offercongratz.com Open in urlscan Pro
2606:4700:3033::6815:43f4 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.d8s9dstrk.com/28KL6/D42TT/?sub1=5c78431dd9fd4a0f93a6de060ea3d73e14bc6&sub2=77725&sub3=&sub4=
Effective URL:
https://offercongratz.com/
Submission: On September 24 via api (September 24th 2024, 5:21:38 pm UTC) from LU — Scanned from US

Summary HTTP 26 Redirects Behaviour Indicators

Summary

This website contacted 5 IPs in 1 countries across 5 domains to perform 26 HTTP transactions. The main IP is 2606:4700:3033::6815:43f4, located in United States and belongs to CLOUDFLARENET, US. The main domain is offercongratz.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on December 27th 2023. Valid for: a year.

This is the only time offercongratz.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Scam (Online)

Domain & IP information

	IP Address	AS Autonomous System
1 1	35.244.255.50 35.244.255.50	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 21	2606:4700:303... 2606:4700:3033::6815:43f4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700::68... 2606:4700::6812:ba1f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:4006:81d::2008	15169 (GOOGLE) (GOOGLE)
1	108.138.106.124 108.138.106.124	16509 (AMAZON-02) (AMAZON-02)
1	18.164.96.90 18.164.96.90	16509 (AMAZON-02) (AMAZON-02)
26	5

1 35.244.255.50 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 50.255.244.35.bc.googleusercontent.com

www.d8s9dstrk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2606:4700:3033::6815:43f4 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

offercongratz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:ba1f (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:81d::2008 (United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.106.124 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-106-124.jfk50.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.164.96.90 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-96-90.jfk50.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	offercongratz.com 1 redirects offercongratz.com	1 MB
3	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 341	85 KB
2	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 957 script.hotjar.com — Cisco Umbrella Rank: 1386	61 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 57	50 KB
1	d8s9dstrk.com 1 redirects www.d8s9dstrk.com	640 B
26	5

	Domain	Requested by
21	offercongratz.com	1 redirects offercongratz.com
3	cdn.jsdelivr.net	offercongratz.com
1	script.hotjar.com	static.hotjar.com
1	static.hotjar.com	offercongratz.com
1	www.googletagmanager.com	offercongratz.com
1	www.d8s9dstrk.com	1 redirects
26	6

This site contains no links.

Subject Issuer	Validity	Valid
offercongratz.com Cloudflare Inc ECC CA-3	`2023-12-27` - `2024-12-26`	a year	crt.sh
*.jsdelivr.net Sectigo RSA Domain Validation Secure Server CA	`2024-05-04` - `2025-05-04`	a year	crt.sh
*.google-analytics.com WR2	`2024-08-26` - `2024-11-18`	3 months	crt.sh
*.hotjar.com Amazon RSA 2048 M03	`2024-05-22` - `2025-06-20`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://offercongratz.com/
Frame ID: EC53AD0B6A2930680A6016B7E72E004B
Requests: 26 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Samsung Galaxy S20!

Page URL History Show full URLs

https://www.d8s9dstrk.com/28KL6/D42TT/?sub1=5c78431dd9fd4a0f93a6de060ea3d73e14bc6&sub2=77725&sub3=&sub4= HTTP 302
https://offercongratz.com/?id=12&cc=RO&clickid=32ed742a75ee4c2b810b10074c7ebaf0&sourceid=77725&subid=&s3= HTTP 302
https://offercongratz.com/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

26
Requests

100 %
HTTPS

50 %
IPv6

5
Domains

6
Subdomains

5
IPs

1
Countries

1467 kB
Transfer

2156 kB
Size

5
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.d8s9dstrk.com/28KL6/D42TT/?sub1=5c78431dd9fd4a0f93a6de060ea3d73e14bc6&sub2=77725&sub3=&sub4= HTTP 302
https://offercongratz.com/?id=12&cc=RO&clickid=32ed742a75ee4c2b810b10074c7ebaf0&sourceid=77725&subid=&s3= HTTP 302
https://offercongratz.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

26 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3

200

Primary Request / Show response
offercongratz.com/
Redirect Chain

https://www.d8s9dstrk.com/28KL6/D42TT/?sub1=5c78431dd9fd4a0f93a6de060ea3d73e14bc6&sub2=77725&sub3=&sub4=
https://offercongratz.com/?id=12&cc=RO&clickid=32ed742a75ee4c2b810b10074c7ebaf0&sourceid=77725&subid=&s3=
https://offercongratz.com/

35 KB
9 KB

536ms
536ms

Document
text/html

2606:4700:3033::6815:43f4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://offercongratz.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::6815:43f4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

41d9257c9eaafad36bf640fe751268c73632f9f887551426feff11663024c925

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.88 Safari/537.36 OPR/73.0.3856.284

Response headers

cf-cache-status: DYNAMIC
cf-ray: 8c84738c0d514238-EWR
content-encoding: br
content-type: text/html; charset=utf-8
date: Tue, 24 Sep 2024 17:21:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
permissions-policy: accelerometer=*, ambient-light-sensor=*, autoplay=*, battery=*, camera=*, cross-origin-isolated=*, display-capture=*, document-domain=*, encrypted-media=*, fullscreen=*, geolocation=*, gyroscope=*, magnetometer=*, microphone=*, midi=*, payment=*, picture-in-picture=*, publickey-credentials-get=*, screen-wake-lock=*, sync-xhr=*, usb=*, web-share=*, xr-spatial-tracking=*
referrer-policy: no-referrer-when-downgrade
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gmXV0cm2eATMc5EA6pGvOweO1q57yDSXv7w59Xx7HNuD3bTfiZops5axAcvxZC3FQsFWHPTDnmXiU2Uu9HJ1%2BXhCjZ%2F80Iqtr7g8X81aHQrt%2BxTtEaxIGSi%2FeUuvPQgxjMiG7zRELFTERPUJcGAZUQ%3D%3D"}],"group":"cf-nel","max_age":604800}
request-context: appId=cid-v1:f55d9fd3-4d5b-434f-a460-ecd4c0dd0148
server: cloudflare
strict-transport-security: max-age=2592000
x-content-type-options: nosniff

Redirect headers

cf-cache-status: DYNAMIC
cf-ray: 8c847386ee234238-EWR
date: Tue, 24 Sep 2024 17:21:31 GMT
location: /
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
permissions-policy: accelerometer=*, ambient-light-sensor=*, autoplay=*, battery=*, camera=*, cross-origin-isolated=*, display-capture=*, document-domain=*, encrypted-media=*, fullscreen=*, geolocation=*, gyroscope=*, magnetometer=*, microphone=*, midi=*, payment=*, picture-in-picture=*, publickey-credentials-get=*, screen-wake-lock=*, sync-xhr=*, usb=*, web-share=*, xr-spatial-tracking=*
referrer-policy: no-referrer-when-downgrade
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qFnxu%2BuBe9rnLhIivI3ImSmu4HzSdWadlPGK7ZFTGj8%2FszXQiCUi1DrtiZE5BcRHKaeg0Fe8QKMOQk36RGEg3Jge5wbZiSZNmO%2FhVspPwjifb%2BEW5X3Wm50Du7hhR9%2FZTGss%2BKfXYwn0uxDUri4kwQ%3D%3D"}],"group":"cf-nel","max_age":604800}
request-context: appId=cid-v1:f55d9fd3-4d5b-434f-a460-ecd4c0dd0148
server: cloudflare
strict-transport-security: max-age=2592000
x-content-type-options: nosniff

GET
H3 200 global_custom_styles2.css
offercongratz.com/landingpage/shared/css/ 20 KB
3 KB 525ms
524ms Stylesheet
text/css 2606:4700:3033::6815:43f4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://offercongratz.com/landingpage/shared/css/global_custom_styles2.css

Requested by

Host: offercongratz.com
URL: https://offercongratz.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::6815:43f4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a543f74bd902dc846a9607cc33de25bf235bd035b3c1a99351924d5f9bdfca78

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.88 Safari/537.36 OPR/73.0.3856.284
Referer

Response headers

content-encoding: br
cf-cache-status: MISS
etag: W/"1daf9539b102678"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=k6s5axrOpYOAgYemlq%2F%2F17AQ6Qn2A93M1%2FGCd2a9%2FvnocNto4mVEaIdsIs56smcW21F6v33Vf%2BPsnCvo18JvsuOu4oQeeY4kGKwj%2Fk3pHi8d3qF1xoHLGRS51TFTE29urM7CRP8LLQa8CVsSKDz4Cg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
date: Tue, 24 Sep 2024 17:21:32 GMT
content-type: text/css
last-modified: Wed, 28 Aug 2024 14:07:24 GMT
vary: Accept-Encoding
strict-transport-security: max-age=2592000
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer-when-downgrade
request-context: appId=cid-v1:f55d9fd3-4d5b-434f-a460-ecd4c0dd0148
permissions-policy: accelerometer=*, ambient-light-sensor=*, autoplay=*, battery=*, camera=*, cross-origin-isolated=*, display-capture=*, document-domain=*, encrypted-media=*, fullscreen=*, geolocation=*, gyroscope=*, magnetometer=*, microphone=*, midi=*, payment=*, picture-in-picture=*, publickey-credentials-get=*, screen-wake-lock=*, sync-xhr=*, usb=*, web-share=*, xr-spatial-tracking=*
cf-ray: 8c84738f79f14238-EWR
server: cloudflare

GET
H3 200 main.css
offercongratz.com/landingpage/shared/css/ 97 KB
12 KB 833ms
831ms Stylesheet
text/css 2606:4700:3033::6815:43f4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://offercongratz.com/landingpage/shared/css/main.css

Requested by

Host: offercongratz.com
URL: https://offercongratz.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::6815:43f4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0e7dc1bc82c5d28a9130106a826753f7d3cc6065edb240c416760aa585dd2f97

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.88 Safari/537.36 OPR/73.0.3856.284
Referer

Response headers

content-encoding: br
cf-cache-status: MISS
etag: W/"1daf9539b11f4f7"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ErBe0dDc1wwGIa%2BhTzNNS24nlOsJmLsTidvQyW4LyVXmtfbmS5zhAKNhjgkqgc8boU8%2Bw5o4UaV8wvRSGcPGTRI3y0WU0B4JA4gtXQW9B2ZpilfFW75y11tPuXFocdrRFmdBp44hxaxgiI7%2B4TbgyQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
date: Tue, 24 Sep 2024 17:21:32 GMT
content-type: text/css
last-modified: Wed, 28 Aug 2024 14:07:24 GMT
vary: Accept-Encoding
strict-transport-security: max-age=2592000
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer-when-downgrade
request-context: appId=cid-v1:f55d9fd3-4d5b-434f-a460-ecd4c0dd0148
permissions-policy: accelerometer=*, ambient-light-sensor=*, autoplay=*, battery=*, camera=*, cross-origin-isolated=*, display-capture=*, document-domain=*, encrypted-media=*, fullscreen=*, geolocation=*, gyroscope=*, magnetometer=*, microphone=*, midi=*, payment=*, picture-in-picture=*, publickey-credentials-get=*, screen-wake-lock=*, sync-xhr=*, usb=*, web-share=*, xr-spatial-tracking=*
cf-ray: 8c84738f79f74238-EWR
server: cloudflare

GET
H2 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.3.2/dist/css/ 227 KB
31 KB 398ms
229ms Stylesheet
text/css 2606:4700::6812:ba1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@5.3.2/dist/css/bootstrap.min.css

Requested by

Host: offercongratz.com
URL: https://offercongratz.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:ba1f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3017df4a76db5f01c2b99b603d88b03106df13bcfe18e67b7c13c2341d3a67df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.88 Safari/537.36 OPR/73.0.3856.284
Origin: https://offercongratz.com
Referer

Response headers

access-control-expose-headers: *
content-encoding: gzip
cf-cache-status: HIT
etag: W/"38df4-HxOZgbm0enZu+gphu3ito1HxbEs"
age: 16854495
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LCMffToFo5%2BIjI8v1ZfPJz%2B5yawiZzuqyxp52lvD09Q2VBHWVtr9D%2B9N70HgII9Jai9W%2FPrEx5NYdfEG9FV52l1WWjaCS1RsvyXZG3Bn2tJpWvGRY5ME1FY54i54JNHAQx%2BHCUKE94jdd7Fhxf0%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-jsd-version-type: version
x-cache: HIT, HIT
date: Tue, 24 Sep 2024 17:21:32 GMT
content-type: text/css; charset=utf-8
x-served-by: cache-fra-etou8220083-FRA, cache-lga21981-LGA
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8c84739078d541e1-EWR
accept-ranges: bytes
access-control-allow-origin: *
content-length: 30835
server: cloudflare
x-jsd-version: 5.3.2

GET
H2 200 jquery.min.js Show response
cdn.jsdelivr.net/npm/jquery@3.7.1/dist/ 85 KB
30 KB 273ms
104ms Script
application/javascript 2606:4700::6812:ba1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/jquery@3.7.1/dist/jquery.min.js

Requested by

Host: offercongratz.com
URL: https://offercongratz.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:ba1f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.88 Safari/537.36 OPR/73.0.3856.284
Origin: https://offercongratz.com
Referer

Response headers

access-control-expose-headers: *
content-encoding: br
cf-cache-status: HIT
etag: W/"155ed-7khZLR//lS/PBs4LZm7UeFSTr9w"
age: 7403017
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=A%2FHu6%2Bz7Vb9x65ZL%2BbH69Xa0VOOT2xLAjv9gJzyjDInv3XtufbgjNjRggz82cK9Bo%2FLm21Kq6d2TlfEGvOFqIL%2F3019fLiwN%2FeXJRrUEPqhjcDcmMYGaBwzrBQY4HBcVXFw0lo9rQTvokNsCd0w%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-jsd-version-type: version
x-cache: HIT, HIT
date: Tue, 24 Sep 2024 17:21:32 GMT
content-type: application/javascript; charset=utf-8
x-served-by: cache-fra-eddf8230077-FRA, cache-lga21945-LGA
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8c84739078da41e1-EWR
accept-ranges: bytes
access-control-allow-origin: *
content-length: 29596
server: cloudflare
x-jsd-version: 3.7.1

GET
H2 200 bootstrap.bundle.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@5.3.2/dist/js/ 79 KB
25 KB 472ms
303ms Script
application/javascript 2606:4700::6812:ba1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@5.3.2/dist/js/bootstrap.bundle.min.js

Requested by

Host: offercongratz.com
URL: https://offercongratz.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:ba1f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

82f64f62bb03c1bc1824b0f9c9e05f70dba33e146818e63cdf5c306c8cf3dedd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.88 Safari/537.36 OPR/73.0.3856.284
Origin: https://offercongratz.com
Referer

Response headers

access-control-expose-headers: *
content-encoding: br
cf-cache-status: HIT
etag: W/"13b17-9/0PPchLLPk7+B6DJQWmc/NU4KM"
age: 12374619
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WpkVsJx7I%2B8UmjHnxp3VpvrVg51IGkrSnS5XieeRQQceIEImXm%2B5yY7DoTUZoQWZni6p18pyGKwbNYM92q0Grou3sXptvabrtqxS%2B%2FYO06CYFqdTs0WyDALmtkFtdnf8%2BPFQ0wyXiyZIUA08yK0%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-jsd-version-type: version
x-cache: HIT, HIT
date: Tue, 24 Sep 2024 17:21:32 GMT
content-type: application/javascript; charset=utf-8
x-served-by: cache-fra-etou8220085-FRA, cache-lga21968-LGA
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8c84739078dd41e1-EWR
accept-ranges: bytes
access-control-allow-origin: *
content-length: 25109
server: cloudflare
x-jsd-version: 5.3.2

GET
H3 200 colorpicker.js Show response
offercongratz.com/landingpage/shared/js/ 6 KB
3 KB 426ms
424ms Script
application/javascript 2606:4700:3033::6815:43f4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://offercongratz.com/landingpage/shared/js/colorpicker.js

Requested by

Host: offercongratz.com
URL: https://offercongratz.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::6815:43f4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5ef2a720331e4c1118011b2f20d59dce90240399aada33da085fa9f5e31906f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.88 Safari/537.36 OPR/73.0.3856.284
Referer

Response headers

content-encoding: br
cf-cache-status: MISS
etag: W/"1daf9539b1061b1"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AdbO1I4GeVSWmLMAozX6sMJmnkUi9rqmWjAoJmSJkgCyCf1hqJFqES2WZ%2Bqm8MWg5K5aID8tmINxtyS4gwXtHnvddvkctPqNbp7qXLJJ269CeOazDoZcvaEMzX0SD1bFfz2w6kK15RPb4iW2tvJWMQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
date: Tue, 24 Sep 2024 17:21:33 GMT
content-type: application/javascript
last-modified: Wed, 28 Aug 2024 14:07:24 GMT
vary: Accept-Encoding
strict-transport-security: max-age=2592000
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer-when-downgrade
request-context: appId=cid-v1:f55d9fd3-4d5b-434f-a460-ecd4c0dd0148
permissions-policy: accelerometer=*, ambient-light-sensor=*, autoplay=*, battery=*, camera=*, cross-origin-isolated=*, display-capture=*, document-domain=*, encrypted-media=*, fullscreen=*, geolocation=*, gyroscope=*, magnetometer=*, microphone=*, midi=*, payment=*, picture-in-picture=*, publickey-credentials-get=*, screen-wake-lock=*, sync-xhr=*, usb=*, web-share=*, xr-spatial-tracking=*
cf-ray: 8c847394ba1f4238-EWR
server: cloudflare

GET
H3 200 countdown.js Show response
offercongratz.com/landingpage/shared/js/ 653 B
1 KB 399ms
396ms Script
application/javascript 2606:4700:3033::6815:43f4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://offercongratz.com/landingpage/shared/js/countdown.js

Requested by

Host: offercongratz.com
URL: https://offercongratz.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::6815:43f4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f500c64e2648cd56f97d2e61c8ba49c86adda6d8e020d54b42499c5eb55e1b58

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.88 Safari/537.36 OPR/73.0.3856.284
Referer

Response headers

content-encoding: br
cf-cache-status: MISS
etag: W/"1daf9539b10748d"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qCnXEM3UOAK1W3JYPIB06GTaHiNNrI%2BwtqkHXzcqirEi4FD365BIGhlDKzlyzjrU6OfG%2FfVyF2K5AsK%2BiAzw6JYxnSRdgN6xzf4YVB%2F0thpxVUy3nU91Eq5NaZUqFeASJpWoNIw5wLXP4ZM%2FMu4MBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
date: Tue, 24 Sep 2024 17:21:33 GMT
content-type: application/javascript
last-modified: Wed, 28 Aug 2024 14:07:24 GMT
vary: Accept-Encoding
strict-transport-security: max-age=2592000
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer-when-downgrade
request-context: appId=cid-v1:f55d9fd3-4d5b-434f-a460-ecd4c0dd0148
permissions-policy: accelerometer=*, ambient-light-sensor=*, autoplay=*, battery=*, camera=*, cross-origin-isolated=*, display-capture=*, document-domain=*, encrypted-media=*, fullscreen=*, geolocation=*, gyroscope=*, magnetometer=*, microphone=*, midi=*, payment=*, picture-in-picture=*, publickey-credentials-get=*, screen-wake-lock=*, sync-xhr=*, usb=*, web-share=*, xr-spatial-tracking=*
cf-ray: 8c847394ca214238-EWR
server: cloudflare

GET
H3 200 base.js Show response
offercongratz.com/landingpage/shared/js/ 11 KB
3 KB 428ms
425ms Script
application/javascript 2606:4700:3033::6815:43f4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://offercongratz.com/landingpage/shared/js/base.js

Requested by

Host: offercongratz.com
URL: https://offercongratz.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::6815:43f4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c5a586d4f614ae52a45005fb613fb41df836c56861b275dc334020172639e078

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.88 Safari/537.36 OPR/73.0.3856.284
Referer

Response headers

content-encoding: br
cf-cache-status: MISS
etag: W/"1daf9539b105bb1"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=w7zahEQ5rUthHcVKwrerbPS87aXQY21bqSoLdT92VqHHeTqEEDdYkSDAAeKlApxAYuJMTDGfMDLkQKmMvwAf7Iony1cbyoJPg%2Bvb%2BElsVlnKFypZIud4eNM0SFoJB2sFxODQNsD2gQHmr%2FxH8PrTog%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
date: Tue, 24 Sep 2024 17:21:33 GMT
content-type: application/javascript
last-modified: Wed, 28 Aug 2024 14:07:24 GMT
vary: Accept-Encoding
strict-transport-security: max-age=2592000
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer-when-downgrade
request-context: appId=cid-v1:f55d9fd3-4d5b-434f-a460-ecd4c0dd0148
permissions-policy: accelerometer=*, ambient-light-sensor=*, autoplay=*, battery=*, camera=*, cross-origin-isolated=*, display-capture=*, document-domain=*, encrypted-media=*, fullscreen=*, geolocation=*, gyroscope=*, magnetometer=*, microphone=*, midi=*, payment=*, picture-in-picture=*, publickey-credentials-get=*, screen-wake-lock=*, sync-xhr=*, usb=*, web-share=*, xr-spatial-tracking=*
cf-ray: 8c847394ca234238-EWR
server: cloudflare

GET
H3 200 paycards.png
offercongratz.com/landingpage/shared/ 13 KB
14 KB 465ms
464ms Image
image/png 2606:4700:3033::6815:43f4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://offercongratz.com/landingpage/shared/paycards.png

Requested by

Host: offercongratz.com
URL: https://offercongratz.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::6815:43f4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

173279ff6aea7bbbd52731f7ae563bbd9bf9d145e90229944db77050dad8bc32

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.88 Safari/537.36 OPR/73.0.3856.284
Referer

Response headers

cf-cache-status: MISS
etag: "1daf9539b1045d2"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zVYru01QY1NbjvdWpZwl%2FuZHbpz%2BlvzbK9LogRbKMwq0Nfx%2FxSnHkGXgUcwc0g7yV1A0MmIeAaGnM6Yz2Ze40mHtSq6rbcrpb1b1wHiBGAkTWnq8wSHaKtsWEUZ4t3kJ0nneFpK7v%2B%2BKFDi0Slv2ZA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
date: Tue, 24 Sep 2024 17:21:32 GMT
content-type: image/png
last-modified: Wed, 28 Aug 2024 14:07:24 GMT
vary: Accept-Encoding
strict-transport-security: max-age=2592000
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer-when-downgrade
request-context: appId=cid-v1:f55d9fd3-4d5b-434f-a460-ecd4c0dd0148
permissions-policy: accelerometer=*, ambient-light-sensor=*, autoplay=*, battery=*, camera=*, cross-origin-isolated=*, display-capture=*, document-domain=*, encrypted-media=*, fullscreen=*, geolocation=*, gyroscope=*, magnetometer=*, microphone=*, midi=*, payment=*, picture-in-picture=*, publickey-credentials-get=*, screen-wake-lock=*, sync-xhr=*, usb=*, web-share=*, xr-spatial-tracking=*
accept-ranges: bytes
content-length: 13266
cf-ray: 8c84738f79f84238-EWR
server: cloudflare

GET
H3 200 help.png
offercongratz.com/landingpage/shared/ 10 KB
11 KB 500ms
499ms Image
image/png 2606:4700:3033::6815:43f4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://offercongratz.com/landingpage/shared/help.png

Requested by

Host: offercongratz.com
URL: https://offercongratz.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::6815:43f4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eba9d09ae922a71dd52fe9e703a66695424e9b22f5cb43b8b6452e31a2bda9a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.88 Safari/537.36 OPR/73.0.3856.284
Referer

Response headers

cf-cache-status: MISS
etag: "1daf9539b105fb1"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9kMAsImhktikB2kKQzWQIoiRsOwbFp1OYx6yr9pVSb07jl%2BfsN%2B95Mh1X9jeFuwF6HzYoPOJbESk3YeZyxDDz%2FF9SmDWvAXhzuj1cuoeYOQs6SsI8PATuf1fw0Rqyzo8QtM8quDtcs2gpf27hYpgjA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
date: Tue, 24 Sep 2024 17:21:32 GMT
content-type: image/png
last-modified: Wed, 28 Aug 2024 14:07:24 GMT
vary: Accept-Encoding
strict-transport-security: max-age=2592000
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer-when-downgrade
request-context: appId=cid-v1:f55d9fd3-4d5b-434f-a460-ecd4c0dd0148
permissions-policy: accelerometer=*, ambient-light-sensor=*, autoplay=*, battery=*, camera=*, cross-origin-isolated=*, display-capture=*, document-domain=*, encrypted-media=*, fullscreen=*, geolocation=*, gyroscope=*, magnetometer=*, microphone=*, midi=*, payment=*, picture-in-picture=*, publickey-credentials-get=*, screen-wake-lock=*, sync-xhr=*, usb=*, web-share=*, xr-spatial-tracking=*
accept-ranges: bytes
content-length: 10673
cf-ray: 8c84738f8a294238-EWR
server: cloudflare

GET
H3 200 cvv-dark.png
offercongratz.com/landingpage/shared/ 1 KB
2 KB 452ms
451ms Image
image/png 2606:4700:3033::6815:43f4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://offercongratz.com/landingpage/shared/cvv-dark.png

Requested by

Host: offercongratz.com
URL: https://offercongratz.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::6815:43f4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

af211fcda28819c19e60eeb0f56044e3a1ba3bad3aeff4c4df7d0bfac9e53ef2

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.88 Safari/537.36 OPR/73.0.3856.284
Referer

Response headers

cf-cache-status: MISS
etag: "1daf9539b107350"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zr%2B0%2BoxjurdBB8jCEHD9c2YbXT9yE4IZJhjiy6lI06BE9QaigH9YgzzXBIjl0VMne%2B0vN3B%2BthwjD0nquQLRthWwitRP0jVaCToWJPUOLtUaiMDgPTGWAjhXmgoR7azQN4h1HusCTNSWYbOalVW61Q%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Tue, 24 Sep 2024 17:21:33 GMT
content-type: image/png
last-modified: Wed, 28 Aug 2024 14:07:24 GMT
vary: Accept-Encoding
strict-transport-security: max-age=2592000
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer-when-downgrade
request-context: appId=cid-v1:f55d9fd3-4d5b-434f-a460-ecd4c0dd0148
permissions-policy: accelerometer=*, ambient-light-sensor=*, autoplay=*, battery=*, camera=*, cross-origin-isolated=*, display-capture=*, document-domain=*, encrypted-media=*, fullscreen=*, geolocation=*, gyroscope=*, magnetometer=*, microphone=*, midi=*, payment=*, picture-in-picture=*, publickey-credentials-get=*, screen-wake-lock=*, sync-xhr=*, usb=*, web-share=*, xr-spatial-tracking=*
accept-ranges: bytes
content-length: 1360
cf-ray: 8c847392bf044238-EWR
server: cloudflare

GET
H3 200 s20-gray.jpg
offercongratz.com/landingpage/default/galaxys20/ 20 KB
21 KB 469ms
468ms Image
image/jpeg 2606:4700:3033::6815:43f4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://offercongratz.com/landingpage/default/galaxys20/s20-gray.jpg

Requested by

Host: offercongratz.com
URL: https://offercongratz.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::6815:43f4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c25786b4fb9a3a2313b94b4a67fd637f0f57a376271e7db2e49e35fa8130a3b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.88 Safari/537.36 OPR/73.0.3856.284
Referer

Response headers

cf-cache-status: MISS
etag: "1daf953977cbf25"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4PK8rr4b3a3gJRVUAbbm%2BtCSZyPwTYc4urWdcAN6L78hUED5RDdhATihMxrqb2QyzJVB%2FGkncXDAk1wGSkfUwOglhEF2wigtg4QB8v7prc24RtuRdTJAhD2RTnSoDn1WNF9Nfu%2F2Oi%2Fw3Yq9O74bYg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
date: Tue, 24 Sep 2024 17:21:33 GMT
content-type: image/jpeg
last-modified: Wed, 28 Aug 2024 14:07:18 GMT
vary: Accept-Encoding
strict-transport-security: max-age=2592000
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer-when-downgrade
request-context: appId=cid-v1:f55d9fd3-4d5b-434f-a460-ecd4c0dd0148
permissions-policy: accelerometer=*, ambient-light-sensor=*, autoplay=*, battery=*, camera=*, cross-origin-isolated=*, display-capture=*, document-domain=*, encrypted-media=*, fullscreen=*, geolocation=*, gyroscope=*, magnetometer=*, microphone=*, midi=*, payment=*, picture-in-picture=*, publickey-credentials-get=*, screen-wake-lock=*, sync-xhr=*, usb=*, web-share=*, xr-spatial-tracking=*
accept-ranges: bytes
content-length: 20517
cf-ray: 8c847392bf0a4238-EWR
server: cloudflare

GET
H3 200 s20-blue.jpg
offercongratz.com/landingpage/default/galaxys20/ 22 KB
23 KB 543ms
542ms Image
image/jpeg 2606:4700:3033::6815:43f4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://offercongratz.com/landingpage/default/galaxys20/s20-blue.jpg

Requested by

Host: offercongratz.com
URL: https://offercongratz.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::6815:43f4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

704310a6576cc896a22d809ec454733575e35ede59618e13cfc4ab3c8bf05887

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.88 Safari/537.36 OPR/73.0.3856.284
Referer

Response headers

cf-cache-status: MISS
etag: "1daf953977cb65b"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rHiW3QpYWk0PDL9a8UXX53CO7QvkendEY%2BUWivLrxu8KJ%2F%2FTmayT%2Fxds367oKX3coPJw9oEFPv4mpUD%2F%2Bh%2Bfya%2FxWxjOLis9hP2qnbIXqGum4gYLJ2wHgVg6FJhsvndZALKNaQ2%2B29rNIT3tD2izpQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
date: Tue, 24 Sep 2024 17:21:33 GMT
content-type: image/jpeg
last-modified: Wed, 28 Aug 2024 14:07:18 GMT
vary: Accept-Encoding
strict-transport-security: max-age=2592000
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer-when-downgrade
request-context: appId=cid-v1:f55d9fd3-4d5b-434f-a460-ecd4c0dd0148
permissions-policy: accelerometer=*, ambient-light-sensor=*, autoplay=*, battery=*, camera=*, cross-origin-isolated=*, display-capture=*, document-domain=*, encrypted-media=*, fullscreen=*, geolocation=*, gyroscope=*, magnetometer=*, microphone=*, midi=*, payment=*, picture-in-picture=*, publickey-credentials-get=*, screen-wake-lock=*, sync-xhr=*, usb=*, web-share=*, xr-spatial-tracking=*
accept-ranges: bytes
content-length: 22875
cf-ray: 8c847394ba1c4238-EWR
server: cloudflare

GET
H3 200 s20-pink.jpg
offercongratz.com/landingpage/default/galaxys20/ 21 KB
22 KB 555ms
555ms Image
image/jpeg 2606:4700:3033::6815:43f4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://offercongratz.com/landingpage/default/galaxys20/s20-pink.jpg

Requested by

Host: offercongratz.com
URL: https://offercongratz.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::6815:43f4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4db99e7839902a3525a9df498075cbd9b6029fad3b9417c1bc08b745a0701b23

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.88 Safari/537.36 OPR/73.0.3856.284
Referer

Response headers

cf-cache-status: MISS
etag: "1daf953977cbb7f"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=do9ZYs%2FwkGdiioam58%2F%2FOnaVM9KHsFLNK%2BIp%2BmaJi%2BPix%2FKpaKwSpDSdKwPVjHuFVrxywlLa7ZFRpyXc3Pqqm8zrQ1BVHI30ovbk39FQQLE4OaVioV1B39rc0Wmm6Gsz6X%2BqhVRAA8j9TMd3Q8091g%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
date: Tue, 24 Sep 2024 17:21:33 GMT
content-type: image/jpeg
last-modified: Wed, 28 Aug 2024 14:07:18 GMT
vary: Accept-Encoding
strict-transport-security: max-age=2592000
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer-when-downgrade
request-context: appId=cid-v1:f55d9fd3-4d5b-434f-a460-ecd4c0dd0148
permissions-policy: accelerometer=*, ambient-light-sensor=*, autoplay=*, battery=*, camera=*, cross-origin-isolated=*, display-capture=*, document-domain=*, encrypted-media=*, fullscreen=*, geolocation=*, gyroscope=*, magnetometer=*, microphone=*, midi=*, payment=*, picture-in-picture=*, publickey-credentials-get=*, screen-wake-lock=*, sync-xhr=*, usb=*, web-share=*, xr-spatial-tracking=*
accept-ranges: bytes
content-length: 21631
cf-ray: 8c8473950a944238-EWR
server: cloudflare

GET
H3 200 galaxy-s20_highlights_zoom_x30-4x_v2.jpg
offercongratz.com/landingpage/default/galaxys20/ 632 KB
633 KB 566ms
565ms Image
image/jpeg 2606:4700:3033::6815:43f4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://offercongratz.com/landingpage/default/galaxys20/galaxy-s20_highlights_zoom_x30-4x_v2.jpg

Requested by

Host: offercongratz.com
URL: https://offercongratz.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::6815:43f4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

23b13effce3398c35ade20798df123a2247c781fa933b3732a37d8d911ef005c

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.88 Safari/537.36 OPR/73.0.3856.284
Referer

Response headers

cf-cache-status: MISS
etag: "1daf953977531d9"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=k92aOP9A%2B3YYmrC4kzd8oTUary7RQFvBqfuZZUB9uQbsoRedBU6WXi5XSddYYGnMtaZDzOt9mBMvkIzpgvGXlBZVC1Mj0fr%2FU%2BL1%2B6Hvl1IIVgmI4FH7jObK2nCxO7OyRDnTM02MibgV30Ky45d%2FwA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
date: Tue, 24 Sep 2024 17:21:33 GMT
content-type: image/jpeg
last-modified: Wed, 28 Aug 2024 14:07:18 GMT
vary: Accept-Encoding
strict-transport-security: max-age=2592000
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer-when-downgrade
request-context: appId=cid-v1:f55d9fd3-4d5b-434f-a460-ecd4c0dd0148
permissions-policy: accelerometer=*, ambient-light-sensor=*, autoplay=*, battery=*, camera=*, cross-origin-isolated=*, display-capture=*, document-domain=*, encrypted-media=*, fullscreen=*, geolocation=*, gyroscope=*, magnetometer=*, microphone=*, midi=*, payment=*, picture-in-picture=*, publickey-credentials-get=*, screen-wake-lock=*, sync-xhr=*, usb=*, web-share=*, xr-spatial-tracking=*
accept-ranges: bytes
content-length: 646873
cf-ray: 8c8473958b824238-EWR
server: cloudflare

GET
H3 200 galaxy-s20_highlights_bright-on.jpg
offercongratz.com/landingpage/default/galaxys20/ 247 KB
247 KB 669ms
668ms Image
image/jpeg 2606:4700:3033::6815:43f4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://offercongratz.com/landingpage/default/galaxys20/galaxy-s20_highlights_bright-on.jpg

Requested by

Host: offercongratz.com
URL: https://offercongratz.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::6815:43f4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0d45e38fcec6a0627c6361312e7e7b02079301e53a1afb8c25620ac51a189c3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.88 Safari/537.36 OPR/73.0.3856.284
Referer

Response headers

cf-cache-status: MISS
etag: "1daf953977f3554"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ry6yubpPtE7kEVPuEDnw72i8cRV%2BnsbOgZXrOsgRjMfAEa1iHo7xPQvLdMfmplb0WscG40thSawa58QFqyok%2FdNLUS%2FPLhsY7ISpJ6Z%2FLvMtEzvPNB26K8jXRRkXEJcP5v2gFMHv25puF9Gct%2FcXrw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
date: Tue, 24 Sep 2024 17:21:33 GMT
content-type: image/jpeg
last-modified: Wed, 28 Aug 2024 14:07:18 GMT
vary: Accept-Encoding
strict-transport-security: max-age=2592000
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer-when-downgrade
request-context: appId=cid-v1:f55d9fd3-4d5b-434f-a460-ecd4c0dd0148
permissions-policy: accelerometer=*, ambient-light-sensor=*, autoplay=*, battery=*, camera=*, cross-origin-isolated=*, display-capture=*, document-domain=*, encrypted-media=*, fullscreen=*, geolocation=*, gyroscope=*, magnetometer=*, microphone=*, midi=*, payment=*, picture-in-picture=*, publickey-credentials-get=*, screen-wake-lock=*, sync-xhr=*, usb=*, web-share=*, xr-spatial-tracking=*
accept-ranges: bytes
content-length: 252500
cf-ray: 8c8473958b8b4238-EWR
server: cloudflare

GET
H3 200 samsung-s20-5g-1024x640.jpg
offercongratz.com/landingpage/default/galaxys20/ 20 KB
21 KB 541ms
541ms Image
image/jpeg 2606:4700:3033::6815:43f4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://offercongratz.com/landingpage/default/galaxys20/samsung-s20-5g-1024x640.jpg

Requested by

Host: offercongratz.com
URL: https://offercongratz.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::6815:43f4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

080bf33493e31d3630f50af68bdfbb7ab78409dd60e75723fb31614b112d326b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.88 Safari/537.36 OPR/73.0.3856.284
Referer

Response headers

cf-cache-status: MISS
etag: "1daf953977cbf63"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=e9HvD3KQbHBe26QoUcVidLNJQcrQnsP%2BYnP9dBZ%2FUw8aHO67HJVbqmKBvGEXvk5%2BHkXF%2BvYyImhU6t12T5i9et59SMBwrQIAtevFITEhL6BWh4%2FASQ804deHJIv1LTPL3LtnUDoagi2Npf1Ghz5Nng%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
date: Tue, 24 Sep 2024 17:21:33 GMT
content-type: image/jpeg
last-modified: Wed, 28 Aug 2024 14:07:18 GMT
vary: Accept-Encoding
strict-transport-security: max-age=2592000
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer-when-downgrade
request-context: appId=cid-v1:f55d9fd3-4d5b-434f-a460-ecd4c0dd0148
permissions-policy: accelerometer=*, ambient-light-sensor=*, autoplay=*, battery=*, camera=*, cross-origin-isolated=*, display-capture=*, document-domain=*, encrypted-media=*, fullscreen=*, geolocation=*, gyroscope=*, magnetometer=*, microphone=*, midi=*, payment=*, picture-in-picture=*, publickey-credentials-get=*, screen-wake-lock=*, sync-xhr=*, usb=*, web-share=*, xr-spatial-tracking=*
accept-ranges: bytes
content-length: 20579
cf-ray: 8c8473958b8f4238-EWR
server: cloudflare

GET
H3 200 galaxy-s20_highlights_battery_m.jpg
offercongratz.com/landingpage/default/galaxys20/ 43 KB
43 KB 678ms
677ms Image
image/jpeg 2606:4700:3033::6815:43f4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://offercongratz.com/landingpage/default/galaxys20/galaxy-s20_highlights_battery_m.jpg

Requested by

Host: offercongratz.com
URL: https://offercongratz.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::6815:43f4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

57554f0ffdbfb9d52c8e3a866cf1bb62a48d9fdd91ea66f47a677b0583eb909c

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.88 Safari/537.36 OPR/73.0.3856.284
Referer

Response headers

cf-cache-status: MISS
etag: "1daf953977c4510"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yEMDpK9PVKAXtu1ZNce6A%2F%2BpU0Aa7YfboTFaDw%2F42R28%2Flbte4gpBfmeyrOVzsAAB9TsiIiv6OpgY0LtmHwQ%2FFsA36TAfQM1vxExKCqnEkr7D007ITps2K20Ep93l%2BWHTqZL1Rw6YHMG5cOkyWTzFQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
date: Tue, 24 Sep 2024 17:21:33 GMT
content-type: image/jpeg
last-modified: Wed, 28 Aug 2024 14:07:18 GMT
vary: Accept-Encoding
strict-transport-security: max-age=2592000
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer-when-downgrade
request-context: appId=cid-v1:f55d9fd3-4d5b-434f-a460-ecd4c0dd0148
permissions-policy: accelerometer=*, ambient-light-sensor=*, autoplay=*, battery=*, camera=*, cross-origin-isolated=*, display-capture=*, document-domain=*, encrypted-media=*, fullscreen=*, geolocation=*, gyroscope=*, magnetometer=*, microphone=*, midi=*, payment=*, picture-in-picture=*, publickey-credentials-get=*, screen-wake-lock=*, sync-xhr=*, usb=*, web-share=*, xr-spatial-tracking=*
accept-ranges: bytes
content-length: 43536
cf-ray: 8c8473958b924238-EWR
server: cloudflare

GET
H3 200 galaxy-s20_highlights_storage_m.jpg
offercongratz.com/landingpage/default/galaxys20/ 62 KB
63 KB 596ms
595ms Image
image/jpeg 2606:4700:3033::6815:43f4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://offercongratz.com/landingpage/default/galaxys20/galaxy-s20_highlights_storage_m.jpg

Requested by

Host: offercongratz.com
URL: https://offercongratz.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::6815:43f4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5c3abfefd77f1fb9105c7acc605d9c120bc775c0a6bf99675a3bc5e7dbf11d26

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.88 Safari/537.36 OPR/73.0.3856.284
Referer

Response headers

cf-cache-status: MISS
etag: "1daf953977c171a"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=01jV1CSjtkEiwR%2Bm8YjbZ1HHnJmdCw71a6ifu7p49f5Kp9Nmikcutl3ITMqeXyMSkBcJA14ajRUO%2FUXXo50zsq7uMg1gCFyvfqoPU9TgZTKDhoEsB8UuovBhn1W1s3g%2BrtNaNDti%2BwC9uIrjybsGBg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
date: Tue, 24 Sep 2024 17:21:33 GMT
content-type: image/jpeg
last-modified: Wed, 28 Aug 2024 14:07:18 GMT
vary: Accept-Encoding
strict-transport-security: max-age=2592000
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer-when-downgrade
request-context: appId=cid-v1:f55d9fd3-4d5b-434f-a460-ecd4c0dd0148
permissions-policy: accelerometer=*, ambient-light-sensor=*, autoplay=*, battery=*, camera=*, cross-origin-isolated=*, display-capture=*, document-domain=*, encrypted-media=*, fullscreen=*, geolocation=*, gyroscope=*, magnetometer=*, microphone=*, midi=*, payment=*, picture-in-picture=*, publickey-credentials-get=*, screen-wake-lock=*, sync-xhr=*, usb=*, web-share=*, xr-spatial-tracking=*
accept-ranges: bytes
content-length: 63514
cf-ray: 8c8473958b964238-EWR
server: cloudflare

GET
H3 200 galaxy-s20_highlights_security-gray_m.jpg
offercongratz.com/landingpage/default/galaxys20/ 113 KB
114 KB 547ms
546ms Image
image/jpeg 2606:4700:3033::6815:43f4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://offercongratz.com/landingpage/default/galaxys20/galaxy-s20_highlights_security-gray_m.jpg

Requested by

Host: offercongratz.com
URL: https://offercongratz.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::6815:43f4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4499b116deba451f28dadc233de3143976d85f39122d7f57cc76c7787de693b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.88 Safari/537.36 OPR/73.0.3856.284
Referer

Response headers

cf-cache-status: MISS
etag: "1daf953977d2b3c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=v%2FVqxwIkfnSZNDJgRFWRVu60mLLcXu605ad%2FXNMCmVGUGsILelgyLHmlnG6n%2F0G%2FlAgXCpVhaTsr69eU4iBu0vU5zyRsxODxxIiRT8ZUJtkim2Gfst2UyBnHvIsM90BF39SZd4jl%2BFK6ZPxiBM7JaA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
date: Tue, 24 Sep 2024 17:21:33 GMT
content-type: image/jpeg
last-modified: Wed, 28 Aug 2024 14:07:18 GMT
vary: Accept-Encoding
strict-transport-security: max-age=2592000
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer-when-downgrade
request-context: appId=cid-v1:f55d9fd3-4d5b-434f-a460-ecd4c0dd0148
permissions-policy: accelerometer=*, ambient-light-sensor=*, autoplay=*, battery=*, camera=*, cross-origin-isolated=*, display-capture=*, document-domain=*, encrypted-media=*, fullscreen=*, geolocation=*, gyroscope=*, magnetometer=*, microphone=*, midi=*, payment=*, picture-in-picture=*, publickey-credentials-get=*, screen-wake-lock=*, sync-xhr=*, usb=*, web-share=*, xr-spatial-tracking=*
accept-ranges: bytes
content-length: 115772
cf-ray: 8c8473958b984238-EWR
server: cloudflare

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 130 KB
50 KB 169ms
61ms Script
application/javascript 2607:f8b0:4006:81d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=

Requested by

Host: offercongratz.com
URL: https://offercongratz.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fe127dba2f52537c5bb25a434fcd69dec5c32e31b7fb7c23197c386ed1309375

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.88 Safari/537.36 OPR/73.0.3856.284
Referer

Response headers

content-encoding: br
expires: Tue, 24 Sep 2024 17:21:33 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 24 Sep 2024 17:21:33 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Tue, 24 Sep 2024 16:09:26 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 50336
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 hotjar-3087639.js Show response
static.hotjar.com/c/ 13 KB
5 KB 229ms
126ms Script
application/javascript 108.138.106.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-3087639.js?sv=6

Requested by

Host: offercongratz.com
URL: https://offercongratz.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.106.124 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-106-124.jfk50.r.cloudfront.net

Software

Resource Hash

7bb7b58cedbf510af93e0034287627123a5c6605bdf3760c1cfd3dea76382012

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.88 Safari/537.36 OPR/73.0.3856.284
Referer

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
cache-control: max-age=60
content-encoding: br
etag: W/7c475cfe21f64ea3d285a44752abd04e
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-cache-hit: 1
via: 1.1 6741f9acf28bc52b25f06e9986a71e26.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
x-amz-cf-id: x_AAdZTFYG1q2nuDClgoSDk2-MPORzDAuvBErTVlDhmvnrKfmxHuKg==
date: Tue, 24 Sep 2024 17:21:33 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
x-amz-cf-pop: JFK50-P3

GET
H3 200 flags.png
offercongratz.com/landingpage/shared/ 22 KB
23 KB 520ms
519ms Image
image/png 2606:4700:3033::6815:43f4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://offercongratz.com/landingpage/shared/flags.png

Requested by

Host: offercongratz.com
URL: https://offercongratz.com/landingpage/shared/css/global_custom_styles2.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::6815:43f4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bf910b387df8729b95fbaaba6991affef9ffbb682e227c875db3854b1a698657

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.88 Safari/537.36 OPR/73.0.3856.284
Referer: https://offercongratz.com/landingpage/shared/css/global_custom_styles2.css

Response headers

cf-cache-status: MISS
etag: "1daf9539b102f07"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=L%2FKZAinF1Dk7e0kTRtTRYZAuWyBkom%2Fuk1XK7iiETLsSSpfu4RZJ%2BCW0YPA2LR319Wop4f4XsItWPTFUU98FoJ75lJ8FSM%2FSuK5jarawma%2ByGlrVYTwnwqJxqnY5Y9PUJ0L9ho7SwxGyKX1JVcAVPg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
date: Tue, 24 Sep 2024 17:21:33 GMT
content-type: image/png
last-modified: Wed, 28 Aug 2024 14:07:24 GMT
vary: Accept-Encoding
strict-transport-security: max-age=2592000
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer-when-downgrade
request-context: appId=cid-v1:f55d9fd3-4d5b-434f-a460-ecd4c0dd0148
permissions-policy: accelerometer=*, ambient-light-sensor=*, autoplay=*, battery=*, camera=*, cross-origin-isolated=*, display-capture=*, document-domain=*, encrypted-media=*, fullscreen=*, geolocation=*, gyroscope=*, magnetometer=*, microphone=*, midi=*, payment=*, picture-in-picture=*, publickey-credentials-get=*, screen-wake-lock=*, sync-xhr=*, usb=*, web-share=*, xr-spatial-tracking=*
accept-ranges: bytes
content-length: 22791
cf-ray: 8c8473950a914238-EWR
server: cloudflare

GET
H2 200 modules.0721e7cf944cf9d78a0b.js Show response
script.hotjar.com/ 224 KB
56 KB 179ms
56ms Script
application/javascript 18.164.96.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.0721e7cf944cf9d78a0b.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-3087639.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.96.90 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-96-90.jfk50.r.cloudfront.net

Software

Resource Hash

b59aea27fa8369f30285b9c3875597435dfce1fc0571555adcc11d210cb9bd1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.88 Safari/537.36 OPR/73.0.3856.284
Referer

Response headers

x-robots-tag: none
content-encoding: br
etag: "ac12d2f9dbf41b678b7eb52a4d3e70f3"
age: 446366
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: f3Xvnx52hr0PqMT5Uuy3UibggVFYnua6PJelXkAWFFAiPfj9haFCrQ==
date: Thu, 19 Sep 2024 13:22:07 GMT
content-type: application/javascript; charset=utf-8
last-modified: Thu, 19 Sep 2024 13:21:34 GMT
vary: Accept-Encoding
strict-transport-security: max-age=2592000; includeSubDomains
cache-control: max-age=31536000
cross-origin-resource-policy: cross-origin
via: 1.1 98bc8180e0431e8f05afc9802305f1d2.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 56508
x-amz-cf-pop: JFK50-P5

GET
H3 200 favicon-32x32.png
offercongratz.com/landingpage/default/galaxys20/ 2 KB
3 KB 521ms
520ms Other
image/png 2606:4700:3033::6815:43f4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://offercongratz.com/landingpage/default/galaxys20/favicon-32x32.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::6815:43f4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a606a42f4afc5b07849fcc7aa7e9484f7b6b664bc867fa11757ad35c2d555d82

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.88 Safari/537.36 OPR/73.0.3856.284
Referer

Response headers

cf-cache-status: MISS
etag: "1daf953977ce9f4"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cqXcXpQnLUQB74KG3CRIP675mcz4vyzACyuouJyBSQtaUEGK5r2kn6WKw3B9nkeHSKukWgRXzk624cSQJzrwQh2zk36dCciyeroLrGwFyhZz1D7KztbF9gfG67zrsbiHD5pM3Ba%2BCLjrYoZfQ9GwMA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
date: Tue, 24 Sep 2024 17:21:34 GMT
content-type: image/png
last-modified: Wed, 28 Aug 2024 14:07:18 GMT
vary: Accept-Encoding
strict-transport-security: max-age=2592000
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer-when-downgrade
request-context: appId=cid-v1:f55d9fd3-4d5b-434f-a460-ecd4c0dd0148
permissions-policy: accelerometer=*, ambient-light-sensor=*, autoplay=*, battery=*, camera=*, cross-origin-isolated=*, display-capture=*, document-domain=*, encrypted-media=*, fullscreen=*, geolocation=*, gyroscope=*, magnetometer=*, microphone=*, midi=*, payment=*, picture-in-picture=*, publickey-credentials-get=*, screen-wake-lock=*, sync-xhr=*, usb=*, web-share=*, xr-spatial-tracking=*
accept-ranges: bytes
content-length: 1780
cf-ray: 8c84739bad3a4238-EWR
server: cloudflare

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Scam (Online)

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.d8s9dstrk.com/	1970-01-20 23:48:04	Name: uniqueClick_D42TT Value: 950f358a-f9f1-47ac-9626-5e1896e9ff6e:1727198490
www.d8s9dstrk.com/	1970-01-21 01:56:14	Name: transaction_id Value: 32ed742a75ee4c2b810b10074c7ebaf0
offercongratz.com/	1970-01-20 23:48:04	Name: pBREix18eUOkYK56GVtXMg Value: %7B%22id%22%3A12%2C%22cc%22%3A%22RO%22%2C%22pid%22%3Anull%2C%22cid%22%3Anull%2C%22clickid%22%3A%2232ed742a75ee4c2b810b10074c7ebaf0%22%2C%22subid%22%3Anull%2C%22sourceid%22%3A%2277725%22%2C%22s3%22%3Anull%2C%22sub4%22%3Anull%2C%22sessionid%22%3Anull%2C%22firstname%22%3Anull%2C%22lastname%22%3Anull%2C%22email%22%3Anull%2C%22phone%22%3Anull%2C%22address%22%3Anull%2C%22zip%22%3Anull%2C%22city%22%3Anull%2C%22tt%22%3Anull%2C%22attempts%22%3Anull%2C%22lastAttempt%22%3Anull%2C%22exitUrl%22%3A%22https%3A%2F%2Fwww.virtualmingu.com%2Fcmp%2F4HB2FQ%2FD7256%2F%22%2C%22hotjarSiteId%22%3A%223087639%22%2C%22product%22%3Anull%2C%22utm_source%22%3Anull%2C%22utm_medium%22%3Anull%2C%22utm_campaign%22%3Anull%2C%22utm_term%22%3Anull%2C%22utm_content%22%3Anull%2C%22affid%22%3A%22747F1532%22%2C%22dtc%22%3Anull%7D
.offercongratz.com/	1970-01-21 08:32:14	Name: _hjSessionUser_3087639 Value: eyJpZCI6ImE4N2I1NTNjLTBmMGItNTFlYy05NmIyLTMyZjcwNWMxZDkwNCIsImNyZWF0ZWQiOjE3MjcxOTg0OTM0MjEsImV4aXN0aW5nIjpmYWxzZX0=
.offercongratz.com/	1970-01-20 23:46:40	Name: _hjSession_3087639 Value: eyJpZCI6IjU4ZjZmZmE5LTQwZWMtNDBmNy1iMmJjLTNiMzA0ZGIwN2RmZiIsImMiOjE3MjcxOTg0OTM0MjIsInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'battery'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'document-domain'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
offercongratz.com
script.hotjar.com
static.hotjar.com
www.d8s9dstrk.com
www.googletagmanager.com
108.138.106.124
18.164.96.90
2606:4700:3033::6815:43f4
2606:4700::6812:ba1f
2607:f8b0:4006:81d::2008
35.244.255.50
080bf33493e31d3630f50af68bdfbb7ab78409dd60e75723fb31614b112d326b
0d45e38fcec6a0627c6361312e7e7b02079301e53a1afb8c25620ac51a189c3d
0e7dc1bc82c5d28a9130106a826753f7d3cc6065edb240c416760aa585dd2f97
173279ff6aea7bbbd52731f7ae563bbd9bf9d145e90229944db77050dad8bc32
23b13effce3398c35ade20798df123a2247c781fa933b3732a37d8d911ef005c
3017df4a76db5f01c2b99b603d88b03106df13bcfe18e67b7c13c2341d3a67df
41d9257c9eaafad36bf640fe751268c73632f9f887551426feff11663024c925
4499b116deba451f28dadc233de3143976d85f39122d7f57cc76c7787de693b1
4db99e7839902a3525a9df498075cbd9b6029fad3b9417c1bc08b745a0701b23
57554f0ffdbfb9d52c8e3a866cf1bb62a48d9fdd91ea66f47a677b0583eb909c
5c3abfefd77f1fb9105c7acc605d9c120bc775c0a6bf99675a3bc5e7dbf11d26
5ef2a720331e4c1118011b2f20d59dce90240399aada33da085fa9f5e31906f1
704310a6576cc896a22d809ec454733575e35ede59618e13cfc4ab3c8bf05887
7bb7b58cedbf510af93e0034287627123a5c6605bdf3760c1cfd3dea76382012
82f64f62bb03c1bc1824b0f9c9e05f70dba33e146818e63cdf5c306c8cf3dedd
a543f74bd902dc846a9607cc33de25bf235bd035b3c1a99351924d5f9bdfca78
a606a42f4afc5b07849fcc7aa7e9484f7b6b664bc867fa11757ad35c2d555d82
af211fcda28819c19e60eeb0f56044e3a1ba3bad3aeff4c4df7d0bfac9e53ef2
b59aea27fa8369f30285b9c3875597435dfce1fc0571555adcc11d210cb9bd1b
bf910b387df8729b95fbaaba6991affef9ffbb682e227c875db3854b1a698657
c25786b4fb9a3a2313b94b4a67fd637f0f57a376271e7db2e49e35fa8130a3b6
c5a586d4f614ae52a45005fb613fb41df836c56861b275dc334020172639e078
eba9d09ae922a71dd52fe9e703a66695424e9b22f5cb43b8b6452e31a2bda9a1
f500c64e2648cd56f97d2e61c8ba49c86adda6d8e020d54b42499c5eb55e1b58
fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a
fe127dba2f52537c5bb25a434fcd69dec5c32e31b7fb7c23197c386ed1309375

offercongratz.com Open in urlscan Pro 2606:4700:3033::6815:43f4 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

26 Requests

100 %HTTPS

50 %IPv6

5 Domains

6 Subdomains

5 IPs

1 Countries

1467 kBTransfer

2156 kBSize

5 Cookies

0 Outgoing links

Page URL History

Redirected requests

26 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

17 JavaScript Global Variables

offercongratz.com Open in urlscan Pro
2606:4700:3033::6815:43f4 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

26
Requests

100 %
HTTPS

50 %
IPv6

5
Domains

6
Subdomains

5
IPs

1
Countries

1467 kB
Transfer

2156 kB
Size

5
Cookies

26 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!