festiveoffer.xyz Open in urlscan Pro
104.21.57.121 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://festiveoffer.xyz/?fbclid=IwAR3oWH35fhE354wAx6Vko2F-pkBFjJ5gGO7TvUtvfiMpW-Gy7D2fn_wUf8Y_aem_AS6ZRvQkYX5IYqjo7ayo2X...
Submission Tags: @phish_report
Submission: On March 14 via api (March 14th 2024, 1:35:59 am UTC) from FI — Scanned from FI

Summary HTTP 7 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 3 domains to perform 7 HTTP transactions. The main IP is 104.21.57.121, located in and belongs to CLOUDFLARENET, US. The main domain is festiveoffer.xyz.
TLS certificate: Issued by GTS CA 1P5 on March 8th 2024. Valid for: 3 months.

This is the only time festiveoffer.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
5	104.21.57.121 104.21.57.121	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.186.168 142.250.186.168	15169 (GOOGLE) (GOOGLE)
1	216.239.32.36 216.239.32.36	15169 (GOOGLE) (GOOGLE)
7	4

5 104.21.57.121 (None, )

ASN13335 (CLOUDFLARENET, US)

festiveoffer.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.168 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.239.32.36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	festiveoffer.xyz festiveoffer.xyz	701 KB
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2089	255 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 40	91 KB
7	3

	Domain	Requested by
5	festiveoffer.xyz	festiveoffer.xyz
1	region1.google-analytics.com	www.googletagmanager.com
1	www.googletagmanager.com	festiveoffer.xyz
7	3

This site contains no links.

Subject Issuer	Validity	Valid
festiveoffer.xyz GTS CA 1P5	`2024-03-08` - `2024-06-06`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://festiveoffer.xyz/?fbclid=IwAR3oWH35fhE354wAx6Vko2F-pkBFjJ5gGO7TvUtvfiMpW-Gy7D2fn_wUf8Y_aem_AS6ZRvQkYX5IYqjo7ayo2XJ-sesKI9gFB7wrYSqE4U5cnG8nZlKYtVKq6CZ_YfPLtzyALlV_6Mc3Jd5BQw_AQwEm
Frame ID: CE200FCFE5A0EC880DEFD9F8927A014C
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Phonepe Cashback festive

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

7
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

4
IPs

2
Countries

793 kB
Transfer

1053 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

7 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
festiveoffer.xyz/ 78 KB
45 KB 904ms
404ms Document
text/html 104.21.57.121
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://festiveoffer.xyz/?fbclid=IwAR3oWH35fhE354wAx6Vko2F-pkBFjJ5gGO7TvUtvfiMpW-Gy7D2fn_wUf8Y_aem_AS6ZRvQkYX5IYqjo7ayo2XJ-sesKI9gFB7wrYSqE4U5cnG8nZlKYtVKq6CZ_YfPLtzyALlV_6Mc3Jd5BQw_AQwEm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.57.121 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/8.0.30

Resource Hash

b257c9639db04d74e024b83cc74273a7272539535eac305d57d5c8bc55820dde

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8640879efc07366c-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 14 Mar 2024 01:35:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer-when-downgrade
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JLAMwYQRCTpOXUvURc3eAvyoT35KeTxE4lGKibDp2QDcgdQgDe4yvPjpwQQ3CZZapI%2F4yVTu1ceXousxAz8%2Fn30%2Bcl7a2muX5AmW320QnqADFL96AveAnKWfpJpy9aRE0ZVv"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload;
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-powered-by: PHP/8.0.30
x-turbo-charged-by: LiteSpeed
x-xss-protection: 1; mode=block

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 269 KB
91 KB 515ms
87ms Script
application/javascript 142.250.186.168
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-V801SBN07C

Requested by

Host: festiveoffer.xyz
URL: https://festiveoffer.xyz/?fbclid=IwAR3oWH35fhE354wAx6Vko2F-pkBFjJ5gGO7TvUtvfiMpW-Gy7D2fn_wUf8Y_aem_AS6ZRvQkYX5IYqjo7ayo2XJ-sesKI9gFB7wrYSqE4U5cnG8nZlKYtVKq6CZ_YfPLtzyALlV_6Mc3Jd5BQw_AQwEm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.168 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

59c10eaa339a4ff217f8da38fabac3c80bace41b370f0ac9ad420d26b885cbb1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://festiveoffer.xyz/?fbclid=IwAR3oWH35fhE354wAx6Vko2F-pkBFjJ5gGO7TvUtvfiMpW-Gy7D2fn_wUf8Y_aem_AS6ZRvQkYX5IYqjo7ayo2XJ-sesKI9gFB7wrYSqE4U5cnG8nZlKYtVKq6CZ_YfPLtzyALlV_6Mc3Jd5BQw_AQwEm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 01:35:55 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 93174
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 14 Mar 2024 01:35:55 GMT

GET
H2 200 style.css
festiveoffer.xyz/img/ 2 KB
908 B 62ms
61ms Stylesheet
text/css 104.21.57.121
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://festiveoffer.xyz/img/style.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.57.121 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3a3b96acf4cbef4d02e4d30309340c619634f132ea1f792f8e6dc522dd43505f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://festiveoffer.xyz/?fbclid=IwAR3oWH35fhE354wAx6Vko2F-pkBFjJ5gGO7TvUtvfiMpW-Gy7D2fn_wUf8Y_aem_AS6ZRvQkYX5IYqjo7ayo2XJ-sesKI9gFB7wrYSqE4U5cnG8nZlKYtVKq6CZ_YfPLtzyALlV_6Mc3Jd5BQw_AQwEm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 01:35:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload;
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 36169
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 11 Mar 2024 12:59:27 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OeUlm0tcjKZHwzYAmcRqcgJpuJ2yU8D%2BoZQBS7GrZkSwTfEvfRakGKRRI%2FjpRkEVxP%2F0Uz8UQXHd1SgiuVCVakZS40i2qZs07eqKQAIpDfO%2FUM9CgYsGq7CjsgQDtV27c6Y5"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 864087a15dde366c-FRA
expires: Wed, 20 Mar 2024 15:33:06 GMT

GET
H2 200 Top.png
festiveoffer.xyz/img/ 79 KB
80 KB 64ms
64ms Image
image/png 104.21.57.121
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://festiveoffer.xyz/img/Top.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.57.121 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

60e25e33b93f64fba76794750e68794eab74ed284a297d2ae12085668f1b2edb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://festiveoffer.xyz/?fbclid=IwAR3oWH35fhE354wAx6Vko2F-pkBFjJ5gGO7TvUtvfiMpW-Gy7D2fn_wUf8Y_aem_AS6ZRvQkYX5IYqjo7ayo2XJ-sesKI9gFB7wrYSqE4U5cnG8nZlKYtVKq6CZ_YfPLtzyALlV_6Mc3Jd5BQw_AQwEm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 01:35:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload;
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 31885
alt-svc: h3=":443"; ma=86400
content-length: 81139
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 11 Mar 2024 12:59:27 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FAKDmx3li3TQ99e1hTlqhJOmPxg99xvpp%2F0JpMvMNOLM0%2BCmI0UdajYcHleKLpMZ8ygLUeDRpfbxaDPxnyd6zTes0WKbHQJ1vP2qmAQBTfJcNISIpXU%2BExk9Z2yaL02hxooT"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 864087a15de0366c-FRA
expires: Wed, 20 Mar 2024 16:44:30 GMT

GET
H2 200 Mid.png
festiveoffer.xyz/img/ 54 KB
54 KB 79ms
79ms Image
image/png 104.21.57.121
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://festiveoffer.xyz/img/Mid.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.57.121 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4159777785376433023b485c6468ca1f9b0ea74f9f772c18932382631abfcd4a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://festiveoffer.xyz/?fbclid=IwAR3oWH35fhE354wAx6Vko2F-pkBFjJ5gGO7TvUtvfiMpW-Gy7D2fn_wUf8Y_aem_AS6ZRvQkYX5IYqjo7ayo2XJ-sesKI9gFB7wrYSqE4U5cnG8nZlKYtVKq6CZ_YfPLtzyALlV_6Mc3Jd5BQw_AQwEm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 01:35:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload;
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 21921
alt-svc: h3=":443"; ma=86400
content-length: 54928
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 11 Mar 2024 12:59:27 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7th2vPDsjgRapOazBzpxtubD19oMwom6vQ1gvlYxkBBCbvZX9pp13%2BlyVBDpzwgjFvMJ96VJBB0m8bG4FsoLyY5F9zPf5O1ewIG%2F8vPwggW4TIl%2FQihio1sbD7HEzBBiZKRx"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 864087a15de1366c-FRA
expires: Wed, 20 Mar 2024 19:30:34 GMT

GET
H2 200 Bottom.gif
festiveoffer.xyz/img/ 521 KB
521 KB 64ms
64ms Image
image/gif 104.21.57.121
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://festiveoffer.xyz/img/Bottom.gif

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.57.121 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa5cb8c49ffe6dd38b15bc28307980a6e48a16d71d123a4d876a8789a635bc9a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://festiveoffer.xyz/?fbclid=IwAR3oWH35fhE354wAx6Vko2F-pkBFjJ5gGO7TvUtvfiMpW-Gy7D2fn_wUf8Y_aem_AS6ZRvQkYX5IYqjo7ayo2XJ-sesKI9gFB7wrYSqE4U5cnG8nZlKYtVKq6CZ_YfPLtzyALlV_6Mc3Jd5BQw_AQwEm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 01:35:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload;
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 27093
alt-svc: h3=":443"; ma=86400
content-length: 533057
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 11 Mar 2024 12:59:27 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XodZQ0y%2FGZXcH12RlnUQhS1trPPMiaenBCV4EWXjgojW0ZxfdVbz%2Fnihf8UxKDk3LrF0W%2Bptqm7lIRoIwKnmMYnSvOKlW94HKaItUWZnupeXgA5qYl9dQOWQrOyylciW1kse"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
vary: Accept-Encoding
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 864087a17dfa366c-FRA
expires: Wed, 20 Mar 2024 18:04:22 GMT

GET
DATA 200
OK truncated
/ 49 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f4eb4e1cd55dab37e015035ef964729f20aece9e953cca1c48a7454fe54baf5d

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d195b2bdfffd3e66d1b80920a94ebad44b309472388034cb7e374c0c82fde23b

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 204 collect
region1.google-analytics.com/g/ 0
255 B 410ms
39ms Ping
text/plain 216.239.32.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-V801SBN07C&gtm=45je43b0v897082323za200&_p=1710380155089&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=453417636.1710380156&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1710380155&sct=1&seg=0&dl=https%3A%2F%2Ffestiveoffer.xyz%2F%3Ffbclid%3DIwAR3oWH35fhE354wAx6Vko2F-pkBFjJ5gGO7TvUtvfiMpW-Gy7D2fn_wUf8Y_aem_AS6ZRvQkYX5IYqjo7ayo2XJ-sesKI9gFB7wrYSqE4U5cnG8nZlKYtVKq6CZ_YfPLtzyALlV_6Mc3Jd5BQw_AQwEm&dt=Phonepe%20Cashback%20festive&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1524
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-V801SBN07C
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.32.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://festiveoffer.xyz/?fbclid=IwAR3oWH35fhE354wAx6Vko2F-pkBFjJ5gGO7TvUtvfiMpW-Gy7D2fn_wUf8Y_aem_AS6ZRvQkYX5IYqjo7ayo2XJ-sesKI9gFB7wrYSqE4U5cnG8nZlKYtVKq6CZ_YfPLtzyALlV_6Mc3Jd5BQw_AQwEm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Mar 2024 01:35:56 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://festiveoffer.xyz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.festiveoffer.xyz/	1970-01-21 04:42:20	Name: _ga_V801SBN07C Value: GS1.1.1710380155.1.0.1710380155.0.0.0
			.festiveoffer.xyz/	1970-01-21 04:42:20	Name: _ga Value: GA1.1.453417636.1710380156

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

festiveoffer.xyz
region1.google-analytics.com
www.googletagmanager.com
104.21.57.121
142.250.186.168
216.239.32.36
3a3b96acf4cbef4d02e4d30309340c619634f132ea1f792f8e6dc522dd43505f
4159777785376433023b485c6468ca1f9b0ea74f9f772c18932382631abfcd4a
59c10eaa339a4ff217f8da38fabac3c80bace41b370f0ac9ad420d26b885cbb1
60e25e33b93f64fba76794750e68794eab74ed284a297d2ae12085668f1b2edb
aa5cb8c49ffe6dd38b15bc28307980a6e48a16d71d123a4d876a8789a635bc9a
b257c9639db04d74e024b83cc74273a7272539535eac305d57d5c8bc55820dde
d195b2bdfffd3e66d1b80920a94ebad44b309472388034cb7e374c0c82fde23b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f4eb4e1cd55dab37e015035ef964729f20aece9e953cca1c48a7454fe54baf5d

festiveoffer.xyz Open in urlscan Pro 104.21.57.121 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

7 Requests

100 %HTTPS

0 %IPv6

3 Domains

3 Subdomains

4 IPs

2 Countries

793 kBTransfer

1053 kBSize

2 Cookies

0 Outgoing links

Redirected requests

7 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

2 Cookies

Security Headers

Indicators

festiveoffer.xyz Open in urlscan Pro
104.21.57.121 Public Scan

Screenshot
Live screenshot

Full Image

7
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

4
IPs

2
Countries

793 kB
Transfer

1053 kB
Size

2
Cookies

7 HTTP transactions
2 data transactions