urlscan.io logo urlscan.io
SecurityTrails logo

xp-syndicate.ct.ws Open in urlscan Pro
185.27.134.153  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://xp-syndicate.ct.ws/
Effective URL: https://xp-syndicate.ct.ws/?i=1
Submission: On January 02 via api from US — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 4 countries across 9 domains to perform 20 HTTP transactions. The main IP is 185.27.134.153, located in United Kingdom and belongs to WILDCARD-AS Wildcard UK Limited, GB. The main domain is xp-syndicate.ct.ws.
TLS certificate: Issued by WR1 on January 2nd 2025. Valid for: 3 months.
This is the only time xp-syndicate.ct.ws was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
7 185.27.134.153 34119 (WILDCARD-...)
2 104.17.24.14 13335 (CLOUDFLAR...)
2 3.5.132.56 16509 (AMAZON-02)
2 2600:9000:249... 16509 (AMAZON-02)
1 52.3.93.48 14618 (AMAZON-AES)
3 54.221.29.136 14618 (AMAZON-AES)
1 172.67.74.152 13335 (CLOUDFLAR...)
1 51.77.64.70 16276 (OVH OVH SAS)
1 2a00:1450:400... 15169 (GOOGLE)
20 9
7    185.27.134.153 (United Kingdom)

ASN34119 (WILDCARD-AS Wildcard UK Limited, GB)
xp-syndicate.ct.ws
2    104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
2    3.5.132.56 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-r-w.us-east-2.amazonaws.com
chatsimple-widget.s3.us-east-2.amazonaws.com
2    2600:9000:2490:e00:10:4e8d:4040:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.chatsimple.ai
1    52.3.93.48 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-3-93-48.compute-1.amazonaws.com
us.i.posthog.com
3    54.221.29.136 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-221-29-136.compute-1.amazonaws.com
api.expertise.ai
1    172.67.74.152 (United States)

ASN13335 (CLOUDFLARENET, US)
api.ipify.org
1    51.77.64.70 (Germany)

ASN16276 (OVH OVH SAS, FR)
PTR: de-fra-1.pro.ip-api.com
pro.ip-api.com
1    2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
Apex Domain
Subdomains		 Transfer
7 ct.ws
xp-syndicate.ct.ws
84 KB
3 expertise.ai
api.expertise.ai — Cisco Umbrella Rank: 227155
10 KB
2 chatsimple.ai
cdn.chatsimple.ai — Cisco Umbrella Rank: 204465
656 KB
2 amazonaws.com
chatsimple-widget.s3.us-east-2.amazonaws.com — Cisco Umbrella Rank: 293324
6 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 225
88 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
923 B
1 ip-api.com
pro.ip-api.com — Cisco Umbrella Rank: 7020
468 B
1 ipify.org
api.ipify.org — Cisco Umbrella Rank: 2001
316 B
1 posthog.com
us.i.posthog.com — Cisco Umbrella Rank: 6715
684 B
20 9
Domain Requested by
7 xp-syndicate.ct.ws xp-syndicate.ct.ws
3 api.expertise.ai cdn.chatsimple.ai
2 cdn.chatsimple.ai chatsimple-widget.s3.us-east-2.amazonaws.com
2 chatsimple-widget.s3.us-east-2.amazonaws.com xp-syndicate.ct.ws
2 cdnjs.cloudflare.com xp-syndicate.ct.ws
cdnjs.cloudflare.com
1 fonts.googleapis.com cdn.chatsimple.ai
1 pro.ip-api.com cdn.chatsimple.ai
1 api.ipify.org cdn.chatsimple.ai
1 us.i.posthog.com cdn.chatsimple.ai
20 9

This site contains links to these domains. Also see Links.

Domain
request-modpack.netlify.app
discord.gg
www.chatsimple.ai
Subject Issuer Validity Valid
xp-syndicate.ct.ws
WR1		 2025-01-02 -
2025-04-02		 3 months crt.sh
cdnjs.cloudflare.com
WE1		 2024-11-26 -
2025-02-24		 3 months crt.sh
*.s3.us-east-2.amazonaws.com
Amazon RSA 2048 M01		 2024-11-09 -
2025-11-05		 a year crt.sh
*.chatsimple.ai
Amazon RSA 2048 M03		 2024-04-21 -
2025-05-21		 a year crt.sh
*.i.posthog.com
Amazon RSA 2048 M03		 2024-12-15 -
2026-01-14		 a year crt.sh
api.expertise.ai
Amazon RSA 2048 M03		 2024-03-08 -
2025-04-06		 a year crt.sh
ipify.org
WE1		 2024-11-13 -
2025-02-11		 3 months crt.sh
*.ip-api.com
Sectigo RSA Domain Validation Secure Server CA		 2023-12-21 -
2025-01-20		 a year crt.sh
upload.video.google.com
WR2		 2024-12-02 -
2025-02-24		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://xp-syndicate.ct.ws/?i=1
Frame ID: 412038CF260FE52B7911DAE39A315E46
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Welcome | X-Plosion Syndicate

Page URL History Show full URLs

  1. https://xp-syndicate.ct.ws/ Page URL
  2. https://xp-syndicate.ct.ws/?i=1 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

20
Requests

100 %
HTTPS

22 %
IPv6

9
Domains

9
Subdomains

9
IPs

4
Countries

846 kB
Transfer

2325 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://xp-syndicate.ct.ws/ Page URL
  2. https://xp-syndicate.ct.ws/?i=1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
xp-syndicate.ct.ws/ 		830 B
691 B 		Document
General
Check archive.org
Download Go to
Full URL
https://xp-syndicate.ct.ws/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.27.134.153 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software
nginx /
Resource Hash
a04ebb954633895cbf3e8fa2d28787dea93638ba7313d93951837ef98bed242b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Cache-Control
no-cache
Connection
keep-alive
Content-Encoding
br
Content-Type
text/html
Date
Thu, 02 Jan 2025 21:42:46 GMT
Expires
Thu, 01 Jan 1970 00:00:01 GMT
Server
nginx
Transfer-Encoding
chunked
aes.js
xp-syndicate.ct.ws/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://xp-syndicate.ct.ws/aes.js
Requested by
Host: xp-syndicate.ct.ws
URL: https://xp-syndicate.ct.ws/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.27.134.153 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software
nginx /
Resource Hash
5069425b121346b36f730910d05402d50920fc2178b01e0c878b71af4ef1eb96

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://xp-syndicate.ct.ws/

Response headers

Transfer-Encoding
chunked
Content-Encoding
br
ETag
W/"652c2511-35a5"
Connection
keep-alive
Date
Thu, 02 Jan 2025 21:42:46 GMT
Content-Type
application/javascript
Last-Modified
Sun, 15 Oct 2023 17:44:49 GMT
Server
nginx
Primary Request /
xp-syndicate.ct.ws/ 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://xp-syndicate.ct.ws/?i=1
Requested by
Host: xp-syndicate.ct.ws
URL: https://xp-syndicate.ct.ws/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.27.134.153 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software
nginx /
Resource Hash
87efbba20413b88c103170915d54bcbb3227ed93be9b3036b4d136d330f4358e

Request headers

Referer
https://xp-syndicate.ct.ws/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Encoding
br
Content-Type
text/html; charset=UTF-8
Date
Thu, 02 Jan 2025 21:42:46 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Pragma
no-cache
Server
nginx
Transfer-Encoding
chunked
styles.css
xp-syndicate.ct.ws/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://xp-syndicate.ct.ws/styles.css
Requested by
Host: xp-syndicate.ct.ws
URL: https://xp-syndicate.ct.ws/?i=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.27.134.153 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software
nginx /
Resource Hash
5c2ff0899d352be77957fe1260e8d25da1571f358b896a3658f6cfa83a1a60fe

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://xp-syndicate.ct.ws/?i=1

Response headers

Transfer-Encoding
chunked
Cache-Control
max-age=2592000, public, proxy-revalidate, must-revalidate
Content-Encoding
br
ETag
W/"1ce1-62abc4f3b5928"
Connection
keep-alive
Expires
Sat, 01 Feb 2025 21:42:46 GMT
Date
Thu, 02 Jan 2025 21:42:46 GMT
Content-Type
text/css
Last-Modified
Thu, 02 Jan 2025 17:15:31 GMT
Server
nginx
all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/ 		58 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/all.min.css
Requested by
Host: xp-syndicate.ct.ws
URL: https://xp-syndicate.ct.ws/?i=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://xp-syndicate.ct.ws/

Response headers

cf-cdnjs-via
cfworker/kv
content-encoding
br
cf-cache-status
HIT
etag
"613fa20b-28de"
age
497892
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=M%2FvnDvkNgjFO%2BKRkc3vm3ZNekwyc%2F39Hg8ZZSYVroW8btMALWBqCnykunfSRmf0rcaR5sPaWDhOVsNkez5rBbxnXd8%2F%2FpiV0XB0IYldSlWdUDw9pWbl45wbIbcZ7HVjidHr2zcPE"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Tue, 23 Dec 2025 21:42:46 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Thu, 02 Jan 2025 21:42:46 GMT
content-type
text/css; charset=utf-8
last-modified
Mon, 13 Sep 2021 19:10:03 GMT
vary
Accept-Encoding
priority
u=0,i=?0
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8fbdebbf0c90770d-LHR
accept-ranges
bytes
access-control-allow-origin
*
content-length
10462
server
cloudflare
X.gif
xp-syndicate.ct.ws/img/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xp-syndicate.ct.ws/img/X.gif
Requested by
Host: xp-syndicate.ct.ws
URL: https://xp-syndicate.ct.ws/?i=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.27.134.153 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software
nginx /
Resource Hash
142266258e6cc4726fcfe409c3140d2222b23e8a3974396a46f8b1b422a5f372

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://xp-syndicate.ct.ws/?i=1

Response headers

Cache-Control
max-age=2592000, public, proxy-revalidate
ETag
"405a-62abc4a6042c6"
Connection
keep-alive
Expires
Sat, 01 Feb 2025 21:42:46 GMT
Accept-Ranges
bytes
Content-Length
16474
Date
Thu, 02 Jan 2025 21:42:46 GMT
Content-Type
image/gif
Last-Modified
Thu, 02 Jan 2025 17:14:10 GMT
Server
nginx
kentut.mp3
xp-syndicate.ct.ws/dj/ 		0
0 		Media
General
Check archive.org
Download Go to
Full URL
https://xp-syndicate.ct.ws/dj/kentut.mp3
Requested by
Host: xp-syndicate.ct.ws
URL: https://xp-syndicate.ct.ws/?i=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.27.134.153 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://xp-syndicate.ct.ws/?i=1
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Range
bytes=0-

Response headers

Cache-Control
max-age=5, public, proxy-revalidate
ETag
"2e85-606d879adb9f8"
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
11909
Date
Thu, 02 Jan 2025 21:42:46 GMT
Content-Type
text/html; charset=UTF-8
Last-Modified
Tue, 03 Oct 2023 23:44:44 GMT
Server
nginx
chat-bot-loader.js
chatsimple-widget.s3.us-east-2.amazonaws.com/ 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://chatsimple-widget.s3.us-east-2.amazonaws.com/chat-bot-loader.js
Requested by
Host: xp-syndicate.ct.ws
URL: https://xp-syndicate.ct.ws/?i=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.5.132.56 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-r-w.us-east-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
b29afe9a8252e7e6cc2225fc66972fb7d387f129a9e4351934cffba787af0483

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://xp-syndicate.ct.ws/

Response headers

x-amz-id-2
IJcgO3C4ynhaOXhyNbAPJB3FQ6vTfwVbr6rslGCN/013kzw2EY9IROSb54vWVPHQ/ETYT1c34HcTjxeBmmZvBocsAS++4Y1U
ETag
"5d37ec8c488fd85a9ec9c6ca285ae357"
x-amz-version-id
null
x-amz-request-id
ZVJQAFYBPRSA95M8
Accept-Ranges
bytes
Content-Length
3317
Date
Thu, 02 Jan 2025 21:42:48 GMT
Last-Modified
Fri, 24 May 2024 19:28:36 GMT
Content-Type
application/javascript
Server
AmazonS3
x-amz-server-side-encryption
AES256
fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/webfonts/ 		76 KB
77 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/webfonts/fa-solid-900.woff2
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/all.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://xp-syndicate.ct.ws
Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/all.min.css

Response headers

cf-cdnjs-via
cfworker/kv
cf-cache-status
HIT
etag
"613fa20b-131bc"
age
664800
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xz76DftzH0OInCI1kC0H6EEz%2Bp9brbqMQrfauSce5eSXdd9Iq3ln6TCnebOIKLPpG7J5nVBi7zcjXXOHKeCXmq6BRIhhp97%2F7z7JpBdLll94T3AHL1K9NP4P5ly48p%2BFA4xUbxk0"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Tue, 23 Dec 2025 21:42:46 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Thu, 02 Jan 2025 21:42:46 GMT
content-type
application/octet-stream; charset=utf-8
last-modified
Mon, 13 Sep 2021 19:10:03 GMT
vary
Accept-Encoding
priority
u=0,i=?0
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8fbdebbf78509478-LHR
accept-ranges
bytes
access-control-allow-origin
*
content-length
78268
server
cloudflare
index-chatsimple-widget-2a7b862d.css
cdn.chatsimple.ai/assets-wc/ 		18 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.chatsimple.ai/assets-wc/index-chatsimple-widget-2a7b862d.css
Requested by
Host: chatsimple-widget.s3.us-east-2.amazonaws.com
URL: https://chatsimple-widget.s3.us-east-2.amazonaws.com/chat-bot-loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:e00:10:4e8d:4040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
25d00d41a92cfa57aa39832f55c3ea504cff0c58a015e8dc2ecb3fe9db8f8fa0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://xp-syndicate.ct.ws/

Response headers

vary
accept-encoding
content-encoding
gzip
etag
W/"dea4f6ae5605dfa5e5b8a649728cc0a6"
x-amz-version-id
G50gW9Pd22SfGjakui_5wBRGfrsTiY.I
age
59713
via
1.1 88cabd6b8652306789c6bc8090fbcb1a.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
K3DqtbIX7FYrPncAxPQNcX7D5InmJWX5vXqVDflQSXvWNpuYZ4waRQ==
date
Thu, 02 Jan 2025 05:59:35 GMT
content-type
text/css
last-modified
Mon, 30 Dec 2024 23:41:34 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P6
x-amz-server-side-encryption
AES256
index-chatsimple-widget-2a7b862d.js
cdn.chatsimple.ai/assets-wc/ 		2 MB
651 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.chatsimple.ai/assets-wc/index-chatsimple-widget-2a7b862d.js
Requested by
Host: chatsimple-widget.s3.us-east-2.amazonaws.com
URL: https://chatsimple-widget.s3.us-east-2.amazonaws.com/chat-bot-loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:e00:10:4e8d:4040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
faeb23716986d1b6b7eeaa201e042f9b2aaa41a73bdce0eaa33eb1b557c5da28

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://xp-syndicate.ct.ws/

Response headers

vary
accept-encoding
content-encoding
gzip
etag
W/"a58a02121b7ab7fd5e76dcc2fc107955"
x-amz-version-id
BVlB9D2U3G4epi4lRDZo.qS24VbJlReO
age
59681
via
1.1 88cabd6b8652306789c6bc8090fbcb1a.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
2YS7DHAE0G3MiQcp7RglEZrsA6wupMUi7Q5wIABJb4LxpEvP15aXZQ==
date
Thu, 02 Jan 2025 05:59:35 GMT
content-type
text/javascript
last-modified
Tue, 31 Dec 2024 05:06:49 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P6
x-amz-server-side-encryption
AES256
/
us.i.posthog.com/decide/ 		522 B
684 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://us.i.posthog.com/decide/?v=3&ip=1&_=1735854167852&ver=1.184.1&compression=base64
Requested by
Host: cdn.chatsimple.ai
URL: https://cdn.chatsimple.ai/assets-wc/index-chatsimple-widget-2a7b862d.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.3.93.48 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-3-93-48.compute-1.amazonaws.com
Software
envoy /
Resource Hash
b634d8cdfff070f67c555e79e4ed62c56897b8bcb463c9c4578b288a712250d5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded
Referer
https://xp-syndicate.ct.ws/

Response headers

cross-origin-opener-policy
same-origin
content-encoding
gzip
x-envoy-upstream-service-time
12
access-control-allow-credentials
true
x-content-type-options
nosniff
referrer-policy
same-origin
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://xp-syndicate.ct.ws
date
Thu, 02 Jan 2025 21:42:48 GMT
content-type
application/json
vary
Accept-Encoding
server
envoy
access-control-allow-headers
X-Requested-With,Content-Type
get_widget_info
api.expertise.ai/v0/location/us-east-1/users/4359d0f6-cea7-41f7-9ba9-4be8fe14007a/chatbots/b6954598-a951-4da7-b609-6dff6d21d0f0/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.expertise.ai/v0/location/us-east-1/users/4359d0f6-cea7-41f7-9ba9-4be8fe14007a/chatbots/b6954598-a951-4da7-b609-6dff6d21d0f0/get_widget_info?platform_type=WIDGET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.221.29.136 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-221-29-136.compute-1.amazonaws.com
Software
undisclosed /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept
*/*
Access-Control-Request-Headers
delegate-chatbot-id,ngrok-skip-browser-warning,platform
Access-Control-Request-Method
GET
Origin
https://xp-syndicate.ct.ws
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
delegate-chatbot-id, ngrok-skip-browser-warning, platform
access-control-allow-methods
DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
access-control-allow-origin
https://xp-syndicate.ct.ws
allow
OPTIONS, HEAD, GET
content-length
0
content-security-policy
default-src 'self'
content-type
text/html; charset=utf-8
date
Thu, 02 Jan 2025 21:42:48 GMT
referrer-policy
strict-origin-when-cross-origin
server
undisclosed
strict-transport-security
max-age=31536000; includeSubDomains
vary
Origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
get_widget_info
api.expertise.ai/v0/location/us-east-1/users/4359d0f6-cea7-41f7-9ba9-4be8fe14007a/chatbots/b6954598-a951-4da7-b609-6dff6d21d0f0/ 		5 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.expertise.ai/v0/location/us-east-1/users/4359d0f6-cea7-41f7-9ba9-4be8fe14007a/chatbots/b6954598-a951-4da7-b609-6dff6d21d0f0/get_widget_info?platform_type=WIDGET
Requested by
Host: cdn.chatsimple.ai
URL: https://cdn.chatsimple.ai/assets-wc/index-chatsimple-widget-2a7b862d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.221.29.136 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-221-29-136.compute-1.amazonaws.com
Software
undisclosed /
Resource Hash
28de3a040af2bbe969f374dae4cf84167ff4edcafe670c33498eb35927490c4c
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

delegate-chatbot-id
b6954598-a951-4da7-b609-6dff6d21d0f0
ngrok-skip-browser-warning
true
Referer
https://xp-syndicate.ct.ws/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
platform
desktop

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
default-src 'self'
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
access-control-allow-origin
https://xp-syndicate.ct.ws
content-length
4903
date
Thu, 02 Jan 2025 21:42:48 GMT
content-type
application/json
vary
Origin
server
undisclosed
x-frame-options
SAMEORIGIN
/
api.ipify.org/ 		22 B
316 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.ipify.org/?format=json
Requested by
Host: cdn.chatsimple.ai
URL: https://cdn.chatsimple.ai/assets-wc/index-chatsimple-widget-2a7b862d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.74.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1e156ef707047ce51226a1fa213c119c1282d7fcef1f99d3e9a2637306569645

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://xp-syndicate.ct.ws/

Response headers

cf-cache-status
DYNAMIC
cf-ray
8fbdebc5dbf16340-LHR
access-control-allow-origin
*
server-timing
cfL4;desc="?proto=TCP&rtt=42165&min_rtt=42131&rtt_var=6691&sent=9&recv=11&lost=0&retrans=0&sent_bytes=4027&recv_bytes=2228&delivery_rate=93618&cwnd=206&unsent_bytes=0&cid=adbabe8d7f828ba3&ts=135&x=0"
content-length
22
date
Thu, 02 Jan 2025 21:42:48 GMT
content-type
application/json
vary
Origin
server
cloudflare
a.png
xp-syndicate.ct.ws/img/ 		58 KB
58 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://xp-syndicate.ct.ws/img/a.png
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.27.134.153 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software
nginx /
Resource Hash
632d611dbf36a376e07782a0bcc6adf5129d10b46e550b3f024fe762f6e673a0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://xp-syndicate.ct.ws/?i=1

Response headers

Cache-Control
max-age=2592000, public, proxy-revalidate
ETag
"e65e-62abc491300af"
Connection
keep-alive
Expires
Sat, 01 Feb 2025 21:42:47 GMT
Accept-Ranges
bytes
Content-Length
58974
Date
Thu, 02 Jan 2025 21:42:47 GMT
Content-Type
image/png
Last-Modified
Thu, 02 Jan 2025 17:13:48 GMT
Server
nginx
82.199.130.44
pro.ip-api.com/json/ 		312 B
468 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pro.ip-api.com/json/82.199.130.44?key=jBo9qeFtLp00zjm
Requested by
Host: cdn.chatsimple.ai
URL: https://cdn.chatsimple.ai/assets-wc/index-chatsimple-widget-2a7b862d.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.77.64.70 , Germany, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
de-fra-1.pro.ip-api.com
Software
/
Resource Hash
117c68585de02bc0cc96f638a4022db2fe12fd86a563188d74fba81692bc6da3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://xp-syndicate.ct.ws/

Response headers

Access-Control-Allow-Origin
*
Content-Length
312
Date
Thu, 02 Jan 2025 21:42:48 GMT
Content-Type
application/json; charset=utf-8
css2
fonts.googleapis.com/ 		3 KB
923 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Poppins:wght@400;500;600;700&display=swap
Requested by
Host: cdn.chatsimple.ai
URL: https://cdn.chatsimple.ai/assets-wc/index-chatsimple-widget-2a7b862d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9b24fd64c70ccc6f0d26cf07916db6eaab4a03ad9c5e6010f41bfd76546aa58e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://xp-syndicate.ct.ws/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Thu, 02 Jan 2025 21:42:48 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 02 Jan 2025 21:42:48 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Thu, 02 Jan 2025 20:53:34 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
get_widget_info
api.expertise.ai/v0/location/us-east-1/users/4359d0f6-cea7-41f7-9ba9-4be8fe14007a/chatbots/b6954598-a951-4da7-b609-6dff6d21d0f0/ 		5 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.expertise.ai/v0/location/us-east-1/users/4359d0f6-cea7-41f7-9ba9-4be8fe14007a/chatbots/b6954598-a951-4da7-b609-6dff6d21d0f0/get_widget_info?platform_type=WIDGET
Requested by
Host: cdn.chatsimple.ai
URL: https://cdn.chatsimple.ai/assets-wc/index-chatsimple-widget-2a7b862d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.221.29.136 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-221-29-136.compute-1.amazonaws.com
Software
undisclosed /
Resource Hash
28de3a040af2bbe969f374dae4cf84167ff4edcafe670c33498eb35927490c4c
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

delegate-chatbot-id
b6954598-a951-4da7-b609-6dff6d21d0f0
ngrok-skip-browser-warning
true
Referer
https://xp-syndicate.ct.ws/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
platform
desktop

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
default-src 'self'
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
access-control-allow-origin
https://xp-syndicate.ct.ws
content-length
4903
date
Thu, 02 Jan 2025 21:42:48 GMT
content-type
application/json
vary
Origin
server
undisclosed
x-frame-options
SAMEORIGIN
openIcon.svg
chatsimple-widget.s3.us-east-2.amazonaws.com/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://chatsimple-widget.s3.us-east-2.amazonaws.com/openIcon.svg
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.5.132.56 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-r-w.us-east-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
de5cbed8e0dcec9821ba2c6a999e916b5e12a0dcddc6a611dfdcad9aa5b7687b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://xp-syndicate.ct.ws/

Response headers

x-amz-id-2
HnZGcbocvvFIODRKvxeYAwx46wJVHcSrWe4TTup0y/kF+IL1KMCS6DryptztdQ0CjITlki+9Q1s04mWLlFaV2kUXpx/uC5ce
ETag
"272041020c486db5417bf1756328abe3"
x-amz-version-id
null
x-amz-request-id
95WQRSXDP0SPY1W1
Accept-Ranges
bytes
Content-Length
1469
Date
Thu, 02 Jan 2025 21:42:49 GMT
Last-Modified
Wed, 25 Oct 2023 21:43:31 GMT
Content-Type
image/svg+xml
Server
AmazonS3
x-amz-server-side-encryption
AES256

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| __PosthogExtensions__ object| __SENTRY__ object| CHATSIMPLE_WIDGET

3 Cookies

Domain/Path Name / Value
xp-syndicate.ct.ws/ Name: __test
Value: 53a9ebab591d188b6b818155acd63c0f
xp-syndicate.ct.ws/ Name: PHPSESSID
Value: 5e9acfd0be7bba5b0ad162f636412517
.ct.ws/ Name: ph_phc_RucVhPd6FaVgQHHkpqnLC6NI4AYCP75FQECM9WTTsoQ_posthog
Value: %7B%22distinct_id%22%3A%22019428f8-972c-7d18-bd99-e82ff4979f39%22%2C%22%24sesid%22%3A%5B1735854167851%2C%22019428f8-972b-74f6-b3bc-b9a2cc46e5bc%22%2C1735854167851%5D%7D

1 Console Messages

Source Level URL
Text
network error URL: https://xp-syndicate.ct.ws/dj/kentut.mp3
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.expertise.ai
api.ipify.org
cdn.chatsimple.ai
cdnjs.cloudflare.com
chatsimple-widget.s3.us-east-2.amazonaws.com
fonts.googleapis.com
pro.ip-api.com
us.i.posthog.com
xp-syndicate.ct.ws
104.17.24.14
172.67.74.152
185.27.134.153
2600:9000:2490:e00:10:4e8d:4040:93a1
2a00:1450:4001:81c::200a
3.5.132.56
51.77.64.70
52.3.93.48
54.221.29.136
117c68585de02bc0cc96f638a4022db2fe12fd86a563188d74fba81692bc6da3
142266258e6cc4726fcfe409c3140d2222b23e8a3974396a46f8b1b422a5f372
1e156ef707047ce51226a1fa213c119c1282d7fcef1f99d3e9a2637306569645
25d00d41a92cfa57aa39832f55c3ea504cff0c58a015e8dc2ecb3fe9db8f8fa0
28de3a040af2bbe969f374dae4cf84167ff4edcafe670c33498eb35927490c4c
5069425b121346b36f730910d05402d50920fc2178b01e0c878b71af4ef1eb96
5c2ff0899d352be77957fe1260e8d25da1571f358b896a3658f6cfa83a1a60fe
632d611dbf36a376e07782a0bcc6adf5129d10b46e550b3f024fe762f6e673a0
87efbba20413b88c103170915d54bcbb3227ed93be9b3036b4d136d330f4358e
9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537
99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e
9b24fd64c70ccc6f0d26cf07916db6eaab4a03ad9c5e6010f41bfd76546aa58e
a04ebb954633895cbf3e8fa2d28787dea93638ba7313d93951837ef98bed242b
b29afe9a8252e7e6cc2225fc66972fb7d387f129a9e4351934cffba787af0483
b634d8cdfff070f67c555e79e4ed62c56897b8bcb463c9c4578b288a712250d5
de5cbed8e0dcec9821ba2c6a999e916b5e12a0dcddc6a611dfdcad9aa5b7687b
faeb23716986d1b6b7eeaa201e042f9b2aaa41a73bdce0eaa33eb1b557c5da28