urlscan.io logo urlscan.io
SecurityTrails logo

www.chat4more.com Open in urlscan Pro
2606:4700::6812:e1a  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://fgh.7u41q.a0dgfln.oys.matchesinyourmailbox.com/xppkv395bqj7blq1q29zl533gd8pkbv0mjggvzb4fvzfjq9tvy86l7y1788c5z326rhfg6hwd4vsx6n8mcx1f6bs2q96vnrg...
Effective URL: https://www.chat4more.com/landing/mlp88c?subPublisher=popunder:eu-adsrv.rtbsuperhub.com&zone=popunder:eu-adsrv.rtbsuperhub...
Submission: On August 31 via api from BE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 5 countries across 9 domains to perform 15 HTTP transactions. The main IP is 2606:4700::6812:e1a, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.chat4more.com.
TLS certificate: Issued by E1 on August 29th 2022. Valid for: 3 months.
This is the only time www.chat4more.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 129.205.59.75 37497 (Network-P...)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
2 2 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 1 35.205.113.186 396982 (GOOGLE-CL...)
2 2 52.211.141.128 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
7 2606:4700::68... 13335 (CLOUDFLAR...)
6 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
15 4
1    129.205.59.75 (South Africa)

ASN37497 (Network-Platforms, ZA)
fgh.7u41q.a0dgfln.oys.matchesinyourmailbox.com
1    2606:4700:3035::ac43:da97 (United States)

ASN13335 (CLOUDFLARENET, US)
babelsurf.net
2    2a06:98c1:3120::c (United States)

ASN13335 (CLOUDFLARENET, US)
towertraffic.top
1    35.205.113.186 (Brussels, Belgium)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.113.205.35.bc.googleusercontent.com
tperfc.com
2    52.211.141.128 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-211-141-128.eu-west-1.compute.amazonaws.com
eu-adsrv.rtbsuperhub.com
1    2606:4700::6812:e1a (United States)

ASN13335 (CLOUDFLARENET, US)
www.chat4more.com
7    2606:4700::6812:b95 (United States)

ASN13335 (CLOUDFLARENET, US)
lpmedia.servefilesonly.com
6    2606:4700::6812:e134 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.onesignal.com
onesignal.com
img.onesignal.com
1    2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
Apex Domain
Subdomains		 Transfer
7 servefilesonly.com
lpmedia.servefilesonly.com — Cisco Umbrella Rank: 211381
1 MB
6 onesignal.com
cdn.onesignal.com — Cisco Umbrella Rank: 3320
onesignal.com — Cisco Umbrella Rank: 1242
img.onesignal.com — Cisco Umbrella Rank: 7102
94 KB
2 rtbsuperhub.com
eu-adsrv.rtbsuperhub.com — Cisco Umbrella Rank: 58769
1 KB
2 towertraffic.top
towertraffic.top
1 KB
1 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 279
30 KB
1 chat4more.com
www.chat4more.com
4 KB
1 tperfc.com
tperfc.com
271 B
1 babelsurf.net
babelsurf.net
782 B
1 matchesinyourmailbox.com
fgh.7u41q.a0dgfln.oys.matchesinyourmailbox.com
433 B
15 9
Domain Requested by
7 lpmedia.servefilesonly.com www.chat4more.com
3 onesignal.com cdn.onesignal.com
2 cdn.onesignal.com www.chat4more.com
cdn.onesignal.com
2 eu-adsrv.rtbsuperhub.com 2 redirects
2 towertraffic.top 2 redirects
1 img.onesignal.com
1 ajax.googleapis.com www.chat4more.com
1 www.chat4more.com
1 tperfc.com 1 redirects
1 babelsurf.net 1 redirects
1 fgh.7u41q.a0dgfln.oys.matchesinyourmailbox.com 1 redirects
15 11

This site contains no links.

Subject Issuer Validity Valid
*.chat4more.com
E1		 2022-08-29 -
2022-11-27		 3 months crt.sh
*.servefilesonly.com
E1		 2022-08-23 -
2022-11-21		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-03 -
2023-06-02		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-08-08 -
2022-10-31		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://www.chat4more.com/landing/mlp88c?subPublisher=popunder:eu-adsrv.rtbsuperhub.com&zone=popunder:eu-adsrv.rtbsuperhub.com&adformat=push&auctionid=630f8b2e8b79e-217209&uniqueid=40df0fe3488be93e353ef28093389282&name=26248_push_deu_all_email_1940_63&newservice=true&cmsid=landing--mlp88c--landing--fik8007&tpcampid=52db2d36-6ce3-4bea-8b2e-351e50ab0764&imp_tagid=26248_push_deu_all_email_1940_63&uid=TP-630f8b2e8b0bd1.85367967&campaign_lp=1:landing--mlp88c--landing--fik8007&product=fetooweb&zz=true&nextPage=/landing/fik8007&ur-api-fetch-hitid=true
Frame ID: ADE57878CBB714C362F849B9448D76E2
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

xncounter

Page URL History Show full URLs

  1. http://fgh.7u41q.a0dgfln.oys.matchesinyourmailbox.com/xppkv395bqj7blq1q29zl533gd8pkbv0mjggvzb4fvzfjq9tvy86l7y1788c5z326rhfg6hwd4vs... HTTP 302
    http://babelsurf.net/BS_1_primary_chain_2019_06_12_01_1_x94?email=patrick.casper@outlook.com&el=c... HTTP 302
    https://towertraffic.top/www/delivery/afrm.php?cb=123987&el=patrick.casper%40outlook.com&email=patric... HTTP 302
    https://towertraffic.top/www/delivery/cl.php?bannerid=2143&zoneid=655&sig=61ca0c29943877dd50d6d41fb96... HTTP 302
    https://tperfc.com/v1/redirect/6432?&el=patrick.casper@outlook.com&email=patrick.casper@outlook... HTTP 301
    https://eu-adsrv.rtbsuperhub.com/ir/?placement=d88b1f26-0af7-425b-8202-fd107d1edae8 HTTP 302
    https://eu-adsrv.rtbsuperhub.com/click/?subPublisher=popunder:eu-adsrv.rtbsuperhub.com&zone=popunder:eu-adsrv... HTTP 302
    https://www.chat4more.com/landing/mlp88c?subPublisher=popunder:eu-adsrv.rtbsuperhub.com&zone=popunder:... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • cdn\.onesignal\.com
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

15
Requests

100 %
HTTPS

67 %
IPv6

9
Domains

11
Subdomains

4
IPs

5
Countries

1222 kB
Transfer

1594 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://fgh.7u41q.a0dgfln.oys.matchesinyourmailbox.com/xppkv395bqj7blq1q29zl533gd8pkbv0mjggvzb4fvzfjq9tvy86l7y1788c5z326rhfg6hwd4vsx6n8mcx1f6bs2q96vnrgpy8lv9kprx7kgsxlAm7yAg1fwcw66fpmvxxhm5tgzc4z2qcjsz2p0rbrsrv6fq1ycjc9Adg8g16qmhn4j1Aq0htf35A8l2lAhr6Aqg4qpnlrqv9swl11f2c1zgyltzbnwb3nb6hmk5rjysyhb1pAcw5nk8rw01dxkh7zzn1cypxqj98l9017b98cwh:m3llzh4tksctA0zwq2zklq38g1njrsAsgnlrlp0qslqshx1zAy1m2990A5vq960vx18lryt3fpl8zwsqk3thfbrkbfjh1w35mx2x735w0dA4tlcvjsv0pk2spknz84qxt9xct8680v2Agx7x3jpdb04x84bwp79t2t+zAvvdAj78kxrbjyfbsb95fffjpnzxgx3fl97d131pskyg2zhb5k7cy7k44dApjk25d3bp7pyd41Ahg03gfmvb5fsqqkx6shrp93zxmq5sm7cmv6znm0wzwfs:rr3Ayfpg83plA8bA8tskns3s8qqAstmf3k2l9jbA97Aqkj6h9fppkk4d/6ttjc4n1x3bq5y9zd6lf5ws3y4lzf4ryyAAAjx6kwvb5qjqt1xvmhyks9g2Ax4jl4lxzhhr057bAzxs6vmd23krtjxAAmx5n557nxjx4Aq8mA1fn7qAkh3ntdjz90vds6cml233hvccAhjy214rctdrycwpw0hymg5hbdphq2Afmlv3q0jAx7z0syrn7zqqqr5lmyg451y6dykzpwn0vptfjwpA11kwls:9vm20z6snzsm3jg2clkdbypzwtxqx2k0v0ng20vp9+g3ntpjAvg7x7y8fnljlz0wh26p1hywczsv0z9l4pk46b5l96cllwkpr0xp6y89ghfq6jgrgjhfwz6nd4lmwjlmAy0m7zqbc6tbx35x2k53wsmmzvlfnvjdvkkm8lg1c0lffdr37h3AAdwyff76Afjg3hhsvh9hgxc07zbgl9qnbdnkzwf2jst01twd28z142m83ht6zy6dmwhmx50cvcjqkztp7m8A2jg6cxrmdy7qAtz946j:9s3AhznqAb3mdy5n84xy83h3755m15zn8kny3ytlnpmy513djd08272hb4k1wwl726slm74rAf6zjj75dAj5nnc0dyr2tlttkvn8mcj554czxphlj/Aq94g27y5wA0z70px4k6vfsd66m01kkv2rpm18jpbmmqphw4jy8gq1yy6skschhlzgv9cm9Anj5s0jp719fAcbbp6+xr973A776wjvA0p6m7lksnm6gcn0rh36szd1tqx2z10ztpkjcxz7551Afgcc4ckrl73sxlgjqm9zhqy:njmqc58mf2nr1mAr6jv6q2w11s4fgywbgmrqv88nb6k6Aljrpmzmyhw3bkpxb210yqggygktkbrn6sy14cgAmA7mqc4rx3yymzhm28glr1rzggA8kAtdl5ngvx0fn5n4560gk7jrwx1w7m63m8hhq7jvAmrgvsd4ww2kt97rrx7cybzjpn8sd928vsjjb6lx1hlf6hnwkgm1bkzkj0dx4n7s5ljwvxkxwhsj45vpv1m1gnk2xh6wq0bs8n6f8w404A2j33j3kt5kjgq22kg5r38j3r:cn46dAk3hj6jy7hlvs7dvhs4gz3y53s54cdg5v02d100cn03shArmngjdgdkjsbn3k6prt7qnA0n09xng3+p52s15zbs7cfpbA48j6z7fAczhhz55nsy4wdqdv722b6gj929mfrrAs45ss61xp1bwwf37zhh2f9fv4t53ytjn5h/9y2m96yhrphfjcjcxv490cy6txbAmhw4whtl8zvfdq1634td4yjnj8tbkwqz0d2ntlsr3A1j1wzgfnqdkbbskw8Agqv9gf7rgpgzdj54ppkAvxA:A06c59jqdxvpjwqAbkqcfh5cs6wbyl57c5z9A4p080krfA8qw7d4xsy4r43w9btA70w9mt91mhb476l82jvfxn6r5p4ljjc9yyfw0jvp58t37bf8Axj2sctx1l252h990gwlxkphk1p2ty3Anq1h264f4ccltzg07pqn7yzxAmry4br4vxstzrkb5tgdhv08v59bcbnl04cln97kt39fyd75y263p51q8fnl9js3q0n21rg5t2mt+mg6y9kw6jnhzwlm66sf31f5mn9rf28kksvmdkx:g4wh3z104gk9lw5m3nkf519vmhwrn36j0rq69yd8pt565bpl72xsqnygf92jlbt3m6c98vy91w33c5p2m11qAx9x0lzcsjscpy5r6l8xzms83q89l10ssps3b4z82yyjc2vkyv7k9cfy66b7vwr6z1prs54gdwrfkqvgr195z7f2qs9gtbtz98tA35jxf0j2f870h00xsfhlnxgr05A1sg0ckdmklp0w42n/b8sgrdqnpntq87c1mm5gcA7596Arw0Ajdqm8c86yzhpm4xq4bqy64z:yw9xdmb9kkm8wqfj9zsg9vjh14mq4xxcgpkr82842Argphv0qkyt8pgAr38Ays9hh3d29pl9vp3wcsc5Ajnhn4h2ngtgl47A7c1f40bzhy7rbb116qsflmqd61f+mgkpc39fs6Abmcg8x37y3rkn3Asffdyk08tz1h9w6vtlzd7Aph78219484pyf12xfmq46z2nzbhlAdk1Aw782tmg0q5Am4pmyb1rkgwwzg3vqqggb9h7vmn6qmr67wxc25gf2gksyw9j7w7zfgdhlrpybnlc4h9:yjq11c1f8t386ds4g0296sr2jAzdn2mw3h4pzbrhrpf66wh4t893qjmchq8zkj59bdds92qwvfdhds3ytxr73zw1A8jf9vqgdv25m13gj0phrwrn70kb7hk83fvzxlwwd9bd65cl1s7A7553tl0k1nrt6db5fz2h52q4nzxzbbkrnx6qp0rnf2ccp33fkkdxzAgl909wnn5yfh1464p602dbs5gtgz9dxf986mp38bjlcdfmpy7cyftxk52psshl81x12Ayxldwzyj2vz8xwzk8ck1 HTTP 302
    http://babelsurf.net/BS_1_primary_chain_2019_06_12_01_1_x94?email=patrick.casper@outlook.com&el=cGF0cmljay5jYXNwZXJAb3V0bG9vay5jb20=&&eml HTTP 302
    https://towertraffic.top/www/delivery/afrm.php?cb=123987&el=patrick.casper%40outlook.com&email=patrick.casper%40outlook.com&zoneid=655 HTTP 302
    https://towertraffic.top/www/delivery/cl.php?bannerid=2143&zoneid=655&sig=61ca0c29943877dd50d6d41fb969b6abde0c4348d8bf609708641e3210006c3f&oadest=https%3A%2F%2Ftperfc.com%2Fv1%2Fredirect%2F6432%3F&cb=123987&el=patrick.casper@outlook.com&email=patrick.casper@outlook.com&zoneid=655 HTTP 302
    https://tperfc.com/v1/redirect/6432?&el=patrick.casper@outlook.com&email=patrick.casper@outlook.com HTTP 301
    https://eu-adsrv.rtbsuperhub.com/ir/?placement=d88b1f26-0af7-425b-8202-fd107d1edae8 HTTP 302
    https://eu-adsrv.rtbsuperhub.com/click/?subPublisher=popunder:eu-adsrv.rtbsuperhub.com&zone=popunder:eu-adsrv.rtbsuperhub.com&adformat=push&auctionid=630f8b2e8b79e-217209&uniqueid=40df0fe3488be93e353ef28093389282&name=26248_push_deu_all_email_1940_63&newservice=true&cmsid=landing--mlp88c--landing--fik8007&tpcampid=52db2d36-6ce3-4bea-8b2e-351e50ab0764&imp_tagid=26248_push_deu_all_email_1940_63&uid=TP-630f8b2e8b0bd1.85367967&campaign_lp=1:landing--mlp88c--landing--fik8007&product=fetooweb HTTP 302
    https://www.chat4more.com/landing/mlp88c?subPublisher=popunder:eu-adsrv.rtbsuperhub.com&zone=popunder:eu-adsrv.rtbsuperhub.com&adformat=push&auctionid=630f8b2e8b79e-217209&uniqueid=40df0fe3488be93e353ef28093389282&name=26248_push_deu_all_email_1940_63&newservice=true&cmsid=landing--mlp88c--landing--fik8007&tpcampid=52db2d36-6ce3-4bea-8b2e-351e50ab0764&imp_tagid=26248_push_deu_all_email_1940_63&uid=TP-630f8b2e8b0bd1.85367967&campaign_lp=1:landing--mlp88c--landing--fik8007&product=fetooweb&zz=true&nextPage=/landing/fik8007&ur-api-fetch-hitid=true Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request mlp88c
www.chat4more.com/landing/
Redirect Chain
  • http://fgh.7u41q.a0dgfln.oys.matchesinyourmailbox.com/xppkv395bqj7blq1q29zl533gd8pkbv0mjggvzb4fvzfjq9tvy86l7y1788c5z326rhfg6hwd4vsx6n8mcx1f6bs2q96vnrgpy8lv9kprx7kgsxlAm7yAg1fwcw66fpmvxxhm5tgzc4z2qc...
  • http://babelsurf.net/BS_1_primary_chain_2019_06_12_01_1_x94?email=patrick.casper@outlook.com&el=cGF0cmljay5jYXNwZXJAb3V0bG9vay5jb20=&&eml
  • https://towertraffic.top/www/delivery/afrm.php?cb=123987&el=patrick.casper%40outlook.com&email=patrick.casper%40outlook.com&zoneid=655
  • https://towertraffic.top/www/delivery/cl.php?bannerid=2143&zoneid=655&sig=61ca0c29943877dd50d6d41fb969b6abde0c4348d8bf609708641e3210006c3f&oadest=https%3A%2F%2Ftperfc.com%2Fv1%2Fredirect%2F6432%3F&...
  • https://tperfc.com/v1/redirect/6432?&el=patrick.casper@outlook.com&email=patrick.casper@outlook.com
  • https://eu-adsrv.rtbsuperhub.com/ir/?placement=d88b1f26-0af7-425b-8202-fd107d1edae8
  • https://eu-adsrv.rtbsuperhub.com/click/?subPublisher=popunder:eu-adsrv.rtbsuperhub.com&zone=popunder:eu-adsrv.rtbsuperhub.com&adformat=push&auctionid=630f8b2e8b79e-217209&uniqueid=40df0fe3488be93e3...
  • https://www.chat4more.com/landing/mlp88c?subPublisher=popunder:eu-adsrv.rtbsuperhub.com&zone=popunder:eu-adsrv.rtbsuperhub.com&adformat=push&auctionid=630f8b2e8b79e-217209&uniqueid=40df0fe3488be93e...
12 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.chat4more.com/landing/mlp88c?subPublisher=popunder:eu-adsrv.rtbsuperhub.com&zone=popunder:eu-adsrv.rtbsuperhub.com&adformat=push&auctionid=630f8b2e8b79e-217209&uniqueid=40df0fe3488be93e353ef28093389282&name=26248_push_deu_all_email_1940_63&newservice=true&cmsid=landing--mlp88c--landing--fik8007&tpcampid=52db2d36-6ce3-4bea-8b2e-351e50ab0764&imp_tagid=26248_push_deu_all_email_1940_63&uid=TP-630f8b2e8b0bd1.85367967&campaign_lp=1:landing--mlp88c--landing--fik8007&product=fetooweb&zz=true&nextPage=/landing/fik8007&ur-api-fetch-hitid=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e1a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
33052c79e98620fdf34ab1fb88e65a122a75d06eef4e8c85498b7f2d032646bc

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-headers
X-Requested-With, Content-Type, Accept, Origin, Authorization
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS, HEAD
access-control-allow-origin
*
cache-control
max-age=0, private, must-revalidate no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-cache-status
DYNAMIC
cf-ray
74371d846b649b49-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 31 Aug 2022 16:24:14 GMT
pragma
no-cache
server
cloudflare
vary
Accept-Encoding

Redirect headers

Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=UTF-8
Date
Wed, 31 Aug 2022 16:24:14 GMT
Location
https://www.chat4more.com/landing/mlp88c?subPublisher=popunder:eu-adsrv.rtbsuperhub.com&zone=popunder:eu-adsrv.rtbsuperhub.com&adformat=push&auctionid=630f8b2e8b79e-217209&uniqueid=40df0fe3488be93e353ef28093389282&name=26248_push_deu_all_email_1940_63&newservice=true&cmsid=landing--mlp88c--landing--fik8007&tpcampid=52db2d36-6ce3-4bea-8b2e-351e50ab0764&imp_tagid=26248_push_deu_all_email_1940_63&uid=TP-630f8b2e8b0bd1.85367967&campaign_lp=1:landing--mlp88c--landing--fik8007&product=fetooweb&zz=true&nextPage=/landing/fik8007&ur-api-fetch-hitid=true
Server
nginx/1.20.0
style.css
lpmedia.servefilesonly.com/style/mb/mlp88/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://lpmedia.servefilesonly.com/style/mb/mlp88/style.css
Requested by
Host: www.chat4more.com
URL: https://www.chat4more.com/landing/mlp88c?subPublisher=popunder:eu-adsrv.rtbsuperhub.com&zone=popunder:eu-adsrv.rtbsuperhub.com&adformat=push&auctionid=630f8b2e8b79e-217209&uniqueid=40df0fe3488be93e353ef28093389282&name=26248_push_deu_all_email_1940_63&newservice=true&cmsid=landing--mlp88c--landing--fik8007&tpcampid=52db2d36-6ce3-4bea-8b2e-351e50ab0764&imp_tagid=26248_push_deu_all_email_1940_63&uid=TP-630f8b2e8b0bd1.85367967&campaign_lp=1:landing--mlp88c--landing--fik8007&product=fetooweb&zz=true&nextPage=/landing/fik8007&ur-api-fetch-hitid=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:b95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3fd07a0ea5369253ba76769db3d35d8dac7f3fc32d957bc8a9ca7e23ae989ba5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.chat4more.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 16:24:14 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 31 Aug 2022 04:01:28 GMT
server
cloudflare
age
21281
etag
W/"630edd18-1312"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=43200
cf-polished
origSize=4882
cf-bgj
minify
cf-ray
74371d857a5091e7-FRA
expires
Thu, 01 Sep 2022 04:24:14 GMT
vegas.min.css
lpmedia.servefilesonly.com/style/mb/mlp88/ 		9 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://lpmedia.servefilesonly.com/style/mb/mlp88/vegas.min.css
Requested by
Host: www.chat4more.com
URL: https://www.chat4more.com/landing/mlp88c?subPublisher=popunder:eu-adsrv.rtbsuperhub.com&zone=popunder:eu-adsrv.rtbsuperhub.com&adformat=push&auctionid=630f8b2e8b79e-217209&uniqueid=40df0fe3488be93e353ef28093389282&name=26248_push_deu_all_email_1940_63&newservice=true&cmsid=landing--mlp88c--landing--fik8007&tpcampid=52db2d36-6ce3-4bea-8b2e-351e50ab0764&imp_tagid=26248_push_deu_all_email_1940_63&uid=TP-630f8b2e8b0bd1.85367967&campaign_lp=1:landing--mlp88c--landing--fik8007&product=fetooweb&zz=true&nextPage=/landing/fik8007&ur-api-fetch-hitid=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:b95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c4ce7fffb10a410f05c76b535c449d11aee36719d7b2a090fce99c87c0af5ba

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.chat4more.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 16:24:14 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 31 Aug 2022 04:01:28 GMT
server
cloudflare
age
21281
etag
W/"630edd18-2541"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=43200
cf-ray
74371d857a5791e7-FRA
expires
Thu, 01 Sep 2022 04:24:14 GMT
OneSignalSDK.js
cdn.onesignal.com/sdks/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by
Host: www.chat4more.com
URL: https://www.chat4more.com/landing/mlp88c?subPublisher=popunder:eu-adsrv.rtbsuperhub.com&zone=popunder:eu-adsrv.rtbsuperhub.com&adformat=push&auctionid=630f8b2e8b79e-217209&uniqueid=40df0fe3488be93e353ef28093389282&name=26248_push_deu_all_email_1940_63&newservice=true&cmsid=landing--mlp88c--landing--fik8007&tpcampid=52db2d36-6ce3-4bea-8b2e-351e50ab0764&imp_tagid=26248_push_deu_all_email_1940_63&uid=TP-630f8b2e8b0bd1.85367967&campaign_lp=1:landing--mlp88c--landing--fik8007&product=fetooweb&zz=true&nextPage=/landing/fik8007&ur-api-fetch-hitid=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d12c6745eca14e06d4dea70f4c2bd875769b349770d04300477ab18d0db005d4
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.chat4more.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

cf-ray
74371d85cbbcbbdf-FRA
date
Wed, 31 Aug 2022 16:24:15 GMT
via
1.1 google
cf-cache-status
HIT
server
cloudflare
age
2659
etag
W/"ae63ef8ff03da61fffaa7f165729897a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
strict-transport-security
max-age=15552000; includeSubDomains
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sat, 03 Sep 2022 16:24:15 GMT
black-white.gif
lpmedia.servefilesonly.com/img/mb/mlp88/ 		902 KB
903 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lpmedia.servefilesonly.com/img/mb/mlp88/black-white.gif
Requested by
Host: www.chat4more.com
URL: https://www.chat4more.com/landing/mlp88c?subPublisher=popunder:eu-adsrv.rtbsuperhub.com&zone=popunder:eu-adsrv.rtbsuperhub.com&adformat=push&auctionid=630f8b2e8b79e-217209&uniqueid=40df0fe3488be93e353ef28093389282&name=26248_push_deu_all_email_1940_63&newservice=true&cmsid=landing--mlp88c--landing--fik8007&tpcampid=52db2d36-6ce3-4bea-8b2e-351e50ab0764&imp_tagid=26248_push_deu_all_email_1940_63&uid=TP-630f8b2e8b0bd1.85367967&campaign_lp=1:landing--mlp88c--landing--fik8007&product=fetooweb&zz=true&nextPage=/landing/fik8007&ur-api-fetch-hitid=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:b95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
696ba8f16ec0e846694532658c52d911bd5d403318f253764eaa2ab4b56d366a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.chat4more.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 16:24:14 GMT
cf-cache-status
HIT
last-modified
Wed, 31 Aug 2022 04:01:25 GMT
server
cloudflare
age
17022
etag
"630edd15-e16fe"
vary
Accept-Encoding
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=43200
accept-ranges
bytes
cf-ray
74371d859aad91e7-FRA
content-length
923390
expires
Thu, 01 Sep 2022 04:24:14 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.1.1/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js
Requested by
Host: www.chat4more.com
URL: https://www.chat4more.com/landing/mlp88c?subPublisher=popunder:eu-adsrv.rtbsuperhub.com&zone=popunder:eu-adsrv.rtbsuperhub.com&adformat=push&auctionid=630f8b2e8b79e-217209&uniqueid=40df0fe3488be93e353ef28093389282&name=26248_push_deu_all_email_1940_63&newservice=true&cmsid=landing--mlp88c--landing--fik8007&tpcampid=52db2d36-6ce3-4bea-8b2e-351e50ab0764&imp_tagid=26248_push_deu_all_email_1940_63&uid=TP-630f8b2e8b0bd1.85367967&campaign_lp=1:landing--mlp88c--landing--fik8007&product=fetooweb&zz=true&nextPage=/landing/fik8007&ur-api-fetch-hitid=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.chat4more.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 08:14:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
29372
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30244
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 31 Aug 2023 08:14:43 GMT
vegas.min.js
lpmedia.servefilesonly.com/js/mb/mlp88/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lpmedia.servefilesonly.com/js/mb/mlp88/vegas.min.js
Requested by
Host: www.chat4more.com
URL: https://www.chat4more.com/landing/mlp88c?subPublisher=popunder:eu-adsrv.rtbsuperhub.com&zone=popunder:eu-adsrv.rtbsuperhub.com&adformat=push&auctionid=630f8b2e8b79e-217209&uniqueid=40df0fe3488be93e353ef28093389282&name=26248_push_deu_all_email_1940_63&newservice=true&cmsid=landing--mlp88c--landing--fik8007&tpcampid=52db2d36-6ce3-4bea-8b2e-351e50ab0764&imp_tagid=26248_push_deu_all_email_1940_63&uid=TP-630f8b2e8b0bd1.85367967&campaign_lp=1:landing--mlp88c--landing--fik8007&product=fetooweb&zz=true&nextPage=/landing/fik8007&ur-api-fetch-hitid=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:b95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f429d68fdbafa7014fe049bcae44fdec1e4cdd61c9de788b79c1b0bb57999188

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.chat4more.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 16:24:14 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 31 Aug 2022 04:01:25 GMT
server
cloudflare
age
21281
etag
W/"630edd15-26ba"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=43200
cf-ray
74371d859aa191e7-FRA
expires
Thu, 01 Sep 2022 04:24:14 GMT
app.js
lpmedia.servefilesonly.com/js/mb/mlp88/ 		2 KB
764 B 		Script
General
Check archive.org
Download Go to
Full URL
https://lpmedia.servefilesonly.com/js/mb/mlp88/app.js
Requested by
Host: www.chat4more.com
URL: https://www.chat4more.com/landing/mlp88c?subPublisher=popunder:eu-adsrv.rtbsuperhub.com&zone=popunder:eu-adsrv.rtbsuperhub.com&adformat=push&auctionid=630f8b2e8b79e-217209&uniqueid=40df0fe3488be93e353ef28093389282&name=26248_push_deu_all_email_1940_63&newservice=true&cmsid=landing--mlp88c--landing--fik8007&tpcampid=52db2d36-6ce3-4bea-8b2e-351e50ab0764&imp_tagid=26248_push_deu_all_email_1940_63&uid=TP-630f8b2e8b0bd1.85367967&campaign_lp=1:landing--mlp88c--landing--fik8007&product=fetooweb&zz=true&nextPage=/landing/fik8007&ur-api-fetch-hitid=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:b95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dd4f6b30c3c8089efac8dd8422165aa2b507e33ca1c42b6e3a4b43990cf10816

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.chat4more.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 16:24:14 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 31 Aug 2022 04:01:25 GMT
server
cloudflare
age
17789
etag
W/"630edd15-bd2"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=43200
cf-polished
origSize=3026
cf-bgj
minify
cf-ray
74371d859aa991e7-FRA
expires
Thu, 01 Sep 2022 04:24:14 GMT
OneSignalPageSDKES6.js
cdn.onesignal.com/sdks/ 		283 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151514
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
843114448aaeeda7e8caa0cf76d61e0c63b8bffccd34517483363fdb15cdc80c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.chat4more.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

cf-ray
74371d86098b9a3c-FRA
date
Wed, 31 Aug 2022 16:24:15 GMT
via
1.1 google
cf-cache-status
HIT
server
cloudflare
age
65
etag
W/"2f96824aee4bf927e734cc519e3e726d"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
strict-transport-security
max-age=15552000; includeSubDomains
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sat, 03 Sep 2022 16:24:15 GMT
web
onesignal.com/api/v1/sync/63f30cfe-92db-4b3c-a19c-d4f80cff979d/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/api/v1/sync/63f30cfe-92db-4b3c-a19c-d4f80cff979d/web?callback=__jp0
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151514
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a8e84017da6f06c85c212873b766fc5585ea2cbdf19dd2703296e307a4e2db72
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.chat4more.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 16:24:15 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
x-permitted-cross-domain-policies
none
age
1379
cf-polished
origSize=3361
status
200 OK
x-envoy-upstream-service-time
86
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
75d7a348-0e55-4d11-96f9-91539795bacb
x-runtime
0.083394
referrer-policy
strict-origin-when-cross-origin
cf-bgj
minify
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"1245ac8be6784dd4a0c525857cad874c"
x-download-options
noopen
strict-transport-security
max-age=15552000; includeSubDomains
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=3600
cf-ray
74371d86adc4bbdf-FRA
access-control-allow-headers
SDK-Version
expires
Wed, 31 Aug 2022 17:24:15 GMT
slide3.jpg
lpmedia.servefilesonly.com/img/mb/mlp88/ 		88 KB
88 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lpmedia.servefilesonly.com/img/mb/mlp88/slide3.jpg
Requested by
Host: www.chat4more.com
URL: https://www.chat4more.com/landing/mlp88c?subPublisher=popunder:eu-adsrv.rtbsuperhub.com&zone=popunder:eu-adsrv.rtbsuperhub.com&adformat=push&auctionid=630f8b2e8b79e-217209&uniqueid=40df0fe3488be93e353ef28093389282&name=26248_push_deu_all_email_1940_63&newservice=true&cmsid=landing--mlp88c--landing--fik8007&tpcampid=52db2d36-6ce3-4bea-8b2e-351e50ab0764&imp_tagid=26248_push_deu_all_email_1940_63&uid=TP-630f8b2e8b0bd1.85367967&campaign_lp=1:landing--mlp88c--landing--fik8007&product=fetooweb&zz=true&nextPage=/landing/fik8007&ur-api-fetch-hitid=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:b95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d9f6061612898550674c7689bee06ade8a8076ad3507f58e5aad29b0245f02eb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.chat4more.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 16:24:15 GMT
cf-cache-status
HIT
last-modified
Tue, 30 Aug 2022 07:40:51 GMT
server
cloudflare
age
40056
etag
"630dbf03-15ef7"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=43200
cf-bgj
h2pri
accept-ranges
bytes
cf-ray
74371d86bce991e7-FRA
content-length
89847
expires
Thu, 01 Sep 2022 04:24:15 GMT
OneSignalSDKStyles.css
onesignal.com/sdks/ 		82 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/sdks/OneSignalSDKStyles.css?v=2
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151514
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.chat4more.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

cf-ray
74371d86dad59a3c-FRA
date
Wed, 31 Aug 2022 16:24:15 GMT
via
1.1 google
cf-cache-status
HIT
server
cloudflare
age
2543
etag
W/"4e9aaefffd5f8ae7dc83361aa2294190"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=2592000
strict-transport-security
max-age=15552000; includeSubDomains
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Fri, 30 Sep 2022 16:24:15 GMT
icon
onesignal.com/api/v1/apps/63f30cfe-92db-4b3c-a19c-d4f80cff979d/ 		184 B
599 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/api/v1/apps/63f30cfe-92db-4b3c-a19c-d4f80cff979d/icon
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151514
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
24f7531062b5a5858710f2bf812d21a26058327fcffcf5fb97a2f2d1cfc91477
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.chat4more.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 16:24:15 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
x-permitted-cross-domain-policies
none
age
26
status
200 OK
x-envoy-upstream-service-time
13
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
e60357a2-e54a-44ee-ac1f-b04e3fe5994e
x-runtime
0.011653
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"24f7531062b5a5858710f2bf812d21a2"
x-download-options
noopen
strict-transport-security
max-age=15552000; includeSubDomains
content-type
application/json; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
max-age=0, private, must-revalidate
cf-ray
74371d87381a9159-FRA
access-control-allow-headers
SDK-Version
16261e02-eb17-4e6d-9dbe-10e41a0e1946
img.onesignal.com/permanent/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.onesignal.com/permanent/16261e02-eb17-4e6d-9dbe-10e41a0e1946
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3417acb3eb921fbfbe6cbc9a604f640606549cd7163609ec20e6354b7756159b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.chat4more.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 16:24:15 GMT
vary
Accept-Encoding
cf-cache-status
HIT
age
367
x-amz-meta-cache-control
public, maxage=604800
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
11074
x-amz-id-2
h+B8rexFTlcXtw/dnZ4Z2vuaKIvdSeVbnNRq0/9abJNP2GAb9Lmu9OGCePAguXS+xvJPsn3YFC4=
last-modified
Mon, 29 Aug 2022 20:50:44 GMT
server
cloudflare
etag
"026931f96d25d5e1746eed4f28c15261"
strict-transport-security
max-age=15552000; includeSubDomains
x-amz-request-id
RS6CVQKABAX7DQ3Y
cache-control
public, max-age=2678400
accept-ranges
bytes
cf-ray
74371d877f99bbdf-FRA
expires
Sat, 01 Oct 2022 16:24:15 GMT
slide1.jpg
lpmedia.servefilesonly.com/img/mb/mlp88/ 		96 KB
96 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lpmedia.servefilesonly.com/img/mb/mlp88/slide1.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:b95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36b30ef0d2f6c2c10b863b3e357e1809ee703560cb7be5035dfa8f4b5289ff05

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.chat4more.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 16:24:18 GMT
cf-cache-status
HIT
last-modified
Tue, 30 Aug 2022 07:40:51 GMT
server
cloudflare
age
39958
etag
"630dbf03-17fbf"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=43200
cf-bgj
h2pri
accept-ranges
bytes
cf-ray
74371d9d7ffb91e7-FRA
content-length
98239
expires
Thu, 01 Sep 2022 04:24:18 GMT

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| OneSignal number| __oneSignalSdkLoadCount function| __jp0 function| $ function| jQuery function| loadingText function| populateLinks

6 Cookies

Domain/Path Name / Value
eu-adsrv.rtbsuperhub.com/ir Name: srtbid
Value: TP-630f8b2e8b0bd1.85367967
towertraffic.top/ Name: OAGEO
Value: 2%7CUS%7CNA%7C%7C%7C%7C37.751%7C-97.822%7C1000%7CAmerica%2FChicago%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C
towertraffic.top/ Name: OAID
Value: 843b8aa6f9849c8b59753f49e3403dfe
www.chat4more.com/ Name: PHPSESSID
Value: c4babra4d3h1dr66tpa1mut0pa
.chat4more.com/ Name: __cf_bm
Value: OfEZlV_6WcMuqaDEJAsN4hoL...HZ81WuqUYvG_RCs8-1661963054-0-AZE78kl3bVi0mb6XvicZqDTYKPjdbdpXwgfX09p8xHLnZigFwm1Yb7c0xxhbqCU6TPJRW19LpQNtmtJb58prkpQ=
.servefilesonly.com/ Name: __cf_bm
Value: OdMZHOsr2iRGb9YTXJ973LualziPbCUb_k3sRMQ3Zf0-1661963054-0-AezWEEYjW7HcVRQUSsNkDB6TsPrdyoVjTfBNJN/ZkM5Jz4S96dRWnd+diqHjKyA8VWZI+0uASMlcipmsmABFtMw=

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
babelsurf.net
cdn.onesignal.com
eu-adsrv.rtbsuperhub.com
fgh.7u41q.a0dgfln.oys.matchesinyourmailbox.com
img.onesignal.com
lpmedia.servefilesonly.com
onesignal.com
towertraffic.top
tperfc.com
www.chat4more.com
129.205.59.75
2606:4700:3035::ac43:da97
2606:4700::6812:b95
2606:4700::6812:e134
2606:4700::6812:e1a
2a00:1450:4001:812::200a
2a06:98c1:3120::c
35.205.113.186
52.211.141.128
24f7531062b5a5858710f2bf812d21a26058327fcffcf5fb97a2f2d1cfc91477
33052c79e98620fdf34ab1fb88e65a122a75d06eef4e8c85498b7f2d032646bc
3417acb3eb921fbfbe6cbc9a604f640606549cd7163609ec20e6354b7756159b
36b30ef0d2f6c2c10b863b3e357e1809ee703560cb7be5035dfa8f4b5289ff05
3fd07a0ea5369253ba76769db3d35d8dac7f3fc32d957bc8a9ca7e23ae989ba5
696ba8f16ec0e846694532658c52d911bd5d403318f253764eaa2ab4b56d366a
6c4ce7fffb10a410f05c76b535c449d11aee36719d7b2a090fce99c87c0af5ba
843114448aaeeda7e8caa0cf76d61e0c63b8bffccd34517483363fdb15cdc80c
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
a8e84017da6f06c85c212873b766fc5585ea2cbdf19dd2703296e307a4e2db72
d12c6745eca14e06d4dea70f4c2bd875769b349770d04300477ab18d0db005d4
d9f6061612898550674c7689bee06ade8a8076ad3507f58e5aad29b0245f02eb
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7
dd4f6b30c3c8089efac8dd8422165aa2b507e33ca1c42b6e3a4b43990cf10816
f429d68fdbafa7014fe049bcae44fdec1e4cdd61c9de788b79c1b0bb57999188