maxoffernow.com Open in urlscan Pro
2a06:98c1:3120::3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://email.read.easyprofit-trader.com/c/eJxtksuOpiAQhZ_m_3djuAmycDGT7s68BggIiigXRX36sWczm0kqqVRVvpPUydE9pBRiBEHXvlWvDTX67XoEEAIdIoACAk...
Effective URL:
https://maxoffernow.com/dly1st/?hitid=wo50j56h4g2p2phii5k4og7c&qze=3&aff_sub=HD74&aff_sub2=_EPMG_DAILY_EN-MGN-01_A&aff_s...
Submission: On August 24 via manual (August 24th 2022, 9:26:00 am UTC) from FR — Scanned from FR

Summary HTTP 31 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 3 countries across 5 domains to perform 31 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is maxoffernow.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on March 1st 2022. Valid for: a year.

This is the only time maxoffernow.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	35.156.59.49 35.156.59.49	16509 (AMAZON-02) (AMAZON-02)
1 1	5.79.106.181 5.79.106.181	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1 1	18.195.174.160 18.195.174.160	16509 (AMAZON-02) (AMAZON-02)
6	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
31	2

1 35.156.59.49 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-59-49.eu-central-1.compute.amazonaws.com

email.read.easyprofit-trader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 5.79.106.181 (Netherlands) 1 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

tr.easyprofit-trader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.195.174.160 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-174-160.eu-central-1.compute.amazonaws.com

went.foffers.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

maxoffernow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	maxoffernow.com maxoffernow.com	126 KB
2	easyprofit-trader.com 2 redirects email.read.easyprofit-trader.com tr.easyprofit-trader.com	1 KB
1	foffers.xyz 1 redirects went.foffers.xyz	700 B
0	xr117.xyz Failed in.xr117.xyz Failed
0	b-cdn.net Failed static-133.b-cdn.net Failed
31	5

	Domain	Requested by
6	maxoffernow.com	maxoffernow.com
1	went.foffers.xyz	1 redirects
1	tr.easyprofit-trader.com	1 redirects
1	email.read.easyprofit-trader.com	1 redirects
0	in.xr117.xyz Failed	maxoffernow.com
0	static-133.b-cdn.net Failed	maxoffernow.com
31	6

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-03-01` - `2023-02-28`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://maxoffernow.com/dly1st/?hitid=wo50j56h4g2p2phii5k4og7c&qze=3&aff_sub=HD74&aff_sub2=_EPMG_DAILY_EN-MGN-01_A&aff_sub3=63033a46470264002a69fda0&aff_sub4=EPMG&aff_sub5=&tpsiteid=24220&source=HD
Frame ID: F87235FDB821D99C509BAE26718BD90E
Requests: 31 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://email.read.easyprofit-trader.com/c/eJxtksuOpiAQhZ_m_3djuAmycDGT7s68BggIiigXRX36sWczm0kqqVRVvpPUydE9pBRiBEHXvl... HTTP 302
http://tr.easyprofit-trader.com/?xtl=2u0bkosfqsw7jhmpuafx57930ydhjyb8bzcoznkrr2g7saqfnjsw1etit4ih459kw2vjxp9... HTTP 302
https://went.foffers.xyz/db5e64e1-6307-421c-8d4e-c7897fcdaa7d?SID=EPMG&UID=A&EID=EN-MGN-01&DPID=HD74&... HTTP 302
https://maxoffernow.com/dly1st/?hitid=wo50j56h4g2p2phii5k4og7c&qze=3&aff_sub=HD74&aff_sub2=_EPMG_DAI... Page URL

Page Statistics

31
Requests

19 %
HTTPS

25 %
IPv6

5
Domains

6
Subdomains

2
IPs

3
Countries

126 kB
Transfer

463 kB
Size

4
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://email.read.easyprofit-trader.com/c/eJxtksuOpiAQhZ_m_3djuAmycDGT7s68BggIiigXRX36sWczm0kqqVRVvpPUydE9pBRiBEHXvlWvDTX67XoEEAIdIoACAkkDm1-fFLc_u0_09UF_UfT5IiBpoRot8rWl1bjyoyShdGqGdXnbHjOjIEVYYsWh4oopBpVWwyAoHADm76VnCHWY8rfvbSnbC_98oa-nSvq_6PcVf53Fv_AH2oGc12xirmyyy7YLc7aMY3ApO12yk_ew3mFOCY0si2jClCvUxRXiLGn5XNExnRv3Mxm6Y6zxzoDYXC8rfQt5tUxlM0Kzdnmpt68maB7UTnxKQd7z5FrAOmi5jaPifPa5DMbUnU_gXt212ZYbZYHNZR6YpPYELqSRj_mSvvJN5AHMB2FT51Dyd7EAy3AtOYIAjiENYFHGUGrcKVa1tO1MkUsm7se8tWdu_XHUXEkHt3VA1zg_b-WynAkRyWdHblLQMrdspSiGa1uYdHVhZQtR3MjjKkZJw_lAe4uEn655OHddXYynuqNZxRggfiGqnf32eZs85lcXlLMCLZFqfx1MXiCQ7NfoRj0bJZOONq_7Feu9q4fNu3zGNOhH4fcHI89qzzo59cwUA4wFoYQBRAkASNDHLAG-sX_MO_VSh9WVxjdeGy2PpJ_EybBtIjkp8t-Ulf5sksV6BQ0qd9fEjhW7_20Dbuw1HmFp6A3z2LQaSdHAgSx_AIikAEI HTTP 302
http://tr.easyprofit-trader.com/?xtl=2u0bkosfqsw7jhmpuafx57930ydhjyb8bzcoznkrr2g7saqfnjsw1etit4ih459kw2vjxp9lk4c8vgwqzs04hswyhbl519wh7dsfg1fo8smwzlwfne9ndu4lrrnbzkji50781h9hqgd99klstcffwu9j0zoiyph59fdh0hstkc7b6hx0inrg9gsyblw9pasc0kv47j8i2rlzth03bnymsq0n0vcrc0mdff66fixaodm55k62irfquvkp5xs5lvvwsw481poc2ygketistmxr24b9ki4z4t2mk57o62qnypm7biwm7tpnqaz2l3wagb6nxetiu52aljykcxuewiqqxdzqfoagn13&eih=2pjl39y8ndiha2mq6elyv7by0n4sloqigekfdbreqhsouyqwzud&subsource=HD74&userid=63033a46470264002a69fda0&source=HD HTTP 302
https://went.foffers.xyz/db5e64e1-6307-421c-8d4e-c7897fcdaa7d?SID=EPMG&UID=A&EID=EN-MGN-01&DPID=HD74&Date=240822&USER=63033a46470264002a69fda0&CT=FOMO&CID=1585922115&SI=HD HTTP 302
https://maxoffernow.com/dly1st/?hitid=wo50j56h4g2p2phii5k4og7c&qze=3&aff_sub=HD74&aff_sub2=_EPMG_DAILY_EN-MGN-01_A&aff_sub3=63033a46470264002a69fda0&aff_sub4=EPMG&aff_sub5=&tpsiteid=24220&source=HD Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

31 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
maxoffernow.com/dly1st/
Redirect Chain

http://email.read.easyprofit-trader.com/c/eJxtksuOpiAQhZ_m_3djuAmycDGT7s68BggIiigXRX36sWczm0kqqVRVvpPUydE9pBRiBEHXvlWvDTX67XoEEAIdIoACAkkDm1-fFLc_u0_09UF_UfT5IiBpoRot8rWl1bjyoyShdGqGdXnbHjOjIEVYYsW...
http://tr.easyprofit-trader.com/?xtl=2u0bkosfqsw7jhmpuafx57930ydhjyb8bzcoznkrr2g7saqfnjsw1etit4ih459kw2vjxp9lk4c8vgwqzs04hswyhbl519wh7dsfg1fo8smwzlwfne9ndu4lrrnbzkji50781h9hqgd99klstcffwu9j0zoiyph5...
https://went.foffers.xyz/db5e64e1-6307-421c-8d4e-c7897fcdaa7d?SID=EPMG&UID=A&EID=EN-MGN-01&DPID=HD74&Date=240822&USER=63033a46470264002a69fda0&CT=FOMO&CID=1585922115&SI=HD
https://maxoffernow.com/dly1st/?hitid=wo50j56h4g2p2phii5k4og7c&qze=3&aff_sub=HD74&aff_sub2=_EPMG_DAILY_EN-MGN-01_A&aff_sub3=63033a46470264002a69fda0&aff_sub4=EPMG&aff_sub5=&tpsiteid=24220&source=HD

32 KB
9 KB

618ms
559ms

Document
text/html

2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxoffernow.com/dly1st/?hitid=wo50j56h4g2p2phii5k4og7c&qze=3&aff_sub=HD74&aff_sub2=_EPMG_DAILY_EN-MGN-01_A&aff_sub3=63033a46470264002a69fda0&aff_sub4=EPMG&aff_sub5=&tpsiteid=24220&source=HD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9048fc1a767ca3a78c2635a32c41b254fc280ad15ca38dd6edeb9e37ed26da98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 73fb0a3dbb97d367-CDG
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 24 Aug 2022 09:25:20 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1ot9RmHEEherqZZ9RhTlnosVf4Lj6qUwjftIEx4UKaqJFPhpnYx2OjOe1GozD78BNpJ2Gu%2FfyumbS%2BRRNiMtxnhtprmv2q%2BwjHxzJVNT8CKgMf1BaTqhOikeJyV7o%2F7tL6wvqzWXF8uB68f3dmI%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff
x-proc: 2
x-xss-protection: 1; mode=block

Redirect headers

cache-control: no-store, no-cache, pre-check=0, post-check=0
content-length: 0
date: Wed, 24 Aug 2022 09:25:19 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://maxoffernow.com/dly1st/?hitid=wo50j56h4g2p2phii5k4og7c&qze=3&aff_sub=HD74&aff_sub2=_EPMG_DAILY_EN-MGN-01_A&aff_sub3=63033a46470264002a69fda0&aff_sub4=EPMG&aff_sub5=&tpsiteid=24220&source=HD
pragma: no-cache
server: nginx

GET
H2 200 forms.css
maxoffernow.com/css/ 21 KB
3 KB 30ms
28ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxoffernow.com/css/forms.css?id=511783c011c7455f70db

Requested by

Host: maxoffernow.com
URL: https://maxoffernow.com/dly1st/?hitid=wo50j56h4g2p2phii5k4og7c&qze=3&aff_sub=HD74&aff_sub2=_EPMG_DAILY_EN-MGN-01_A&aff_sub3=63033a46470264002a69fda0&aff_sub4=EPMG&aff_sub5=&tpsiteid=24220&source=HD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

32bc668db7376f0ad0b1fbbc8c97d75952dbd4f5df0b1be683ddc21dec3aff8c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://maxoffernow.com/dly1st/?hitid=wo50j56h4g2p2phii5k4og7c&qze=3&aff_sub=HD74&aff_sub2=_EPMG_DAILY_EN-MGN-01_A&aff_sub3=63033a46470264002a69fda0&aff_sub4=EPMG&aff_sub5=&tpsiteid=24220&source=HD
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 09:25:20 GMT
x-proc: 3
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4139
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Thu, 18 Aug 2022 22:36:01 GMT
server: cloudflare
etag: W/"62febed1-5273"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wNwcZtkz%2BE4Lta4IPl%2F32m2jdqxj02d4BXeP9Ra5%2FxbFA61CXRXsQsFJfRcj7ZFFp9RGzmPi2%2Fn4JoaPzy1PXcOKyQzTzPE7VbOSvduhaJym6%2BpiH%2FqbtgifQr1qkCtNOogfe15%2B0yQkvQUwPRQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 73fb0a414cbbd367-CDG

GET
H2 200 flow.css
maxoffernow.com/css/ 385 B
519 B 28ms
27ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxoffernow.com/css/flow.css?id=1a2dada5ba76c1b29ae1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

df456c4794989b11dda8d76813cbf505b2707048f4cc89d7db15956779ca3fb0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://maxoffernow.com/dly1st/?hitid=wo50j56h4g2p2phii5k4og7c&qze=3&aff_sub=HD74&aff_sub2=_EPMG_DAILY_EN-MGN-01_A&aff_sub3=63033a46470264002a69fda0&aff_sub4=EPMG&aff_sub5=&tpsiteid=24220&source=HD
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 09:25:20 GMT
x-proc: 2
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4139
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Thu, 18 Aug 2022 22:35:49 GMT
server: cloudflare
etag: W/"62febec5-181"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ga%2Bu7kssR%2BjntoXwr48gniVC4oB83nF2yMyRe2RSlgzMpMLtPxpD9hvzELT4LVGPT71%2BS5xGNmWW4Ff1o1Tp3cdZ88A5oXgzQ3ep4yE2H7nOwseqMpHCmQza8hjOUl4dop7dHb8yJDOrvEZMkiw%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 73fb0a414cbdd367-CDG

GET funnel.css
static-133.b-cdn.net/17444/build/ 0
0

GET logo.png
static-133.b-cdn.net/17444/images/ 0
0

GET video-image.webp
static-133.b-cdn.net/17444/images/ 0
0

GET play-icon.png
static-133.b-cdn.net/17444/images/ 0
0

GET top-arrow.png
static-133.b-cdn.net/17444/images/ 0
0

GET check-icon.png
maxoffernow.com/images/ 0
0

GET safe.png
static-133.b-cdn.net/17444/images/ 0
0

GET bg-arrow.png
static-133.b-cdn.net/17444/images/ 0
0

GET check-icon.png
static-133.b-cdn.net/17444/images/ 0
0

GET spots-arrow.png
static-133.b-cdn.net/17444/images/ 0
0

GET john.jpg
static-133.b-cdn.net/17444/images/ 0
0

GET john-sign.png
static-133.b-cdn.net/17444/images/ 0
0

GET social-callback-title.png
static-133.b-cdn.net/17444/images/ 0
0

GET facebook.png
static-133.b-cdn.net/17444/images/ 0
0

GET twitter.png
static-133.b-cdn.net/17444/images/ 0
0

GET features-title.png
static-133.b-cdn.net/17444/images/ 0
0

GET feature1.png
static-133.b-cdn.net/17444/images/ 0
0

GET feature2.png
static-133.b-cdn.net/17444/images/ 0
0

GET feature3.png
static-133.b-cdn.net/17444/images/ 0
0

GET feature4.png
static-133.b-cdn.net/17444/images/ 0
0

GET faq-title.png
static-133.b-cdn.net/17444/images/ 0
0

GET faq-list-title-bg.png
static-133.b-cdn.net/17444/images/ 0
0

GET sad-face.svg
maxoffernow.com/media/ 0
0

GET
H3 200 email-decode.min.js Show response
maxoffernow.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 24ms
24ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxoffernow.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://maxoffernow.com/dly1st/?hitid=wo50j56h4g2p2phii5k4og7c&qze=3&aff_sub=HD74&aff_sub2=_EPMG_DAILY_EN-MGN-01_A&aff_sub3=63033a46470264002a69fda0&aff_sub4=EPMG&aff_sub5=&tpsiteid=24220&source=HD
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 09:25:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 19 Aug 2022 16:11:23 GMT
server: cloudflare
etag: W/"62ffb62b-4d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DR6vbMOmhtXgaZ2Ja0kiN8f3LOj0DEh%2Brwq2jzymfAu6msJMeV5FHYLGQ35SmE4U4joVlpwUM5CbXlyqcs1%2FSMTwg4ID76D%2FNMpCi%2B%2BBeoZkQZVKA0vSQA5fvSJsgPENyvtlXK8YXlyLGT7Kpjk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 73fb0a417b10d393-CDG
vary: Accept-Encoding
expires: Fri, 26 Aug 2022 09:25:20 GMT

GET
H3 200 redirect.js Show response
maxoffernow.com/js/ 3 KB
2 KB 44ms
44ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxoffernow.com/js/redirect.js?id=bd8708e91008076c9ff9

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0979e653bf7370685f5d0ec7448e28d33f46754d5411cf5a7cd3df6ecafc1a35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://maxoffernow.com/dly1st/?hitid=wo50j56h4g2p2phii5k4og7c&qze=3&aff_sub=HD74&aff_sub2=_EPMG_DAILY_EN-MGN-01_A&aff_sub3=63033a46470264002a69fda0&aff_sub4=EPMG&aff_sub5=&tpsiteid=24220&source=HD
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 09:25:20 GMT
x-proc: 1
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4138
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Thu, 18 Aug 2022 22:36:12 GMT
server: cloudflare
etag: W/"62febedc-a50"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MJr4SLfEA%2BRYepa3weLBYgy9c4%2BX5VLLCzy6nX58zxQ1AcVOUger%2FFolCqs7%2BLUIb3tTwo4CwypdOMHz6SVBXYPZglV3802IKZAJvVtoVl5YxtZemyLNfhAkIAUFlBxboadByAOPCm7rnkln%2Bio%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=14400
cf-ray: 73fb0a419b4ad393-CDG

GET
H3 200 l.js Show response
maxoffernow.com/js/ 406 KB
110 KB 62ms
59ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxoffernow.com/js/l.js?id=c579614715b551487200

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d6137ae9fbd1c94eef40b249d258227cf43b9cc035dac9f8f7f5e9d894af7922

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://maxoffernow.com/dly1st/?hitid=wo50j56h4g2p2phii5k4og7c&qze=3&aff_sub=HD74&aff_sub2=_EPMG_DAILY_EN-MGN-01_A&aff_sub3=63033a46470264002a69fda0&aff_sub4=EPMG&aff_sub5=&tpsiteid=24220&source=HD
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 09:25:20 GMT
x-proc: 2
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4138
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Thu, 18 Aug 2022 22:35:49 GMT
server: cloudflare
etag: W/"62febec5-65776"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P3NRoAYsz3Ucg%2BavleK3Ne%2F%2Fzr1hooQpekpIgmugB24%2FPfvT0lwmAU%2BtRxDYjYvQwEqlwg6%2Bvu3Pb8AbkmfekPG2rCzHvkhifnHQslVCaBLe8BaBfiWSzDneF1wjV8f3aLFo5vyMvwWx64V5a0Y%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=14400
cf-ray: 73fb0a41fbacd393-CDG

GET funnel.js
static-133.b-cdn.net/17444/build/ 0
0

GET hp
in.xr117.xyz/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: static-133.b-cdn.net
URL: https://static-133.b-cdn.net/17444/build/funnel.css

Domain: static-133.b-cdn.net
URL: https://static-133.b-cdn.net/17444/images/logo.png

Domain: static-133.b-cdn.net
URL: https://static-133.b-cdn.net/17444/images/video-image.webp

Domain: static-133.b-cdn.net
URL: https://static-133.b-cdn.net/17444/images/play-icon.png

Domain: static-133.b-cdn.net
URL: https://static-133.b-cdn.net/17444/images/top-arrow.png

Domain: maxoffernow.com
URL: https://maxoffernow.com/images/check-icon.png

Domain: static-133.b-cdn.net
URL: https://static-133.b-cdn.net/17444/images/safe.png

Domain: static-133.b-cdn.net
URL: https://static-133.b-cdn.net/17444/images/bg-arrow.png

Domain: static-133.b-cdn.net
URL: https://static-133.b-cdn.net/17444/images/check-icon.png

Domain: static-133.b-cdn.net
URL: https://static-133.b-cdn.net/17444/images/spots-arrow.png

Domain: static-133.b-cdn.net
URL: https://static-133.b-cdn.net/17444/images/john.jpg

Domain: static-133.b-cdn.net
URL: https://static-133.b-cdn.net/17444/images/john-sign.png

Domain: static-133.b-cdn.net
URL: https://static-133.b-cdn.net/17444/images/social-callback-title.png

Domain: static-133.b-cdn.net
URL: https://static-133.b-cdn.net/17444/images/facebook.png

Domain: static-133.b-cdn.net
URL: https://static-133.b-cdn.net/17444/images/twitter.png

Domain: static-133.b-cdn.net
URL: https://static-133.b-cdn.net/17444/images/features-title.png

Domain: static-133.b-cdn.net
URL: https://static-133.b-cdn.net/17444/images/feature1.png

Domain: static-133.b-cdn.net
URL: https://static-133.b-cdn.net/17444/images/feature2.png

Domain: static-133.b-cdn.net
URL: https://static-133.b-cdn.net/17444/images/feature3.png

Domain: static-133.b-cdn.net
URL: https://static-133.b-cdn.net/17444/images/feature4.png

Domain: static-133.b-cdn.net
URL: https://static-133.b-cdn.net/17444/images/faq-title.png

Domain: static-133.b-cdn.net
URL: https://static-133.b-cdn.net/17444/images/faq-list-title-bg.png

Domain: maxoffernow.com
URL: https://maxoffernow.com/media/sad-face.svg

Domain: static-133.b-cdn.net
URL: https://static-133.b-cdn.net/17444/build/funnel.js

Domain: in.xr117.xyz
URL: https://in.xr117.xyz/hp

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.went.foffers.xyz/	1970-01-20 05:30:19	Name: db5e64e1-6307-421c-8d4e-c7897fcdaa7d-v4 Value: tD3mD4LVSPbtNJkHWxL47nrXF8xJLW_Tt6YXFCICP7E
.went.foffers.xyz/	1970-01-20 14:14:29	Name: cc-v4 Value: CCXmRapDS%2BnyW%2FtP9O57kBvVjU7gAu5XlukV6WQwtgukl2M7b7Dz%2FKz7V%2BBsQq3R6%2BRpzEcyxeXku85oa8Im9yeOyoMswNqgfIEJk2xWrCf75WCTbUUh%2FcvYa2yX06G1xFHAUdtU6qlndWPPLjR0Rw%3D%3D
maxoffernow.com/	1970-01-20 05:29:00	Name: XSRF-TOKEN Value: eyJpdiI6IlwvOW9USnFcL1IwOWdQa0VvUU9yUm4rQT09IiwidmFsdWUiOiJjQTNiZkJsQStCbFl6QUlwZHRJUlNkNjdaU2Zlelg1a3RSNll0ZjRcL0FtbndvXC9lMlwvWWZGSjRtNzhLS2lZeE9oIiwibWFjIjoiMGQ2NTcyYWI2ZDY2NmRmZDEzZGMzNjZjODA0ZGMwYjRiZjc5MTc1OTk1ZmRiZjc4MTQ4YWVkZGUwNDQzYzAwNyJ9
maxoffernow.com/	1970-01-20 05:29:00	Name: c Value: eyJpdiI6Im5oT3dsa3VBcU42T252eVwvcTBZaWNRPT0iLCJ2YWx1ZSI6InFFTUxtQnBKNUE0NTdXMEprS1NXZUpmS3NoOFVFb0tjbFFKSzFOQ3BsTFFHTnQ2cnQrZ3ZvczMrYmJJU3dZMUsiLCJtYWMiOiIwZjYwNDI4MzE0NDFjY2FkZWU5ZjJlOWQxYzk4ZTllMGZlYjkzZjFkNTNkYzc3ZmYzOTQ5YzU4ZGFhMDU1MGM1In0%3D

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

email.read.easyprofit-trader.com
in.xr117.xyz
maxoffernow.com
static-133.b-cdn.net
tr.easyprofit-trader.com
went.foffers.xyz
in.xr117.xyz
maxoffernow.com
static-133.b-cdn.net
18.195.174.160
2a06:98c1:3120::3
35.156.59.49
5.79.106.181
0979e653bf7370685f5d0ec7448e28d33f46754d5411cf5a7cd3df6ecafc1a35
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
32bc668db7376f0ad0b1fbbc8c97d75952dbd4f5df0b1be683ddc21dec3aff8c
9048fc1a767ca3a78c2635a32c41b254fc280ad15ca38dd6edeb9e37ed26da98
d6137ae9fbd1c94eef40b249d258227cf43b9cc035dac9f8f7f5e9d894af7922
df456c4794989b11dda8d76813cbf505b2707048f4cc89d7db15956779ca3fb0

maxoffernow.com Open in urlscan Pro 2a06:98c1:3120::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

31 Requests

19 %HTTPS

25 %IPv6

5 Domains

6 Subdomains

2 IPs

3 Countries

126 kBTransfer

463 kBSize

4 Cookies

0 Outgoing links

Page URL History

Redirected requests

31 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

4 Cookies

Security Headers

Indicators

maxoffernow.com Open in urlscan Pro
2a06:98c1:3120::3 Public Scan

Screenshot
Live screenshot

Full Image

31
Requests

19 %
HTTPS

25 %
IPv6

5
Domains

6
Subdomains

2
IPs

3
Countries

126 kB
Transfer

463 kB
Size

4
Cookies

31 HTTP transactions
0 data transactions