
ETag
"5ec2844e-2ec6f"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
191599
superheroe5.png
search.squoter.com/assets/offer_v1/img/ 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://search.squoter.com/assets/offer_v1/img/superheroe5.png
Requested by
Host: search.squoter.com
URL: https://search.squoter.com/v3/de/de/list/offer?source=prl&campaign=prl&subid=1ouvfk5gdvl8k
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
176.119.28.52 , Ukraine, ASN30860 (YURTEH-AS, UA),
Reverse DNS
dedicated.vsys.host
Software
nginx/1.17.10 (Ubuntu) /
Resource Hash
fd04a4d27b86f72ef7bf7752366238a345d8fa79e52a94cf9156304411bbd91f

Request headers

Referer
https://search.squoter.com/v3/de/de/list/offer?source=prl&campaign=prl&subid=1ouvfk5gdvl8k
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 05 Jun 2020 18:41:56 GMT
Last-Modified
Mon, 18 May 2020 12:49:18 GMT
Server
nginx/1.17.10 (Ubuntu)
ETag
"5ec2844e-7e37"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
32311
superheroe6.png
search.squoter.com/assets/offer_v1/img/ 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://search.squoter.com/assets/offer_v1/img/superheroe6.png
Requested by
Host: search.squoter.com
URL: https://search.squoter.com/v3/de/de/list/offer?source=prl&campaign=prl&subid=1ouvfk5gdvl8k
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
176.119.28.52 , Ukraine, ASN30860 (YURTEH-AS, UA),
Reverse DNS
dedicated.vsys.host
Software
nginx/1.17.10 (Ubuntu) /
Resource Hash
b2e000626c37ba8ada46a777a7a99a88160f85c394070658049efc7ca6b5ae81

Request headers

Referer
https://search.squoter.com/v3/de/de/list/offer?source=prl&campaign=prl&subid=1ouvfk5gdvl8k
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 05 Jun 2020 18:41:56 GMT
Last-Modified
Mon, 18 May 2020 12:49:18 GMT
Server
nginx/1.17.10 (Ubuntu)
ETag
"5ec2844e-8e80"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
36480
010127.jpg
search.squoter.com/assets/offer_v1/img/slider/ 		549 KB
549 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://search.squoter.com/assets/offer_v1/img/slider/010127.jpg
Requested by
Host: search.squoter.com
URL: https://search.squoter.com/v3/de/de/list/offer?source=prl&campaign=prl&subid=1ouvfk5gdvl8k
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
176.119.28.52 , Ukraine, ASN30860 (YURTEH-AS, UA),
Reverse DNS
dedicated.vsys.host
Software
nginx/1.17.10 (Ubuntu) /
Resource Hash
8be34efd618896952878a3b3fced19990f9f1d73f832dd3fe8f3889f5518702c

Request headers

Referer
https://search.squoter.com/v3/de/de/list/offer?source=prl&campaign=prl&subid=1ouvfk5gdvl8k
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 05 Jun 2020 18:41:57 GMT
Last-Modified
Mon, 18 May 2020 12:49:18 GMT
Server
nginx/1.17.10 (Ubuntu)
ETag
"5ec2844e-89456"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
562262
000083.jpg
search.squoter.com/assets/offer_v1/img/slider/ 		574 KB
574 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://search.squoter.com/assets/offer_v1/img/slider/000083.jpg
Requested by
Host: search.squoter.com
URL: https://search.squoter.com/v3/de/de/list/offer?source=prl&campaign=prl&subid=1ouvfk5gdvl8k
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
176.119.28.52 , Ukraine, ASN30860 (YURTEH-AS, UA),
Reverse DNS
dedicated.vsys.host
Software
nginx/1.17.10 (Ubuntu) /
Resource Hash
3b1c0df398ef5d96de2083de4db4a38fcbc559f6d683ba49e269b22478c23f1f

Request headers

Referer
https://search.squoter.com/v3/de/de/list/offer?source=prl&campaign=prl&subid=1ouvfk5gdvl8k
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 05 Jun 2020 18:41:57 GMT
Last-Modified
Mon, 18 May 2020 12:49:18 GMT
Server
nginx/1.17.10 (Ubuntu)
ETag
"5ec2844e-8f832"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
587826
foto_01.jpg
search.squoter.com/assets/offer_v1/img/slider/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://search.squoter.com/assets/offer_v1/img/slider/foto_01.jpg
Requested by
Host: search.squoter.com
URL: https://search.squoter.com/v3/de/de/list/offer?source=prl&campaign=prl&subid=1ouvfk5gdvl8k
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
176.119.28.52 , Ukraine, ASN30860 (YURTEH-AS, UA),
Reverse DNS
dedicated.vsys.host
Software
nginx/1.17.10 (Ubuntu) /
Resource Hash
1c8ce75c6a2fe9c0b79253ea4e459d0a9669946d1deacb8296cf4874c51e5c83

Request headers

Referer
https://search.squoter.com/v3/de/de/list/offer?source=prl&campaign=prl&subid=1ouvfk5gdvl8k
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 05 Jun 2020 18:41:57 GMT
Last-Modified
Mon, 18 May 2020 12:49:18 GMT
Server
nginx/1.17.10 (Ubuntu)
ETag
"5ec2844e-3cc2"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
15554
gtm.js
www.googletagmanager.com/ 		67 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MNL5V5R
Requested by
Host: search.squoter.com
URL: https://search.squoter.com/v3/de/de/list/offer?source=prl&campaign=prl&subid=1ouvfk5gdvl8k
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2472e931ce527e2132db0aa30f02273d38008871317e00dba2b939b464e0e4d7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://search.squoter.com/v3/de/de/list/offer?source=prl&campaign=prl&subid=1ouvfk5gdvl8k
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 05 Jun 2020 18:41:56 GMT
content-encoding
br
vary
Accept-Encoding
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26540
x-xss-protection
0
last-modified
Fri, 05 Jun 2020 18:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 05 Jun 2020 18:41:56 GMT
logo_superquoter-amazon.jpg
search.squoter.com/assets/offer_v1/img/ 		260 KB
260 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://search.squoter.com/assets/offer_v1/img/logo_superquoter-amazon.jpg
Requested by
Host: search.squoter.com
URL: https://search.squoter.com/v3/de/de/list/offer?source=prl&campaign=prl&subid=1ouvfk5gdvl8k
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
176.119.28.52 , Ukraine, ASN30860 (YURTEH-AS, UA),
Reverse DNS
dedicated.vsys.host
Software
nginx/1.17.10 (Ubuntu) /
Resource Hash
9219d99a06a452c54c40095d25b89dffda6ab09213a39e89d225ff07232b2719

Request headers

Referer
https://search.squoter.com/assets/offer_v1/css/landing_v2.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 05 Jun 2020 18:41:57 GMT
Last-Modified
Mon, 18 May 2020 12:49:18 GMT
Server
nginx/1.17.10 (Ubuntu)
ETag
"5ec2844e-410d2"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
266450
truncated
/ 		536 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
922a5d643f1a8ff8a7f2fa33de4214faf11a68adfaf1acc7675780d1737b8a46

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
sq_fondo_am_03.jpg
search.squoter.com/assets/offer_v1/img/ 		118 KB
118 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://search.squoter.com/assets/offer_v1/img/sq_fondo_am_03.jpg
Requested by
Host: search.squoter.com
URL: https://search.squoter.com/v3/de/de/list/offer?source=prl&campaign=prl&subid=1ouvfk5gdvl8k
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
176.119.28.52 , Ukraine, ASN30860 (YURTEH-AS, UA),
Reverse DNS
dedicated.vsys.host
Software
nginx/1.17.10 (Ubuntu) /
Resource Hash
089896ff0eecf06fd8fdb682c7e58d44da7e33ebd5e1426cd87b03f7a0ac6929

Request headers

Referer
https://search.squoter.com/assets/offer_v1/css/modal.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 05 Jun 2020 18:41:57 GMT
Last-Modified
Mon, 18 May 2020 12:49:18 GMT
Server
nginx/1.17.10 (Ubuntu)
ETag
"5ec2844e-1d617"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
120343
k3kUo8kEI-tA1RRcTZGmTlHGCaen8wf-.woff2
fonts.gstatic.com/s/fredokaone/v7/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/fredokaone/v7/k3kUo8kEI-tA1RRcTZGmTlHGCaen8wf-.woff2
Requested by
Host: search.squoter.com
URL: https://search.squoter.com/v3/de/de/list/offer?source=prl&campaign=prl&subid=1ouvfk5gdvl8k
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92d8a6ee13c7e1df306a1ccfb7809c9ef0bd9117926b7195a7f54147cdad3e29
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Fredoka+One
Origin
https://search.squoter.com

Response headers

date
Mon, 18 May 2020 23:24:03 GMT
x-content-type-options
nosniff
last-modified
Tue, 16 Jul 2019 03:01:59 GMT
server
sffe
age
1538273
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15516
x-xss-protection
0
expires
Tue, 18 May 2021 23:24:03 GMT
analytics.js
www.google-analytics.com/ 		45 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MNL5V5R
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
2f1fd973e6c48489ae07c467e3278635b856c698d1f502e06af3ab555937deac
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://search.squoter.com/v3/de/de/list/offer?source=prl&campaign=prl&subid=1ouvfk5gdvl8k
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 30 Apr 2020 21:54:13 GMT
server
Golfe2
age
6337
date
Fri, 05 Jun 2020 16:56:19 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18433
expires
Fri, 05 Jun 2020 18:56:19 GMT
collect
www.google-analytics.com/r/ 		35 B
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j82&a=1266301675&t=pageview&_s=1&dl=https%3A%2F%2Fsearch.squoter.com%2Fv3%2Fde%2Fde%2Flist%2Foffer%3Fsource%3Dprl%26campaign%3Dprl%26subid%3D1ouvfk5gdvl8k&ul=en-us&de=UTF-8&dt=Finden%20Sie%20bei%20Superquoter%20alles%20was%20Sie%20suchen&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEAB~&jid=486823944&gjid=1358098700&cid=1702123328.1591382517&tid=UA-164814535-1&_gid=1539440471.1591382517&_r=1&gtm=2wg5r0MNL5V5R&z=995075250
Requested by
Host: search.squoter.com
URL: https://search.squoter.com/v3/de/de/list/offer?source=prl&campaign=prl&subid=1ouvfk5gdvl8k
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://search.squoter.com/v3/de/de/list/offer?source=prl&campaign=prl&subid=1ouvfk5gdvl8k
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jun 2020 18:41:56 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| $ function| jQuery object| dataLayer object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData

3 Cookies

Domain/Path Name / Value
.squoter.com/ Name: _gat_UA-164814535-1
Value: 1
.squoter.com/ Name: _gid
Value: GA1.2.1539440471.1591382517
.squoter.com/ Name: _ga
Value: GA1.2.1702123328.1591382517

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

code.jquery.com
fonts.googleapis.com
fonts.gstatic.com
fortunatedday.com
search.squoter.com
triumphantplace.com
www.google-analytics.com
www.googletagmanager.com
176.119.28.52
194.48.152.34
2001:4de0:ac19::1:b:2a
2606:4700:20::ac43:49eb
2a00:1450:4001:81c::2008
2a00:1450:4001:81d::200e
2a00:1450:4001:820::2003
2a00:1450:4001:821::200a
089896ff0eecf06fd8fdb682c7e58d44da7e33ebd5e1426cd87b03f7a0ac6929
0b493ac9fed4007a0d8d3759a8704e887b816d9ef96483b7b79b76e9c2e1255f
1c8ce75c6a2fe9c0b79253ea4e459d0a9669946d1deacb8296cf4874c51e5c83
2472e931ce527e2132db0aa30f02273d38008871317e00dba2b939b464e0e4d7
2f1fd973e6c48489ae07c467e3278635b856c698d1f502e06af3ab555937deac
3b1c0df398ef5d96de2083de4db4a38fcbc559f6d683ba49e269b22478c23f1f
5960fa6ab345042e2ee7a230f859e0ed9798fbc7744c93f6c436b3bb25ae3702
5ded0b4b366b8da956a22a7c4ab370b3e6b79d021ef990549dbc3a36102e718f
71b9d8b714cb0dcaf96eeb3d19f8b9fc734b3a770cf8c8eff9128141d13b2d01
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8be34efd618896952878a3b3fced19990f9f1d73f832dd3fe8f3889f5518702c
8c390be8f422e8f276785864b4246fb49a60112a6675848fc57f46a3247ee203
9219d99a06a452c54c40095d25b89dffda6ab09213a39e89d225ff07232b2719
922a5d643f1a8ff8a7f2fa33de4214faf11a68adfaf1acc7675780d1737b8a46
92d8a6ee13c7e1df306a1ccfb7809c9ef0bd9117926b7195a7f54147cdad3e29
9d9b0c6582ba120acaa1523e1464b7b9db77671fec84579b2f2919175181f782
b2e000626c37ba8ada46a777a7a99a88160f85c394070658049efc7ca6b5ae81
bd7e5e66fb5a635a2a2ce761c1435a1a35c98653268e9a16ae81de71b5bc0f78
bf60f4c5b1694084c6d7628a2c9bba14d5ce312341e9738ac109f71c3c6660b6
c4dccdd9ae25b64078e0c73f273de94f8894d5c99e4741645ece29aeefc9c5a4
fd04a4d27b86f72ef7bf7752366238a345d8fa79e52a94cf9156304411bbd91f