urlscan.io logo urlscan.io
SecurityTrails logo

promo3.info-extremechat.com Open in urlscan Pro
2606:4700:4400::6812:2ac7  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://s.datingclix.com/d.php?z=24
Effective URL: https://promo3.info-extremechat.com/landing/mlp8020?subPublisher=popunder%3A%7BSubId1%7D&zone=popunder%3A%7BSubId1%7D&adformat=banne...
Submission: On August 03 via api from US — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 4 countries across 9 domains to perform 33 HTTP transactions. The main IP is 2606:4700:4400::6812:2ac7, located in United States and belongs to CLOUDFLARENET, US. The main domain is promo3.info-extremechat.com.
TLS certificate: Issued by E5 on June 12th 2024. Valid for: 3 months.
This is the only time promo3.info-extremechat.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2 95.211.229.248 60781 (LEASEWEB-...)
1 1 2600:9000:267... 16509 (AMAZON-02)
2 2600:9000:249... 16509 (AMAZON-02)
1 2600:9000:267... 16509 (AMAZON-02)
2 5 2606:4700:440... 13335 (CLOUDFLAR...)
1 3 2606:4700:440... 13335 (CLOUDFLAR...)
8 2606:4700:440... 13335 (CLOUDFLAR...)
1 104.18.11.207 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
10 2606:4700:440... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
33 10
2    95.211.229.248 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ds03.evo.0x3e.net
s.datingclix.com
1    2600:9000:2670:1400:1c:fa95:8e00:93a1 (United States)

ASN16509 (AMAZON-02, US)
offeradvi.com
2    2600:9000:2491:c400:d:c391:2180:93a1 (United States)

ASN16509 (AMAZON-02, US)
longstyles.com
1    2600:9000:2670:c800:1c:fa95:8e00:93a1 (United States)

ASN16509 (AMAZON-02, US)
offeradvi.com
5    2606:4700:4400::ac40:97fd (United States)

ASN13335 (CLOUDFLARENET, US)
eu-adsrv.rtbsuperhub.com
3    2606:4700:4400::6812:2ac7 (United States)

ASN13335 (CLOUDFLARENET, US)
promo3.info-extremechat.com
8    2606:4700:4400::6812:23e7 (United States)

ASN13335 (CLOUDFLARENET, US)
lpmedia.servefilesonly.com
1    104.18.11.207 (None, )

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
2    2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
10    2606:4700:4400::ac40:9819 (United States)

ASN13335 (CLOUDFLARENET, US)
imedia.servefilesonly.com
1    2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
3    2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
18 servefilesonly.com
lpmedia.servefilesonly.com — Cisco Umbrella Rank: 241271
imedia.servefilesonly.com — Cisco Umbrella Rank: 241222
834 KB
5 rtbsuperhub.com
eu-adsrv.rtbsuperhub.com — Cisco Umbrella Rank: 51396
1 KB
3 gstatic.com
fonts.gstatic.com
68 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 110
ajax.googleapis.com — Cisco Umbrella Rank: 641
32 KB
3 info-extremechat.com
promo3.info-extremechat.com
11 KB
2 longstyles.com
longstyles.com — Cisco Umbrella Rank: 917265
2 KB
2 offeradvi.com
offeradvi.com — Cisco Umbrella Rank: 619925
2 KB
2 datingclix.com
s.datingclix.com
1 KB
1 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1832
8 KB
33 9
Domain Requested by
10 imedia.servefilesonly.com promo3.info-extremechat.com
8 lpmedia.servefilesonly.com promo3.info-extremechat.com
lpmedia.servefilesonly.com
5 eu-adsrv.rtbsuperhub.com 2 redirects promo3.info-extremechat.com
3 fonts.gstatic.com fonts.googleapis.com
3 promo3.info-extremechat.com 1 redirects offeradvi.com
2 fonts.googleapis.com promo3.info-extremechat.com
2 longstyles.com offeradvi.com
2 offeradvi.com 1 redirects longstyles.com
2 s.datingclix.com 2 redirects
1 ajax.googleapis.com promo3.info-extremechat.com
1 maxcdn.bootstrapcdn.com promo3.info-extremechat.com
33 11

This site contains links to these domains. Also see Links.

Domain
eu-adsrv.rtbsuperhub.com
Subject Issuer Validity Valid
longstyles.com
Amazon RSA 2048 M02		 2023-11-02 -
2024-11-30		 a year crt.sh
offeradvi.com
Amazon RSA 2048 M02		 2023-11-01 -
2024-11-29		 a year crt.sh
info-extremechat.com
E5		 2024-06-12 -
2024-09-10		 3 months crt.sh
servefilesonly.com
E6		 2024-06-08 -
2024-09-06		 3 months crt.sh
bootstrapcdn.com
WE1		 2024-07-23 -
2024-10-21		 3 months crt.sh
upload.video.google.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
rtbsuperhub.com
E6		 2024-06-07 -
2024-09-05		 3 months crt.sh
*.gstatic.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh

This page contains 4 frames:

Primary Page: https://promo3.info-extremechat.com/landing/mlp8020?subPublisher=popunder%3A%7BSubId1%7D&zone=popunder%3A%7BSubId1%7D&adformat=banner&auctionid=66ae5c5e33693-10000&uniqueid=%7Bunique_id%7D&name=14118_push_nld_mobile_bb_c5dd47aa&width=300&height=100&newservice=true&cmsid=landing--mlp8020--landing--cs8002&tpcampid=295d2661-2137-4644-8a05-e9ef93c4f35e&imp_tagid=14118_push_nld_mobile_bb_c5dd47aa&uid=TP-66ae5c5e3361a1.46214567&campaign_lp=2%3Alanding--mlp8020--landing--cs8002&product=fetooweb&external_param=dc8c323643e6aeae3329c7727e60b9e1ce4e42e3&zz=true&nextPage=%2Flanding%2Fcs8002&hit_id=b6f93513-5d76-4554-9110-cb5d9ffe7d6d&tp_redirect_id=b6f93513-5d76-4554-9110-cb5d9ffe7d6d&tag=b6f93513-5d76-4554-9110-cb5d9ffe7d6d&clickId=b6f93513-5d76-4554-9110-cb5d9ffe7d6d
Frame ID: F6AEA638E0E883AB7D722CE9D50DAEFC
Requests: 30 HTTP requests in this frame

Frame: https://eu-adsrv.rtbsuperhub.com/ir/?placement=d3576b3a-15f4-448e-9e4f-476488bb8941
Frame ID: 9921EED4708DC53459F4526F7EDE5ABB
Requests: 1 HTTP requests in this frame

Frame: https://eu-adsrv.rtbsuperhub.com/ir/?placement=ba0410fc-3b46-4740-8f06-c193862ff3a6
Frame ID: 13CA7D7678B09686F15C45AF915A3C03
Requests: 1 HTTP requests in this frame

Frame: https://eu-adsrv.rtbsuperhub.com/ir/?placement=c9dc4a93-efff-4944-8f45-82deafd6cdd3
Frame ID: 78D99DB3E648260C78F4E82CE4FD9E69
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

promo.info-extremechat.com

Page URL History Show full URLs

  1. https://s.datingclix.com/d.php?z=24 HTTP 302
    https://s.datingclix.com/d.php?z=24&dlo=1 HTTP 302
    https://offeradvi.com/tds/rsl?tdsId=s3677ser_r&tds_campaign=s3677ser&utm_campaign=c5dd47aa&utm_sou... HTTP 302
    https://longstyles.com/tds/interlayer/eb/s/80d9e0168ade0ee17334d49199c26c7d?__t=1722702941833&__l=3... Page URL
  2. https://eu-adsrv.rtbsuperhub.com/ir/?placement=8cf7bf3d-5c9a-44bf-b694-16383e6598e9&external_param=dc8c323643... HTTP 302
    https://eu-adsrv.rtbsuperhub.com/click//?subPublisher=popunder:{SubId1}&zone=popunder:{SubId1}&adformat=banne... HTTP 302
    https://promo3.info-extremechat.com/landing/mlp8020?subPublisher=popunder:{SubId1}&zone=popunder:{SubId1}&adform... HTTP 301
    https://promo3.info-extremechat.com/landing/mlp8020?subPublisher=popunder%3A%7BSubId1%7D&zone=popunder%3A%7BSubI... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

33
Requests

100 %
HTTPS

83 %
IPv6

9
Domains

11
Subdomains

10
IPs

4
Countries

956 kB
Transfer

1078 kB
Size

9
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://s.datingclix.com/d.php?z=24 HTTP 302
    https://s.datingclix.com/d.php?z=24&dlo=1 HTTP 302
    https://offeradvi.com/tds/rsl?tdsId=s3677ser_r&tds_campaign=s3677ser&utm_campaign=c5dd47aa&utm_source=arba&utm_term=mob_cpc_nld_bb&s1=arb&data2=opdRNHPLTHNVLHNNc4H2zp6XVTy0ulc6al1Fzp3TVOldK6V1NdNFU80rp7KaK7rXT2U2W3TOldM6V0rpXSumdK6V0znOlc5zpXSuldK6V0rpXSuldNZPPZLPdTM5zpXSuldK6V0rpXSuldK6Z1M.fGu8889c.m9Fmsu8vEs.c9ktm2dVGjg.wA--&p1={SubId1}&s2=&p5=14 HTTP 302
    https://longstyles.com/tds/interlayer/eb/s/80d9e0168ade0ee17334d49199c26c7d?__t=1722702941833&__l=3600&__c=dc8c323643e6aeae3329c7727e60b9e1ce4e42e3&__u= Page URL
  2. https://eu-adsrv.rtbsuperhub.com/ir/?placement=8cf7bf3d-5c9a-44bf-b694-16383e6598e9&external_param=dc8c323643e6aeae3329c7727e60b9e1ce4e42e3&subPublisher=%7BSubId1%7D HTTP 302
    https://eu-adsrv.rtbsuperhub.com/click//?subPublisher=popunder:{SubId1}&zone=popunder:{SubId1}&adformat=banner&auctionid=66ae5c5e33693-10000&uniqueid={unique_id}&name=14118_push_nld_mobile_bb_c5dd47aa&width=300&height=100&newservice=true&cmsid=landing--mlp8020--landing--cs8002&tpcampid=295d2661-2137-4644-8a05-e9ef93c4f35e&imp_tagid=14118_push_nld_mobile_bb_c5dd47aa&uid=TP-66ae5c5e3361a1.46214567&campaign_lp=2:landing--mlp8020--landing--cs8002&product=fetooweb&external_param=dc8c323643e6aeae3329c7727e60b9e1ce4e42e3 HTTP 302
    https://promo3.info-extremechat.com/landing/mlp8020?subPublisher=popunder:{SubId1}&zone=popunder:{SubId1}&adformat=banner&auctionid=66ae5c5e33693-10000&uniqueid={unique_id}&name=14118_push_nld_mobile_bb_c5dd47aa&width=300&height=100&newservice=true&cmsid=landing--mlp8020--landing--cs8002&tpcampid=295d2661-2137-4644-8a05-e9ef93c4f35e&imp_tagid=14118_push_nld_mobile_bb_c5dd47aa&uid=TP-66ae5c5e3361a1.46214567&campaign_lp=2:landing--mlp8020--landing--cs8002&product=fetooweb&external_param=dc8c323643e6aeae3329c7727e60b9e1ce4e42e3&zz=true&nextPage=/landing/cs8002 HTTP 301
    https://promo3.info-extremechat.com/landing/mlp8020?subPublisher=popunder%3A%7BSubId1%7D&zone=popunder%3A%7BSubId1%7D&adformat=banner&auctionid=66ae5c5e33693-10000&uniqueid=%7Bunique_id%7D&name=14118_push_nld_mobile_bb_c5dd47aa&width=300&height=100&newservice=true&cmsid=landing--mlp8020--landing--cs8002&tpcampid=295d2661-2137-4644-8a05-e9ef93c4f35e&imp_tagid=14118_push_nld_mobile_bb_c5dd47aa&uid=TP-66ae5c5e3361a1.46214567&campaign_lp=2%3Alanding--mlp8020--landing--cs8002&product=fetooweb&external_param=dc8c323643e6aeae3329c7727e60b9e1ce4e42e3&zz=true&nextPage=%2Flanding%2Fcs8002&hit_id=b6f93513-5d76-4554-9110-cb5d9ffe7d6d&tp_redirect_id=b6f93513-5d76-4554-9110-cb5d9ffe7d6d&tag=b6f93513-5d76-4554-9110-cb5d9ffe7d6d&clickId=b6f93513-5d76-4554-9110-cb5d9ffe7d6d Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://s.datingclix.com/d.php?z=24 HTTP 302
  • https://s.datingclix.com/d.php?z=24&dlo=1 HTTP 302
  • https://offeradvi.com/tds/rsl?tdsId=s3677ser_r&tds_campaign=s3677ser&utm_campaign=c5dd47aa&utm_source=arba&utm_term=mob_cpc_nld_bb&s1=arb&data2=opdRNHPLTHNVLHNNc4H2zp6XVTy0ulc6al1Fzp3TVOldK6V1NdNFU80rp7KaK7rXT2U2W3TOldM6V0rpXSumdK6V0znOlc5zpXSuldK6V0rpXSuldNZPPZLPdTM5zpXSuldK6V0rpXSuldK6Z1M.fGu8889c.m9Fmsu8vEs.c9ktm2dVGjg.wA--&p1={SubId1}&s2=&p5=14 HTTP 302
  • https://longstyles.com/tds/interlayer/eb/s/80d9e0168ade0ee17334d49199c26c7d?__t=1722702941833&__l=3600&__c=dc8c323643e6aeae3329c7727e60b9e1ce4e42e3&__u=

33 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
80d9e0168ade0ee17334d49199c26c7d
longstyles.com/tds/interlayer/eb/s/
Redirect Chain
  • https://s.datingclix.com/d.php?z=24
  • https://s.datingclix.com/d.php?z=24&dlo=1
  • https://offeradvi.com/tds/rsl?tdsId=s3677ser_r&tds_campaign=s3677ser&utm_campaign=c5dd47aa&utm_source=arba&utm_term=mob_cpc_nld_bb&s1=arb&data2=opdRNHPLTHNVLHNNc4H2zp6XVTy0ulc6al1Fzp3TVOldK6V1NdNFU...
  • https://longstyles.com/tds/interlayer/eb/s/80d9e0168ade0ee17334d49199c26c7d?__t=1722702941833&__l=3600&__c=dc8c323643e6aeae3329c7727e60b9e1ce4e42e3&__u=
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://longstyles.com/tds/interlayer/eb/s/80d9e0168ade0ee17334d49199c26c7d?__t=1722702941833&__l=3600&__c=dc8c323643e6aeae3329c7727e60b9e1ce4e42e3&__u=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:c400:d:c391:2180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
f917c828b2679ca76b4c0b106909d38dc1fe5a18304073ce3f0d8b35d66100f8

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Platform, Sec-CH-UA-Wow64, Sec-CH-UA
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-encoding
gzip
content-type
text/html
date
Sat, 03 Aug 2024 16:35:41 GMT
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
nginx
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 62e7b24ca032b612bb93fa7f3437469c.cloudfront.net (CloudFront)
x-amz-cf-id
H3P3DdNVS1Emy4M_wKiUA1ZgRXjn6eqplERiKUABarUbbltQs_0aHQ==
x-amz-cf-pop
FRA56-P7
x-cache
Miss from cloudfront

Redirect headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Platform, Sec-CH-UA-Wow64, Sec-CH-UA
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Sat, 03 Aug 2024 16:35:41 GMT
location
https://longstyles.com/tds/interlayer/eb/s/80d9e0168ade0ee17334d49199c26c7d?__t=1722702941833&__l=3600&__c=dc8c323643e6aeae3329c7727e60b9e1ce4e42e3&__u=
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
nginx
timing-allow-origin
*
via
1.1 43b9d5592d1dc6a44adc7ebaaf183280.cloudfront.net (CloudFront)
x-amz-cf-id
jJ87R9E2NCXndTuKWX6lTwMR-ONOhS6Ht4NvEiud63HVwdKA1xYOJA==
x-amz-cf-pop
FRA56-P9
x-cache
Miss from cloudfront
index.js
offeradvi.com/lp-external/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://offeradvi.com/lp-external/index.js
Requested by
Host: longstyles.com
URL: https://longstyles.com/tds/interlayer/eb/s/80d9e0168ade0ee17334d49199c26c7d?__t=1722702941833&__l=3600&__c=dc8c323643e6aeae3329c7727e60b9e1ce4e42e3&__u=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2670:c800:1c:fa95:8e00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://longstyles.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 03 Aug 2024 16:35:42 GMT
content-encoding
gzip
via
1.1 4f3281e2362f23bf5efc65311d3defb0.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P9
x-cache
Miss from cloudfront
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 24 Jul 2024 13:56:00 GMT
server
nginx
etag
W/"8b7-190e5070180"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=3600
accept-ranges
bytes
timing-allow-origin
*
x-robots-tag
noindex
x-amz-cf-id
PtAqNo7f_T6Q2MYHSneR6hlNCkikcZAF4TfZfyiSwWcuy1bWAb086A==
interlayer
longstyles.com/tds/ 		0
500 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://longstyles.com/tds/interlayer?handler=ExternalBackofferEvent&urlIn=https%3A%2F%2Flongstyles.com%2Ftds%2Finterlayer%2Feb%2Fs%2F80d9e0168ade0ee17334d49199c26c7d%3F__t%3D1722702941833%26__l%3D3600%26__c%3Ddc8c323643e6aeae3329c7727e60b9e1ce4e42e3%26__u%3D&urlOut=https%3A%2F%2Feu-adsrv.rtbsuperhub.com%2Fir%2F%3Fplacement%3D8cf7bf3d-5c9a-44bf-b694-16383e6598e9%26external_param%3Ddc8c323643e6aeae3329c7727e60b9e1ce4e42e3%26subPublisher%3D%257BSubId1%257D&altQs=utm_campaign%3Dc5dd47aa%26utm_source%3Darba%26utm_content%3D%257Butm_content%257D%26utm_term%3Dmob_cpc_nld_bb%26data2%3DopdRNHPLTHNVLHNNc4H2zp6XVTy0ulc6al1Fzp3TVOldK6V1NdNFU80rp7KaK7rXT2U2W3TOldM6V0rpXSumdK6V0znOlc5zpXSuldK6V0rpXSuldNZPPZLPdTM5zpXSuldK6V0rpXSuldK6Z1M.fGu8889c.m9Fmsu8vEs.c9ktm2dVGjg.wA--%26p1%3D%257BSubId1%257D%26p2%3D%257Bp2%257D%26s1%3Darb%26s2%3D%257Bemail%257D%26tds_campaign%3Db1705sen%26tds_id%3Db1705sen_lp_a_1716911866764_bo%26tds_oid%3D15651d89%26tds_cid%3Ddc8c323643e6aeae3329c7727e60b9e1ce4e42e3%26tds_ac_id%3Ds3677ser%26tds_host%3Dofferadvi.com%26tds_path%3D%252Ftds%252Frsl%26dci%3Da9e7cdbb370ba14ed4362582e1ad708ddcfb7cdb%26tds_ps%3Da&tdsCid=dc8c323643e6aeae3329c7727e60b9e1ce4e42e3&reason=beacon&visitsCount=1&ts=1722702942113
Requested by
Host: offeradvi.com
URL: https://offeradvi.com/lp-external/index.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:c400:d:c391:2180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://longstyles.com/tds/interlayer/eb/s/80d9e0168ade0ee17334d49199c26c7d?__t=1722702941833&__l=3600&__c=dc8c323643e6aeae3329c7727e60b9e1ce4e42e3&__u=
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 03 Aug 2024 16:35:42 GMT
via
1.1 62e7b24ca032b612bb93fa7f3437469c.cloudfront.net (CloudFront)
server
nginx
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Platform, Sec-CH-UA-Wow64, Sec-CH-UA
x-amz-cf-pop
FRA56-P7
x-cache
Miss from cloudfront
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
Lwuz22UwMJjT6EyzgHg95suY-pG8QdOQQDxv_yyz1HkzcmBwUgUrtg==
Primary Request mlp8020
promo3.info-extremechat.com/landing/
Redirect Chain
  • https://eu-adsrv.rtbsuperhub.com/ir/?placement=8cf7bf3d-5c9a-44bf-b694-16383e6598e9&external_param=dc8c323643e6aeae3329c7727e60b9e1ce4e42e3&subPublisher=%7BSubId1%7D
  • https://eu-adsrv.rtbsuperhub.com/click//?subPublisher=popunder:{SubId1}&zone=popunder:{SubId1}&adformat=banner&auctionid=66ae5c5e33693-10000&uniqueid={unique_id}&name=14118_push_nld_mobile_bb_c5dd4...
  • https://promo3.info-extremechat.com/landing/mlp8020?subPublisher=popunder:{SubId1}&zone=popunder:{SubId1}&adformat=banner&auctionid=66ae5c5e33693-10000&uniqueid={unique_id}&name=14118_push_nld_mobi...
  • https://promo3.info-extremechat.com/landing/mlp8020?subPublisher=popunder%3A%7BSubId1%7D&zone=popunder%3A%7BSubId1%7D&adformat=banner&auctionid=66ae5c5e33693-10000&uniqueid=%7Bunique_id%7D&name=141...
31 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://promo3.info-extremechat.com/landing/mlp8020?subPublisher=popunder%3A%7BSubId1%7D&zone=popunder%3A%7BSubId1%7D&adformat=banner&auctionid=66ae5c5e33693-10000&uniqueid=%7Bunique_id%7D&name=14118_push_nld_mobile_bb_c5dd47aa&width=300&height=100&newservice=true&cmsid=landing--mlp8020--landing--cs8002&tpcampid=295d2661-2137-4644-8a05-e9ef93c4f35e&imp_tagid=14118_push_nld_mobile_bb_c5dd47aa&uid=TP-66ae5c5e3361a1.46214567&campaign_lp=2%3Alanding--mlp8020--landing--cs8002&product=fetooweb&external_param=dc8c323643e6aeae3329c7727e60b9e1ce4e42e3&zz=true&nextPage=%2Flanding%2Fcs8002&hit_id=b6f93513-5d76-4554-9110-cb5d9ffe7d6d&tp_redirect_id=b6f93513-5d76-4554-9110-cb5d9ffe7d6d&tag=b6f93513-5d76-4554-9110-cb5d9ffe7d6d&clickId=b6f93513-5d76-4554-9110-cb5d9ffe7d6d
Requested by
Host: offeradvi.com
URL: https://offeradvi.com/lp-external/index.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
27b7a9bdb88b0eca31205be110218a5d2eaef5baae42f7f7896ff30dbeda38fc

Request headers

Referer
https://longstyles.com/tds/interlayer/eb/s/80d9e0168ade0ee17334d49199c26c7d?__t=1722702941833&__l=3600&__c=dc8c323643e6aeae3329c7727e60b9e1ce4e42e3&__u=
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
X-Requested-With, Content-Type, Accept, Origin, Authorization
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS, HEAD
access-control-allow-origin
*
cache-control
max-age=0, private, must-revalidate no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-cache-status
DYNAMIC
cf-ray
8ad7b8efbaca66e7-AMS
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sat, 03 Aug 2024 16:35:42 GMT
link
<promo3.info-extremechat.com/landing/mlp8020?tpcampid=6bed10a3-d244-4d7c-ae2f-3d82f6504b1d>; rel="canonical"
pragma
no-cache
server
cloudflare
vary
Accept-Encoding

Redirect headers

access-control-allow-headers
X-Requested-With, Content-Type, Accept, Origin, Authorization
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS, HEAD
access-control-allow-origin
*
cache-control
max-age=0, private, must-revalidate no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-cache-status
DYNAMIC
cf-ray
8ad7b8ef1a3566e7-AMS
content-type
text/html; charset=UTF-8
date
Sat, 03 Aug 2024 16:35:42 GMT
location
https://promo3.info-extremechat.com/landing/mlp8020?subPublisher=popunder%3A%7BSubId1%7D&zone=popunder%3A%7BSubId1%7D&adformat=banner&auctionid=66ae5c5e33693-10000&uniqueid=%7Bunique_id%7D&name=14118_push_nld_mobile_bb_c5dd47aa&width=300&height=100&newservice=true&cmsid=landing--mlp8020--landing--cs8002&tpcampid=295d2661-2137-4644-8a05-e9ef93c4f35e&imp_tagid=14118_push_nld_mobile_bb_c5dd47aa&uid=TP-66ae5c5e3361a1.46214567&campaign_lp=2%3Alanding--mlp8020--landing--cs8002&product=fetooweb&external_param=dc8c323643e6aeae3329c7727e60b9e1ce4e42e3&zz=true&nextPage=%2Flanding%2Fcs8002&hit_id=b6f93513-5d76-4554-9110-cb5d9ffe7d6d&tp_redirect_id=b6f93513-5d76-4554-9110-cb5d9ffe7d6d&tag=b6f93513-5d76-4554-9110-cb5d9ffe7d6d&clickId=b6f93513-5d76-4554-9110-cb5d9ffe7d6d
pragma
no-cache
server
cloudflare
styles.min.css
lpmedia.servefilesonly.com/build/widgets/registrationFormBuilder/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://lpmedia.servefilesonly.com/build/widgets/registrationFormBuilder/styles.min.css?1389020
Requested by
Host: promo3.info-extremechat.com
URL: https://promo3.info-extremechat.com/landing/mlp8020?subPublisher=popunder%3A%7BSubId1%7D&zone=popunder%3A%7BSubId1%7D&adformat=banner&auctionid=66ae5c5e33693-10000&uniqueid=%7Bunique_id%7D&name=14118_push_nld_mobile_bb_c5dd47aa&width=300&height=100&newservice=true&cmsid=landing--mlp8020--landing--cs8002&tpcampid=295d2661-2137-4644-8a05-e9ef93c4f35e&imp_tagid=14118_push_nld_mobile_bb_c5dd47aa&uid=TP-66ae5c5e3361a1.46214567&campaign_lp=2%3Alanding--mlp8020--landing--cs8002&product=fetooweb&external_param=dc8c323643e6aeae3329c7727e60b9e1ce4e42e3&zz=true&nextPage=%2Flanding%2Fcs8002&hit_id=b6f93513-5d76-4554-9110-cb5d9ffe7d6d&tp_redirect_id=b6f93513-5d76-4554-9110-cb5d9ffe7d6d&tag=b6f93513-5d76-4554-9110-cb5d9ffe7d6d&clickId=b6f93513-5d76-4554-9110-cb5d9ffe7d6d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:23e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
92efabd0cc8550e8dfd323bc6ea787a2cf250f437a7f6d1349fe187d73f5c895

Request headers

Referer
https://promo3.info-extremechat.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 03 Aug 2024 16:35:43 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 01 Aug 2024 02:02:55 GMT
server
cloudflare
age
194558
etag
W/"66aaeccf-133a"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=691200
cf-ray
8ad7b8f269b8796f-AMS
expires
Sun, 11 Aug 2024 16:35:43 GMT
corner.css
lpmedia.servefilesonly.com/widgets/corner/ 		170 B
484 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://lpmedia.servefilesonly.com/widgets/corner/corner.css?1389020
Requested by
Host: promo3.info-extremechat.com
URL: https://promo3.info-extremechat.com/landing/mlp8020?subPublisher=popunder%3A%7BSubId1%7D&zone=popunder%3A%7BSubId1%7D&adformat=banner&auctionid=66ae5c5e33693-10000&uniqueid=%7Bunique_id%7D&name=14118_push_nld_mobile_bb_c5dd47aa&width=300&height=100&newservice=true&cmsid=landing--mlp8020--landing--cs8002&tpcampid=295d2661-2137-4644-8a05-e9ef93c4f35e&imp_tagid=14118_push_nld_mobile_bb_c5dd47aa&uid=TP-66ae5c5e3361a1.46214567&campaign_lp=2%3Alanding--mlp8020--landing--cs8002&product=fetooweb&external_param=dc8c323643e6aeae3329c7727e60b9e1ce4e42e3&zz=true&nextPage=%2Flanding%2Fcs8002&hit_id=b6f93513-5d76-4554-9110-cb5d9ffe7d6d&tp_redirect_id=b6f93513-5d76-4554-9110-cb5d9ffe7d6d&tag=b6f93513-5d76-4554-9110-cb5d9ffe7d6d&clickId=b6f93513-5d76-4554-9110-cb5d9ffe7d6d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:23e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af20ecf90d909e4e11697221b69426777e9570321c28455ff39ed4e421fcb181

Request headers

Referer
https://promo3.info-extremechat.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 03 Aug 2024 16:35:43 GMT
content-encoding
gzip
cf-cache-status
HIT
cf-bgj
minify
last-modified
Thu, 01 Aug 2024 02:03:12 GMT
server
cloudflare
age
194558
cf-polished
origSize=246
etag
W/"66aaece0-f6"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=691200
cf-ray
8ad7b8f269b9796f-AMS
expires
Sun, 11 Aug 2024 16:35:43 GMT
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ 		30 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: promo3.info-extremechat.com
URL: https://promo3.info-extremechat.com/landing/mlp8020?subPublisher=popunder%3A%7BSubId1%7D&zone=popunder%3A%7BSubId1%7D&adformat=banner&auctionid=66ae5c5e33693-10000&uniqueid=%7Bunique_id%7D&name=14118_push_nld_mobile_bb_c5dd47aa&width=300&height=100&newservice=true&cmsid=landing--mlp8020--landing--cs8002&tpcampid=295d2661-2137-4644-8a05-e9ef93c4f35e&imp_tagid=14118_push_nld_mobile_bb_c5dd47aa&uid=TP-66ae5c5e3361a1.46214567&campaign_lp=2%3Alanding--mlp8020--landing--cs8002&product=fetooweb&external_param=dc8c323643e6aeae3329c7727e60b9e1ce4e42e3&zz=true&nextPage=%2Flanding%2Fcs8002&hit_id=b6f93513-5d76-4554-9110-cb5d9ffe7d6d&tp_redirect_id=b6f93513-5d76-4554-9110-cb5d9ffe7d6d&tag=b6f93513-5d76-4554-9110-cb5d9ffe7d6d&clickId=b6f93513-5d76-4554-9110-cb5d9ffe7d6d
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://promo3.info-extremechat.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 03 Aug 2024 16:35:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
722
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
12345278
cdn-cachedat
10/31/2023 18:48:06
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver
1.04
cdn-requestpullcode
200
server
cloudflare
etag
W/"269550530cc127b6aa5a35925a7de6ce"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
1456fb103ad8cdd0fb56078b08e25f96
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
8ad7b8f0bd429f8e-AMS
cdn-requestpullsuccess
True
css
fonts.googleapis.com/ 		2 KB
835 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Corben:400,700&display=swap
Requested by
Host: promo3.info-extremechat.com
URL: https://promo3.info-extremechat.com/landing/mlp8020?subPublisher=popunder%3A%7BSubId1%7D&zone=popunder%3A%7BSubId1%7D&adformat=banner&auctionid=66ae5c5e33693-10000&uniqueid=%7Bunique_id%7D&name=14118_push_nld_mobile_bb_c5dd47aa&width=300&height=100&newservice=true&cmsid=landing--mlp8020--landing--cs8002&tpcampid=295d2661-2137-4644-8a05-e9ef93c4f35e&imp_tagid=14118_push_nld_mobile_bb_c5dd47aa&uid=TP-66ae5c5e3361a1.46214567&campaign_lp=2%3Alanding--mlp8020--landing--cs8002&product=fetooweb&external_param=dc8c323643e6aeae3329c7727e60b9e1ce4e42e3&zz=true&nextPage=%2Flanding%2Fcs8002&hit_id=b6f93513-5d76-4554-9110-cb5d9ffe7d6d&tp_redirect_id=b6f93513-5d76-4554-9110-cb5d9ffe7d6d&tag=b6f93513-5d76-4554-9110-cb5d9ffe7d6d&clickId=b6f93513-5d76-4554-9110-cb5d9ffe7d6d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
88565dffcf55ffe57001871f1bb61d4e4baeabe39c4047450c5814196b56fd51
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://promo3.info-extremechat.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 03 Aug 2024 16:35:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 03 Aug 2024 16:35:25 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 03 Aug 2024 16:35:42 GMT
css
fonts.googleapis.com/ 		5 KB
767 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,700&display=swap
Requested by
Host: promo3.info-extremechat.com
URL: https://promo3.info-extremechat.com/landing/mlp8020?subPublisher=popunder%3A%7BSubId1%7D&zone=popunder%3A%7BSubId1%7D&adformat=banner&auctionid=66ae5c5e33693-10000&uniqueid=%7Bunique_id%7D&name=14118_push_nld_mobile_bb_c5dd47aa&width=300&height=100&newservice=true&cmsid=landing--mlp8020--landing--cs8002&tpcampid=295d2661-2137-4644-8a05-e9ef93c4f35e&imp_tagid=14118_push_nld_mobile_bb_c5dd47aa&uid=TP-66ae5c5e3361a1.46214567&campaign_lp=2%3Alanding--mlp8020--landing--cs8002&product=fetooweb&external_param=dc8c323643e6aeae3329c7727e60b9e1ce4e42e3&zz=true&nextPage=%2Flanding%2Fcs8002&hit_id=b6f93513-5d76-4554-9110-cb5d9ffe7d6d&tp_redirect_id=b6f93513-5d76-4554-9110-cb5d9ffe7d6d&tag=b6f93513-5d76-4554-9110-cb5d9ffe7d6d&clickId=b6f93513-5d76-4554-9110-cb5d9ffe7d6d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b09b0920822a9385cac1bb34a1df9f96489dbbef839a5f33cf73c84b730410b5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://promo3.info-extremechat.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 03 Aug 2024 16:35:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 03 Aug 2024 15:14:24 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 03 Aug 2024 16:35:42 GMT
style.min.css
lpmedia.servefilesonly.com/build/templates/MB/MLP013/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://lpmedia.servefilesonly.com/build/templates/MB/MLP013/style.min.css?1389020
Requested by
Host: promo3.info-extremechat.com
URL: https://promo3.info-extremechat.com/landing/mlp8020?subPublisher=popunder%3A%7BSubId1%7D&zone=popunder%3A%7BSubId1%7D&adformat=banner&auctionid=66ae5c5e33693-10000&uniqueid=%7Bunique_id%7D&name=14118_push_nld_mobile_bb_c5dd47aa&width=300&height=100&newservice=true&cmsid=landing--mlp8020--landing--cs8002&tpcampid=295d2661-2137-4644-8a05-e9ef93c4f35e&imp_tagid=14118_push_nld_mobile_bb_c5dd47aa&uid=TP-66ae5c5e3361a1.46214567&campaign_lp=2%3Alanding--mlp8020--landing--cs8002&product=fetooweb&external_param=dc8c323643e6aeae3329c7727e60b9e1ce4e42e3&zz=true&nextPage=%2Flanding%2Fcs8002&hit_id=b6f93513-5d76-4554-9110-cb5d9ffe7d6d&tp_redirect_id=b6f93513-5d76-4554-9110-cb5d9ffe7d6d&tag=b6f93513-5d76-4554-9110-cb5d9ffe7d6d&clickId=b6f93513-5d76-4554-9110-cb5d9ffe7d6d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:23e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cc4f141e1c8e2c332b03684c5c8eea34ea6f8f710f6e71ad05faf90a56fab904

Request headers

Referer
https://promo3.info-extremechat.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 03 Aug 2024 16:35:43 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 01 Aug 2024 02:02:55 GMT
server
cloudflare
age
194530
etag
W/"66aaeccf-1a24"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=691200
cf-ray
8ad7b8f269bb796f-AMS
expires
Sun, 11 Aug 2024 16:35:43 GMT
744eb27f-2253-4b4b-9857-a64dd16e1f58_Model-01.png
imedia.servefilesonly.com/ 		117 KB
118 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imedia.servefilesonly.com/744eb27f-2253-4b4b-9857-a64dd16e1f58_Model-01.png
Requested by
Host: promo3.info-extremechat.com
URL: https://promo3.info-extremechat.com/landing/mlp8020?subPublisher=popunder%3A%7BSubId1%7D&zone=popunder%3A%7BSubId1%7D&adformat=banner&auctionid=66ae5c5e33693-10000&uniqueid=%7Bunique_id%7D&name=14118_push_nld_mobile_bb_c5dd47aa&width=300&height=100&newservice=true&cmsid=landing--mlp8020--landing--cs8002&tpcampid=295d2661-2137-4644-8a05-e9ef93c4f35e&imp_tagid=14118_push_nld_mobile_bb_c5dd47aa&uid=TP-66ae5c5e3361a1.46214567&campaign_lp=2%3Alanding--mlp8020--landing--cs8002&product=fetooweb&external_param=dc8c323643e6aeae3329c7727e60b9e1ce4e42e3&zz=true&nextPage=%2Flanding%2Fcs8002&hit_id=b6f93513-5d76-4554-9110-cb5d9ffe7d6d&tp_redirect_id=b6f93513-5d76-4554-9110-cb5d9ffe7d6d&tag=b6f93513-5d76-4554-9110-cb5d9ffe7d6d&clickId=b6f93513-5d76-4554-9110-cb5d9ffe7d6d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9819 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ceee4d38d1c452ba33acbce4055e32ddc5773f589aa821dcee38df9efbe9a3de

Request headers

Referer
https://promo3.info-extremechat.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 03 Aug 2024 16:35:42 GMT
via
1.1 490623df85c571a18ba7da1511cc969e.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-cf-pop
AMS1-P1
age
255338
x-cache
Miss from cloudfront
content-length
119987
last-modified
Thu, 15 Oct 2020 02:18:12 GMT
server
cloudflare
etag
"ff3b93441eafe1e2ec142951c04fe61a"
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=691200
accept-ranges
bytes
cf-ray
8ad7b8f10c05b79d-AMS
x-amz-cf-id
a8ssgpH7j2IoxdLumpM6rB44hpqaV5u4MRehY9V4SsdLNvnftL1ksw==
expires
Sun, 11 Aug 2024 16:35:42 GMT
366487c0-2729-4632-82f3-cf9d980e1f03_Model-02.png
imedia.servefilesonly.com/ 		123 KB
124 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imedia.servefilesonly.com/366487c0-2729-4632-82f3-cf9d980e1f03_Model-02.png
Requested by
Host: promo3.info-extremechat.com
URL: https://promo3.info-extremechat.com/landing/mlp8020?subPublisher=popunder%3A%7BSubId1%7D&zone=popunder%3A%7BSubId1%7D&adformat=banner&auctionid=66ae5c5e33693-10000&uniqueid=%7Bunique_id%7D&name=14118_push_nld_mobile_bb_c5dd47aa&width=300&height=100&newservice=true&cmsid=landing--mlp8020--landing--cs8002&tpcampid=295d2661-2137-4644-8a05-e9ef93c4f35e&imp_tagid=14118_push_nld_mobile_bb_c5dd47aa&uid=TP-66ae5c5e3361a1.46214567&campaign_lp=2%3Alanding--mlp8020--landing--cs8002&product=fetooweb&external_param=dc8c323643e6aeae3329c7727e60b9e1ce4e42e3&zz=true&nextPage=%2Flanding%2Fcs8002&hit_id=b6f93513-5d76-4554-9110-cb5d9ffe7d6d&tp_redirect_id=b6f93513-5d76-4554-9110-cb5d9ffe7d6d&tag=b6f93513-5d76-4554-9110-cb5d9ffe7d6d&clickId=b6f93513-5d76-4554-9110-cb5d9ffe7d6d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9819 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
92a242aaa4c7296d48921ab6a218fa274952c182f21ad0e80b1dd3f68fe352a2

Request headers

Referer
https://promo3.info-extremechat.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 03 Aug 2024 16:35:42 GMT
via
1.1 13a0a1a7b326f5c854b35536576cfe0e.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-cf-pop
AMS1-P1
age
255338
x-cache
Hit from cloudfront
content-length
126093
last-modified
Thu, 15 Oct 2020 02:18:13 GMT
server
cloudflare
etag
"c4d156aab6f7b38f3f8d5e7b4eac1080"
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=691200
accept-ranges
bytes
cf-ray
8ad7b8f10c00b79d-AMS
x-amz-cf-id
quHDPZW4ccoOK66y7RdJXyzZ1aDKeXKgCYkm75kzdUdQo7Te23zM8g==
expires
Sun, 11 Aug 2024 16:35:42 GMT
bdbca110-6616-47c3-94ea-59905548a139_Model-03.png
imedia.servefilesonly.com/ 		95 KB
95 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imedia.servefilesonly.com/bdbca110-6616-47c3-94ea-59905548a139_Model-03.png
Requested by
Host: promo3.info-extremechat.com
URL: https://promo3.info-extremechat.com/landing/mlp8020?subPublisher=popunder%3A%7BSubId1%7D&zone=popunder%3A%7BSubId1%7D&adformat=banner&auctionid=66ae5c5e33693-10000&uniqueid=%7Bunique_id%7D&name=14118_push_nld_mobile_bb_c5dd47aa&width=300&height=100&newservice=true&cmsid=landing--mlp8020--landing--cs8002&tpcampid=295d2661-2137-4644-8a05-e9ef93c4f35e&imp_tagid=14118_push_nld_mobile_bb_c5dd47aa&uid=TP-66ae5c5e3361a1.46214567&campaign_lp=2%3Alanding--mlp8020--landing--cs8002&product=fetooweb&external_param=dc8c323643e6aeae3329c7727e60b9e1ce4e42e3&zz=true&nextPage=%2Flanding%2Fcs8002&hit_id=b6f93513-5d76-4554-9110-cb5d9ffe7d6d&tp_redirect_id=b6f93513-5d76-4554-9110-cb5d9ffe7d6d&tag=b6f93513-5d76-4554-9110-cb5d9ffe7d6d&clickId=b6f93513-5d76-4554-9110-cb5d9ffe7d6d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9819 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8d1e9ac271d5072981411afaa6aad24f685352e7b06295304b329d263f75c66e

Request headers

Referer
https://promo3.info-extremechat.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 03 Aug 2024 16:35:42 GMT
via
1.1 b6cf988ed9428ad8492255f2faaacfdc.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-cf-pop
AMS1-P1
age
255337
x-cache
Miss from cloudfront
content-length
97078
last-modified
Thu, 15 Oct 2020 02:18:13 GMT
server
cloudflare
etag
"a1e962401de9e7cf470bf29a039fe3f7"
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=691200
accept-ranges
bytes
cf-ray
8ad7b8f10c02b79d-AMS
x-amz-cf-id
uPW-LFMwzQfAP2iXLpCiNX8ESVwZ3oBOpSDljdTh-G-0r44OBa1_Ig==
expires
Sun, 11 Aug 2024 16:35:42 GMT
0da44a3e-81dc-4369-a986-2eb93683c5c1_Model-04.png
imedia.servefilesonly.com/ 		117 KB
118 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imedia.servefilesonly.com/0da44a3e-81dc-4369-a986-2eb93683c5c1_Model-04.png
Requested by
Host: promo3.info-extremechat.com
URL: https://promo3.info-extremechat.com/landing/mlp8020?subPublisher=popunder%3A%7BSubId1%7D&zone=popunder%3A%7BSubId1%7D&adformat=banner&auctionid=66ae5c5e33693-10000&uniqueid=%7Bunique_id%7D&name=14118_push_nld_mobile_bb_c5dd47aa&width=300&height=100&newservice=true&cmsid=landing--mlp8020--landing--cs8002&tpcampid=295d2661-2137-4644-8a05-e9ef93c4f35e&imp_tagid=14118_push_nld_mobile_bb_c5dd47aa&uid=TP-66ae5c5e3361a1.46214567&campaign_lp=2%3Alanding--mlp8020--landing--cs8002&product=fetooweb&external_param=dc8c323643e6aeae3329c7727e60b9e1ce4e42e3&zz=true&nextPage=%2Flanding%2Fcs8002&hit_id=b6f93513-5d76-4554-9110-cb5d9ffe7d6d&tp_redirect_id=b6f93513-5d76-4554-9110-cb5d9ffe7d6d&tag=b6f93513-5d76-4554-9110-cb5d9ffe7d6d&clickId=b6f93513-5d76-4554-9110-cb5d9ffe7d6d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9819 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
27f3a3d9f44bd9bc37559d38e3eff67c48a297198794cec3d5466551b5780fcb

Request headers

Referer
https://promo3.info-extremechat.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 03 Aug 2024 16:35:42 GMT
via
1.1 e086ec27af2d3105a1a9fa7efa1be454.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-cf-pop
AMS1-P1
age
255337
x-cache
Miss from cloudfront
content-length
119935
last-modified
Thu, 15 Oct 2020 02:18:13 GMT
server
cloudflare
etag
"c3ee73206d18c7bd1e77b8c945d944c5"
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=691200
accept-ranges
bytes
cf-ray
8ad7b8f10c06b79d-AMS
x-amz-cf-id
NH_VsRPY47r7LEFqHRN0VSAwql0jLFYoX-bErFL2na9o0Y1p2TyvDg==
expires
Sun, 11 Aug 2024 16:35:42 GMT
9d934076-0662-4d71-9f3f-f58b6e1b9864_Model-05.png
imedia.servefilesonly.com/ 		108 KB
108 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imedia.servefilesonly.com/9d934076-0662-4d71-9f3f-f58b6e1b9864_Model-05.png
Requested by
Host: promo3.info-extremechat.com
URL: https://promo3.info-extremechat.com/landing/mlp8020?subPublisher=popunder%3A%7BSubId1%7D&zone=popunder%3A%7BSubId1%7D&adformat=banner&auctionid=66ae5c5e33693-10000&uniqueid=%7Bunique_id%7D&name=14118_push_nld_mobile_bb_c5dd47aa&width=300&height=100&newservice=true&cmsid=landing--mlp8020--landing--cs8002&tpcampid=295d2661-2137-4644-8a05-e9ef93c4f35e&imp_tagid=14118_push_nld_mobile_bb_c5dd47aa&uid=TP-66ae5c5e3361a1.46214567&campaign_lp=2%3Alanding--mlp8020--landing--cs8002&product=fetooweb&external_param=dc8c323643e6aeae3329c7727e60b9e1ce4e42e3&zz=true&nextPage=%2Flanding%2Fcs8002&hit_id=b6f93513-5d76-4554-9110-cb5d9ffe7d6d&tp_redirect_id=b6f93513-5d76-4554-9110-cb5d9ffe7d6d&tag=b6f93513-5d76-4554-9110-cb5d9ffe7d6d&clickId=b6f93513-5d76-4554-9110-cb5d9ffe7d6d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9819 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
351fbe7a8b30f5c3f4351ea08e15aad9177fc8ca1c1a2e0f8ca8d77cf1be0046

Request headers

Referer
https://promo3.info-extremechat.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 03 Aug 2024 16:35:42 GMT
via
1.1 b26a5eb677aed7368a2c7fd7f1d673dc.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-cf-pop
AMS1-P1
age
252784
x-cache
Hit from cloudfront
content-length
110309
last-modified
Thu, 15 Oct 2020 02:18:13 GMT
server
cloudflare
etag
"6dee5fa35e2327a6268feadbf687605f"
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=691200
accept-ranges
bytes
cf-ray
8ad7b8f11c14b79d-AMS
x-amz-cf-id
BURyTngxKFjtkTu0_AaI_3L_qAJezzF0JwVupncnwSiafaZ1WezIkA==
expires
Sun, 11 Aug 2024 16:35:42 GMT
3fb04a37-fc91-41a4-b68c-dbce339f3e82_Model-06.png
imedia.servefilesonly.com/ 		120 KB
121 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imedia.servefilesonly.com/3fb04a37-fc91-41a4-b68c-dbce339f3e82_Model-06.png
Requested by
Host: promo3.info-extremechat.com
URL: https://promo3.info-extremechat.com/landing/mlp8020?subPublisher=popunder%3A%7BSubId1%7D&zone=popunder%3A%7BSubId1%7D&adformat=banner&auctionid=66ae5c5e33693-10000&uniqueid=%7Bunique_id%7D&name=14118_push_nld_mobile_bb_c5dd47aa&width=300&height=100&newservice=true&cmsid=landing--mlp8020--landing--cs8002&tpcampid=295d2661-2137-4644-8a05-e9ef93c4f35e&imp_tagid=14118_push_nld_mobile_bb_c5dd47aa&uid=TP-66ae5c5e3361a1.46214567&campaign_lp=2%3Alanding--mlp8020--landing--cs8002&product=fetooweb&external_param=dc8c323643e6aeae3329c7727e60b9e1ce4e42e3&zz=true&nextPage=%2Flanding%2Fcs8002&hit_id=b6f93513-5d76-4554-9110-cb5d9ffe7d6d&tp_redirect_id=b6f93513-5d76-4554-9110-cb5d9ffe7d6d&tag=b6f93513-5d76-4554-9110-cb5d9ffe7d6d&clickId=b6f93513-5d76-4554-9110-cb5d9ffe7d6d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9819 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9400941cc208244cb88bbb695254246f348410b258617cf2165b04d652a0db01

Request headers

Referer
https://promo3.info-extremechat.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 03 Aug 2024 16:35:42 GMT
via
1.1 e086ec27af2d3105a1a9fa7efa1be454.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-cf-pop
AMS1-P1
age
247454
x-cache
Hit from cloudfront
content-length
123249
last-modified
Thu, 15 Oct 2020 02:18:14 GMT
server
cloudflare
etag
"c5a00f74930fb528a6440e8235743077"
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=691200
accept-ranges
bytes
cf-ray
8ad7b8f11c17b79d-AMS
x-amz-cf-id
JBnRI8jObqePhfT98GICyuF1zhoZhHK3tWyeiNkwUpvAktSeZ7pl1Q==
expires
Sun, 11 Aug 2024 16:35:42 GMT
b6ee2c3e-fcc6-49d9-a840-61e7efbed95e_Model-07.png
imedia.servefilesonly.com/ 		108 KB
109 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imedia.servefilesonly.com/b6ee2c3e-fcc6-49d9-a840-61e7efbed95e_Model-07.png
Requested by
Host: promo3.info-extremechat.com
URL: https://promo3.info-extremechat.com/landing/mlp8020?subPublisher=popunder%3A%7BSubId1%7D&zone=popunder%3A%7BSubId1%7D&adformat=banner&auctionid=66ae5c5e33693-10000&uniqueid=%7Bunique_id%7D&name=14118_push_nld_mobile_bb_c5dd47aa&width=300&height=100&newservice=true&cmsid=landing--mlp8020--landing--cs8002&tpcampid=295d2661-2137-4644-8a05-e9ef93c4f35e&imp_tagid=14118_push_nld_mobile_bb_c5dd47aa&uid=TP-66ae5c5e3361a1.46214567&campaign_lp=2%3Alanding--mlp8020--landing--cs8002&product=fetooweb&external_param=dc8c323643e6aeae3329c7727e60b9e1ce4e42e3&zz=true&nextPage=%2Flanding%2Fcs8002&hit_id=b6f93513-5d76-4554-9110-cb5d9ffe7d6d&tp_redirect_id=b6f93513-5d76-4554-9110-cb5d9ffe7d6d&tag=b6f93513-5d76-4554-9110-cb5d9ffe7d6d&clickId=b6f93513-5d76-4554-9110-cb5d9ffe7d6d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9819 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a0e54bc49f4a9877938f8bb2c93eb82b062c9444f91752c1c0866e163fda312

Request headers

Referer
https://promo3.info-extremechat.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 03 Aug 2024 16:35:43 GMT
via
1.1 490623df85c571a18ba7da1511cc969e.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-cf-pop
AMS1-P1
age
247455
x-cache
Hit from cloudfront
content-length
110971
last-modified
Thu, 15 Oct 2020 02:18:14 GMT
server
cloudflare
etag
"cafc3c5fac17912fa9df38c574f0b60f"
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=691200
accept-ranges
bytes
cf-ray
8ad7b8f25d36b79d-AMS
x-amz-cf-id
uZmVhQ-qjV2gRp01G3oEOey6rVoDr-1_uyBGHFwh7NbeC-8YGcI2ig==
expires
Sun, 11 Aug 2024 16:35:43 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.6.0/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js
Requested by
Host: promo3.info-extremechat.com
URL: https://promo3.info-extremechat.com/landing/mlp8020?subPublisher=popunder%3A%7BSubId1%7D&zone=popunder%3A%7BSubId1%7D&adformat=banner&auctionid=66ae5c5e33693-10000&uniqueid=%7Bunique_id%7D&name=14118_push_nld_mobile_bb_c5dd47aa&width=300&height=100&newservice=true&cmsid=landing--mlp8020--landing--cs8002&tpcampid=295d2661-2137-4644-8a05-e9ef93c4f35e&imp_tagid=14118_push_nld_mobile_bb_c5dd47aa&uid=TP-66ae5c5e3361a1.46214567&campaign_lp=2%3Alanding--mlp8020--landing--cs8002&product=fetooweb&external_param=dc8c323643e6aeae3329c7727e60b9e1ce4e42e3&zz=true&nextPage=%2Flanding%2Fcs8002&hit_id=b6f93513-5d76-4554-9110-cb5d9ffe7d6d&tp_redirect_id=b6f93513-5d76-4554-9110-cb5d9ffe7d6d&tag=b6f93513-5d76-4554-9110-cb5d9ffe7d6d&clickId=b6f93513-5d76-4554-9110-cb5d9ffe7d6d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://promo3.info-extremechat.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 17:40:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
341741
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31017
x-xss-protection
0
last-modified
Wed, 10 Mar 2021 14:28:09 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 30 Jul 2025 17:40:01 GMT
scripts.min.js
lpmedia.servefilesonly.com/build/widgets/registrationFormBuilder/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lpmedia.servefilesonly.com/build/widgets/registrationFormBuilder/scripts.min.js?1389020
Requested by
Host: promo3.info-extremechat.com
URL: https://promo3.info-extremechat.com/landing/mlp8020?subPublisher=popunder%3A%7BSubId1%7D&zone=popunder%3A%7BSubId1%7D&adformat=banner&auctionid=66ae5c5e33693-10000&uniqueid=%7Bunique_id%7D&name=14118_push_nld_mobile_bb_c5dd47aa&width=300&height=100&newservice=true&cmsid=landing--mlp8020--landing--cs8002&tpcampid=295d2661-2137-4644-8a05-e9ef93c4f35e&imp_tagid=14118_push_nld_mobile_bb_c5dd47aa&uid=TP-66ae5c5e3361a1.46214567&campaign_lp=2%3Alanding--mlp8020--landing--cs8002&product=fetooweb&external_param=dc8c323643e6aeae3329c7727e60b9e1ce4e42e3&zz=true&nextPage=%2Flanding%2Fcs8002&hit_id=b6f93513-5d76-4554-9110-cb5d9ffe7d6d&tp_redirect_id=b6f93513-5d76-4554-9110-cb5d9ffe7d6d&tag=b6f93513-5d76-4554-9110-cb5d9ffe7d6d&clickId=b6f93513-5d76-4554-9110-cb5d9ffe7d6d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:23e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4722954ecc836fc6c7a33cb9165028311707de6a881f263cca72db7308053d04

Request headers

Referer
https://promo3.info-extremechat.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 03 Aug 2024 16:35:43 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 01 Aug 2024 02:02:55 GMT
server
cloudflare
age
194558
etag
W/"66aaeccf-541a"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=691200
cf-ray
8ad7b8f269bd796f-AMS
expires
Sun, 11 Aug 2024 16:35:43 GMT
popwin.js
lpmedia.servefilesonly.com/js/ 		854 B
767 B 		Script
General
Check archive.org
Download Go to
Full URL
https://lpmedia.servefilesonly.com/js/popwin.js?1389020
Requested by
Host: promo3.info-extremechat.com
URL: https://promo3.info-extremechat.com/landing/mlp8020?subPublisher=popunder%3A%7BSubId1%7D&zone=popunder%3A%7BSubId1%7D&adformat=banner&auctionid=66ae5c5e33693-10000&uniqueid=%7Bunique_id%7D&name=14118_push_nld_mobile_bb_c5dd47aa&width=300&height=100&newservice=true&cmsid=landing--mlp8020--landing--cs8002&tpcampid=295d2661-2137-4644-8a05-e9ef93c4f35e&imp_tagid=14118_push_nld_mobile_bb_c5dd47aa&uid=TP-66ae5c5e3361a1.46214567&campaign_lp=2%3Alanding--mlp8020--landing--cs8002&product=fetooweb&external_param=dc8c323643e6aeae3329c7727e60b9e1ce4e42e3&zz=true&nextPage=%2Flanding%2Fcs8002&hit_id=b6f93513-5d76-4554-9110-cb5d9ffe7d6d&tp_redirect_id=b6f93513-5d76-4554-9110-cb5d9ffe7d6d&tag=b6f93513-5d76-4554-9110-cb5d9ffe7d6d&clickId=b6f93513-5d76-4554-9110-cb5d9ffe7d6d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:23e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
10f46a9e64c756a7af5ec1e9793f711be5c81aa8b473edd28f6a0e419cfd0299

Request headers

Referer
https://promo3.info-extremechat.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 03 Aug 2024 16:35:43 GMT
content-encoding
gzip
cf-cache-status
HIT
cf-bgj
minify
last-modified
Thu, 01 Aug 2024 02:03:11 GMT
server
cloudflare
age
194558
cf-polished
origSize=1177
etag
W/"66aaecdf-499"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=691200
cf-ray
8ad7b8f289dc796f-AMS
expires
Sun, 11 Aug 2024 16:35:43 GMT
53881a3a-57bc-459f-bb52-7871f0d37b64.png
imedia.servefilesonly.com/ 		370 B
582 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imedia.servefilesonly.com/53881a3a-57bc-459f-bb52-7871f0d37b64.png
Requested by
Host: promo3.info-extremechat.com
URL: https://promo3.info-extremechat.com/landing/mlp8020?subPublisher=popunder%3A%7BSubId1%7D&zone=popunder%3A%7BSubId1%7D&adformat=banner&auctionid=66ae5c5e33693-10000&uniqueid=%7Bunique_id%7D&name=14118_push_nld_mobile_bb_c5dd47aa&width=300&height=100&newservice=true&cmsid=landing--mlp8020--landing--cs8002&tpcampid=295d2661-2137-4644-8a05-e9ef93c4f35e&imp_tagid=14118_push_nld_mobile_bb_c5dd47aa&uid=TP-66ae5c5e3361a1.46214567&campaign_lp=2%3Alanding--mlp8020--landing--cs8002&product=fetooweb&external_param=dc8c323643e6aeae3329c7727e60b9e1ce4e42e3&zz=true&nextPage=%2Flanding%2Fcs8002&hit_id=b6f93513-5d76-4554-9110-cb5d9ffe7d6d&tp_redirect_id=b6f93513-5d76-4554-9110-cb5d9ffe7d6d&tag=b6f93513-5d76-4554-9110-cb5d9ffe7d6d&clickId=b6f93513-5d76-4554-9110-cb5d9ffe7d6d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9819 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
61c6d55d1418d27b8bc86a662cdb51effbe76b765d47cabd56e345daf38ba4c9

Request headers

Referer
https://promo3.info-extremechat.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 03 Aug 2024 16:35:43 GMT
via
1.1 cf45fdeb5348a5648604f5f9e4f2b8a8.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-cf-pop
AMS1-P1
age
254056
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
370
last-modified
Fri, 17 Feb 2023 08:06:44 GMT
server
cloudflare
etag
"cfc3872d642cf6fa98eef83f6d5db04b"
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=691200
accept-ranges
bytes
cf-ray
8ad7b8f25d37b79d-AMS
x-amz-cf-id
_uZ3mdfImAUsF_YT15JZ10NClquX-n2MLVJhuRl8V0e_YcmMpIzaSA==
expires
Sun, 11 Aug 2024 16:35:43 GMT
b96bf89a-e66d-427b-8ebc-bf0459b6d5ab.png
imedia.servefilesonly.com/ 		479 B
754 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imedia.servefilesonly.com/b96bf89a-e66d-427b-8ebc-bf0459b6d5ab.png
Requested by
Host: promo3.info-extremechat.com
URL: https://promo3.info-extremechat.com/landing/mlp8020?subPublisher=popunder%3A%7BSubId1%7D&zone=popunder%3A%7BSubId1%7D&adformat=banner&auctionid=66ae5c5e33693-10000&uniqueid=%7Bunique_id%7D&name=14118_push_nld_mobile_bb_c5dd47aa&width=300&height=100&newservice=true&cmsid=landing--mlp8020--landing--cs8002&tpcampid=295d2661-2137-4644-8a05-e9ef93c4f35e&imp_tagid=14118_push_nld_mobile_bb_c5dd47aa&uid=TP-66ae5c5e3361a1.46214567&campaign_lp=2%3Alanding--mlp8020--landing--cs8002&product=fetooweb&external_param=dc8c323643e6aeae3329c7727e60b9e1ce4e42e3&zz=true&nextPage=%2Flanding%2Fcs8002&hit_id=b6f93513-5d76-4554-9110-cb5d9ffe7d6d&tp_redirect_id=b6f93513-5d76-4554-9110-cb5d9ffe7d6d&tag=b6f93513-5d76-4554-9110-cb5d9ffe7d6d&clickId=b6f93513-5d76-4554-9110-cb5d9ffe7d6d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9819 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aeb2b081b3ed893f86934714d40899a5c7d582cc477781a811b2c058c75931c0

Request headers

Referer
https://promo3.info-extremechat.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 03 Aug 2024 16:35:43 GMT
via
1.1 b6cf988ed9428ad8492255f2faaacfdc.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-cf-pop
AMS1-P1
age
254056
x-amz-server-side-encryption
AES256
x-cache
RefreshHit from cloudfront
content-length
479
last-modified
Fri, 17 Feb 2023 08:06:45 GMT
server
cloudflare
etag
"6429b76825d03c08976d049c80aeed76"
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=691200
accept-ranges
bytes
cf-ray
8ad7b8f25d38b79d-AMS
x-amz-cf-id
LeRTEi2jI4d6PbQhirZHo-fOj_0uTcg-n8-YKArkGJN5P5w70-bJ7g==
expires
Sun, 11 Aug 2024 16:35:43 GMT
exitIntentLayer.js
lpmedia.servefilesonly.com/js/ 		1 KB
943 B 		Script
General
Check archive.org
Download Go to
Full URL
https://lpmedia.servefilesonly.com/js/exitIntentLayer.js?vv=13
Requested by
Host: promo3.info-extremechat.com
URL: https://promo3.info-extremechat.com/landing/mlp8020?subPublisher=popunder%3A%7BSubId1%7D&zone=popunder%3A%7BSubId1%7D&adformat=banner&auctionid=66ae5c5e33693-10000&uniqueid=%7Bunique_id%7D&name=14118_push_nld_mobile_bb_c5dd47aa&width=300&height=100&newservice=true&cmsid=landing--mlp8020--landing--cs8002&tpcampid=295d2661-2137-4644-8a05-e9ef93c4f35e&imp_tagid=14118_push_nld_mobile_bb_c5dd47aa&uid=TP-66ae5c5e3361a1.46214567&campaign_lp=2%3Alanding--mlp8020--landing--cs8002&product=fetooweb&external_param=dc8c323643e6aeae3329c7727e60b9e1ce4e42e3&zz=true&nextPage=%2Flanding%2Fcs8002&hit_id=b6f93513-5d76-4554-9110-cb5d9ffe7d6d&tp_redirect_id=b6f93513-5d76-4554-9110-cb5d9ffe7d6d&tag=b6f93513-5d76-4554-9110-cb5d9ffe7d6d&clickId=b6f93513-5d76-4554-9110-cb5d9ffe7d6d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:23e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e658600bf8ca6d2af10d64810e131974548fa935781d87cc78e0fbc39e048291

Request headers

Referer
https://promo3.info-extremechat.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 03 Aug 2024 16:35:43 GMT
content-encoding
gzip
cf-cache-status
HIT
cf-bgj
minify
last-modified
Mon, 29 Jul 2024 02:02:49 GMT
server
cloudflare
age
258002
cf-polished
origSize=1915
etag
W/"66a6f849-77b"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=691200
cf-ray
8ad7b8f289d8796f-AMS
expires
Sun, 11 Aug 2024 16:35:43 GMT
/
eu-adsrv.rtbsuperhub.com/ir/ Frame 9921 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://eu-adsrv.rtbsuperhub.com/ir/?placement=d3576b3a-15f4-448e-9e4f-476488bb8941
Requested by
Host: promo3.info-extremechat.com
URL: https://promo3.info-extremechat.com/landing/mlp8020?subPublisher=popunder%3A%7BSubId1%7D&zone=popunder%3A%7BSubId1%7D&adformat=banner&auctionid=66ae5c5e33693-10000&uniqueid=%7Bunique_id%7D&name=14118_push_nld_mobile_bb_c5dd47aa&width=300&height=100&newservice=true&cmsid=landing--mlp8020--landing--cs8002&tpcampid=295d2661-2137-4644-8a05-e9ef93c4f35e&imp_tagid=14118_push_nld_mobile_bb_c5dd47aa&uid=TP-66ae5c5e3361a1.46214567&campaign_lp=2%3Alanding--mlp8020--landing--cs8002&product=fetooweb&external_param=dc8c323643e6aeae3329c7727e60b9e1ce4e42e3&zz=true&nextPage=%2Flanding%2Fcs8002&hit_id=b6f93513-5d76-4554-9110-cb5d9ffe7d6d&tp_redirect_id=b6f93513-5d76-4554-9110-cb5d9ffe7d6d&tag=b6f93513-5d76-4554-9110-cb5d9ffe7d6d&clickId=b6f93513-5d76-4554-9110-cb5d9ffe7d6d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:97fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://promo3.info-extremechat.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

cf-cache-status
DYNAMIC
cf-ray
8ad7b8f3f9bb0b89-AMS
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 03 Aug 2024 16:35:43 GMT
server
cloudflare
4a13157f-4f37-4337-873e-f75c5242b8c5_Background.jpg
imedia.servefilesonly.com/ 		26 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imedia.servefilesonly.com/4a13157f-4f37-4337-873e-f75c5242b8c5_Background.jpg
Requested by
Host: promo3.info-extremechat.com
URL: https://promo3.info-extremechat.com/landing/mlp8020?subPublisher=popunder%3A%7BSubId1%7D&zone=popunder%3A%7BSubId1%7D&adformat=banner&auctionid=66ae5c5e33693-10000&uniqueid=%7Bunique_id%7D&name=14118_push_nld_mobile_bb_c5dd47aa&width=300&height=100&newservice=true&cmsid=landing--mlp8020--landing--cs8002&tpcampid=295d2661-2137-4644-8a05-e9ef93c4f35e&imp_tagid=14118_push_nld_mobile_bb_c5dd47aa&uid=TP-66ae5c5e3361a1.46214567&campaign_lp=2%3Alanding--mlp8020--landing--cs8002&product=fetooweb&external_param=dc8c323643e6aeae3329c7727e60b9e1ce4e42e3&zz=true&nextPage=%2Flanding%2Fcs8002&hit_id=b6f93513-5d76-4554-9110-cb5d9ffe7d6d&tp_redirect_id=b6f93513-5d76-4554-9110-cb5d9ffe7d6d&tag=b6f93513-5d76-4554-9110-cb5d9ffe7d6d&clickId=b6f93513-5d76-4554-9110-cb5d9ffe7d6d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9819 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48374af402fb0d57262814c1a84c9b3a8d32312da9ad046339e413055ec1d77b

Request headers

Referer
https://promo3.info-extremechat.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 03 Aug 2024 16:35:43 GMT
via
1.1 ca1ae3b3ff3d7a9e41b26e307972401e.cloudfront.net (CloudFront)
cf-cache-status
HIT
age
253134
x-amz-cf-pop
AMS1-P1
x-cache
Hit from cloudfront
content-length
26883
cf-bgj
h2pri
last-modified
Thu, 15 Oct 2020 02:18:12 GMT
server
cloudflare
etag
"fad27ceaadd90c11a598450878cf6cad"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=691200
accept-ranges
bytes
cf-ray
8ad7b8f3be44b79d-AMS
x-amz-cf-id
Eb6bMYBC-X0rOmwy2yGElhoH8WhMubaZdDtrF6UDmWSFTFp-3S1RtQ==
expires
Sun, 11 Aug 2024 16:35:43 GMT
icon-close-pink.png
lpmedia.servefilesonly.com/img/_btns/ 		572 B
654 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lpmedia.servefilesonly.com/img/_btns/icon-close-pink.png
Requested by
Host: lpmedia.servefilesonly.com
URL: https://lpmedia.servefilesonly.com/build/templates/MB/MLP013/style.min.css?1389020
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:23e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2609b89eb2ce9c4a490e41a932721a44545e0b8541ab4c9cdc79ac04b77246a7

Request headers

Referer
https://lpmedia.servefilesonly.com/build/templates/MB/MLP013/style.min.css?1389020
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 03 Aug 2024 16:35:43 GMT
cf-cache-status
HIT
last-modified
Mon, 29 Jul 2024 02:02:33 GMT
server
cloudflare
age
311695
etag
"66a6f839-23c"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=691200
accept-ranges
bytes
cf-ray
8ad7b8f3baeb796f-AMS
content-length
572
expires
Sun, 11 Aug 2024 16:35:43 GMT
icon-tick-white.png
lpmedia.servefilesonly.com/img/_btns/ 		611 B
728 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lpmedia.servefilesonly.com/img/_btns/icon-tick-white.png
Requested by
Host: lpmedia.servefilesonly.com
URL: https://lpmedia.servefilesonly.com/build/templates/MB/MLP013/style.min.css?1389020
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:23e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
176b4bc71ecc37ef5d088b83cc9482a50e8d704fb5d1fad6e3df26e3fdb3c824

Request headers

Referer
https://lpmedia.servefilesonly.com/build/templates/MB/MLP013/style.min.css?1389020
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 03 Aug 2024 16:35:43 GMT
cf-cache-status
HIT
last-modified
Mon, 29 Jul 2024 02:02:33 GMT
server
cloudflare
age
255965
etag
"66a6f839-263"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=691200
accept-ranges
bytes
cf-ray
8ad7b8f3baec796f-AMS
content-length
611
expires
Sun, 11 Aug 2024 16:35:43 GMT
LYjAdGzzklQtCMpFHCZQqnoq.woff2
fonts.gstatic.com/s/corben/v21/ 		31 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/corben/v21/LYjAdGzzklQtCMpFHCZQqnoq.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Corben:400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61d9cb2f4b8a9da1b3f148e195bc8a48926f210f5e71ad32ce2980d798eec031
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://promo3.info-extremechat.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 17:11:06 GMT
x-content-type-options
nosniff
age
343477
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31592
x-xss-protection
0
last-modified
Thu, 24 Aug 2023 17:22:32 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 30 Jul 2025 17:11:06 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v32/ 		18 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://promo3.info-extremechat.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 01 Aug 2024 20:50:35 GMT
x-content-type-options
nosniff
age
157508
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18536
x-xss-protection
0
last-modified
Thu, 01 Aug 2024 20:41:24 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 01 Aug 2025 20:50:35 GMT
/
eu-adsrv.rtbsuperhub.com/ir/ Frame 13CA 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://eu-adsrv.rtbsuperhub.com/ir/?placement=ba0410fc-3b46-4740-8f06-c193862ff3a6
Requested by
Host: promo3.info-extremechat.com
URL: https://promo3.info-extremechat.com/landing/mlp8020?subPublisher=popunder%3A%7BSubId1%7D&zone=popunder%3A%7BSubId1%7D&adformat=banner&auctionid=66ae5c5e33693-10000&uniqueid=%7Bunique_id%7D&name=14118_push_nld_mobile_bb_c5dd47aa&width=300&height=100&newservice=true&cmsid=landing--mlp8020--landing--cs8002&tpcampid=295d2661-2137-4644-8a05-e9ef93c4f35e&imp_tagid=14118_push_nld_mobile_bb_c5dd47aa&uid=TP-66ae5c5e3361a1.46214567&campaign_lp=2%3Alanding--mlp8020--landing--cs8002&product=fetooweb&external_param=dc8c323643e6aeae3329c7727e60b9e1ce4e42e3&zz=true&nextPage=%2Flanding%2Fcs8002&hit_id=b6f93513-5d76-4554-9110-cb5d9ffe7d6d&tp_redirect_id=b6f93513-5d76-4554-9110-cb5d9ffe7d6d&tag=b6f93513-5d76-4554-9110-cb5d9ffe7d6d&clickId=b6f93513-5d76-4554-9110-cb5d9ffe7d6d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:97fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://promo3.info-extremechat.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

cf-cache-status
DYNAMIC
cf-ray
8ad7b8f3f9c70b89-AMS
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 03 Aug 2024 16:35:43 GMT
server
cloudflare
/
eu-adsrv.rtbsuperhub.com/ir/ Frame 78D9 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://eu-adsrv.rtbsuperhub.com/ir/?placement=c9dc4a93-efff-4944-8f45-82deafd6cdd3
Requested by
Host: promo3.info-extremechat.com
URL: https://promo3.info-extremechat.com/landing/mlp8020?subPublisher=popunder%3A%7BSubId1%7D&zone=popunder%3A%7BSubId1%7D&adformat=banner&auctionid=66ae5c5e33693-10000&uniqueid=%7Bunique_id%7D&name=14118_push_nld_mobile_bb_c5dd47aa&width=300&height=100&newservice=true&cmsid=landing--mlp8020--landing--cs8002&tpcampid=295d2661-2137-4644-8a05-e9ef93c4f35e&imp_tagid=14118_push_nld_mobile_bb_c5dd47aa&uid=TP-66ae5c5e3361a1.46214567&campaign_lp=2%3Alanding--mlp8020--landing--cs8002&product=fetooweb&external_param=dc8c323643e6aeae3329c7727e60b9e1ce4e42e3&zz=true&nextPage=%2Flanding%2Fcs8002&hit_id=b6f93513-5d76-4554-9110-cb5d9ffe7d6d&tp_redirect_id=b6f93513-5d76-4554-9110-cb5d9ffe7d6d&tag=b6f93513-5d76-4554-9110-cb5d9ffe7d6d&clickId=b6f93513-5d76-4554-9110-cb5d9ffe7d6d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:97fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://promo3.info-extremechat.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

cf-cache-status
DYNAMIC
cf-ray
8ad7b8f3f9c20b89-AMS
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 03 Aug 2024 16:35:43 GMT
server
cloudflare
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://promo3.info-extremechat.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 01 Aug 2024 20:49:34 GMT
x-content-type-options
nosniff
age
157569
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18596
x-xss-protection
0
last-modified
Thu, 01 Aug 2024 20:41:21 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 01 Aug 2025 20:49:34 GMT
casualdatingHeart_fav.png
promo3.info-extremechat.com/assets/img/_favicons/ 		1 KB
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://promo3.info-extremechat.com/assets/img/_favicons/casualdatingHeart_fav.png?1389020
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1e18486908bfa209ac16eb30755e51b4c93f7629bbafc5aae6be0428efd8fa6c

Request headers

Referer
https://promo3.info-extremechat.com/landing/mlp8020?subPublisher=popunder%3A%7BSubId1%7D&zone=popunder%3A%7BSubId1%7D&adformat=banner&auctionid=66ae5c5e33693-10000&uniqueid=%7Bunique_id%7D&name=14118_push_nld_mobile_bb_c5dd47aa&width=300&height=100&newservice=true&cmsid=landing--mlp8020--landing--cs8002&tpcampid=295d2661-2137-4644-8a05-e9ef93c4f35e&imp_tagid=14118_push_nld_mobile_bb_c5dd47aa&uid=TP-66ae5c5e3361a1.46214567&campaign_lp=2%3Alanding--mlp8020--landing--cs8002&product=fetooweb&external_param=dc8c323643e6aeae3329c7727e60b9e1ce4e42e3&zz=true&nextPage=%2Flanding%2Fcs8002&hit_id=b6f93513-5d76-4554-9110-cb5d9ffe7d6d&tp_redirect_id=b6f93513-5d76-4554-9110-cb5d9ffe7d6d&tag=b6f93513-5d76-4554-9110-cb5d9ffe7d6d&clickId=b6f93513-5d76-4554-9110-cb5d9ffe7d6d
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 03 Aug 2024 16:35:45 GMT
cf-cache-status
HIT
last-modified
Thu, 01 Aug 2024 02:02:56 GMT
server
cloudflare
age
32694
etag
"66aaecd0-4c5"
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=172800
accept-ranges
bytes
cf-ray
8ad7b9020ce766e7-AMS
content-length
1221
expires
Mon, 05 Aug 2024 16:35:45 GMT

Verdicts & Comments Add Verdict or Comment

33 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 number| countDown object| x function| $ function| jQuery function| closeAllSelect object| dataCountries number| doneTyping object| countries function| _eventClickAutocomplete function| findCountryCode function| displayCountry function| findCountryName function| buildAutocomplete function| getCurentLocation function| getCurentLocationByIp function| sendCurrentLocation function| sendValidateLocation function| fillLocationValidated function| validateLocation function| validateLocationMessage function| getCurrentLink function| goToStep function| countdownToNextStep function| activeProgressBar function| Validator object| Popwin function| ExitIntentLayer function| populateLinks number| myIndex function| carousel

9 Cookies

Domain/Path Name / Value
.datingclix.com/ Name: __uvt
Value: a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%2266ae5c5d5e31b2.587746234001784728%22%3B%7D
.datingclix.com/ Name: impressions
Value: roecnxgxmoomeolcxgxcce
.offeradvi.com/ Name: dci
Value: a9e7cdbb370ba14ed4362582e1ad708ddcfb7cdb
offeradvi.com/ Name: dm
Value: fe450dd0d1dadc615429144d33241f42
.rtbsuperhub.com/ Name: __cf_bm
Value: PYrOA_.VJ91GNvjfBqO13EOUDuRFiMn6XkMQ7pNZwrg-1722702942-1.0.1.1-iUIR5gwnTeFj.cZhxD3l6aNzZQ7HDpaRNhKP62.cPGW9anoLD37Rhk5Csx_CSS.5Q7c5hTJrp8cKcTHpFNDvLA
promo3.info-extremechat.com/ Name: PHPSESSID
Value: e49g66l868vdrekbbe5ia1veto
.info-extremechat.com/ Name: __cf_bm
Value: .y.6dIUsjq0sGPbnVayXIbpKUn.tBl6dtKSar5td2aY-1722702942-1.0.1.1-iUO7AHeN1n_CjV5anDPpFZ7Idy.jB5I516BQdZU6fFIwFXQE_3IqXwjIumIUwVY2FUtJLo_bzOUDLWejz0iHow
.servefilesonly.com/ Name: __cf_bm
Value: 90pOhK5_FUm.ViZL6loMmWInJ9zUbHLpPOg7BKpCNDs-1722702942-1.0.1.1-rTaCdsPFLievfFQb1qyOHXJ3d0LkquViOy6.K6lYTZWmCRXZIWl9ZGG31sOrDIbRxCz3YXkvBA4N.zxdFXqfcQ
.justservingfiles.net/ Name: __cf_bm
Value: M_OTa8EaZ5F0I6LNS6mY3pg4EFHq2G4l31FideMv4HI-1722702943-1.0.1.1-D4iSsUuncZIcFvPyB0WeHEgmkpml7pf4.VVi4LvzShhGxK6C88XPj5eh.G5KCVmFD9.Q8dxhyKMrLT7_2KvBjg

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
eu-adsrv.rtbsuperhub.com
fonts.googleapis.com
fonts.gstatic.com
imedia.servefilesonly.com
longstyles.com
lpmedia.servefilesonly.com
maxcdn.bootstrapcdn.com
offeradvi.com
promo3.info-extremechat.com
s.datingclix.com
104.18.11.207
2600:9000:2491:c400:d:c391:2180:93a1
2600:9000:2670:1400:1c:fa95:8e00:93a1
2600:9000:2670:c800:1c:fa95:8e00:93a1
2606:4700:4400::6812:23e7
2606:4700:4400::6812:2ac7
2606:4700:4400::ac40:97fd
2606:4700:4400::ac40:9819
2a00:1450:4001:82b::200a
2a00:1450:4001:830::200a
2a00:1450:4001:831::2003
95.211.229.248
10f46a9e64c756a7af5ec1e9793f711be5c81aa8b473edd28f6a0e419cfd0299
176b4bc71ecc37ef5d088b83cc9482a50e8d704fb5d1fad6e3df26e3fdb3c824
1e18486908bfa209ac16eb30755e51b4c93f7629bbafc5aae6be0428efd8fa6c
2609b89eb2ce9c4a490e41a932721a44545e0b8541ab4c9cdc79ac04b77246a7
27b7a9bdb88b0eca31205be110218a5d2eaef5baae42f7f7896ff30dbeda38fc
27f3a3d9f44bd9bc37559d38e3eff67c48a297198794cec3d5466551b5780fcb
351fbe7a8b30f5c3f4351ea08e15aad9177fc8ca1c1a2e0f8ca8d77cf1be0046
4722954ecc836fc6c7a33cb9165028311707de6a881f263cca72db7308053d04
48374af402fb0d57262814c1a84c9b3a8d32312da9ad046339e413055ec1d77b
5a0e54bc49f4a9877938f8bb2c93eb82b062c9444f91752c1c0866e163fda312
61c6d55d1418d27b8bc86a662cdb51effbe76b765d47cabd56e345daf38ba4c9
61d9cb2f4b8a9da1b3f148e195bc8a48926f210f5e71ad32ce2980d798eec031
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
88565dffcf55ffe57001871f1bb61d4e4baeabe39c4047450c5814196b56fd51
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
8d1e9ac271d5072981411afaa6aad24f685352e7b06295304b329d263f75c66e
92a242aaa4c7296d48921ab6a218fa274952c182f21ad0e80b1dd3f68fe352a2
92efabd0cc8550e8dfd323bc6ea787a2cf250f437a7f6d1349fe187d73f5c895
9400941cc208244cb88bbb695254246f348410b258617cf2165b04d652a0db01
aeb2b081b3ed893f86934714d40899a5c7d582cc477781a811b2c058c75931c0
af20ecf90d909e4e11697221b69426777e9570321c28455ff39ed4e421fcb181
b09b0920822a9385cac1bb34a1df9f96489dbbef839a5f33cf73c84b730410b5
cc4f141e1c8e2c332b03684c5c8eea34ea6f8f710f6e71ad05faf90a56fab904
ceee4d38d1c452ba33acbce4055e32ddc5773f589aa821dcee38df9efbe9a3de
d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb
e658600bf8ca6d2af10d64810e131974548fa935781d87cc78e0fbc39e048291
f917c828b2679ca76b4c0b106909d38dc1fe5a18304073ce3f0d8b35d66100f8
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e