urlscan.io logo urlscan.io
SecurityTrails logo

obmenoff-exchange.com.kairos-exchange.com Open in urlscan Pro
162.241.86.166  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://obmenoff-exchange.com.kairos-exchange.com/
Effective URL: https://obmenoff-exchange.com.kairos-exchange.com/
Submission: On November 04 via api from NL — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 2 countries across 5 domains to perform 14 HTTP transactions. The main IP is 162.241.86.166, located in United States and belongs to UNIFIEDLAYER-AS-1, US. The main domain is obmenoff-exchange.com.kairos-exchange.com.
TLS certificate: Issued by R11 on September 4th 2024. Valid for: 3 months.
This is the only time obmenoff-exchange.com.kairos-exchange.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
7 162.241.86.166 46606 (UNIFIEDLA...)
1 142.250.186.106 15169 (GOOGLE)
2 157.240.252.13 32934 (FACEBOOK)
2 172.217.18.99 15169 (GOOGLE)
2 157.240.0.35 32934 (FACEBOOK)
14 5
7    162.241.86.166 (United States)

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: 162-241-86-166.unifiedlayer.com
obmenoff-exchange.com.kairos-exchange.com
1    142.250.186.106 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f10.1e100.net
fonts.googleapis.com
2    157.240.252.13 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-fra3.fbcdn.net
connect.facebook.net
2    172.217.18.99 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f3.1e100.net
fonts.gstatic.com
2    157.240.0.35 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-02-fra3.facebook.com
www.facebook.com
Apex Domain
Subdomains		 Transfer
7 kairos-exchange.com
obmenoff-exchange.com.kairos-exchange.com
273 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 113
3 KB
2 gstatic.com
fonts.gstatic.com
53 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 180
76 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 30
1 KB
14 5
Domain Requested by
7 obmenoff-exchange.com.kairos-exchange.com obmenoff-exchange.com.kairos-exchange.com
2 www.facebook.com obmenoff-exchange.com.kairos-exchange.com
2 fonts.gstatic.com fonts.googleapis.com
2 connect.facebook.net obmenoff-exchange.com.kairos-exchange.com
connect.facebook.net
1 fonts.googleapis.com obmenoff-exchange.com.kairos-exchange.com
14 5

This site contains links to these domains. Also see Links.

Domain
t.me
Subject Issuer Validity Valid
www.obmenoff-exchange.com.kairos-exchange.com
R11		 2024-09-04 -
2024-12-03		 3 months crt.sh
upload.video.google.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-08-13 -
2024-11-11		 3 months crt.sh
*.gstatic.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://obmenoff-exchange.com.kairos-exchange.com/
Frame ID: E2F0A0CE4A6A8613433DF899ECF8FD68
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

OBMENOFF - Сервис №1 обмена валюты в Турции

Page URL History Show full URLs

  1. http://obmenoff-exchange.com.kairos-exchange.com/ HTTP 307
    https://obmenoff-exchange.com.kairos-exchange.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Page Statistics

14
Requests

100 %
HTTPS

0 %
IPv6

5
Domains

5
Subdomains

5
IPs

2
Countries

407 kB
Transfer

656 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://obmenoff-exchange.com.kairos-exchange.com/ HTTP 307
    https://obmenoff-exchange.com.kairos-exchange.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
obmenoff-exchange.com.kairos-exchange.com/
Redirect Chain
  • http://obmenoff-exchange.com.kairos-exchange.com/
  • https://obmenoff-exchange.com.kairos-exchange.com/
3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://obmenoff-exchange.com.kairos-exchange.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.241.86.166 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
162-241-86-166.unifiedlayer.com
Software
Apache /
Resource Hash
d0569c887f31c01186e96f670f8ce7e513b274ecd4f8c7f89ee1363a4c537c8c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
1328
content-type
text/html
date
Mon, 04 Nov 2024 14:14:28 GMT
last-modified
Thu, 19 Sep 2024 15:33:41 GMT
server
Apache
vary
Accept-Encoding

Redirect headers

Location
https://obmenoff-exchange.com.kairos-exchange.com/
Non-Authoritative-Reason
HttpsUpgrades
style.css
obmenoff-exchange.com.kairos-exchange.com/scss/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://obmenoff-exchange.com.kairos-exchange.com/scss/style.css
Requested by
Host: obmenoff-exchange.com.kairos-exchange.com
URL: https://obmenoff-exchange.com.kairos-exchange.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.241.86.166 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
162-241-86-166.unifiedlayer.com
Software
Apache /
Resource Hash
300814bc336df3a0bb884d9223f5bb251777fe413ec748d58ef44864ffe92608

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://obmenoff-exchange.com.kairos-exchange.com/

Response headers

content-encoding
gzip
accept-ranges
bytes
content-length
1708
date
Mon, 04 Nov 2024 14:14:28 GMT
last-modified
Thu, 19 Sep 2024 13:27:36 GMT
vary
Accept-Encoding
server
Apache
content-type
text/css
logo.png
obmenoff-exchange.com.kairos-exchange.com/img/ 		127 KB
127 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://obmenoff-exchange.com.kairos-exchange.com/img/logo.png
Requested by
Host: obmenoff-exchange.com.kairos-exchange.com
URL: https://obmenoff-exchange.com.kairos-exchange.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.241.86.166 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
162-241-86-166.unifiedlayer.com
Software
Apache /
Resource Hash
a1afd5a69ab87a487cc033aaf11027e9e466813b297c707f8a86adaa3de877dc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://obmenoff-exchange.com.kairos-exchange.com/

Response headers

accept-ranges
bytes
content-length
130124
date
Mon, 04 Nov 2024 14:14:28 GMT
last-modified
Thu, 19 Sep 2024 13:24:53 GMT
content-type
image/png
server
Apache
telegram-icon.svg
obmenoff-exchange.com.kairos-exchange.com/img/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://obmenoff-exchange.com.kairos-exchange.com/img/telegram-icon.svg
Requested by
Host: obmenoff-exchange.com.kairos-exchange.com
URL: https://obmenoff-exchange.com.kairos-exchange.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.241.86.166 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
162-241-86-166.unifiedlayer.com
Software
Apache /
Resource Hash
4c2b2373631d361466bbf83a371d7de1d77f9a02c64004489fae31bf9e8560e4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://obmenoff-exchange.com.kairos-exchange.com/

Response headers

accept-ranges
bytes
content-length
1371
date
Mon, 04 Nov 2024 14:14:28 GMT
last-modified
Thu, 19 Sep 2024 13:24:52 GMT
content-type
image/svg+xml
server
Apache
next-long.svg
obmenoff-exchange.com.kairos-exchange.com/img/ 		813 B
889 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://obmenoff-exchange.com.kairos-exchange.com/img/next-long.svg
Requested by
Host: obmenoff-exchange.com.kairos-exchange.com
URL: https://obmenoff-exchange.com.kairos-exchange.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.241.86.166 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
162-241-86-166.unifiedlayer.com
Software
Apache /
Resource Hash
e4b71572d3ddad6b2fe134abb039a98593e32de2aafac67ed5eb589a4caa3011

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://obmenoff-exchange.com.kairos-exchange.com/

Response headers

accept-ranges
bytes
content-length
813
date
Mon, 04 Nov 2024 14:14:29 GMT
last-modified
Thu, 19 Sep 2024 13:24:51 GMT
content-type
image/svg+xml
server
Apache
css2
fonts.googleapis.com/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,100..900;1,100..900&display=swap
Requested by
Host: obmenoff-exchange.com.kairos-exchange.com
URL: https://obmenoff-exchange.com.kairos-exchange.com/scss/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f10.1e100.net
Software
ESF /
Resource Hash
5fceaa018bf58f734ced523f40a6a236aba678c0512ccdb0f1e9b7014ac55ba1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://obmenoff-exchange.com.kairos-exchange.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 04 Nov 2024 14:14:29 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 04 Nov 2024 14:14:29 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Mon, 04 Nov 2024 13:41:16 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
fbevents.js
connect.facebook.net/en_US/ 		239 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: obmenoff-exchange.com.kairos-exchange.com
URL: https://obmenoff-exchange.com.kairos-exchange.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.252.13 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-fra3.fbcdn.net
Software
/
Resource Hash
924f0b32e86fe959e4290f3690d241cc6a24c08a0a4be56b4d3ce9c2286291bc
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-NA159mQM' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://obmenoff-exchange.com.kairos-exchange.com/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Mon, 04 Nov 2024 14:14:29 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-NA159mQM' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=18, rtx=0, c=23, mss=1232, tbw=4412, tp=9, tpl=0, uplat=0, ullat=-1
pragma
public
x-fb-debug
Hv1Ed0q2Km7zSK5NcJYc7L7G6gHdq7uiZo+AZIFn0RNIR5/tNGcBl1BGgu5LvygHLPBSZgvJkt8Df07TcUWDeA==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
62086
x-xss-protection
0
origin-agent-cluster
?1
intro-background.jpg
obmenoff-exchange.com.kairos-exchange.com/img/ 		139 KB
139 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://obmenoff-exchange.com.kairos-exchange.com/img/intro-background.jpg
Requested by
Host: obmenoff-exchange.com.kairos-exchange.com
URL: https://obmenoff-exchange.com.kairos-exchange.com/scss/style.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.241.86.166 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
162-241-86-166.unifiedlayer.com
Software
Apache /
Resource Hash
e8a40c42c61c36e4aacbbd88c53e3091fcd3c113b72fe2c9936bce6eaf913b91

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://obmenoff-exchange.com.kairos-exchange.com/scss/style.css

Response headers

accept-ranges
bytes
content-length
142148
date
Mon, 04 Nov 2024 14:14:29 GMT
last-modified
Thu, 19 Sep 2024 13:24:50 GMT
content-type
image/jpeg
server
Apache
JTUSjIg1_i6t8kCHKm459W1hyzbi.woff2
fonts.gstatic.com/s/montserrat/v26/ 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459W1hyzbi.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,100..900;1,100..900&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f3.1e100.net
Software
sffe /
Resource Hash
637f545351fbed7e7207fdf36e1381b0860f12fffde46a6fa43bdafcc7a05758
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://obmenoff-exchange.com.kairos-exchange.com
Referer
https://fonts.googleapis.com/

Response headers

age
427019
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 30 Oct 2025 15:37:30 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 30 Oct 2024 15:37:30 GMT
last-modified
Wed, 13 Sep 2023 22:43:52 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
21288
x-xss-protection
0
server
sffe
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 		32 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,100..900;1,100..900&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f3.1e100.net
Software
sffe /
Resource Hash
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://obmenoff-exchange.com.kairos-exchange.com
Referer
https://fonts.googleapis.com/

Response headers

age
539119
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 29 Oct 2025 08:29:10 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 29 Oct 2024 08:29:10 GMT
last-modified
Wed, 13 Sep 2023 22:51:58 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
33092
x-xss-protection
0
server
sffe
827350062922840
connect.facebook.net/signals/config/ 		82 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/827350062922840?v=2.9.176&r=stable&domain=obmenoff-exchange.com.kairos-exchange.com&hme=872f04a0547459b3285cb03b0d7a47bfde40628f4b386809918a621e2688602f&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.252.13 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-fra3.fbcdn.net
Software
/
Resource Hash
419869e4e11a4562c4dcbc8b32608af24f3a951e8e51c7c80d2ac472caf16ca1
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-xgZYFPQP' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://obmenoff-exchange.com.kairos-exchange.com/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Mon, 04 Nov 2024 14:14:29 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-xgZYFPQP' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=18, rtx=0, c=77, mss=1232, tbw=70843, tp=67, tpl=0, uplat=73, ullat=0
pragma
public
x-fb-debug
BUZ4EllFPHlH8cbAjYmF4JL59EkKuOoFJ2dJtYeCBG/EujADDU6CukkMqCxDSUznaS5LwvVa55QH9VOPW3FIow==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
/
www.facebook.com/tr/ 		0
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=827350062922840&ev=PageView&dl=https%3A%2F%2Fobmenoff-exchange.com.kairos-exchange.com%2F&rl=&if=false&ts=1730729669407&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=12318&fbp=fb.1.1730729669374.247805327607243757&cs_est=true&ler=empty&cdl=API_unavailable&it=1730729669244&coo=false&rqm=GET
Requested by
Host: obmenoff-exchange.com.kairos-exchange.com
URL: https://obmenoff-exchange.com.kairos-exchange.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.0.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-fra3.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://obmenoff-exchange.com.kairos-exchange.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=21, rtx=0, c=10, mss=1288, tbw=2946, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Mon, 04 Nov 2024 14:14:29 GMT
content-type
text/plain
server
proxygen-bolt
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=827350062922840&ev=PageView&dl=https%3A%2F%2Fobmenoff-exchange.com.kairos-exchange.com%2F&rl=&if=false&ts=1730729669407&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=12318&fbp=fb.1.1730729669374.247805327607243757&cs_est=true&ler=empty&cdl=API_unavailable&it=1730729669244&coo=false&rqm=FGET
Requested by
Host: obmenoff-exchange.com.kairos-exchange.com
URL: https://obmenoff-exchange.com.kairos-exchange.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.0.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-fra3.facebook.com
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src 'report-sample' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://obmenoff-exchange.com.kairos-exchange.com/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7433427327876061204"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Mon, 04 Nov 2024 14:14:29 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
lr/I2DduIyKeqymr4pXUZYnAbvm9I8GrLLqgwJLqY0ALKi19bBGpUpmgOw+nj1XZ1iVdNGXxiPtVqzjzpB3O+w==
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7433427327876061204", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src 'report-sample' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=19, rtx=0, c=14, mss=1288, tbw=3264, tp=-1, tpl=-1, uplat=168, ullat=0
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?0
favicon.png
obmenoff-exchange.com.kairos-exchange.com/img/ 		2 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://obmenoff-exchange.com.kairos-exchange.com/img/favicon.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.241.86.166 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
162-241-86-166.unifiedlayer.com
Software
Apache /
Resource Hash
d8a1ffe2a1efe97a9f9df985be5636acea2906657d123ea22e282f0c91034f67

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://obmenoff-exchange.com.kairos-exchange.com/

Response headers

accept-ranges
bytes
content-length
1571
date
Mon, 04 Nov 2024 14:14:29 GMT
last-modified
Thu, 19 Sep 2024 13:24:51 GMT
content-type
image/png
server
Apache

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| fbq function| _fbq

1 Cookies

Domain/Path Name / Value
.kairos-exchange.com/ Name: _fbp
Value: fb.1.1730729669374.247805327607243757