extensiontwint.com Open in urlscan Pro
188.208.37.1 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://extensiontwint.com/bonus.php
Submission Tags: @phish_report
Submission: On July 12 via api (July 12th 2024, 2:37:01 am UTC) from FI — Scanned from FI

Summary HTTP 31 Redirects Links 1 Behaviour Indicators

Similar DOM Content API

Summary

This website contacted 4 IPs in 3 countries across 4 domains to perform 31 HTTP transactions. The main IP is 188.208.37.1, located in Belgium and belongs to COMBELL-AS, BE. The main domain is extensiontwint.com.
TLS certificate: Issued by R10 on June 12th 2024. Valid for: 3 months.

This is the only time extensiontwint.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
27	188.208.37.1 188.208.37.1		34762 (COMBELL-AS) (COMBELL-AS)
1	142.250.186.106 142.250.186.106		15169 (GOOGLE) (GOOGLE)
2	157.240.253.1 157.240.253.1		32934 (FACEBOOK) (FACEBOOK)
1	142.250.184.227 142.250.184.227		15169 (GOOGLE) (GOOGLE)
31	4

27 188.208.37.1 (Belgium)

ASN34762 (COMBELL-AS, BE)
PTR: 188.208.37.1.static.hosted.by.combell-ops.net

extensiontwint.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.106 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.253.1 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-fra5.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.227 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
27	extensiontwint.com extensiontwint.com	812 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 191	60 KB
1	gstatic.com fonts.gstatic.com	35 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 74	1 KB
31	4

	Domain	Requested by
27	extensiontwint.com	extensiontwint.com
2	connect.facebook.net	extensiontwint.com connect.facebook.net
1	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	extensiontwint.com
31	4

This site contains links to these domains. Also see Links.

Domain
auchan.leprodelatoiture.fr

Subject Issuer	Validity	Valid
extensiontwint.com R10	`2024-06-12` - `2024-09-10`	3 months	crt.sh
upload.video.google.com WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-04-20` - `2024-07-19`	3 months	crt.sh
*.gstatic.com WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://extensiontwint.com/bonus.php
Frame ID: 5B8AA947558D9714CF0B820AB5AD69BF
Requests: 31 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

BCI

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Slick (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

(?:/([\d.]+))?/slick(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

31
Requests

100 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

4
IPs

3
Countries

908 kB
Transfer

1578 kB
Size

0
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://auchan.leprodelatoiture.fr/pages/index

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

31 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request bonus.php Show response
extensiontwint.com/ 6 KB
2 KB 807ms
129ms Document
text/html 188.208.37.1
COMBELL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://extensiontwint.com/bonus.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 188.208.37.1 , Belgium, ASN34762 (COMBELL-AS, BE),
Reverse DNS: 188.208.37.1.static.hosted.by.combell-ops.net
Software: nginx /
Resource Hash: 65e49da237c39b7abab94eb8560cd6bd3357962d422c467fa5a8c70c828b56ef

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 12 Jul 2024 02:36:54 GMT
server: nginx

GET
H2 200 flaticon.css
extensiontwint.com/css/fonts/flaticon/ 1 KB
647 B 223ms
220ms Stylesheet
text/css 188.208.37.1
COMBELL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://extensiontwint.com/css/fonts/flaticon/flaticon.css
Requested by: Host: extensiontwint.com
URL: https://extensiontwint.com/bonus.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 188.208.37.1 , Belgium, ASN34762 (COMBELL-AS, BE),
Reverse DNS: 188.208.37.1.static.hosted.by.combell-ops.net
Software: nginx /
Resource Hash: 85a1749a38a81e8f29e6f7c7c764cf62816e8d5e6b0b1f15bab328ace1baba95

Request headers

Referer: https://extensiontwint.com/bonus.php
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Fri, 12 Jul 2024 02:36:54 GMT
content-encoding: br
last-modified: Wed, 26 Jun 2024 02:42:10 GMT
server: nginx
etag: W/"5a4-61bc1f60d6f86"
content-type: text/css

GET
H2 200 icofont.min.css
extensiontwint.com/css/fonts/icofont/ 8 KB
2 KB 223ms
220ms Stylesheet
text/css 188.208.37.1
COMBELL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://extensiontwint.com/css/fonts/icofont/icofont.min.css
Requested by: Host: extensiontwint.com
URL: https://extensiontwint.com/bonus.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 188.208.37.1 , Belgium, ASN34762 (COMBELL-AS, BE),
Reverse DNS: 188.208.37.1.static.hosted.by.combell-ops.net
Software: nginx /
Resource Hash: de1204e02081cdb4425c2f2903270cf300c88d04436c93935c772edb18e06cbd

Request headers

Referer: https://extensiontwint.com/bonus.php
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Fri, 12 Jul 2024 02:36:54 GMT
content-encoding: br
last-modified: Wed, 26 Jun 2024 02:42:11 GMT
server: nginx
etag: W/"1f83-61bc1f615b4a9"
content-type: text/css

GET
H2 200 fontawesome.min.css
extensiontwint.com/css/fonts/fontawesome/ 58 KB
14 KB 227ms
224ms Stylesheet
text/css 188.208.37.1
COMBELL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://extensiontwint.com/css/fonts/fontawesome/fontawesome.min.css
Requested by: Host: extensiontwint.com
URL: https://extensiontwint.com/bonus.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 188.208.37.1 , Belgium, ASN34762 (COMBELL-AS, BE),
Reverse DNS: 188.208.37.1.static.hosted.by.combell-ops.net
Software: nginx /
Resource Hash: 0edbc9e1a0c37ec2ed6caa693c30072ab3513ab1c125342b08867ec1a5663294

Request headers

Referer: https://extensiontwint.com/bonus.php
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Fri, 12 Jul 2024 02:36:54 GMT
content-encoding: br
last-modified: Wed, 26 Jun 2024 02:42:10 GMT
server: nginx
etag: W/"e704-61bc1f60a1dd4"
content-type: text/css

GET
H2 200 venobox.min.css
extensiontwint.com/css/vendor/venobox/ 18 KB
4 KB 267ms
265ms Stylesheet
text/css 188.208.37.1
COMBELL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://extensiontwint.com/css/vendor/venobox/venobox.min.css
Requested by: Host: extensiontwint.com
URL: https://extensiontwint.com/bonus.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 188.208.37.1 , Belgium, ASN34762 (COMBELL-AS, BE),
Reverse DNS: 188.208.37.1.static.hosted.by.combell-ops.net
Software: nginx /
Resource Hash: ef0f57883bd9da1adba102576681023a0de745ec3bfae4d44eaec89755e2d03a

Request headers

Referer: https://extensiontwint.com/bonus.php
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Fri, 12 Jul 2024 02:36:54 GMT
content-encoding: br
last-modified: Wed, 26 Jun 2024 02:42:13 GMT
server: nginx
etag: W/"4878-61bc1f6360de3"
content-type: text/css

GET
H2 200 slick.min.css
extensiontwint.com/css/vendor/slickslider/ 1 KB
679 B 272ms
270ms Stylesheet
text/css 188.208.37.1
COMBELL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://extensiontwint.com/css/vendor/slickslider/slick.min.css
Requested by: Host: extensiontwint.com
URL: https://extensiontwint.com/bonus.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 188.208.37.1 , Belgium, ASN34762 (COMBELL-AS, BE),
Reverse DNS: 188.208.37.1.static.hosted.by.combell-ops.net
Software: nginx /
Resource Hash: d397341c8b5d944c745076cf48f0e0294e5edea5ec11a6316b0d4f9ca990f9cc

Request headers

Referer: https://extensiontwint.com/bonus.php
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Fri, 12 Jul 2024 02:36:54 GMT
content-encoding: br
last-modified: Wed, 26 Jun 2024 02:42:13 GMT
server: nginx
etag: W/"535-61bc1f633856d"
content-type: text/css

GET
H2 200 nice-select.min.css
extensiontwint.com/css/vendor/niceselect/ 4 KB
1 KB 273ms
271ms Stylesheet
text/css 188.208.37.1
COMBELL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://extensiontwint.com/css/vendor/niceselect/nice-select.min.css
Requested by: Host: extensiontwint.com
URL: https://extensiontwint.com/bonus.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 188.208.37.1 , Belgium, ASN34762 (COMBELL-AS, BE),
Reverse DNS: 188.208.37.1.static.hosted.by.combell-ops.net
Software: nginx /
Resource Hash: 7e136ea85d48c147e478346d90175000401913a88120a51e22611c58a271a076

Request headers

Referer: https://extensiontwint.com/bonus.php
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Fri, 12 Jul 2024 02:36:54 GMT
content-encoding: br
last-modified: Wed, 26 Jun 2024 02:42:12 GMT
server: nginx
etag: W/"e9b-61bc1f6256c19"
content-type: text/css

GET
H2 200 bootstrap.min.css
extensiontwint.com/css/vendor/bootstrap/ 151 KB
29 KB 273ms
271ms Stylesheet
text/css 188.208.37.1
COMBELL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://extensiontwint.com/css/vendor/bootstrap/bootstrap.min.css
Requested by: Host: extensiontwint.com
URL: https://extensiontwint.com/bonus.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 188.208.37.1 , Belgium, ASN34762 (COMBELL-AS, BE),
Reverse DNS: 188.208.37.1.static.hosted.by.combell-ops.net
Software: nginx /
Resource Hash: bed292bfefe3855b877bf9162c4d6128645492db99b344db1d254010a5ce9f96

Request headers

Referer: https://extensiontwint.com/bonus.php
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Fri, 12 Jul 2024 02:36:54 GMT
content-encoding: br
last-modified: Wed, 26 Jun 2024 02:42:12 GMT
server: nginx
etag: W/"25bc9-61bc1f623ce05"
content-type: text/css

GET
H2 200 main.css
extensiontwint.com/css/ 103 KB
17 KB 312ms
310ms Stylesheet
text/css 188.208.37.1
COMBELL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://extensiontwint.com/css/main.css
Requested by: Host: extensiontwint.com
URL: https://extensiontwint.com/bonus.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 188.208.37.1 , Belgium, ASN34762 (COMBELL-AS, BE),
Reverse DNS: 188.208.37.1.static.hosted.by.combell-ops.net
Software: nginx /
Resource Hash: 9ea0568803184ad5980ff1199119d96cc770da7e9dee718a4e988011eb135e90

Request headers

Referer: https://extensiontwint.com/bonus.php
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Fri, 12 Jul 2024 02:36:54 GMT
content-encoding: br
last-modified: Wed, 26 Jun 2024 02:42:02 GMT
server: nginx
etag: W/"19a9e-61bc1f58c81a0"
content-type: text/css

GET
H2 200 index.css
extensiontwint.com/css/ 3 KB
1019 B 313ms
311ms Stylesheet
text/css 188.208.37.1
COMBELL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://extensiontwint.com/css/index.css
Requested by: Host: extensiontwint.com
URL: https://extensiontwint.com/bonus.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 188.208.37.1 , Belgium, ASN34762 (COMBELL-AS, BE),
Reverse DNS: 188.208.37.1.static.hosted.by.combell-ops.net
Software: nginx /
Resource Hash: e118100ad11e15eb57618aaa979323cc2e4f8f5a12e7977fd57e02e67b922345

Request headers

Referer: https://extensiontwint.com/bonus.php
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Fri, 12 Jul 2024 02:36:54 GMT
content-encoding: br
last-modified: Wed, 26 Jun 2024 02:42:01 GMT
server: nginx
etag: W/"a87-61bc1f582d12f"
content-type: text/css

GET
H2 200 user-auth.css
extensiontwint.com/css/ 3 KB
1 KB 313ms
312ms Stylesheet
text/css 188.208.37.1
COMBELL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://extensiontwint.com/css/user-auth.css
Requested by: Host: extensiontwint.com
URL: https://extensiontwint.com/bonus.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 188.208.37.1 , Belgium, ASN34762 (COMBELL-AS, BE),
Reverse DNS: 188.208.37.1.static.hosted.by.combell-ops.net
Software: nginx /
Resource Hash: 6850a8d9b4a8fd058174170e9fa8ebec12e4c8ac9f03a34907fb03b4e87f8288

Request headers

Referer: https://extensiontwint.com/bonus.php
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Fri, 12 Jul 2024 02:36:54 GMT
content-encoding: br
last-modified: Wed, 26 Jun 2024 02:42:06 GMT
server: nginx
etag: W/"bd9-61bc1f5cc4f94"
content-type: text/css

GET
H2 200 error.css
extensiontwint.com/css/ 628 B
470 B 312ms
311ms Stylesheet
text/css 188.208.37.1
COMBELL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://extensiontwint.com/css/error.css
Requested by: Host: extensiontwint.com
URL: https://extensiontwint.com/bonus.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 188.208.37.1 , Belgium, ASN34762 (COMBELL-AS, BE),
Reverse DNS: 188.208.37.1.static.hosted.by.combell-ops.net
Software: nginx /
Resource Hash: 73aa76d8830554e0e673bd439d866061b23ceaecf51c7976fcd529e2375926e5

Request headers

Referer: https://extensiontwint.com/bonus.php
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Fri, 12 Jul 2024 02:36:54 GMT
content-encoding: br
last-modified: Wed, 26 Jun 2024 02:42:01 GMT
server: nginx
etag: W/"274-61bc1f583985e"
content-type: text/css

GET
H2 200 logo.png
extensiontwint.com/img/ 51 KB
51 KB 314ms
312ms Image
image/png 188.208.37.1
COMBELL-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://extensiontwint.com/img/logo.png
Requested by: Host: extensiontwint.com
URL: https://extensiontwint.com/bonus.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 188.208.37.1 , Belgium, ASN34762 (COMBELL-AS, BE),
Reverse DNS: 188.208.37.1.static.hosted.by.combell-ops.net
Software: nginx /
Resource Hash: fc0ee11b3b7e0768387a1ffafe1d99ace69f013984a160cd507dcdf4f286400c

Request headers

Referer: https://extensiontwint.com/bonus.php
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Fri, 12 Jul 2024 02:36:54 GMT
last-modified: Wed, 26 Jun 2024 02:42:18 GMT
server: nginx
accept-ranges: bytes
etag: "cc92-61bc1f6794105"
content-length: 52370
content-type: image/png

GET
H2 200 error.png
extensiontwint.com/img/ 600 KB
601 KB 315ms
314ms Image
image/png 188.208.37.1
COMBELL-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://extensiontwint.com/img/error.png
Requested by: Host: extensiontwint.com
URL: https://extensiontwint.com/bonus.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 188.208.37.1 , Belgium, ASN34762 (COMBELL-AS, BE),
Reverse DNS: 188.208.37.1.static.hosted.by.combell-ops.net
Software: nginx /
Resource Hash: ad0fe22d917d6d0682f18a02bbdd83dfdb1aabd9a460d79e7c0de80089a34568

Request headers

Referer: https://extensiontwint.com/bonus.php
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Fri, 12 Jul 2024 02:36:54 GMT
last-modified: Wed, 26 Jun 2024 02:42:18 GMT
server: nginx
accept-ranges: bytes
etag: "960cc-61bc1f680c32a"
content-length: 614604
content-type: image/png

GET
H2 200 jquery-1.12.4.min.js Show response
extensiontwint.com/js/vendor/bootstrap/ 95 KB
38 KB 144ms
144ms Script
text/javascript 188.208.37.1
COMBELL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://extensiontwint.com/js/vendor/bootstrap/jquery-1.12.4.min.js
Requested by: Host: extensiontwint.com
URL: https://extensiontwint.com/bonus.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 188.208.37.1 , Belgium, ASN34762 (COMBELL-AS, BE),
Reverse DNS: 188.208.37.1.static.hosted.by.combell-ops.net
Software: nginx /
Resource Hash: 0fefb09eb1ecd74ca050c10d9ef909f6e5a26c8c8f8c52d0b4bc5ad8b329ed6f

Request headers

Referer: https://extensiontwint.com/bonus.php
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Fri, 12 Jul 2024 02:36:54 GMT
content-encoding: br
last-modified: Wed, 26 Jun 2024 02:42:22 GMT
server: nginx
etag: W/"17b8a-61bc1f6c2d10d"
content-type: text/javascript

GET
H2 200 popper.min.js Show response
extensiontwint.com/js/vendor/bootstrap/ 18 KB
7 KB 170ms
169ms Script
text/javascript 188.208.37.1
COMBELL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://extensiontwint.com/js/vendor/bootstrap/popper.min.js
Requested by: Host: extensiontwint.com
URL: https://extensiontwint.com/bonus.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 188.208.37.1 , Belgium, ASN34762 (COMBELL-AS, BE),
Reverse DNS: 188.208.37.1.static.hosted.by.combell-ops.net
Software: nginx /
Resource Hash: a8caa3ef54f21cd971f2ea91425a00f871d492a69a8814b5786bac39292d9cfd

Request headers

Referer: https://extensiontwint.com/bonus.php
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Fri, 12 Jul 2024 02:36:55 GMT
content-encoding: br
last-modified: Wed, 26 Jun 2024 02:42:23 GMT
server: nginx
etag: W/"4853-61bc1f6d20f5a"
content-type: text/javascript

GET
H2 200 bootstrap.min.js Show response
extensiontwint.com/js/vendor/bootstrap/ 60 KB
19 KB 161ms
160ms Script
text/javascript 188.208.37.1
COMBELL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://extensiontwint.com/js/vendor/bootstrap/bootstrap.min.js
Requested by: Host: extensiontwint.com
URL: https://extensiontwint.com/bonus.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 188.208.37.1 , Belgium, ASN34762 (COMBELL-AS, BE),
Reverse DNS: 188.208.37.1.static.hosted.by.combell-ops.net
Software: nginx /
Resource Hash: 1bbdb19132cece5103c0a2919e09320edc6687ab3879fc3bb1d28f0f0fa5d45f

Request headers

Referer: https://extensiontwint.com/bonus.php
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Fri, 12 Jul 2024 02:36:55 GMT
content-encoding: br
last-modified: Wed, 26 Jun 2024 02:42:23 GMT
server: nginx
etag: W/"f1c5-61bc1f6c551a2"
content-type: text/javascript

GET
H2 200 countdown.min.js Show response
extensiontwint.com/js/vendor/countdown/ 4 KB
2 KB 116ms
116ms Script
text/javascript 188.208.37.1
COMBELL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://extensiontwint.com/js/vendor/countdown/countdown.min.js
Requested by: Host: extensiontwint.com
URL: https://extensiontwint.com/bonus.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 188.208.37.1 , Belgium, ASN34762 (COMBELL-AS, BE),
Reverse DNS: 188.208.37.1.static.hosted.by.combell-ops.net
Software: nginx /
Resource Hash: 186b05ec66147582c64bd74e1a853ae2818b6604ca460c0c22996b987780e490

Request headers

Referer: https://extensiontwint.com/bonus.php
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Fri, 12 Jul 2024 02:36:55 GMT
content-encoding: br
last-modified: Wed, 26 Jun 2024 02:42:24 GMT
server: nginx
etag: W/"1046-61bc1f6d4f96e"
content-type: text/javascript

GET
H2 200 nice-select.min.js Show response
extensiontwint.com/js/vendor/niceselect/ 3 KB
1 KB 164ms
164ms Script
text/javascript 188.208.37.1
COMBELL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://extensiontwint.com/js/vendor/niceselect/nice-select.min.js
Requested by: Host: extensiontwint.com
URL: https://extensiontwint.com/bonus.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 188.208.37.1 , Belgium, ASN34762 (COMBELL-AS, BE),
Reverse DNS: 188.208.37.1.static.hosted.by.combell-ops.net
Software: nginx /
Resource Hash: 66bdef0724e5306421bcc7e0910e41b5645228119ad9096ca4a6099e48d94e6a

Request headers

Referer: https://extensiontwint.com/bonus.php
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Fri, 12 Jul 2024 02:36:55 GMT
content-encoding: br
last-modified: Wed, 26 Jun 2024 02:42:24 GMT
server: nginx
etag: W/"b7e-61bc1f6e22c59"
content-type: text/javascript

GET
H2 200 slick.min.js Show response
extensiontwint.com/js/vendor/slickslider/ 42 KB
12 KB 590ms
589ms Script
text/javascript 188.208.37.1
COMBELL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://extensiontwint.com/js/vendor/slickslider/slick.min.js
Requested by: Host: extensiontwint.com
URL: https://extensiontwint.com/bonus.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 188.208.37.1 , Belgium, ASN34762 (COMBELL-AS, BE),
Reverse DNS: 188.208.37.1.static.hosted.by.combell-ops.net
Software: nginx /
Resource Hash: 27bebe78e3b6a4b1664dd4fa83a8cd0187f051631a06248fefa3ef3991a5a92a

Request headers

Referer: https://extensiontwint.com/bonus.php
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Fri, 12 Jul 2024 02:36:55 GMT
content-encoding: br
last-modified: Wed, 26 Jun 2024 02:42:25 GMT
server: nginx
etag: W/"a76e-61bc1f6e6953d"
content-type: text/javascript

GET
H2 200 venobox.min.js Show response
extensiontwint.com/js/vendor/venobox/ 11 KB
4 KB 689ms
689ms Script
text/javascript 188.208.37.1
COMBELL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://extensiontwint.com/js/vendor/venobox/venobox.min.js
Requested by: Host: extensiontwint.com
URL: https://extensiontwint.com/bonus.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 188.208.37.1 , Belgium, ASN34762 (COMBELL-AS, BE),
Reverse DNS: 188.208.37.1.static.hosted.by.combell-ops.net
Software: nginx /
Resource Hash: e57dfebf1971dd64cfca73a9b2465e765aef0fe9f5c822d8253852fa13473f2d

Request headers

Referer: https://extensiontwint.com/bonus.php
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Fri, 12 Jul 2024 02:36:55 GMT
content-encoding: br
last-modified: Wed, 26 Jun 2024 02:42:25 GMT
server: nginx
etag: W/"2c5f-61bc1f6f26898"
content-type: text/javascript

GET
H2 404 nice-select.js
extensiontwint.com/js/ 0
0 403ms
402ms Script
text/html 188.208.37.1
COMBELL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://extensiontwint.com/js/nice-select.js
Requested by: Host: extensiontwint.com
URL: https://extensiontwint.com/bonus.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 188.208.37.1 , Belgium, ASN34762 (COMBELL-AS, BE),
Reverse DNS: 188.208.37.1.static.hosted.by.combell-ops.net
Software: nginx /
Resource Hash

Request headers

Referer: https://extensiontwint.com/bonus.php
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Fri, 12 Jul 2024 02:36:56 GMT
content-encoding: br
server: nginx
content-type: text/html; charset=iso-8859-1

GET
H2 404 countdown.js
extensiontwint.com/js/ 0
0 404ms
402ms Script
text/html 188.208.37.1
COMBELL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://extensiontwint.com/js/countdown.js
Requested by: Host: extensiontwint.com
URL: https://extensiontwint.com/bonus.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 188.208.37.1 , Belgium, ASN34762 (COMBELL-AS, BE),
Reverse DNS: 188.208.37.1.static.hosted.by.combell-ops.net
Software: nginx /
Resource Hash

Request headers

Referer: https://extensiontwint.com/bonus.php
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Fri, 12 Jul 2024 02:36:56 GMT
content-encoding: br
server: nginx
content-type: text/html; charset=iso-8859-1

GET
H2 404 accordion.js
extensiontwint.com/js/ 0
0 508ms
507ms Script
text/html 188.208.37.1
COMBELL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://extensiontwint.com/js/accordion.js
Requested by: Host: extensiontwint.com
URL: https://extensiontwint.com/bonus.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 188.208.37.1 , Belgium, ASN34762 (COMBELL-AS, BE),
Reverse DNS: 188.208.37.1.static.hosted.by.combell-ops.net
Software: nginx /
Resource Hash

Request headers

Referer: https://extensiontwint.com/bonus.php
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Fri, 12 Jul 2024 02:36:56 GMT
content-encoding: br
server: nginx
content-type: text/html; charset=iso-8859-1

GET
H2 404 venobox.js
extensiontwint.com/js/ 0
0 508ms
507ms Script
text/html 188.208.37.1
COMBELL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://extensiontwint.com/js/venobox.js
Requested by: Host: extensiontwint.com
URL: https://extensiontwint.com/bonus.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 188.208.37.1 , Belgium, ASN34762 (COMBELL-AS, BE),
Reverse DNS: 188.208.37.1.static.hosted.by.combell-ops.net
Software: nginx /
Resource Hash

Request headers

Referer: https://extensiontwint.com/bonus.php
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Fri, 12 Jul 2024 02:36:56 GMT
content-encoding: br
server: nginx
content-type: text/html; charset=iso-8859-1

GET
H2 404 slick.js
extensiontwint.com/js/ 0
0 616ms
615ms Script
text/html 188.208.37.1
COMBELL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://extensiontwint.com/js/slick.js
Requested by: Host: extensiontwint.com
URL: https://extensiontwint.com/bonus.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 188.208.37.1 , Belgium, ASN34762 (COMBELL-AS, BE),
Reverse DNS: 188.208.37.1.static.hosted.by.combell-ops.net
Software: nginx /
Resource Hash

Request headers

Referer: https://extensiontwint.com/bonus.php
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Fri, 12 Jul 2024 02:36:56 GMT
content-encoding: br
server: nginx
content-type: text/html; charset=iso-8859-1

GET
H2 200 main.js Show response
extensiontwint.com/js/ 3 KB
1018 B 725ms
724ms Script
text/javascript 188.208.37.1
COMBELL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://extensiontwint.com/js/main.js
Requested by: Host: extensiontwint.com
URL: https://extensiontwint.com/bonus.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 188.208.37.1 , Belgium, ASN34762 (COMBELL-AS, BE),
Reverse DNS: 188.208.37.1.static.hosted.by.combell-ops.net
Software: nginx /
Resource Hash: 8366bac2ce94ed22d692e6d6f189d44fd4d3a171f62158e971fb61024c2a5269

Request headers

Referer: https://extensiontwint.com/bonus.php
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Fri, 12 Jul 2024 02:36:56 GMT
content-encoding: br
last-modified: Wed, 26 Jun 2024 02:42:21 GMT
server: nginx
etag: W/"d32-61bc1f6aff4e9"
content-type: text/javascript

GET
H2 200 css2
fonts.googleapis.com/ 16 KB
1 KB 1161ms
530ms Stylesheet
text/css 142.250.186.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Rubik:wght@300;400;500;600;700;800;900&display=swap

Requested by

Host: extensiontwint.com
URL: https://extensiontwint.com/css/main.css

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f10.1e100.net

Software

ESF /

Resource Hash

9246a28b726f2cdfb64e720d53f35578c82b0351d258809beb568c71f1e4c5dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://extensiontwint.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

strict-transport-security: max-age=31536000
date: Fri, 12 Jul 2024 02:36:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
expires: Fri, 12 Jul 2024 02:36:55 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 223 KB
60 KB 1751ms
646ms Script
application/x-javascript 157.240.253.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: extensiontwint.com
URL: https://extensiontwint.com/bonus.php

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

157.240.253.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra5.fbcdn.net

Software

/

Resource Hash

c4832b19dd5406ac0855426096610e532861e94c65819651ada45299002455de

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://extensiontwint.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 12 Jul 2024 02:36:57 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 58653
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=44, rtx=0, c=14, mss=1392, tbw=2787, tp=-1, tpl=-1, uplat=1, ullat=-1
pragma: public
x-fb-debug: vldoowQUNq6FCnZx0Uo2oBEvRMGTE56D32vk2d0QeTiyVTqrNxdQjzNcRXJYqHvy/CBOb/dkdjmwGX7fgOrHVQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 iJWKBXyIfDnIV7nBrXyw023e.woff2
fonts.gstatic.com/s/rubik/v28/ 34 KB
35 KB 1848ms
652ms Font
font/woff2 142.250.184.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/rubik/v28/iJWKBXyIfDnIV7nBrXyw023e.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Rubik:wght@300;400;500;600;700;800;900&display=swap

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f3.1e100.net

Software

sffe /

Resource Hash

add2474dc337e3ccd718e7052da920b3aa81a274c599131ce65e376d9ba36623

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://extensiontwint.com
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 09 Jul 2024 09:57:32 GMT
x-content-type-options: nosniff
age: 232765
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35320
x-xss-protection: 0
last-modified: Thu, 29 Jun 2023 16:18:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 09 Jul 2025 09:57:32 GMT

GET
H2 200 1432820937327220
connect.facebook.net/signals/config/ 59 KB
0 330ms
329ms Script
application/x-javascript 157.240.253.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1432820937327220?v=2.9.161&r=stable&domain=extensiontwint.com&hme=e67e7d148043b3a377ad0eb1c82669792a67ba5e3bb5734b69e611ae38f939ca&ex_m=68%2C115%2C102%2C106%2C59%2C3%2C95%2C67%2C15%2C92%2C85%2C49%2C52%2C163%2C166%2C178%2C174%2C175%2C177%2C28%2C96%2C51%2C74%2C176%2C158%2C161%2C171%2C172%2C179%2C124%2C39%2C33%2C136%2C14%2C48%2C184%2C183%2C126%2C17%2C38%2C1%2C41%2C63%2C64%2C65%2C69%2C89%2C16%2C13%2C91%2C88%2C87%2C103%2C50%2C105%2C37%2C104%2C29%2C25%2C159%2C162%2C133%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C55%2C60%2C62%2C72%2C97%2C26%2C73%2C8%2C7%2C77%2C46%2C20%2C99%2C98%2C100%2C93%2C9%2C19%2C18%2C82%2C54%2C80%2C32%2C71%2C0%2C90%2C31%2C79%2C84%2C45%2C44%2C83%2C36%2C4%2C86%2C78%2C42%2C34%2C81%2C2%2C35%2C61%2C40%2C101%2C43%2C76%2C66%2C107%2C58%2C57%2C30%2C94%2C56%2C53%2C47%2C75%2C70%2C23%2C108

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

157.240.253.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra5.fbcdn.net

Software

/

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://extensiontwint.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 12 Jul 2024 02:36:59 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=50, rtx=0, c=58, mss=1392, tbw=64196, tp=-1, tpl=-1, uplat=139, ullat=0
pragma: public
x-fb-debug: moM1uMvvgLdStStlJqW2320m2427tNChNgvFKmOMgNvZzFUUZ1Lh03ZbdyPmycO7uaiH9ueOI+gx07BLMZWVqg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| fbq function| _fbq function| $ function| jQuery object| Popper number| uidEvent object| bootstrap object| jQuery112401929134396539205

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://extensiontwint.com/js/nice-select.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://extensiontwint.com/js/countdown.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://extensiontwint.com/js/accordion.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://extensiontwint.com/js/venobox.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://extensiontwint.com/js/slick.js Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

connect.facebook.net
extensiontwint.com
fonts.googleapis.com
fonts.gstatic.com
142.250.184.227
142.250.186.106
157.240.253.1
188.208.37.1
0edbc9e1a0c37ec2ed6caa693c30072ab3513ab1c125342b08867ec1a5663294
0fefb09eb1ecd74ca050c10d9ef909f6e5a26c8c8f8c52d0b4bc5ad8b329ed6f
186b05ec66147582c64bd74e1a853ae2818b6604ca460c0c22996b987780e490
1bbdb19132cece5103c0a2919e09320edc6687ab3879fc3bb1d28f0f0fa5d45f
27bebe78e3b6a4b1664dd4fa83a8cd0187f051631a06248fefa3ef3991a5a92a
65e49da237c39b7abab94eb8560cd6bd3357962d422c467fa5a8c70c828b56ef
66bdef0724e5306421bcc7e0910e41b5645228119ad9096ca4a6099e48d94e6a
6850a8d9b4a8fd058174170e9fa8ebec12e4c8ac9f03a34907fb03b4e87f8288
73aa76d8830554e0e673bd439d866061b23ceaecf51c7976fcd529e2375926e5
7e136ea85d48c147e478346d90175000401913a88120a51e22611c58a271a076
8366bac2ce94ed22d692e6d6f189d44fd4d3a171f62158e971fb61024c2a5269
85a1749a38a81e8f29e6f7c7c764cf62816e8d5e6b0b1f15bab328ace1baba95
9246a28b726f2cdfb64e720d53f35578c82b0351d258809beb568c71f1e4c5dc
9ea0568803184ad5980ff1199119d96cc770da7e9dee718a4e988011eb135e90
a8caa3ef54f21cd971f2ea91425a00f871d492a69a8814b5786bac39292d9cfd
ad0fe22d917d6d0682f18a02bbdd83dfdb1aabd9a460d79e7c0de80089a34568
add2474dc337e3ccd718e7052da920b3aa81a274c599131ce65e376d9ba36623
bed292bfefe3855b877bf9162c4d6128645492db99b344db1d254010a5ce9f96
c4832b19dd5406ac0855426096610e532861e94c65819651ada45299002455de
d397341c8b5d944c745076cf48f0e0294e5edea5ec11a6316b0d4f9ca990f9cc
de1204e02081cdb4425c2f2903270cf300c88d04436c93935c772edb18e06cbd
e118100ad11e15eb57618aaa979323cc2e4f8f5a12e7977fd57e02e67b922345
e57dfebf1971dd64cfca73a9b2465e765aef0fe9f5c822d8253852fa13473f2d
ef0f57883bd9da1adba102576681023a0de745ec3bfae4d44eaec89755e2d03a
fc0ee11b3b7e0768387a1ffafe1d99ace69f013984a160cd507dcdf4f286400c