urlscan.io logo urlscan.io
SecurityTrails logo

nngcu.speedoffered.com Open in urlscan Pro
144.202.71.48  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://storage.googleapis.com/hqyoqzatqthj/aemmfcylvxeo.html#34QMSS4UPGIW.34QMSS4UPGIW?fnx8qGcc1v9gcyDpKcdcTgctcH295l5cycbbb53
Effective URL: https://nngcu.speedoffered.com/t/9aa1b3eb815f/e2b4fc20-ccbb-11ee-a844-1bb8213d6c35/e2bd3f98-ccbb-11ee-ab24-bd5ac40ca9ac
Submission: On February 16 via manual from ES — Scanned from ES
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 4 countries across 8 domains to perform 13 HTTP transactions. The main IP is 144.202.71.48, located in Dallas, United States and belongs to AS-CHOOPA, US. The main domain is nngcu.speedoffered.com.
TLS certificate: Issued by R3 on February 8th 2024. Valid for: 3 months.
This is the only time nngcu.speedoffered.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 172.217.16.155 15169 (GOOGLE)
1 1 37.221.121.31 204843 (TR-STERLY...)
1 1 54.166.233.40 14618 (AMAZON-AES)
1 1 179.61.143.34 61317 (ASDETUK w...)
1 10 144.202.71.48 20473 (AS-CHOOPA)
1 142.250.185.74 15169 (GOOGLE)
1 104.17.24.14 13335 (CLOUDFLAR...)
1 142.250.185.67 15169 (GOOGLE)
13 5
1    172.217.16.155 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f27.1e100.net
storage.googleapis.com
1    37.221.121.31 (Bulgaria)

ASN204843 (TR-STERLY_VERI_MERKEZI_YAZILIM_VE_SIBER_GUVENLIK_HIZMETLERI_ANONIM_SIRKETI, TR)
PTR: peakwhiff.net
weatherthisday.com
1    54.166.233.40 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-166-233-40.compute-1.amazonaws.com
gmmltrk.com
1    179.61.143.34 (United Arab Emirates)

ASN61317 (ASDETUK www.heficed.com, US)
v5o.stabletestedlink.com
10    144.202.71.48 (Dallas, United States)

ASN20473 (AS-CHOOPA, US)
PTR: bwh7251.bitcoinwebhosting.net
nngcu.connectmyoffers.com
nngcu.speedoffered.com
1    142.250.185.74 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f10.1e100.net
fonts.googleapis.com
1    104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    142.250.185.67 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f3.1e100.net
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
9 speedoffered.com
nngcu.speedoffered.com
338 KB
2 googleapis.com
storage.googleapis.com — Cisco Umbrella Rank: 398
fonts.googleapis.com — Cisco Umbrella Rank: 48
1 KB
1 gstatic.com
fonts.gstatic.com
28 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 257
6 KB
1 connectmyoffers.com
nngcu.connectmyoffers.com
705 B
1 stabletestedlink.com
v5o.stabletestedlink.com
179 B
1 gmmltrk.com
gmmltrk.com
553 B
1 weatherthisday.com
weatherthisday.com
293 B
13 8
Domain Requested by
9 nngcu.speedoffered.com storage.googleapis.com
nngcu.speedoffered.com
1 fonts.gstatic.com fonts.googleapis.com
1 cdnjs.cloudflare.com nngcu.speedoffered.com
1 fonts.googleapis.com nngcu.speedoffered.com
1 nngcu.connectmyoffers.com 1 redirects
1 v5o.stabletestedlink.com 1 redirects
1 gmmltrk.com 1 redirects
1 weatherthisday.com 1 redirects
1 storage.googleapis.com
13 9

This site contains no links.

Subject Issuer Validity Valid
storage.googleapis.com
GTS CA 1C3		 2024-01-29 -
2024-04-22		 3 months crt.sh
speedoffered.com
R3		 2024-02-08 -
2024-05-08		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2024-01-29 -
2024-04-22		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-07-03 -
2024-07-02		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2024-01-29 -
2024-04-22		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://nngcu.speedoffered.com/t/9aa1b3eb815f/e2b4fc20-ccbb-11ee-a844-1bb8213d6c35/e2bd3f98-ccbb-11ee-ab24-bd5ac40ca9ac
Frame ID: 1EF739E61B12BA102032C101FE24DE62
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Opportunity Search

Page URL History Show full URLs

  1. https://storage.googleapis.com/hqyoqzatqthj/aemmfcylvxeo.html Page URL
  2. http://weatherthisday.com/anchor34QMSS4UPGIW.34QMSS4UPGIW?fnx8qGcc1v9gcyDpKcdcTgctcH295l5cycbbb53 HTTP 302
    https://gmmltrk.com/?a=27&oc=482&c=2489&m=2&s1=2_1054631_2761394&s2=2396_3138204_5125666_15&s3=8... HTTP 302
    https://v5o.stabletestedlink.com/?kw= HTTP 301
    https://nngcu.connectmyoffers.com/o/WEMETJTX HTTP 302
    https://nngcu.speedoffered.com/t/9aa1b3eb815f/e2b4fc20-ccbb-11ee-a844-1bb8213d6c35/e2bd3f98-ccbb-11ee-ab24-... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

13
Requests

100 %
HTTPS

0 %
IPv6

8
Domains

9
Subdomains

5
IPs

4
Countries

373 kB
Transfer

409 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://storage.googleapis.com/hqyoqzatqthj/aemmfcylvxeo.html Page URL
  2. http://weatherthisday.com/anchor34QMSS4UPGIW.34QMSS4UPGIW?fnx8qGcc1v9gcyDpKcdcTgctcH295l5cycbbb53 HTTP 302
    https://gmmltrk.com/?a=27&oc=482&c=2489&m=2&s1=2_1054631_2761394&s2=2396_3138204_5125666_15&s3=836134243_79-147-47-143&s5=m2uo3z HTTP 302
    https://v5o.stabletestedlink.com/?kw= HTTP 301
    https://nngcu.connectmyoffers.com/o/WEMETJTX HTTP 302
    https://nngcu.speedoffered.com/t/9aa1b3eb815f/e2b4fc20-ccbb-11ee-a844-1bb8213d6c35/e2bd3f98-ccbb-11ee-ab24-bd5ac40ca9ac Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
aemmfcylvxeo.html
storage.googleapis.com/hqyoqzatqthj/ 		112 B
586 B 		Document
General
Check archive.org
Download Go to
Full URL
https://storage.googleapis.com/hqyoqzatqthj/aemmfcylvxeo.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f27.1e100.net
Software
UploadServer /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
es-ES,es;q=0.9

Response headers

accept-ranges
bytes
age
3408
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-length
112
content-type
text/html
date
Fri, 16 Feb 2024 10:12:50 GMT
etag
"5ea8dcbdee457e4eecc460e5573da042"
expires
Fri, 16 Feb 2024 11:12:50 GMT
last-modified
Thu, 14 Apr 2022 11:29:51 GMT
server
UploadServer
x-goog-generation
1649935791079442
x-goog-hash
crc32c=m72cOA== md5=Xqjcve5Ffk7sxGDlVz2gQg==
x-goog-metageneration
1
x-goog-storage-class
STANDARD
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
112
x-guploader-uploadid
ABPtcPrsz8KqCttI87WZ5nJunAp3rHkknUN_OHNeSPDVVuDSAEbQdlG2uDVtaQ1ULZRPFJYm67_D4k9I6w
Primary Request e2bd3f98-ccbb-11ee-ab24-bd5ac40ca9ac
nngcu.speedoffered.com/t/9aa1b3eb815f/e2b4fc20-ccbb-11ee-a844-1bb8213d6c35/
Redirect Chain
  • http://weatherthisday.com/anchor34QMSS4UPGIW.34QMSS4UPGIW?fnx8qGcc1v9gcyDpKcdcTgctcH295l5cycbbb53
  • https://gmmltrk.com/?a=27&oc=482&c=2489&m=2&s1=2_1054631_2761394&s2=2396_3138204_5125666_15&s3=836134243_79-147-47-143&s5=m2uo3z
  • https://v5o.stabletestedlink.com/?kw=
  • https://nngcu.connectmyoffers.com/o/WEMETJTX
  • https://nngcu.speedoffered.com/t/9aa1b3eb815f/e2b4fc20-ccbb-11ee-a844-1bb8213d6c35/e2bd3f98-ccbb-11ee-ab24-bd5ac40ca9ac
8 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://nngcu.speedoffered.com/t/9aa1b3eb815f/e2b4fc20-ccbb-11ee-a844-1bb8213d6c35/e2bd3f98-ccbb-11ee-ab24-bd5ac40ca9ac
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/hqyoqzatqthj/aemmfcylvxeo.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
144.202.71.48 Dallas, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
bwh7251.bitcoinwebhosting.net
Software
swoole-http-server /
Resource Hash
45a9d4aa905140d577652b5f78972f08c03b41bc8a50d8696ff2cccd21142228
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://storage.googleapis.com/hqyoqzatqthj/aemmfcylvxeo.html#34QMSS4UPGIW.34QMSS4UPGIW?fnx8qGcc1v9gcyDpKcdcTgctcH295l5cycbbb53
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
es-ES,es;q=0.9

Response headers

cache-control
no-cache, private
content-encoding
br
content-length
3137
content-type
text/html; charset=UTF-8
date
Fri, 16 Feb 2024 11:09:44 GMT
server
swoole-http-server
strict-transport-security
max-age=15768000
x-redir
true

Redirect headers

cache-control
no-cache, private
content-encoding
br
content-length
280
content-type
text/html; charset=UTF-8
date
Fri, 16 Feb 2024 11:09:43 GMT
location
https://nngcu.speedoffered.com/t/9aa1b3eb815f/e2b4fc20-ccbb-11ee-a844-1bb8213d6c35/e2bd3f98-ccbb-11ee-ab24-bd5ac40ca9ac
server
swoole-http-server
strict-transport-security
max-age=15768000
x-redir
true
style.css
nngcu.speedoffered.com/templates/templates/opportunity_themes/css/ 		7 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nngcu.speedoffered.com/templates/templates/opportunity_themes/css/style.css
Requested by
Host: nngcu.speedoffered.com
URL: https://nngcu.speedoffered.com/t/9aa1b3eb815f/e2b4fc20-ccbb-11ee-a844-1bb8213d6c35/e2bd3f98-ccbb-11ee-ab24-bd5ac40ca9ac
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
144.202.71.48 Dallas, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
bwh7251.bitcoinwebhosting.net
Software
swoole-http-server /
Resource Hash
3e9e92a2c92ee923648445212bb4a83511593efc699f50d8205c354d5260aab1
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
es-ES,es;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Fri, 16 Feb 2024 01:06:49 GMT
via
1.1 varnish (Varnish/7.3)
strict-transport-security
max-age=15768000
server
swoole-http-server
age
36175
x-varnish
434417 196639
content-type
text/css
accept-ranges
bytes
content-length
7595
app-96551fdc.css
nngcu.speedoffered.com/build/assets/ 		37 KB
37 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nngcu.speedoffered.com/build/assets/app-96551fdc.css
Requested by
Host: nngcu.speedoffered.com
URL: https://nngcu.speedoffered.com/t/9aa1b3eb815f/e2b4fc20-ccbb-11ee-a844-1bb8213d6c35/e2bd3f98-ccbb-11ee-ab24-bd5ac40ca9ac
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
144.202.71.48 Dallas, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
bwh7251.bitcoinwebhosting.net
Software
swoole-http-server /
Resource Hash
96551fdc589d4d84ef73a9beef052ee8f33519d4187b7c1c5bc996140c29674a
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
es-ES,es;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Fri, 16 Feb 2024 01:06:49 GMT
via
1.1 varnish (Varnish/7.3)
strict-transport-security
max-age=15768000
server
swoole-http-server
age
36175
x-varnish
333659 491526
content-type
text/css
accept-ranges
bytes
content-length
37870
app-0fc6666a.js
nngcu.speedoffered.com/build/assets/ 		40 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nngcu.speedoffered.com/build/assets/app-0fc6666a.js
Requested by
Host: nngcu.speedoffered.com
URL: https://nngcu.speedoffered.com/t/9aa1b3eb815f/e2b4fc20-ccbb-11ee-a844-1bb8213d6c35/e2bd3f98-ccbb-11ee-ab24-bd5ac40ca9ac
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
144.202.71.48 Dallas, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
bwh7251.bitcoinwebhosting.net
Software
swoole-http-server /
Resource Hash
9772a2fbaf5b0a2b78fd4f598c56e0f2b64038df1dd615500deaaffc488752eb
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
Origin
https://nngcu.speedoffered.com
accept-language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Fri, 16 Feb 2024 01:06:49 GMT
via
1.1 varnish (Varnish/7.3)
strict-transport-security
max-age=15768000
server
swoole-http-server
age
36175
x-varnish
468455 360455
content-type
application/javascript
accept-ranges
bytes
content-length
40602
service-worker-allowed
/
css2
fonts.googleapis.com/ 		2 KB
907 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Quicksand:wght@400;700&display=swap
Requested by
Host: nngcu.speedoffered.com
URL: https://nngcu.speedoffered.com/t/9aa1b3eb815f/e2b4fc20-ccbb-11ee-a844-1bb8213d6c35/e2bd3f98-ccbb-11ee-ab24-bd5ac40ca9ac
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.74 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f10.1e100.net
Software
ESF /
Resource Hash
b16a2a13d4ab55ef39042b40c65f72ecd15aa828cdfbad45949d262685a323cd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
es-ES,es;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 16 Feb 2024 11:09:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 16 Feb 2024 10:54:25 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 16 Feb 2024 11:09:45 GMT
font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 		30 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: nngcu.speedoffered.com
URL: https://nngcu.speedoffered.com/t/9aa1b3eb815f/e2b4fc20-ccbb-11ee-a844-1bb8213d6c35/e2bd3f98-ccbb-11ee-ab24-bd5ac40ca9ac
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
es-ES,es;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Fri, 16 Feb 2024 11:09:45 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
6757428
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
5631
last-modified
Mon, 04 May 2020 16:10:07 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e5f-7918"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oPl%2FcVUMzaKzCP0LBabDyJZXMrlLCWLEpZPxRQwffd2kH%2Br20pFR6JXRihJPsTH3pUuCQJeI6KfNIpelRICO6IqN%2F0Lp%2F1iXu0gsBvMUZ%2BK3lCDGP6DAOAF8W%2B5DWIEtVbP0DzIJ"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
856557169f3986c9-MAD
expires
Wed, 05 Feb 2025 11:09:45 GMT
push_na_push.js
nngcu.speedoffered.com/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nngcu.speedoffered.com/push_na_push.js?aff_id=1163&custom=v2&s2=e39ce4a4-ccbb-11ee-83cb-75e3c2cd36c0
Requested by
Host: nngcu.speedoffered.com
URL: https://nngcu.speedoffered.com/t/9aa1b3eb815f/e2b4fc20-ccbb-11ee-a844-1bb8213d6c35/e2bd3f98-ccbb-11ee-ab24-bd5ac40ca9ac
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
144.202.71.48 Dallas, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
bwh7251.bitcoinwebhosting.net
Software
swoole-http-server /
Resource Hash
dfd86aa7fdc92ffce21870865494e92b39040a8a04c99d2ad996f4512eab2d9e
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
es-ES,es;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Fri, 16 Feb 2024 11:09:45 GMT
content-encoding
gzip
via
1.1 varnish (Varnish/7.3)
strict-transport-security
max-age=15768000
server
swoole-http-server
age
0
vary
Accept-Encoding
content-type
application/javascript
x-varnish
990368
x-redir
true
cache-control
no-cache, private
accept-ranges
bytes
content-length
782
service-worker-allowed
/
finder-logo-casino.png
nngcu.speedoffered.com/templates/templates/opportunity_themes/img/ 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nngcu.speedoffered.com/templates/templates/opportunity_themes/img/finder-logo-casino.png
Requested by
Host: nngcu.speedoffered.com
URL: https://nngcu.speedoffered.com/t/9aa1b3eb815f/e2b4fc20-ccbb-11ee-a844-1bb8213d6c35/e2bd3f98-ccbb-11ee-ab24-bd5ac40ca9ac
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
144.202.71.48 Dallas, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
bwh7251.bitcoinwebhosting.net
Software
swoole-http-server /
Resource Hash
407f2b116d25634c81824006fb0312a53cadad5e45fef0fdd9d254b8b3008e7f
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
es-ES,es;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Fri, 16 Feb 2024 01:06:49 GMT
via
1.1 varnish (Varnish/7.3)
strict-transport-security
max-age=15768000
server
swoole-http-server
age
36175
x-varnish
468457 524301
content-type
image/png
accept-ranges
bytes
content-length
36675
300x200.jpg
nngcu.speedoffered.com/media/template-images/revolution-white-background/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nngcu.speedoffered.com/media/template-images/revolution-white-background/300x200.jpg
Requested by
Host: nngcu.speedoffered.com
URL: https://nngcu.speedoffered.com/t/9aa1b3eb815f/e2b4fc20-ccbb-11ee-a844-1bb8213d6c35/e2bd3f98-ccbb-11ee-ab24-bd5ac40ca9ac
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
144.202.71.48 Dallas, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
bwh7251.bitcoinwebhosting.net
Software
AmazonS3 /
Resource Hash
3e1a879bfa73de7eb7c6307920a215516015bd7d0d841601bd57542cc3e91c93
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
es-ES,es;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Fri, 16 Feb 2024 01:06:50 GMT
via
1.1 varnish (Varnish/7.3)
strict-transport-security
max-age=15768000
last-modified
Mon, 11 Dec 2023 18:12:55 GMT
server
AmazonS3
age
36175
etag
"dfffe66be881eeeb0f2c189774442b4b"
x-amz-server-side-encryption
AES256
content-type
image/jpeg
x-varnish
990371 491528
cache-control
max-age=604800
accept-ranges
bytes
content-length
8346
push_proxnapush.js
nngcu.speedoffered.com/ 		17 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nngcu.speedoffered.com/push_proxnapush.js?v=1&custom=true
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/hqyoqzatqthj/aemmfcylvxeo.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
144.202.71.48 Dallas, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
bwh7251.bitcoinwebhosting.net
Software
swoole-http-server /
Resource Hash
d97140baac38de7446121bd7fd8c6fd76194281fa0a9e4f1c636ce1cc1a0babe
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
es-ES,es;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Fri, 16 Feb 2024 01:07:32 GMT
content-encoding
gzip
via
1.1 varnish (Varnish/7.3)
strict-transport-security
max-age=15768000
server
swoole-http-server
age
36133
vary
Accept-Encoding
content-type
application/javascript
x-varnish
468458 163869
x-redir
true
cache-control
no-cache, private
accept-ranges
bytes
content-length
8973
service-worker-allowed
/
casino-bg.png
nngcu.speedoffered.com/templates/templates/opportunity_themes/img/ 		195 KB
195 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nngcu.speedoffered.com/templates/templates/opportunity_themes/img/casino-bg.png
Requested by
Host: nngcu.speedoffered.com
URL: https://nngcu.speedoffered.com/templates/templates/opportunity_themes/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
144.202.71.48 Dallas, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
bwh7251.bitcoinwebhosting.net
Software
swoole-http-server /
Resource Hash
ca23a9beb0ea2e71d1fe8764af7388e529fcaed54ffcbec61b37546066c36bd7
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://nngcu.speedoffered.com/templates/templates/opportunity_themes/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Fri, 16 Feb 2024 01:06:50 GMT
via
1.1 varnish (Varnish/7.3)
strict-transport-security
max-age=15768000
server
swoole-http-server
age
36175
x-varnish
271639 491532
content-type
image/png
accept-ranges
bytes
content-length
199203
6xKtdSZaM9iE8KbpRA_hK1QN.woff2
fonts.gstatic.com/s/quicksand/v31/ 		27 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/quicksand/v31/6xKtdSZaM9iE8KbpRA_hK1QN.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Quicksand:wght@400;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f3.1e100.net
Software
sffe /
Resource Hash
5a42c91e1ecc9b09346a1520d9a6f98074c13eebfb1cc87c4e82e5992beb685b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://nngcu.speedoffered.com
accept-language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 06:25:33 GMT
x-content-type-options
nosniff
age
189853
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28064
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 23:22:14 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 13 Feb 2025 06:25:33 GMT

Verdicts & Comments Add Verdict or Comment

82 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| _at function| setClass function| transform object| Alpine function| _NeptuneAdsPushDeferred function| getUrlVars function| urlBase64ToUint8Array function| _NeptuneAdsPushGetDeviceType function| _NeptuneAdsPushGetPageDetails function| _NeptuneAdsPushGetReferrer function| _NeptuneAdsPushGetLanguage function| _NeptuneAdsPushGetResolution function| _NeptuneAdsPushGetBrowserInfo function| _NeptuneAdsPushGetSystemInfo function| _NeptuneAdsPushInitialize function| _NeptuneAdsPushGetSiteConfig function| _NeptuneAdsPushLoadPrompt function| _NeptuneAdsPushPromptApprove function| _NeptuneAdsPushPromptDeny function| _NeptuneAdsPushPromptCancel function| _NeptuneAdsPushRemovePoweredBy function| _NeptuneAdsPushShowPoweredBy function| _NeptuneAdsPushGetSubscriberID function| _NeptuneAdsPushSendTrackData function| _NeptuneAdsPushGetSubscriberIDFromToken function| _NeptuneAdsPushGenerateID function| _NeptuneAdsPushGetCookie function| _NeptuneAdsPushSetCookie function| _NeptuneAdsPushDeleteCookie function| _NeptuneAdsPushTrackAttributes function| _NeptuneAdsPushOptInResponse function| _NeptuneAdsPushPrompt function| _NeptuneAdsPushTrackEvent function| _NeptuneAdsPushAbandonedCart function| _NeptuneAdsPushGetPushToken function| _NeptuneAdsPushSupportsPush function| _NeptuneAdsPushCheckHTTPS function| _NeptuneAdsPushCheckPermissions function| _NeptuneAdsPushRunNative function| _NeptuneAdsPushSafariRun function| _NeptuneAdsPushChromeRun function| _NeptuneAdsPushSubscribe function| _NeptuneAdsPushExtractSubscriptionId function| _NeptuneAdsPushSendSubscriptionToServer function| _NeptuneAdsPushRegisterWorker function| _NeptuneAdsPushFetchSubscriberIDFromWorker function| _NeptuneAdsPushConsoleOutput function| _NeptuneAdsPushSendWorkerMessage function| _NeptuneAdsPushLoad string| domain string| owner string| idSite boolean| showDebug boolean| subscriberID_existed undefined| _NeptuneAdsPushPushToken string| _NeptuneAdsPushSubscriberID undefined| _NeptuneAdsPushCallResponse object| trackData string| currentPage string| _NeptuneAdsPushAPI boolean| _NeptuneAdsPushRanScript undefined| webURL undefined| logid string| uid number| width number| height object| browserInfo object| systemInfo object| refUrl object| refName object| referrer string| pageTitle string| pageURL object| pageDetails string| curPageURL string| configPageURL number| promptId number| auto_prompt object| powered_browserinfo string| powered_devicetype string| powered_top string| powered_left

5 Cookies

Domain/Path Name / Value
.gmmltrk.com/ Name: sid
Value: KusA9cKXnPN0yCD1XYJm4XlEdTUXlCuUrRa9kS/ZgtFemr7W3LSsmw==
.gmmltrk.com/ Name: trk
Value: tSqa3+pYHRl0yCD1XYJm4XlEdTUXlCuUrRa9kS/ZgtFemr7W3LSsmw==
nngcu.connectmyoffers.com/ Name: yredir_session
Value: eyJpdiI6IlgvM3FVaWJCMTZMU3g1WVhVNkVsUmc9PSIsInZhbHVlIjoiTS9kUStvOEhUa1ViNERZS2lqOFhtYVBOS0IzMnVIeVdzenVieDVjMExrTlVHOGx4anl5WEZYZlpnY0ZMQk54TUV4NUlDdjY5WithWWs2dnc4M0QxTHVwbWlVci94ZXRXY2YwMVN5WW5NWnZEdHFZTjQybWV5MTdJbnd6TUZoLy8iLCJtYWMiOiJiZmJhMGE5MmRhNDAxOWYzYWM4NDc4Zjk3OGMwYzZlYjZjYjc0YmJlN2U3YTgzOTA2ZDM4ZDM3MzhkYWVhN2JlIiwidGFnIjoiIn0%3D
nngcu.speedoffered.com/ Name: yredir_session
Value: eyJpdiI6IjlPc2MvMHZkbW9LTFBNQmhYQmJHdGc9PSIsInZhbHVlIjoiQTE0R2k4UG53V1pHKzFDVndjVWFaTlNtYWRwQnZtRENDVWJDays0Rk9WL1A4cDc2aFA0SEVxbTg2Rk5kaHVmUGpVK1laNTdDenpkeGw0WEhjQ0JJVXBGSWZKZTdHeUVmMmJYYUtkOElEV1VuWFF3QmxzbU56Y2NZemMrY1pPb28iLCJtYWMiOiJkZTk0NDMxZDc4ODc4MjIwOWI4NTcxN2M0ZDAzYmE5MzY5MTM4OGJhMWFiNmY0OTY5ZDAxYWRlZGJjZjM1ODMwIiwidGFnIjoiIn0%3D
nngcu.speedoffered.com/ Name: _NeptuneAdsPushSubscriberID
Value: da4ea575-e40f-1246-e35e-e541bda77f67

1 Console Messages

Source Level URL
Text
other error URL: https://nngcu.speedoffered.com/t/9aa1b3eb815f/e2b4fc20-ccbb-11ee-a844-1bb8213d6c35/e2bd3f98-ccbb-11ee-ab24-bd5ac40ca9ac
Message:
Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.