urlscan.io logo urlscan.io
SecurityTrails logo

dk.gainonlinediscount.com Open in urlscan Pro
2606:4700:30::681c:ca  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://poweroffr.com/?a=5706&c=25052&s1=&s2=direct&ckmguid=5a3d8a67-4afc-47d1-902f-f07a2f3d32d5
Effective URL: https://dk.gainonlinediscount.com/?br=acf258c&transaction_id=5e09e7a0fc7be60446c33333&info1=5db81c7ab6920d37d978a003&info2=5706&fi...
Submission: On December 30 via manual from DK
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 4 countries across 7 domains to perform 16 HTTP transactions. The main IP is 2606:4700:30::681c:ca, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is dk.gainonlinediscount.com.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on December 17th 2019. Valid for: 10 months.
This is the only time dk.gainonlinediscount.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 52.50.225.188 16509 (AMAZON-02)
1 35.241.7.124 15169 (GOOGLE)
10 2606:4700:30:... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2606:4700:30:... 13335 (CLOUDFLAR...)
1 2a03:2880:f01... 32934 (FACEBOOK)
16 6
1    52.50.225.188 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-50-225-188.eu-west-1.compute.amazonaws.com
poweroffr.com
1    35.241.7.124 (Ascension Island)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 124.7.241.35.bc.googleusercontent.com
trk.traffikflow.com
10    2606:4700:30::681c:ca (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
dk.gainonlinediscount.com
1    2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
ajax.googleapis.com
1    2606:4700::6812:e134 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
cdn.onesignal.com
2    2606:4700:30::681b:b27f (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
api.mdsyzz.com
1    2a03:2880:f01c:216:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
connect.facebook.net
Domain Requested by
10 dk.gainonlinediscount.com trk.traffikflow.com
dk.gainonlinediscount.com
2 api.mdsyzz.com dk.gainonlinediscount.com
api.mdsyzz.com
1 connect.facebook.net dk.gainonlinediscount.com
1 cdn.onesignal.com dk.gainonlinediscount.com
1 ajax.googleapis.com dk.gainonlinediscount.com
1 trk.traffikflow.com
1 poweroffr.com 1 redirects
16 7

This site contains no links.

Subject Issuer Validity Valid
trk.antrk10.tech
Let's Encrypt Authority X3		 2019-12-24 -
2020-03-23		 3 months crt.sh
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2		 2019-12-17 -
2020-10-09		 10 months crt.sh
*.storage.googleapis.com
GTS CA 1O1		 2019-12-03 -
2020-02-25		 3 months crt.sh
ssl898578.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2019-10-11 -
2020-04-18		 6 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2019-12-06 -
2020-03-05		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://dk.gainonlinediscount.com/?br=acf258c&transaction_id=5e09e7a0fc7be60446c33333&info1=5db81c7ab6920d37d978a003&info2=5706&firstname=&lastname=&address=&postcode=&city=&telephone=&email=
Frame ID: 3966884037164B36604CAFD224A3C479
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://poweroffr.com/?a=5706&c=25052&s1=&s2=direct&ckmguid=5a3d8a67-4afc-47d1-902f-f07a2f3d32d5 HTTP 302
    https://trk.traffikflow.com/5dfcb2f6b6920d7f873fca68?p1=24212-460866602&source=5706 Page URL
  2. https://dk.gainonlinediscount.com/?br=acf258c&transaction_id=5e09e7a0fc7be60446c33333&info1=5db81c7ab6920d37d9... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • headers via /^1\.1 google$/i
Overall confidence: 100%
Detected patterns
  • script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

16
Requests

100 %
HTTPS

71 %
IPv6

7
Domains

7
Subdomains

6
IPs

4
Countries

102 kB
Transfer

266 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://poweroffr.com/?a=5706&c=25052&s1=&s2=direct&ckmguid=5a3d8a67-4afc-47d1-902f-f07a2f3d32d5 HTTP 302
    https://trk.traffikflow.com/5dfcb2f6b6920d7f873fca68?p1=24212-460866602&source=5706 Page URL
  2. https://dk.gainonlinediscount.com/?br=acf258c&transaction_id=5e09e7a0fc7be60446c33333&info1=5db81c7ab6920d37d978a003&info2=5706&firstname=&lastname=&address=&postcode=&city=&telephone=&email= Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://poweroffr.com/?a=5706&c=25052&s1=&s2=direct&ckmguid=5a3d8a67-4afc-47d1-902f-f07a2f3d32d5 HTTP 302
  • https://trk.traffikflow.com/5dfcb2f6b6920d7f873fca68?p1=24212-460866602&source=5706

16 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
5dfcb2f6b6920d7f873fca68
trk.traffikflow.com/
Redirect Chain
  • https://poweroffr.com/?a=5706&c=25052&s1=&s2=direct&ckmguid=5a3d8a67-4afc-47d1-902f-f07a2f3d32d5
  • https://trk.traffikflow.com/5dfcb2f6b6920d7f873fca68?p1=24212-460866602&source=5706
604 B
803 B 		Document
General
Check archive.org
Download Go to
Full URL
https://trk.traffikflow.com/5dfcb2f6b6920d7f873fca68?p1=24212-460866602&source=5706
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.241.7.124 , Ascension Island, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
124.7.241.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
d875200ea2a2e82aed31acbaea33d98a62f4e185b80dc8c3f8318a36eb30df71

Request headers

:method
GET
:authority
trk.traffikflow.com
:scheme
https
:path
/5dfcb2f6b6920d7f873fca68?p1=24212-460866602&source=5706
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-user
?1
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
none
sec-fetch-mode
navigate
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-User
?1

Response headers

status
200
server
nginx
date
Mon, 30 Dec 2019 12:03:43 GMT
content-type
text/html
content-length
604
x-rt
0
set-cookie
__vnativetracking=d50e6419-4c54-4f4b-bb0d-3cded071562c; expires=Wed, 30 Dec 2020 12:03:44 GMT; path=/; HttpOnly
via
1.1 google
alt-svc
clear

Redirect headers

Cache-Control
private
Content-Length
204
Content-Type
text/html; charset=utf-8
Date
Mon, 30 Dec 2019 12:03:43 GMT
Location
https://trk.traffikflow.com/5dfcb2f6b6920d7f873fca68?p1=24212-460866602&source=5706
P3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie
sid=yYZW+Ls+j/SjOVtaXv3tYbgFw0Zfc+N1F+IkP/g4YNOKH9fdr3RmyA==; domain=.poweroffr.com; path=/; HttpOnly trk=KYB+s7bTiN2avhgpVWmdCbgFw0Zfc+N1F+IkP/g4YNOKH9fdr3RmyA==; domain=.poweroffr.com; expires=Mon, 30-Dec-2024 19:03:44 GMT; path=/; HttpOnly c24212=yYZW+Ls+j/QDofRcaJ/1lxJFSUygqMC3ZN/NCr9JVDKp9mkdNeEcxg==; domain=.poweroffr.com; expires=Wed, 29-Jan-2020 12:03:44 GMT; path=/; HttpOnly
Connection
close
Primary Request /
dk.gainonlinediscount.com/ 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://dk.gainonlinediscount.com/?br=acf258c&transaction_id=5e09e7a0fc7be60446c33333&info1=5db81c7ab6920d37d978a003&info2=5706&firstname=&lastname=&address=&postcode=&city=&telephone=&email=
Requested by
Host: trk.traffikflow.com
URL: https://trk.traffikflow.com/5dfcb2f6b6920d7f873fca68?p1=24212-460866602&source=5706
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681c:ca , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
a657b1e7190b012fad7a49540881b78a03fa8ed5a1b818ceca18ec77b5c6f419

Request headers

:method
GET
:authority
dk.gainonlinediscount.com
:scheme
https
:path
/?br=acf258c&transaction_id=5e09e7a0fc7be60446c33333&info1=5db81c7ab6920d37d978a003&info2=5706&firstname=&lastname=&address=&postcode=&city=&telephone=&email=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
navigate
referer
https://trk.traffikflow.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://trk.traffikflow.com/

Response headers

status
200
date
Mon, 30 Dec 2019 12:03:44 GMT
content-type
text/html;charset=UTF-8
set-cookie
__cfduid=dcdddf7e17b41e8ed6c0ed22db30a2f461577707424; expires=Wed, 29-Jan-20 12:03:44 GMT; path=/; domain=.gainonlinediscount.com; HttpOnly; SameSite=Lax; Secure tid=5e09e7a0fc7be60446c33333 pid=5db81c7ab6920d37d978a003 psid=5706
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
54d3df48ff07d6b1-FRA
content-encoding
br
luz_blank_ns.css
dk.gainonlinediscount.com/css/ 		9 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dk.gainonlinediscount.com/css/luz_blank_ns.css
Requested by
Host: dk.gainonlinediscount.com
URL: https://dk.gainonlinediscount.com/?br=acf258c&transaction_id=5e09e7a0fc7be60446c33333&info1=5db81c7ab6920d37d978a003&info2=5706&firstname=&lastname=&address=&postcode=&city=&telephone=&email=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681c:ca , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
6474f5a67ada40f796c70e05d822bfafd34459163ecbcf23c60078c67e1c935f

Request headers

Referer
https://dk.gainonlinediscount.com/?br=acf258c&transaction_id=5e09e7a0fc7be60446c33333&info1=5db81c7ab6920d37d978a003&info2=5706&firstname=&lastname=&address=&postcode=&city=&telephone=&email=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 30 Dec 2019 12:03:44 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 20 Dec 2019 09:32:50 GMT
server
cloudflare
age
3596
etag
W/"5dfc9542-25a2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=14400
cf-ray
54d3df4a29e6d6b1-FRA
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/2.1.3/ 		82 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/2.1.3/jquery.min.js
Requested by
Host: dk.gainonlinediscount.com
URL: https://dk.gainonlinediscount.com/?br=acf258c&transaction_id=5e09e7a0fc7be60446c33333&info1=5db81c7ab6920d37d978a003&info2=5706&firstname=&lastname=&address=&postcode=&city=&telephone=&email=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
8af93bd675e1cfd9ecc850e862819fdac6e3ad1f5d761f970e409c7d9c63bdc3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dk.gainonlinediscount.com/?br=acf258c&transaction_id=5e09e7a0fc7be60446c33333&info1=5db81c7ab6920d37d978a003&info2=5706&firstname=&lastname=&address=&postcode=&city=&telephone=&email=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 20 Nov 2019 05:08:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3480930
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
29707
x-xss-protection
0
last-modified
Tue, 20 Dec 2016 18:17:03 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 19 Nov 2020 05:08:14 GMT
OneSignalSDK.js
cdn.onesignal.com/sdks/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by
Host: dk.gainonlinediscount.com
URL: https://dk.gainonlinediscount.com/?br=acf258c&transaction_id=5e09e7a0fc7be60446c33333&info1=5db81c7ab6920d37d978a003&info2=5706&firstname=&lastname=&address=&postcode=&city=&telephone=&email=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
b0b41ead7d73c51545a6b97022fdf4a60c64d4910136516f2f8832d2f11d7bed

Request headers

Referer
https://dk.gainonlinediscount.com/?br=acf258c&transaction_id=5e09e7a0fc7be60446c33333&info1=5db81c7ab6920d37d978a003&info2=5706&firstname=&lastname=&address=&postcode=&city=&telephone=&email=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 30 Dec 2019 12:03:44 GMT
content-encoding
gzip
cf-cache-status
HIT
server
cloudflare
age
392
etag
W/"2a5de8dd720175aa229445a5937a6c43"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=43200
cf-ray
54d3df4a2de3bf00-FRA
expires
Tue, 31 Dec 2019 00:03:44 GMT
auto-push.min.js
api.mdsyzz.com/ 		1 KB
934 B 		Script
General
Check archive.org
Download Go to
Full URL
https://api.mdsyzz.com/auto-push.min.js
Requested by
Host: dk.gainonlinediscount.com
URL: https://dk.gainonlinediscount.com/?br=acf258c&transaction_id=5e09e7a0fc7be60446c33333&info1=5db81c7ab6920d37d978a003&info2=5706&firstname=&lastname=&address=&postcode=&city=&telephone=&email=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681b:b27f , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
a57928af2b1bd47b7eb48b6767eda88d3bc86a2bfc3039a6552d0e1f07081630

Request headers

Referer
https://dk.gainonlinediscount.com/?br=acf258c&transaction_id=5e09e7a0fc7be60446c33333&info1=5db81c7ab6920d37d978a003&info2=5706&firstname=&lastname=&address=&postcode=&city=&telephone=&email=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 30 Dec 2019 12:03:44 GMT
content-encoding
br
etag
W/"df3067299eaad51:0"
cf-cache-status
HIT
last-modified
Wed, 04 Dec 2019 12:27:15 GMT
server
cloudflare
age
5325
x-powered-by
ASP.NET
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=1800
cf-ray
54d3df4a4ee9d729-FRA
access-control-allow-origin
*
ico-005-green.png
dk.gainonlinediscount.com/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dk.gainonlinediscount.com/images/ico-005-green.png
Requested by
Host: dk.gainonlinediscount.com
URL: https://dk.gainonlinediscount.com/?br=acf258c&transaction_id=5e09e7a0fc7be60446c33333&info1=5db81c7ab6920d37d978a003&info2=5706&firstname=&lastname=&address=&postcode=&city=&telephone=&email=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681c:ca , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
57680f0e91bb6634a16cf3122a0de33e75ac21eb2582417a2a7d5e83bc542139

Request headers

Referer
https://dk.gainonlinediscount.com/?br=acf258c&transaction_id=5e09e7a0fc7be60446c33333&info1=5db81c7ab6920d37d978a003&info2=5706&firstname=&lastname=&address=&postcode=&city=&telephone=&email=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 30 Dec 2019 12:03:44 GMT
cf-cache-status
HIT
last-modified
Thu, 12 Dec 2019 16:10:56 GMT
server
cloudflare
age
3596
etag
"5df26690-4a4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
54d3df4a29ead6b1-FRA
content-length
1188
ico-006.png
dk.gainonlinediscount.com/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dk.gainonlinediscount.com/images/ico-006.png
Requested by
Host: dk.gainonlinediscount.com
URL: https://dk.gainonlinediscount.com/?br=acf258c&transaction_id=5e09e7a0fc7be60446c33333&info1=5db81c7ab6920d37d978a003&info2=5706&firstname=&lastname=&address=&postcode=&city=&telephone=&email=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681c:ca , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
16e91cc325f0748b0b5b53cf66ff0297421861b8bfaf61f2babe63dfa726d474

Request headers

Referer
https://dk.gainonlinediscount.com/?br=acf258c&transaction_id=5e09e7a0fc7be60446c33333&info1=5db81c7ab6920d37d978a003&info2=5706&firstname=&lastname=&address=&postcode=&city=&telephone=&email=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 30 Dec 2019 12:03:44 GMT
cf-cache-status
HIT
last-modified
Thu, 12 Dec 2019 11:52:28 GMT
server
cloudflare
age
3596
etag
"5df229fc-5de"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
54d3df4a29ecd6b1-FRA
content-length
1502
ico-007.png
dk.gainonlinediscount.com/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dk.gainonlinediscount.com/images/ico-007.png
Requested by
Host: dk.gainonlinediscount.com
URL: https://dk.gainonlinediscount.com/?br=acf258c&transaction_id=5e09e7a0fc7be60446c33333&info1=5db81c7ab6920d37d978a003&info2=5706&firstname=&lastname=&address=&postcode=&city=&telephone=&email=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681c:ca , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
347b3b4db0a6d5f693bf6a50c3d9fb5308f20309a621c506ccc3a3663c73af9f

Request headers

Referer
https://dk.gainonlinediscount.com/?br=acf258c&transaction_id=5e09e7a0fc7be60446c33333&info1=5db81c7ab6920d37d978a003&info2=5706&firstname=&lastname=&address=&postcode=&city=&telephone=&email=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 30 Dec 2019 12:03:44 GMT
cf-cache-status
HIT
last-modified
Thu, 12 Dec 2019 11:52:28 GMT
server
cloudflare
age
3596
etag
"5df229fc-517"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
54d3df4a3a1ad6b1-FRA
content-length
1303
ico-lock-001.png
dk.gainonlinediscount.com/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dk.gainonlinediscount.com/images/ico-lock-001.png
Requested by
Host: dk.gainonlinediscount.com
URL: https://dk.gainonlinediscount.com/?br=acf258c&transaction_id=5e09e7a0fc7be60446c33333&info1=5db81c7ab6920d37d978a003&info2=5706&firstname=&lastname=&address=&postcode=&city=&telephone=&email=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681c:ca , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
b0e939227323fc87b6ed375b01df1475b3ccfb38e171d62e747f3bf0f03d439d

Request headers

Referer
https://dk.gainonlinediscount.com/?br=acf258c&transaction_id=5e09e7a0fc7be60446c33333&info1=5db81c7ab6920d37d978a003&info2=5706&firstname=&lastname=&address=&postcode=&city=&telephone=&email=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 30 Dec 2019 12:03:44 GMT
cf-cache-status
HIT
last-modified
Thu, 12 Dec 2019 11:52:28 GMT
server
cloudflare
age
3596
etag
"5df229fc-71c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
54d3df4a3a1dd6b1-FRA
content-length
1820
img-secure-001.png
dk.gainonlinediscount.com/images/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dk.gainonlinediscount.com/images/img-secure-001.png
Requested by
Host: dk.gainonlinediscount.com
URL: https://dk.gainonlinediscount.com/?br=acf258c&transaction_id=5e09e7a0fc7be60446c33333&info1=5db81c7ab6920d37d978a003&info2=5706&firstname=&lastname=&address=&postcode=&city=&telephone=&email=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681c:ca , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
71281cc06f09c72fc2eebddf474d8df2e5d93cf5d166e5c356931d5f38902d34

Request headers

Referer
https://dk.gainonlinediscount.com/?br=acf258c&transaction_id=5e09e7a0fc7be60446c33333&info1=5db81c7ab6920d37d978a003&info2=5706&firstname=&lastname=&address=&postcode=&city=&telephone=&email=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 30 Dec 2019 12:03:44 GMT
cf-cache-status
HIT
last-modified
Thu, 12 Dec 2019 11:52:28 GMT
server
cloudflare
age
3596
etag
"5df229fc-1205"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
54d3df4a4a4ed6b1-FRA
content-length
4613
img-secure-002.png
dk.gainonlinediscount.com/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dk.gainonlinediscount.com/images/img-secure-002.png
Requested by
Host: dk.gainonlinediscount.com
URL: https://dk.gainonlinediscount.com/?br=acf258c&transaction_id=5e09e7a0fc7be60446c33333&info1=5db81c7ab6920d37d978a003&info2=5706&firstname=&lastname=&address=&postcode=&city=&telephone=&email=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681c:ca , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
c59929931be8943b71586f06dd32e83f3b13726fc92d6ef6c44a97299a2686af

Request headers

Referer
https://dk.gainonlinediscount.com/?br=acf258c&transaction_id=5e09e7a0fc7be60446c33333&info1=5db81c7ab6920d37d978a003&info2=5706&firstname=&lastname=&address=&postcode=&city=&telephone=&email=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 30 Dec 2019 12:03:44 GMT
cf-cache-status
HIT
last-modified
Thu, 12 Dec 2019 11:52:28 GMT
server
cloudflare
age
3596
etag
"5df229fc-ed9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
54d3df4a5a71d6b1-FRA
content-length
3801
img-secure-003.png
dk.gainonlinediscount.com/images/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dk.gainonlinediscount.com/images/img-secure-003.png
Requested by
Host: dk.gainonlinediscount.com
URL: https://dk.gainonlinediscount.com/?br=acf258c&transaction_id=5e09e7a0fc7be60446c33333&info1=5db81c7ab6920d37d978a003&info2=5706&firstname=&lastname=&address=&postcode=&city=&telephone=&email=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681c:ca , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
32ae6f8bf2095b42f39b4714115865a453617428736198c1de0bb52560c5e9cb

Request headers

Referer
https://dk.gainonlinediscount.com/?br=acf258c&transaction_id=5e09e7a0fc7be60446c33333&info1=5db81c7ab6920d37d978a003&info2=5706&firstname=&lastname=&address=&postcode=&city=&telephone=&email=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 30 Dec 2019 12:03:44 GMT
cf-cache-status
HIT
last-modified
Thu, 12 Dec 2019 11:52:28 GMT
server
cloudflare
age
3596
etag
"5df229fc-1574"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
54d3df4a5a73d6b1-FRA
content-length
5492
cards.png
dk.gainonlinediscount.com/images/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dk.gainonlinediscount.com/images/cards.png
Requested by
Host: dk.gainonlinediscount.com
URL: https://dk.gainonlinediscount.com/?br=acf258c&transaction_id=5e09e7a0fc7be60446c33333&info1=5db81c7ab6920d37d978a003&info2=5706&firstname=&lastname=&address=&postcode=&city=&telephone=&email=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681c:ca , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
8283001fa2b1e4648d502d67249b0f7f5acf4ed235c7015f431fad02a5bebf7d

Request headers

Referer
https://dk.gainonlinediscount.com/?br=acf258c&transaction_id=5e09e7a0fc7be60446c33333&info1=5db81c7ab6920d37d978a003&info2=5706&firstname=&lastname=&address=&postcode=&city=&telephone=&email=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 30 Dec 2019 12:03:44 GMT
cf-cache-status
HIT
last-modified
Thu, 12 Dec 2019 11:52:28 GMT
server
cloudflare
age
3596
etag
"5df229fc-37c4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
54d3df4a5a74d6b1-FRA
content-length
14276
fbevents.js
connect.facebook.net/en_US/ 		126 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: dk.gainonlinediscount.com
URL: https://dk.gainonlinediscount.com/?br=acf258c&transaction_id=5e09e7a0fc7be60446c33333&info1=5db81c7ab6920d37d978a003&info2=5706&firstname=&lastname=&address=&postcode=&city=&telephone=&email=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
1ada5b4d0b63b06d2bd668cd7d6597689796da41a434a675cfdbd2a1bddf251a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://dk.gainonlinediscount.com/?br=acf258c&transaction_id=5e09e7a0fc7be60446c33333&info1=5db81c7ab6920d37d978a003&info2=5706&firstname=&lastname=&address=&postcode=&city=&telephone=&email=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-24=":443"; ma=3600
content-length
30426
x-xss-protection
0
pragma
public
x-fb-debug
4MZQ7niGAC/APGHT+ju2LCQ0xhnENs+kwJSvkmzdOzIR8v5qVrFQpZZczvDv9PcLq4E1Lm8Zzv3GBrb7f0padQ==
x-fb-trip-id
1850256238
date
Mon, 30 Dec 2019 12:03:44 GMT
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
36484b16-6271-44dc-94ef-ef9060a3a7f0
api.mdsyzz.com/rest/v1/p-apps/get-id/ 		36 B
438 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.mdsyzz.com/rest/v1/p-apps/get-id/36484b16-6271-44dc-94ef-ef9060a3a7f0?url=https://dk.gainonlinediscount.com
Requested by
Host: api.mdsyzz.com
URL: https://api.mdsyzz.com/auto-push.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681b:b27f , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
18a4e2e7726e17e8dc58d6d8ba96b49fc2d75059d062603418fbb75d26a89c78

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://dk.gainonlinediscount.com/?br=acf258c&transaction_id=5e09e7a0fc7be60446c33333&info1=5db81c7ab6920d37d978a003&info2=5706&firstname=&lastname=&address=&postcode=&city=&telephone=&email=
Origin
https://dk.gainonlinediscount.com

Response headers

pragma
no-cache
date
Mon, 30 Dec 2019 12:03:44 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
x-aspnet-version
4.0.30319
status
200
x-powered-by
ASP.NET
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache
cf-ray
54d3df4a7e04c2a4-FRA
expires
-1

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| $ function| jQuery function| fbq function| _fbq object| OneSignal function| InitializePush function| httpGetAsync function| getUrlVars function| getUrlParam

4 Cookies

Domain/Path Name / Value
dk.gainonlinediscount.com/ Name: psid
Value: 5706
dk.gainonlinediscount.com/ Name: pid
Value: 5db81c7ab6920d37d978a003
dk.gainonlinediscount.com/ Name: tid
Value: 5e09e7a0fc7be60446c33333
.gainonlinediscount.com/ Name: __cfduid
Value: dcdddf7e17b41e8ed6c0ed22db30a2f461577707424

2 Console Messages

Source Level URL
Text
console-api log URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js(Line 1)
Message:
OneSignal: Using fallback ES5 Stub for backwards compatibility.
console-api warning URL: https://connect.facebook.net/en_US/fbevents.js(Line 23)
Message:
[Facebook Pixel] - Invalid PixelID: null.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
api.mdsyzz.com
cdn.onesignal.com
connect.facebook.net
dk.gainonlinediscount.com
poweroffr.com
trk.traffikflow.com
2606:4700:30::681b:b27f
2606:4700:30::681c:ca
2606:4700::6812:e134
2a00:1450:4001:808::200a
2a03:2880:f01c:216:face:b00c:0:3
35.241.7.124
52.50.225.188
16e91cc325f0748b0b5b53cf66ff0297421861b8bfaf61f2babe63dfa726d474
18a4e2e7726e17e8dc58d6d8ba96b49fc2d75059d062603418fbb75d26a89c78
1ada5b4d0b63b06d2bd668cd7d6597689796da41a434a675cfdbd2a1bddf251a
32ae6f8bf2095b42f39b4714115865a453617428736198c1de0bb52560c5e9cb
347b3b4db0a6d5f693bf6a50c3d9fb5308f20309a621c506ccc3a3663c73af9f
57680f0e91bb6634a16cf3122a0de33e75ac21eb2582417a2a7d5e83bc542139
6474f5a67ada40f796c70e05d822bfafd34459163ecbcf23c60078c67e1c935f
71281cc06f09c72fc2eebddf474d8df2e5d93cf5d166e5c356931d5f38902d34
8283001fa2b1e4648d502d67249b0f7f5acf4ed235c7015f431fad02a5bebf7d
8af93bd675e1cfd9ecc850e862819fdac6e3ad1f5d761f970e409c7d9c63bdc3
a57928af2b1bd47b7eb48b6767eda88d3bc86a2bfc3039a6552d0e1f07081630
a657b1e7190b012fad7a49540881b78a03fa8ed5a1b818ceca18ec77b5c6f419
b0b41ead7d73c51545a6b97022fdf4a60c64d4910136516f2f8832d2f11d7bed
b0e939227323fc87b6ed375b01df1475b3ccfb38e171d62e747f3bf0f03d439d
c59929931be8943b71586f06dd32e83f3b13726fc92d6ef6c44a97299a2686af
d875200ea2a2e82aed31acbaea33d98a62f4e185b80dc8c3f8318a36eb30df71