Submitted URL: http://vps-85109737.vps.ovh.net/oHT.jsw?dfdd6ccc2wj9cxqT2cccF6cSc6MzNdvhjcbbb2D
Effective URL: https://exact-offer.xyz/chat?external_id=wbcuf0nar2mqvmmi2lil9rem&cost=&external_cid=b12060d5-e9c9-4b85-9eb5-b41285f8263...
Submission: On August 30 via api from BE — Scanned from FR

Summary

This website contacted 8 IPs in 4 countries across 12 domains to perform 23 HTTP transactions. The main IP is 88.214.193.29, located in United Kingdom and belongs to NATCOWEB, US. The main domain is exact-offer.xyz.
TLS certificate: Issued by R3 on August 2nd 2022. Valid for: 3 months.
This is the only time exact-offer.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2001:41d0:401... 16276 (OVH)
1 81.145.240.126 2856 (BT-UK-AS ...)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
4 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 1 18.158.88.249 16509 (AMAZON-02)
3 88.214.193.29 46636 (NATCOWEB)
3 69.16.175.10 20446 (STACKPATH...)
1 2a00:1450:400... 15169 (GOOGLE)
8 2600:9000:225... 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
23 8
Domain Requested by
8 d3rlh0lneatqqc.cloudfront.net exact-offer.xyz
4 www.tgiory.com hostingoptimized.com
www.tgiory.com
3 j6g8i2b5.ssl.hwcdn.net exact-offer.xyz
2 fonts.gstatic.com fonts.googleapis.com
2 trk.adnce.com j6g8i2b5.ssl.hwcdn.net
exact-offer.xyz
1 fonts.googleapis.com client
1 exact-offer.xyz www.tgiory.com
1 perserymanked.com 1 redirects
1 cdn.addlnk.com www.tgiory.com
1 lynku.jukminung.com 1 redirects
1 hostingoptimized.com
1 vps-85109737.vps.ovh.net 1 redirects
23 12

This site contains no links.

Subject Issuer Validity Valid
hostingoptimized.com
Sectigo RSA Domain Validation Secure Server CA
2022-01-24 -
2023-01-24
a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2022-03-11 -
2023-03-10
a year crt.sh
exact-offer.xyz
R3
2022-08-02 -
2022-10-31
3 months crt.sh
*.ssl.hwcdn.net
Sectigo RSA Domain Validation Secure Server CA
2021-12-22 -
2023-01-19
a year crt.sh
trk.adnce.com
R3
2022-07-18 -
2022-10-16
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2022-08-08 -
2022-10-31
3 months crt.sh
*.cloudfront.net
Amazon
2022-02-01 -
2023-01-31
a year crt.sh
*.gstatic.com
GTS CA 1C3
2022-08-08 -
2022-10-31
3 months crt.sh

This page contains 2 frames:

Primary Page: https://exact-offer.xyz/chat?external_id=wbcuf0nar2mqvmmi2lil9rem&cost=&external_cid=b12060d5-e9c9-4b85-9eb5-b41285f82634&source=6efa2ba6-87c4-4bb2-b973-4ec73420e640&publisher=eran&placement=a67626a2&ts=c181ca30-04e8-4bfc-aa50-ac6cfc246e76&cid=8b6fd34c-5569-f705-1f17-d62a757242b1
Frame ID: A6633286923669A15009070723EE6E28
Requests: 20 HTTP requests in this frame

Frame: https://www.tgiory.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1661889600
Frame ID: D930E02F078E3C0466EAE93803949A65
Requests: 3 HTTP requests in this frame

Screenshot

Page Title

Hello 👋 and congratulations!

Page URL History Show full URLs

  1. http://vps-85109737.vps.ovh.net/oHT.jsw?dfdd6ccc2wj9cxqT2cccF6cSc6MzNdvhjcbbb2D HTTP 302
    https://hostingoptimized.com/17635053ca3b03a8800/1_184138_2565807/1795_3280294_3905657_45/402426909_2001+... Page URL
  2. https://lynku.jukminung.com/rc/9e8aef8068?affclick=1282851289&pubid=690290 HTTP 302
    https://www.tgiory.com/rc/4fae28eb48?af5=pubid-not-valid Page URL
  3. https://perserymanked.com/b12060d5-e9c9-4b85-9eb5-b41285f82634?c1=pub24039eed84074258b65a278057a019b0&... HTTP 302
    https://exact-offer.xyz/chat?external_id=wbcuf0nar2mqvmmi2lil9rem&cost=&external_cid=b12060d5-e9c9-4... Page URL

Page Statistics

23
Requests

100 %
HTTPS

64 %
IPv6

12
Domains

12
Subdomains

8
IPs

4
Countries

89 kB
Transfer

133 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://vps-85109737.vps.ovh.net/oHT.jsw?dfdd6ccc2wj9cxqT2cccF6cSc6MzNdvhjcbbb2D HTTP 302
    https://hostingoptimized.com/17635053ca3b03a8800/1_184138_2565807/1795_3280294_3905657_45/402426909_2001+41d0+8+d154++13 Page URL
  2. https://lynku.jukminung.com/rc/9e8aef8068?affclick=1282851289&pubid=690290 HTTP 302
    https://www.tgiory.com/rc/4fae28eb48?af5=pubid-not-valid Page URL
  3. https://perserymanked.com/b12060d5-e9c9-4b85-9eb5-b41285f82634?c1=pub24039eed84074258b65a278057a019b0&c2=a67626a2 HTTP 302
    https://exact-offer.xyz/chat?external_id=wbcuf0nar2mqvmmi2lil9rem&cost=&external_cid=b12060d5-e9c9-4b85-9eb5-b41285f82634&source=6efa2ba6-87c4-4bb2-b973-4ec73420e640&publisher=eran&placement=a67626a2&ts=c181ca30-04e8-4bfc-aa50-ac6cfc246e76&cid=8b6fd34c-5569-f705-1f17-d62a757242b1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://vps-85109737.vps.ovh.net/oHT.jsw?dfdd6ccc2wj9cxqT2cccF6cSc6MzNdvhjcbbb2D HTTP 302
  • https://hostingoptimized.com/17635053ca3b03a8800/1_184138_2565807/1795_3280294_3905657_45/402426909_2001+41d0+8+d154++13
Request Chain 1
  • https://lynku.jukminung.com/rc/9e8aef8068?affclick=1282851289&pubid=690290 HTTP 302
  • https://www.tgiory.com/rc/4fae28eb48?af5=pubid-not-valid

23 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
402426909_2001+41d0+8+d154++13
hostingoptimized.com/17635053ca3b03a8800/1_184138_2565807/1795_3280294_3905657_45/
Redirect Chain
  • http://vps-85109737.vps.ovh.net/oHT.jsw?dfdd6ccc2wj9cxqT2cccF6cSc6MzNdvhjcbbb2D
  • https://hostingoptimized.com/17635053ca3b03a8800/1_184138_2565807/1795_3280294_3905657_45/402426909_2001+41d0+8+d154++13
137 B
450 B
Document
General
Full URL
https://hostingoptimized.com/17635053ca3b03a8800/1_184138_2565807/1795_3280294_3905657_45/402426909_2001+41d0+8+d154++13
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
81.145.240.126 Motherwell, United Kingdom, ASN2856 (BT-UK-AS BTnet UK Regional network, GB),
Reverse DNS
websitenamehost.xyz
Software
Apache /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Connection
close
Content-Length
137
Content-Type
text/html; charset=UTF-8
Date
Tue, 30 Aug 2022 22:00:43 GMT
Server
Apache

Redirect headers

Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
Date
Tue, 30 Aug 2022 22:00:42 GMT
Location
https://hostingoptimized.com/17635053ca3b03a8800/1_184138_2565807/1795_3280294_3905657_45/402426909_2001+41d0+8+d154++13
Server
Apache
4fae28eb48
www.tgiory.com/rc/
Redirect Chain
  • https://lynku.jukminung.com/rc/9e8aef8068?affclick=1282851289&pubid=690290
  • https://www.tgiory.com/rc/4fae28eb48?af5=pubid-not-valid
3 KB
2 KB
Document
General
Full URL
https://www.tgiory.com/rc/4fae28eb48?af5=pubid-not-valid
Requested by
Host: hostingoptimized.com
URL: https://hostingoptimized.com/17635053ca3b03a8800/1_184138_2565807/1795_3280294_3905657_45/402426909_2001+41d0+8+d154++13
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
45a6edea2f29eed61ac11544727cedb1c142486c70f792774f6e0ae17169af23

Request headers

Referer
https://hostingoptimized.com/17635053ca3b03a8800/1_184138_2565807/1795_3280294_3905657_45/402426909_2001+41d0+8+d154++13
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7430cd0e1a2fd5d1-CDG
content-encoding
br
content-language
en-us
content-type
text/html; charset=utf-8
date
Tue, 30 Aug 2022 22:00:44 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e2qbdnubQSHfEzrqzxpsJfho6itGiwE51hXGIkDRgXHoQfSb%2Bfi61ESGgK2BFyjCIQ3c59cqfJP7vJlhGApTKxOGA6MEnyJBB%2BKUPKuHbTGtIphH4y94c%2BXkAmDb7sz5IQc%2FPuD%2FhtSQVD3opg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding, Accept-Language, Cookie

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7430cd0d080bd50e-CDG
content-language
en-us
content-type
text/html; charset=utf-8
date
Tue, 30 Aug 2022 22:00:44 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location
https://www.tgiory.com/rc/4fae28eb48?af5=pubid-not-valid
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kM1wjtcsNNzrMMhKqZ3eBBDJwBRp0yzsISrHUsmceRvQn5LHRXd%2FSP27xA09r4NVU1G25hIfhqU9NxNWS2HK7%2BJx8YOm2%2BZQdxFJqHJQM5WUbhW%2BDX9%2B9YV9H%2Fc2f2OR3wTUOYjEP%2F7XAFqJZLT5HMsQ"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Language, Cookie
redirect.css
cdn.addlnk.com/
1 KB
1 KB
Stylesheet
General
Full URL
https://cdn.addlnk.com/redirect.css
Requested by
Host: www.tgiory.com
URL: https://www.tgiory.com/rc/4fae28eb48?af5=pubid-not-valid
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:1446 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7817748dc7354950bf4943388276db534474269c0cd0ed6a629841ca3d7b81a1

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 30 Aug 2022 22:00:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3587
cf-polished
origSize=1680
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
XSZBRH7A3PWWSAEW
x-amz-id-2
nWRA1g863xa9XULNpDd037ZCAOWXVZ5GsNylXYh55p+lNPzkGILMCmZVimK4lPYlcPQzmucKHf4=
last-modified
Wed, 13 Mar 2019 00:03:12 GMT
server
cloudflare
etag
W/"3ae56d32551602b41f9046c14d1cfde2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w9s3j98AB2wiF0aMxdR8vFD7MCbsBb9wNxL3sh8593wzOnR3LG5opg0LPkH8eKP%2FJolKvt2Oo8JsP%2BmOXKB2P9v6SVv6Rx82MOXJLlK7JYLP7LVNJBT7%2F6E%2FkXoKCrbFVFRaXdsme0%2FBH77RKg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cf-ray
7430cd0f8a7fcdbf-CDG
cf-bgj
minify
invisible.js
www.tgiory.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/ Frame D930
38 KB
14 KB
Script
General
Full URL
https://www.tgiory.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1661889600
Requested by
Host: hostingoptimized.com
URL: https://hostingoptimized.com/17635053ca3b03a8800/1_184138_2565807/1795_3280294_3905657_45/402426909_2001+41d0+8+d154++13
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e2919440eac10da4bc3929466c076f3159cd564c9975afecf4b72138e4e37df

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 30 Aug 2022 22:00:44 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MKbj8MnveiIJUOExwD3uzyf4TH7r6FFVZ3fIk2S%2Bgro6JDFpGVM8A06i2GIo6Ulp8KbmKB%2B%2BZd3wv3bLlPV35b0p%2F8smEnT3iP2nTyUsPRb4zUi%2BYTQj0zUi1q1CsDa3uiYmYFL760Dz638w3Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
x-control-type-options
nosniff
cf-ray
7430cd0fdd2bd5d1-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pica.js
www.tgiory.com/cdn-cgi/challenge-platform/h/b/scripts/ Frame D930
19 KB
7 KB
Other
General
Full URL
https://www.tgiory.com/cdn-cgi/challenge-platform/h/b/scripts/pica.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c6149e9d15c0898631e2e233fa4344ac98a940877b8a77b6ced6c752915972ec

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 30 Aug 2022 22:00:44 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BxgdOSJ9xwcLxxyJMogq8H4Z%2Fv1qMbuEIRzZWpNMly7m8%2FkltQNon7cw7M2heP5AjVf6HANUAFrcoUT1OySEQA639WVRZj%2BNJiiksHDG%2Fv2k0NrDshdQkZtOY5ZHB9DcZHiMHEUVb2LFcaMivA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
x-control-type-options
nosniff
cf-ray
7430cd100be0d5bc-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Primary Request chat
exact-offer.xyz/
Redirect Chain
  • https://perserymanked.com/b12060d5-e9c9-4b85-9eb5-b41285f82634?c1=pub24039eed84074258b65a278057a019b0&c2=a67626a2
  • https://exact-offer.xyz/chat?external_id=wbcuf0nar2mqvmmi2lil9rem&cost=&external_cid=b12060d5-e9c9-4b85-9eb5-b41285f82634&source=6efa2ba6-87c4-4bb2-b973-4ec73420e640&publisher=eran&placement=a67626...
3 KB
3 KB
Document
General
Full URL
https://exact-offer.xyz/chat?external_id=wbcuf0nar2mqvmmi2lil9rem&cost=&external_cid=b12060d5-e9c9-4b85-9eb5-b41285f82634&source=6efa2ba6-87c4-4bb2-b973-4ec73420e640&publisher=eran&placement=a67626a2&ts=c181ca30-04e8-4bfc-aa50-ac6cfc246e76&cid=8b6fd34c-5569-f705-1f17-d62a757242b1
Requested by
Host: www.tgiory.com
URL: https://www.tgiory.com/rc/4fae28eb48?af5=pubid-not-valid
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
88.214.193.29 , United Kingdom, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
/
Resource Hash
9db627a287de781101fd40b0df6b920a0ac081f9e49ada278006c7c6fbaea411

Request headers

Referer
https://www.tgiory.com/rc/4fae28eb48?af5=pubid-not-valid
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

content-type
text/html; charset=utf-8
date
Tue, 30 Aug 2022 22:00:45 GMT
referrer-policy
no-referrer

Redirect headers

cache-control
no-store, no-cache, pre-check=0, post-check=0
content-length
0
date
Tue, 30 Aug 2022 22:00:44 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://exact-offer.xyz/chat?external_id=wbcuf0nar2mqvmmi2lil9rem&cost=&external_cid=b12060d5-e9c9-4b85-9eb5-b41285f82634&source=6efa2ba6-87c4-4bb2-b973-4ec73420e640&publisher=eran&placement=a67626a2&ts=c181ca30-04e8-4bfc-aa50-ac6cfc246e76&cid=8b6fd34c-5569-f705-1f17-d62a757242b1
pragma
no-cache
server
nginx
7430cd0e1a2fd5d1
www.tgiory.com/cdn-cgi/challenge-platform/h/b/cv/result/ Frame D930
2 B
730 B
XHR
General
Full URL
https://www.tgiory.com/cdn-cgi/challenge-platform/h/b/cv/result/7430cd0e1a2fd5d1
Requested by
Host: www.tgiory.com
URL: https://www.tgiory.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1661889600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 30 Aug 2022 22:00:45 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s6%2FStKWypBVj37xuqDTRId%2FAOoEwb4y23PxuNXTp8NUyB5196Nc9b%2BYGS%2Fe0syWKvrQOgK5Yw%2Bp2w8%2Bcibi5VN%2Bc%2F%2BzLqiWu2kmSAjJHeYFn0LfzTgZNRTgd7ZXQVtNKKeSId2%2F251vWo9polw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
7430cd11ad7ad5bc-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
5899cbfdfb42a10fc71439c795b3c9122854636f80c33e90409d3d76e0f1eb8c.js
j6g8i2b5.ssl.hwcdn.net/
6 KB
2 KB
Script
General
Full URL
https://j6g8i2b5.ssl.hwcdn.net/5899cbfdfb42a10fc71439c795b3c9122854636f80c33e90409d3d76e0f1eb8c.js
Requested by
Host: exact-offer.xyz
URL: https://exact-offer.xyz/chat?external_id=wbcuf0nar2mqvmmi2lil9rem&cost=&external_cid=b12060d5-e9c9-4b85-9eb5-b41285f82634&source=6efa2ba6-87c4-4bb2-b973-4ec73420e640&publisher=eran&placement=a67626a2&ts=c181ca30-04e8-4bfc-aa50-ac6cfc246e76&cid=8b6fd34c-5569-f705-1f17-d62a757242b1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
hwcdn.net
Software
WasabiS3/7.7.900-2022-08-19-6bff245bcf (head09) /
Resource Hash
5899cbfdfb42a10fc71439c795b3c9122854636f80c33e90409d3d76e0f1eb8c

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Tue, 30 Aug 2022 22:00:45 GMT
Content-Encoding
gzip
Last-Modified
Sat, 13 Aug 2022 15:53:17 GMT
Server
WasabiS3/7.7.900-2022-08-19-6bff245bcf (head09)
x-amz-request-id
08BD6A771C00F62F
ETag
"aab9ce62210dcfe610dc0f0b69d070ad"
X-HW
1661896845.dop217.pa1.t,1661896845.cds234.pa1.shn,1661896845.dop217.pa1.t,1661896845.cds231.pa1.c
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
1650
x-amz-id-2
vivhDdLxIuRLTYl9zwL711OylaGh6q4GHpCbz5ezrYxRzHfJH47OY9TxrPrYD0TPA551E+GylgGw
fb_wh.js
j6g8i2b5.ssl.hwcdn.net/
9 KB
3 KB
Script
General
Full URL
https://j6g8i2b5.ssl.hwcdn.net/fb_wh.js
Requested by
Host: exact-offer.xyz
URL: https://exact-offer.xyz/chat?external_id=wbcuf0nar2mqvmmi2lil9rem&cost=&external_cid=b12060d5-e9c9-4b85-9eb5-b41285f82634&source=6efa2ba6-87c4-4bb2-b973-4ec73420e640&publisher=eran&placement=a67626a2&ts=c181ca30-04e8-4bfc-aa50-ac6cfc246e76&cid=8b6fd34c-5569-f705-1f17-d62a757242b1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
hwcdn.net
Software
WasabiS3/7.7.900-2022-08-19-6bff245bcf (head14) /
Resource Hash
3ed7fa93ef30b3bee1f9d9e498b53dcb8ffcc5c8eb9683ccc3c14b34a7c858ec

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Tue, 30 Aug 2022 22:00:45 GMT
Content-Encoding
gzip
Last-Modified
Sat, 13 Aug 2022 15:56:50 GMT
Server
WasabiS3/7.7.900-2022-08-19-6bff245bcf (head14)
x-amz-request-id
2EDA46EEE0622BD5
ETag
"51a2580d28f7101567c88e62119338b1"
X-HW
1661896845.dop223.pa1.t,1661896845.cds040.pa1.shn,1661896845.dop223.pa1.t,1661896845.cds030.pa1.c
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
2602
x-amz-id-2
jp1uGpz9f445mQRjojasXOvq9YODMUEeoTHwDe43PY7aMThMc6402Lhj76X1MfLr886gBnroQL0C
landed
trk.adnce.com/events/
0
64 B
Ping
General
Full URL
https://trk.adnce.com/events/landed
Requested by
Host: j6g8i2b5.ssl.hwcdn.net
URL: https://j6g8i2b5.ssl.hwcdn.net/5899cbfdfb42a10fc71439c795b3c9122854636f80c33e90409d3d76e0f1eb8c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
88.214.193.29 , United Kingdom, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 30 Aug 2022 22:00:45 GMT
content-length
0
content-type
application/json; charset=utf-8
2615b36b-fca2-49be-9bb0-f09597052e5d
trk.adnce.com/tracker/
0
217 B
Script
General
Full URL
https://trk.adnce.com/tracker/2615b36b-fca2-49be-9bb0-f09597052e5d?external_id=wbcuf0nar2mqvmmi2lil9rem&cost=&external_cid=b12060d5-e9c9-4b85-9eb5-b41285f82634&source=6efa2ba6-87c4-4bb2-b973-4ec73420e640&publisher=eran&placement=a67626a2&ts=c181ca30-04e8-4bfc-aa50-ac6cfc246e76&cid=8b6fd34c-5569-f705-1f17-d62a757242b1
Requested by
Host: exact-offer.xyz
URL: https://exact-offer.xyz/chat?external_id=wbcuf0nar2mqvmmi2lil9rem&cost=&external_cid=b12060d5-e9c9-4b85-9eb5-b41285f82634&source=6efa2ba6-87c4-4bb2-b973-4ec73420e640&publisher=eran&placement=a67626a2&ts=c181ca30-04e8-4bfc-aa50-ac6cfc246e76&cid=8b6fd34c-5569-f705-1f17-d62a757242b1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
88.214.193.29 , United Kingdom, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 30 Aug 2022 22:00:45 GMT
content-length
0
css2
fonts.googleapis.com/
4 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;500&display=swap
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3f8a233d057abaab43390e166b1525cc4821e863053e68d72fb4387c825f6110
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 30 Aug 2022 20:24:50 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 30 Aug 2022 22:00:45 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 30 Aug 2022 22:00:45 GMT
arrow-back-2x.png
d3rlh0lneatqqc.cloudfront.net/fb-chat/
276 B
663 B
Image
General
Full URL
https://d3rlh0lneatqqc.cloudfront.net/fb-chat/arrow-back-2x.png
Requested by
Host: exact-offer.xyz
URL: https://exact-offer.xyz/chat?external_id=wbcuf0nar2mqvmmi2lil9rem&cost=&external_cid=b12060d5-e9c9-4b85-9eb5-b41285f82634&source=6efa2ba6-87c4-4bb2-b973-4ec73420e640&publisher=eran&placement=a67626a2&ts=c181ca30-04e8-4bfc-aa50-ac6cfc246e76&cid=8b6fd34c-5569-f705-1f17-d62a757242b1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:5400:5:5907:a500:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
785f95b271eb1e0e2280329ebb8eb700afbf6c99430c743a52a09f82c2514a72

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 11:07:30 GMT
via
1.1 6e8224d5f2990b031ca60a58f18ac908.cloudfront.net (CloudFront)
last-modified
Tue, 03 Dec 2019 09:04:37 GMT
server
AmazonS3
age
7642396
etag
"af82283d1e25a5e034c15171120405cd"
x-cache
Hit from cloudfront
x-amz-version-id
3HYlq20m0BizhwgCjeiSqCei9HxV3evj
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA60-P2
accept-ranges
bytes
content-type
image/png
content-length
276
x-amz-cf-id
nNpyrT4dv27bAMaQLPGgyYIx_YpSSFMymoTn9JQQpujx9JDirhth1Q==
phone-icon-2x.png
d3rlh0lneatqqc.cloudfront.net/fb-chat/
362 B
749 B
Image
General
Full URL
https://d3rlh0lneatqqc.cloudfront.net/fb-chat/phone-icon-2x.png
Requested by
Host: exact-offer.xyz
URL: https://exact-offer.xyz/chat?external_id=wbcuf0nar2mqvmmi2lil9rem&cost=&external_cid=b12060d5-e9c9-4b85-9eb5-b41285f82634&source=6efa2ba6-87c4-4bb2-b973-4ec73420e640&publisher=eran&placement=a67626a2&ts=c181ca30-04e8-4bfc-aa50-ac6cfc246e76&cid=8b6fd34c-5569-f705-1f17-d62a757242b1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:5400:5:5907:a500:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b09979a1817a904d1b41a7ce0534a65169e03a8297b46e273aca7875b25ed2e8

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 11:07:30 GMT
via
1.1 6e8224d5f2990b031ca60a58f18ac908.cloudfront.net (CloudFront)
last-modified
Tue, 03 Dec 2019 09:04:38 GMT
server
AmazonS3
age
7642395
etag
"c9173c4e80bd783b6d178322e582eacf"
x-cache
Hit from cloudfront
x-amz-version-id
NOufki2ulJea5wZhYd_1vaXcZs_RSnBP
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA60-P2
accept-ranges
bytes
content-type
image/png
content-length
362
x-amz-cf-id
VyJuAC_YtFECaWgp6FM2O5KzAOYtrsaAf22GSMX2n4OKmgXofEb3fA==
information-icon-2x.png
d3rlh0lneatqqc.cloudfront.net/fb-chat/
290 B
679 B
Image
General
Full URL
https://d3rlh0lneatqqc.cloudfront.net/fb-chat/information-icon-2x.png
Requested by
Host: exact-offer.xyz
URL: https://exact-offer.xyz/chat?external_id=wbcuf0nar2mqvmmi2lil9rem&cost=&external_cid=b12060d5-e9c9-4b85-9eb5-b41285f82634&source=6efa2ba6-87c4-4bb2-b973-4ec73420e640&publisher=eran&placement=a67626a2&ts=c181ca30-04e8-4bfc-aa50-ac6cfc246e76&cid=8b6fd34c-5569-f705-1f17-d62a757242b1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:5400:5:5907:a500:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9da11b891e6a130d6ccace9947fe7b6c6eee816092c660ded093ba1f408aec4b

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 11:07:30 GMT
via
1.1 6e8224d5f2990b031ca60a58f18ac908.cloudfront.net (CloudFront)
last-modified
Tue, 03 Dec 2019 09:04:37 GMT
server
AmazonS3
age
7642395
etag
"0b09565feb1555b3b65d50fca47f6e2f"
x-cache
Hit from cloudfront
x-amz-version-id
aUESQyrgeOOhkS_zj8DiuVzOckRJbkBh
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA60-P2
accept-ranges
bytes
content-type
image/png
content-length
290
x-amz-cf-id
UyQHWKs_o---RtZlHev8U-PrQMZCWGjBsExHYeaF6x5huenUXBuomQ==
dots.png
d3rlh0lneatqqc.cloudfront.net/fb-chat/
370 B
758 B
Image
General
Full URL
https://d3rlh0lneatqqc.cloudfront.net/fb-chat/dots.png
Requested by
Host: exact-offer.xyz
URL: https://exact-offer.xyz/chat?external_id=wbcuf0nar2mqvmmi2lil9rem&cost=&external_cid=b12060d5-e9c9-4b85-9eb5-b41285f82634&source=6efa2ba6-87c4-4bb2-b973-4ec73420e640&publisher=eran&placement=a67626a2&ts=c181ca30-04e8-4bfc-aa50-ac6cfc246e76&cid=8b6fd34c-5569-f705-1f17-d62a757242b1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:5400:5:5907:a500:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6db28f7c67817aba1c6782156ae186a88d318d8f34e39964a28d9f1a06ab3a23

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 11:07:30 GMT
via
1.1 6e8224d5f2990b031ca60a58f18ac908.cloudfront.net (CloudFront)
last-modified
Tue, 03 Dec 2019 09:04:37 GMT
server
AmazonS3
age
7642396
etag
"914ce425b785e18e110c1a35b198e9b2"
x-cache
Hit from cloudfront
x-amz-version-id
IhGHMdMQCM8QbNJT2ICnCnQotmsGJ38q
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA60-P2
accept-ranges
bytes
content-type
image/png
content-length
370
x-amz-cf-id
RbPDx-ABepx0ANK7k_emrlY3JbbD2LFzD0Z5zrHBIDeWwM0TrRtDkw==
camera.png
d3rlh0lneatqqc.cloudfront.net/fb-chat/
413 B
801 B
Image
General
Full URL
https://d3rlh0lneatqqc.cloudfront.net/fb-chat/camera.png
Requested by
Host: exact-offer.xyz
URL: https://exact-offer.xyz/chat?external_id=wbcuf0nar2mqvmmi2lil9rem&cost=&external_cid=b12060d5-e9c9-4b85-9eb5-b41285f82634&source=6efa2ba6-87c4-4bb2-b973-4ec73420e640&publisher=eran&placement=a67626a2&ts=c181ca30-04e8-4bfc-aa50-ac6cfc246e76&cid=8b6fd34c-5569-f705-1f17-d62a757242b1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:5400:5:5907:a500:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
93f3118e58641bb6cd4e9b9d9cef8d4d60de39eb85d3e620dbacd240138cdb7c

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 11:07:30 GMT
via
1.1 6e8224d5f2990b031ca60a58f18ac908.cloudfront.net (CloudFront)
last-modified
Tue, 03 Dec 2019 09:04:37 GMT
server
AmazonS3
age
7642395
etag
"1c25fcf17664c088bf47f372cd50742a"
x-cache
Hit from cloudfront
x-amz-version-id
K5OHPWEoql8AQCCqsn.J5llLp_ahkB4O
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA60-P2
accept-ranges
bytes
content-type
image/png
content-length
413
x-amz-cf-id
L4v0zl21T6VaEdt8qN3xdcGlwYFurBQuRSfC_QjyHoAzaJRCHn771A==
picture.png
d3rlh0lneatqqc.cloudfront.net/fb-chat/
237 B
624 B
Image
General
Full URL
https://d3rlh0lneatqqc.cloudfront.net/fb-chat/picture.png
Requested by
Host: exact-offer.xyz
URL: https://exact-offer.xyz/chat?external_id=wbcuf0nar2mqvmmi2lil9rem&cost=&external_cid=b12060d5-e9c9-4b85-9eb5-b41285f82634&source=6efa2ba6-87c4-4bb2-b973-4ec73420e640&publisher=eran&placement=a67626a2&ts=c181ca30-04e8-4bfc-aa50-ac6cfc246e76&cid=8b6fd34c-5569-f705-1f17-d62a757242b1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:5400:5:5907:a500:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7b6c4fcd4f3afc2bf75d249c3657bd8421fbe5f5536b430d69f3ebae725f6493

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 11:07:30 GMT
via
1.1 6e8224d5f2990b031ca60a58f18ac908.cloudfront.net (CloudFront)
last-modified
Tue, 03 Dec 2019 09:04:38 GMT
server
AmazonS3
age
7642396
etag
"e71293166c7e04a1cc21e5eef80c5209"
x-cache
Hit from cloudfront
x-amz-version-id
mvmw1hpKWcvZPujkGIYn.E3a0OSV8PC6
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA60-P2
accept-ranges
bytes
content-type
image/png
content-length
237
x-amz-cf-id
ePdNQBecCJUbIk6rjSgvnCr-tPEa7LIiNV7GyFe5S5aoFw7Wd9JVeQ==
microphone.png
d3rlh0lneatqqc.cloudfront.net/fb-chat/
343 B
731 B
Image
General
Full URL
https://d3rlh0lneatqqc.cloudfront.net/fb-chat/microphone.png
Requested by
Host: exact-offer.xyz
URL: https://exact-offer.xyz/chat?external_id=wbcuf0nar2mqvmmi2lil9rem&cost=&external_cid=b12060d5-e9c9-4b85-9eb5-b41285f82634&source=6efa2ba6-87c4-4bb2-b973-4ec73420e640&publisher=eran&placement=a67626a2&ts=c181ca30-04e8-4bfc-aa50-ac6cfc246e76&cid=8b6fd34c-5569-f705-1f17-d62a757242b1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:5400:5:5907:a500:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
185db38521be96708101448521c1eb08b50d815f8a7e377048a1ce6544d7c340

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 11:07:30 GMT
via
1.1 6e8224d5f2990b031ca60a58f18ac908.cloudfront.net (CloudFront)
last-modified
Tue, 03 Dec 2019 09:04:37 GMT
server
AmazonS3
age
7642396
etag
"76fbf504747464c5efa85df8ec12cc58"
x-cache
Hit from cloudfront
x-amz-version-id
w3_.daCV20KIir1WnOpOOQ4I2RsPuVq8
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA60-P2
accept-ranges
bytes
content-type
image/png
content-length
343
x-amz-cf-id
7-S6OhjBSC1eHW6er4YTm5tENe0BOu2ndSzBd9ypLTkaiQQP7jJTcg==
thumb.png
d3rlh0lneatqqc.cloudfront.net/fb-chat/
380 B
770 B
Image
General
Full URL
https://d3rlh0lneatqqc.cloudfront.net/fb-chat/thumb.png
Requested by
Host: exact-offer.xyz
URL: https://exact-offer.xyz/chat?external_id=wbcuf0nar2mqvmmi2lil9rem&cost=&external_cid=b12060d5-e9c9-4b85-9eb5-b41285f82634&source=6efa2ba6-87c4-4bb2-b973-4ec73420e640&publisher=eran&placement=a67626a2&ts=c181ca30-04e8-4bfc-aa50-ac6cfc246e76&cid=8b6fd34c-5569-f705-1f17-d62a757242b1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:5400:5:5907:a500:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4ebf854c003212a7c06f650ce3fa1983578f90ce190a85c390b1c5dfb5d0051a

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 11:07:30 GMT
via
1.1 6e8224d5f2990b031ca60a58f18ac908.cloudfront.net (CloudFront)
last-modified
Tue, 03 Dec 2019 09:04:38 GMT
server
AmazonS3
age
7642396
etag
"058c4878c6f9e09a63aa6e5629790a50"
x-cache
Hit from cloudfront
x-amz-version-id
zkvhwMimPNyBwZKBF3yeSdfHiXeOIWd1
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA60-P2
accept-ranges
bytes
content-type
image/png
content-length
380
x-amz-cf-id
HRvfqKbu9cmq3bqsQ4gvmG9LMDV9IkZPIj-zvllIkt52FC2F9wGzIQ==
e785c839cb36d6c6410b8d70010d6fdb6a9d9df86d7f60c3cac5b8872cb24ea9.png
j6g8i2b5.ssl.hwcdn.net/
16 KB
16 KB
Image
General
Full URL
https://j6g8i2b5.ssl.hwcdn.net/e785c839cb36d6c6410b8d70010d6fdb6a9d9df86d7f60c3cac5b8872cb24ea9.png
Requested by
Host: exact-offer.xyz
URL: https://exact-offer.xyz/chat?external_id=wbcuf0nar2mqvmmi2lil9rem&cost=&external_cid=b12060d5-e9c9-4b85-9eb5-b41285f82634&source=6efa2ba6-87c4-4bb2-b973-4ec73420e640&publisher=eran&placement=a67626a2&ts=c181ca30-04e8-4bfc-aa50-ac6cfc246e76&cid=8b6fd34c-5569-f705-1f17-d62a757242b1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
hwcdn.net
Software
WasabiS3/7.7.900-2022-08-19-6bff245bcf (head11) /
Resource Hash
e785c839cb36d6c6410b8d70010d6fdb6a9d9df86d7f60c3cac5b8872cb24ea9

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Tue, 30 Aug 2022 22:00:45 GMT
Last-Modified
Sat, 13 Aug 2022 15:56:22 GMT
Server
WasabiS3/7.7.900-2022-08-19-6bff245bcf (head11)
x-amz-request-id
1F130581EE5E893F
ETag
"8fde31b9413eebdadf6e2aefe3286451"
X-HW
1661896845.dop223.pa1.t,1661896845.cds040.pa1.shn,1661896845.dop223.pa1.t,1661896845.cds240.pa1.c
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
16011
x-amz-id-2
5i2r7LxWcJT6IbRVRbDnxxm8y+sNdHvFIQdFdyWgkvwFXGvGv9nWFZ8/QgqsNgt5CRymvdf4wXlE
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/
16 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://exact-offer.xyz
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 12:56:05 GMT
x-content-type-options
nosniff
age
119080
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 29 Aug 2023 12:56:05 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://exact-offer.xyz
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 19:07:55 GMT
x-content-type-options
nosniff
age
96770
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 29 Aug 2023 19:07:55 GMT

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| sendEvent function| toOffer object| EndpointsProvider object| config object| DomainConfig function| metaTagRedirect function| sendSubscription function| urlBase64ToUint8Array function| subscribeWithServiceWorker function| getNotificationPermission boolean| ASK_NOTIFICATION_PERMISSION function| a0_0x5293 function| a0_0x19b1

8 Cookies

Domain/Path Name / Value
hostingoptimized.com/ Name: uid15295
Value: 1282851289-20220830180044-e875416958e2dba6ce4884083f39bfa4-
lynku.jukminung.com/ Name: AWSALB
Value: JaOpPXUIEhwVY7EVGaAonlLYSeqOV+U4KSU8r8bgg8CE8lZzi1FgBmsND3WfGj3RZdgOMHR7aDIl7DnwsPdPEwI9pjhYpMZZP9l76LezPfkIdTwQDdelCaMxSZH+
www.tgiory.com/ Name: AWSALB
Value: sqY7PZ6Wj0JVR12I5mB8kh1jeIZ7gLjYuWZAO6dsFnzUiww1XRFNjhS3UG+32ClYuqVH6yhu1+KANPuBU2rfVtFZpIKXjz/PWlmmZ+UYQyDD16nu5o3l3FeUUNYE
.perserymanked.com/ Name: b12060d5-e9c9-4b85-9eb5-b41285f82634-v4
Value: KNN5QCzqXBdoMFg_8D8wPevxMTAyeCmhaQ8EOIFjxvg
.perserymanked.com/ Name: cc-v4
Value: 3r9HDevSKIIsLD8QgMXsHbKQK%2FRvzv%2B0ILdRGatQi%2FLtt2Ud0SMg8yH0YzlUkMzYlsMV8pFrxVJvEF4zX0R88bW0FJ0towBQWugktFCsB7FxZ%2B81w%2F3ZCanKSdFtPiIRRfuNsZlHZTopOlhDPEwGig%3D%3D
.tgiory.com/ Name: __cf_bm
Value: GBstWid4cb2jQ_FwbQk0nZbUWkp2cnCsqn9fK3QO6ec-1661896845-0-Aeu3AvK0GkOAjBhuFStcdaRVvLkzjUXEp7XbKVc7BAAydKf07YpYIyELFuUbRYPk3fWpEw4JtVdV6Vme5Zad6VT+Z8zdbDy80RmFnOeqi2IB5hK3m7sCiEZjPznziNGpQg==
.adnce.com/ Name: click
Value: 1661896800-1-09643b23-54f9-4b31-bf5c-e860ac7fd970
.adnce.com/ Name: client
Value: ec599643-14b3-403d-9ad9-c1211ef019d5

1 Console Messages

Source Level URL
Text
network error URL: https://trk.adnce.com/events/landed
Message:
Failed to load resource: the server responded with a status of 500 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.addlnk.com
d3rlh0lneatqqc.cloudfront.net
exact-offer.xyz
fonts.googleapis.com
fonts.gstatic.com
hostingoptimized.com
j6g8i2b5.ssl.hwcdn.net
lynku.jukminung.com
perserymanked.com
trk.adnce.com
vps-85109737.vps.ovh.net
www.tgiory.com
18.158.88.249
2001:41d0:401:3000::361d
2600:9000:2250:5400:5:5907:a500:21
2606:4700:3032::6815:1cae
2606:4700:3033::6815:1446
2a00:1450:4001:829::2003
2a00:1450:4001:82b::200a
2a06:98c1:3121::3
69.16.175.10
81.145.240.126
88.214.193.29
185db38521be96708101448521c1eb08b50d815f8a7e377048a1ce6544d7c340
3ed7fa93ef30b3bee1f9d9e498b53dcb8ffcc5c8eb9683ccc3c14b34a7c858ec
3f8a233d057abaab43390e166b1525cc4821e863053e68d72fb4387c825f6110
45a6edea2f29eed61ac11544727cedb1c142486c70f792774f6e0ae17169af23
4ebf854c003212a7c06f650ce3fa1983578f90ce190a85c390b1c5dfb5d0051a
5899cbfdfb42a10fc71439c795b3c9122854636f80c33e90409d3d76e0f1eb8c
6db28f7c67817aba1c6782156ae186a88d318d8f34e39964a28d9f1a06ab3a23
7817748dc7354950bf4943388276db534474269c0cd0ed6a629841ca3d7b81a1
785f95b271eb1e0e2280329ebb8eb700afbf6c99430c743a52a09f82c2514a72
7b6c4fcd4f3afc2bf75d249c3657bd8421fbe5f5536b430d69f3ebae725f6493
8e2919440eac10da4bc3929466c076f3159cd564c9975afecf4b72138e4e37df
93f3118e58641bb6cd4e9b9d9cef8d4d60de39eb85d3e620dbacd240138cdb7c
9da11b891e6a130d6ccace9947fe7b6c6eee816092c660ded093ba1f408aec4b
9db627a287de781101fd40b0df6b920a0ac081f9e49ada278006c7c6fbaea411
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b09979a1817a904d1b41a7ce0534a65169e03a8297b46e273aca7875b25ed2e8
c6149e9d15c0898631e2e233fa4344ac98a940877b8a77b6ced6c752915972ec
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e785c839cb36d6c6410b8d70010d6fdb6a9d9df86d7f60c3cac5b8872cb24ea9
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615