urlscan.io logo urlscan.io
SecurityTrails logo

exact-offer.xyz Open in urlscan Pro
88.214.193.29  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://tiktok.8y8r.cloud/nbNkAfR
Effective URL: https://exact-offer.xyz/chat?external_id=w673vhmf1v422jim20ikfidu&cost=&external_cid=b12060d5-e9c9-4b85-9eb5-b41285f8263...
Submission Tags: falconsandbox
Submission: On February 12 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 6 countries across 14 domains to perform 26 HTTP transactions. The main IP is 88.214.193.29, located in United Kingdom and belongs to NATCOWEB, US. The main domain is exact-offer.xyz.
TLS certificate: Issued by R3 on January 29th 2023. Valid for: 3 months.
This is the only time exact-offer.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 149.3.170.207 213373 (IPCONNECT)
1 1 64.227.23.114 14061 (DIGITALOC...)
3 99.198.108.194 32475 (SINGLEHOP...)
2 3 51.68.85.158 16276 (OVH)
1 1 34.90.46.36 396982 (GOOGLE-CL...)
4 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 1 18.158.88.249 16509 (AMAZON-02)
3 88.214.193.29 46636 (NATCOWEB)
3 69.16.175.42 20446 (STACKPATH...)
1 2a00:1450:400... 15169 (GOOGLE)
8 2600:9000:214... 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
26 9
1    149.3.170.207 (Seychelles)

ASN213373 (IPCONNECT, SC)
tiktok.8y8r.cloud
1    64.227.23.114 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
polo.thegadgetguru.club
3    99.198.108.194 (United States)

ASN32475 (SINGLEHOP-LLC, US)
PTR: server04.com-2.mobi
monkey.redirectmaster.com
3    51.68.85.158 (France)

ASN16276 (OVH, FR)
www.turbotrck.art
1    34.90.46.36 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 36.46.90.34.bc.googleusercontent.com
admoustache.go2affise.com
4    2a06:98c1:3121::c (United States)

ASN13335 (CLOUDFLARENET, US)
news.isohnut.com
1    2606:4700:3035::ac43:9efb (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.addlnk.com
1    18.158.88.249 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-158-88-249.eu-central-1.compute.amazonaws.com
perserymanked.com
3    88.214.193.29 (United Kingdom)

ASN46636 (NATCOWEB, US)
exact-offer.xyz
trk.adnce.com
3    69.16.175.42 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: tlb.hwcdn.net
j6g8i2b5.ssl.hwcdn.net
1    2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
8    2600:9000:214f:2e00:5:5907:a500:21 (United States)

ASN16509 (AMAZON-02, US)
d3rlh0lneatqqc.cloudfront.net
2    2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
8 cloudfront.net
d3rlh0lneatqqc.cloudfront.net
6 KB
4 isohnut.com
news.isohnut.com
25 KB
3 hwcdn.net
j6g8i2b5.ssl.hwcdn.net
22 KB
3 turbotrck.art
www.turbotrck.art
6 KB
3 redirectmaster.com
monkey.redirectmaster.com
7 KB
2 gstatic.com
fonts.gstatic.com
32 KB
2 adnce.com
trk.adnce.com
281 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 34
1 KB
1 exact-offer.xyz
exact-offer.xyz
3 KB
1 perserymanked.com
perserymanked.com — Cisco Umbrella Rank: 412421
751 B
1 addlnk.com
cdn.addlnk.com — Cisco Umbrella Rank: 613650
1 KB
1 go2affise.com
admoustache.go2affise.com
238 B
1 thegadgetguru.club
polo.thegadgetguru.club — Cisco Umbrella Rank: 761855
295 B
1 8y8r.cloud
tiktok.8y8r.cloud
318 B
26 14
Domain Requested by
8 d3rlh0lneatqqc.cloudfront.net exact-offer.xyz
4 news.isohnut.com www.turbotrck.art
monkey.redirectmaster.com
news.isohnut.com
3 j6g8i2b5.ssl.hwcdn.net exact-offer.xyz
3 www.turbotrck.art 2 redirects monkey.redirectmaster.com
3 monkey.redirectmaster.com monkey.redirectmaster.com
2 fonts.gstatic.com fonts.googleapis.com
2 trk.adnce.com j6g8i2b5.ssl.hwcdn.net
exact-offer.xyz
1 fonts.googleapis.com client
1 exact-offer.xyz news.isohnut.com
1 perserymanked.com 1 redirects
1 cdn.addlnk.com news.isohnut.com
1 admoustache.go2affise.com 1 redirects
1 polo.thegadgetguru.club 1 redirects
1 tiktok.8y8r.cloud 1 redirects
26 14

This site contains no links.

Subject Issuer Validity Valid
monkey.redirectmaster.com
R3		 2023-01-11 -
2023-04-11		 3 months crt.sh
www.turbotrck.art
R3		 2022-12-30 -
2023-03-30		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-05-17 -
2023-05-16		 a year crt.sh
exact-offer.xyz
R3		 2023-01-29 -
2023-04-29		 3 months crt.sh
*.ssl.hwcdn.net
Sectigo RSA Domain Validation Secure Server CA		 2022-12-30 -
2024-01-19		 a year crt.sh
trk.adnce.com
R3		 2023-01-14 -
2023-04-14		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-01-31 -
2023-04-25		 3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2022-12-08 -
2023-12-07		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-01-31 -
2023-04-25		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://exact-offer.xyz/chat?external_id=w673vhmf1v422jim20ikfidu&cost=&external_cid=b12060d5-e9c9-4b85-9eb5-b41285f82634&source=6efa2ba6-87c4-4bb2-b973-4ec73420e640&publisher=eran&placement=9060a41f_503&ts=c181ca30-04e8-4bfc-aa50-ac6cfc246e76&cid=8b6fd34c-5569-f705-1f17-d62a757242b1
Frame ID: B77F4D0E6C9A2CC5A0FEA3A81FD0BD48
Requests: 23 HTTP requests in this frame

Frame: https://news.isohnut.com/cdn-cgi/challenge-platform/h/b/scripts/cb/invisible.js?cb=7982434cfccf90dd
Frame ID: 78500E63119482EFF0898A7FCFEED9A2
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Hello 👋 and congratulations!

Page URL History Show full URLs

  1. http://tiktok.8y8r.cloud/nbNkAfR HTTP 302
    https://polo.thegadgetguru.club/?k=ef202c33ba40584012084b548432c1b6&type=mainstream&subtype=global HTTP 302
    https://monkey.redirectmaster.com/?utm_medium=9edef15e72214e8a973d0e5b01f40580976cda9b&utm_campaign=optimizedb Page URL
  2. https://monkey.redirectmaster.com/?utm_term=7199107384231329853&ver=4viyaptcjo&utm_content=fdc2c69a9cafac9c949... Page URL
  3. https://monkey.redirectmaster.com/proc.php?33741c1bde8e52ef684cf6a1266a9460eaf879e5 Page URL
  4. https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7199107384231329853&website... Page URL
  5. https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7199107384231329853&website... HTTP 302
    https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7199107384231329853&website... HTTP 302
    https://admoustache.go2affise.com/sl?id=5f0efd61dabed1d602e0fe6a&pid=503&sub1=33000304c2efef98edb259bf8ce80c2d... HTTP 302
    https://news.isohnut.com/rc/a91581ead4?affclick=63e85e076aa21800015c03f1&pubid=503 Page URL
  6. https://perserymanked.com/b12060d5-e9c9-4b85-9eb5-b41285f82634?c2=9060a41f_503&c1=pubcab087883836465ca... HTTP 302
    https://exact-offer.xyz/chat?external_id=w673vhmf1v422jim20ikfidu&cost=&external_cid=b12060d5-e9c9-4... Page URL

Page Statistics

26
Requests

100 %
HTTPS

38 %
IPv6

14
Domains

14
Subdomains

9
IPs

6
Countries

102 kB
Transfer

147 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://tiktok.8y8r.cloud/nbNkAfR HTTP 302
    https://polo.thegadgetguru.club/?k=ef202c33ba40584012084b548432c1b6&type=mainstream&subtype=global HTTP 302
    https://monkey.redirectmaster.com/?utm_medium=9edef15e72214e8a973d0e5b01f40580976cda9b&utm_campaign=optimizedb Page URL
  2. https://monkey.redirectmaster.com/?utm_term=7199107384231329853&ver=4viyaptcjo&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2f5f6f3f3f3f3f3e8efe8edeaebefe9e074 Page URL
  3. https://monkey.redirectmaster.com/proc.php?33741c1bde8e52ef684cf6a1266a9460eaf879e5 Page URL
  4. https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7199107384231329853&website=4400-bd34abaz&placement=4400&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2f5f6f3f3f3f3f3e8efe8edeaebefe9e074 Page URL
  5. https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7199107384231329853&website=4400-bd34abaz&placement=4400&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2f5f6f3f3f3f3f3e8efe8edeaebefe9e074&eyeg=7bc7148deed47ea2d13b9d6c1d0bb986&eyer=0.8472587330350276&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=monkey.redirectmaster.com HTTP 302
    https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7199107384231329853&website=4400-bd34abaz&placement=4400&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2f5f6f3f3f3f3f3e8efe8edeaebefe9e074&eyeg=3&eyer=0.8472587330350276&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=monkey.redirectmaster.com HTTP 302
    https://admoustache.go2affise.com/sl?id=5f0efd61dabed1d602e0fe6a&pid=503&sub1=33000304c2efef98edb259bf8ce80c2d2fbeb0212-202302-flb*5564921-b2be6*M7199107384231329853*sl_5564921-b2be6*0fd992c9dbf3bc4a06acf0ad7caf1fdcc5e40121*4400-bd34abaz*4400 HTTP 302
    https://news.isohnut.com/rc/a91581ead4?affclick=63e85e076aa21800015c03f1&pubid=503 Page URL
  6. https://perserymanked.com/b12060d5-e9c9-4b85-9eb5-b41285f82634?c2=9060a41f_503&c1=pubcab087883836465ca474a2ae3c38156d HTTP 302
    https://exact-offer.xyz/chat?external_id=w673vhmf1v422jim20ikfidu&cost=&external_cid=b12060d5-e9c9-4b85-9eb5-b41285f82634&source=6efa2ba6-87c4-4bb2-b973-4ec73420e640&publisher=eran&placement=9060a41f_503&ts=c181ca30-04e8-4bfc-aa50-ac6cfc246e76&cid=8b6fd34c-5569-f705-1f17-d62a757242b1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://tiktok.8y8r.cloud/nbNkAfR HTTP 302
  • https://polo.thegadgetguru.club/?k=ef202c33ba40584012084b548432c1b6&type=mainstream&subtype=global HTTP 302
  • https://monkey.redirectmaster.com/?utm_medium=9edef15e72214e8a973d0e5b01f40580976cda9b&utm_campaign=optimizedb
Request Chain 4
  • https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7199107384231329853&website=4400-bd34abaz&placement=4400&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2f5f6f3f3f3f3f3e8efe8edeaebefe9e074&eyeg=7bc7148deed47ea2d13b9d6c1d0bb986&eyer=0.8472587330350276&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=monkey.redirectmaster.com HTTP 302
  • https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7199107384231329853&website=4400-bd34abaz&placement=4400&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2f5f6f3f3f3f3f3e8efe8edeaebefe9e074&eyeg=3&eyer=0.8472587330350276&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=monkey.redirectmaster.com HTTP 302
  • https://admoustache.go2affise.com/sl?id=5f0efd61dabed1d602e0fe6a&pid=503&sub1=33000304c2efef98edb259bf8ce80c2d2fbeb0212-202302-flb*5564921-b2be6*M7199107384231329853*sl_5564921-b2be6*0fd992c9dbf3bc4a06acf0ad7caf1fdcc5e40121*4400-bd34abaz*4400 HTTP 302
  • https://news.isohnut.com/rc/a91581ead4?affclick=63e85e076aa21800015c03f1&pubid=503

26 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
monkey.redirectmaster.com/
Redirect Chain
  • http://tiktok.8y8r.cloud/nbNkAfR
  • https://polo.thegadgetguru.club/?k=ef202c33ba40584012084b548432c1b6&type=mainstream&subtype=global
  • https://monkey.redirectmaster.com/?utm_medium=9edef15e72214e8a973d0e5b01f40580976cda9b&utm_campaign=optimizedb
3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://monkey.redirectmaster.com/?utm_medium=9edef15e72214e8a973d0e5b01f40580976cda9b&utm_campaign=optimizedb
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
99.198.108.194 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
server04.com-2.mobi
Software
nginx / PHP/8.2.0
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate, max-age=0
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 12 Feb 2023 03:33:26 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://monkey.redirectmaster.com/?utm_term=7199107384231329853&ver=4viyaptcjo
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubdomains
vary
Accept-Encoding
x-powered-by
PHP/8.2.0

Redirect headers

Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=UTF-8
Date
Sun, 12 Feb 2023 03:33:26 GMT
Location
https://monkey.redirectmaster.com/?utm_medium=9edef15e72214e8a973d0e5b01f40580976cda9b&utm_campaign=optimizedb
Server
nginx/1.16.1 (Ubuntu)
/
monkey.redirectmaster.com/ 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://monkey.redirectmaster.com/?utm_term=7199107384231329853&ver=4viyaptcjo&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2f5f6f3f3f3f3f3e8efe8edeaebefe9e074
Requested by
Host: monkey.redirectmaster.com
URL: https://monkey.redirectmaster.com/?utm_medium=9edef15e72214e8a973d0e5b01f40580976cda9b&utm_campaign=optimizedb
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
99.198.108.194 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
server04.com-2.mobi
Software
nginx / PHP/8.2.0
Resource Hash
6b69987db771fe1bd6c08e99ccad5b0b5386d983105e9c32ed78656f0c1ff12b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains

Request headers

Referer
https://monkey.redirectmaster.com/?utm_medium=9edef15e72214e8a973d0e5b01f40580976cda9b&utm_campaign=optimizedb
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate, max-age=0
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Sun, 12 Feb 2023 03:33:26 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubdomains
vary
Accept-Encoding
x-powered-by
PHP/8.2.0
proc.php
monkey.redirectmaster.com/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://monkey.redirectmaster.com/proc.php?33741c1bde8e52ef684cf6a1266a9460eaf879e5
Requested by
Host: monkey.redirectmaster.com
URL: https://monkey.redirectmaster.com/?utm_term=7199107384231329853&ver=4viyaptcjo&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2f5f6f3f3f3f3f3e8efe8edeaebefe9e074
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
99.198.108.194 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
server04.com-2.mobi
Software
nginx / PHP/8.2.0
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains

Request headers

Referer
https://monkey.redirectmaster.com/?utm_term=7199107384231329853&ver=4viyaptcjo&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2f5f6f3f3f3f3f3e8efe8edeaebefe9e074
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate, max-age=0
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 12 Feb 2023 03:33:26 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7199107384231329853&website=4400-bd34abaz&placement=4400
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubdomains
vary
Accept-Encoding
x-powered-by
PHP/8.2.0
/
www.turbotrck.art/ 		5 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7199107384231329853&website=4400-bd34abaz&placement=4400&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2f5f6f3f3f3f3f3e8efe8edeaebefe9e074
Requested by
Host: monkey.redirectmaster.com
URL: https://monkey.redirectmaster.com/proc.php?33741c1bde8e52ef684cf6a1266a9460eaf879e5
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.68.85.158 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://monkey.redirectmaster.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-CH
Sec-CH-UA-Platform-Version
Cache-Control
no-transform
Connection
keep-alive
Content-Type
text/html
Date
Sun, 12 Feb 2023 03:33:27 GMT
Transfer-Encoding
chunked
a91581ead4
news.isohnut.com/rc/
Redirect Chain
  • https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7199107384231329853&website=4400-bd34abaz&placement=4400&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858...
  • https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7199107384231329853&website=4400-bd34abaz&placement=4400&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858...
  • https://admoustache.go2affise.com/sl?id=5f0efd61dabed1d602e0fe6a&pid=503&sub1=33000304c2efef98edb259bf8ce80c2d2fbeb0212-202302-flb*5564921-b2be6*M7199107384231329853*sl_5564921-b2be6*0fd992c9dbf3bc...
  • https://news.isohnut.com/rc/a91581ead4?affclick=63e85e076aa21800015c03f1&pubid=503
3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://news.isohnut.com/rc/a91581ead4?affclick=63e85e076aa21800015c03f1&pubid=503
Requested by
Host: www.turbotrck.art
URL: https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7199107384231329853&website=4400-bd34abaz&placement=4400&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2f5f6f3f3f3f3f3e8efe8edeaebefe9e074
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
03db27ed5fa2cc1d0ce3aa37a15ec400ec5ac23d996e9f22589693a8da78c4d3

Request headers

Referer
https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7199107384231329853&website=4400-bd34abaz&placement=4400&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2f5f6f3f3f3f3f3e8efe8edeaebefe9e074
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7982434cfccf90dd-FRA
content-encoding
br
content-language
en-us
content-type
text/html; charset=utf-8
date
Sun, 12 Feb 2023 03:33:27 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vMgIeixtIx1zUJxKn7pB6WOpEKWzsQ64ubzxQ%2FxHGW634mTYKG2WuDPCSF%2FdSvVAf3E%2BhfqHoSU9T2q2cdNR0Rz9orDkYFsIyWD7Cqx7FLYesrh2FY%2F9fc%2Ff2%2FKUhbqXxk16NWdXQvFwPnRM0GGz"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding, Accept-Language, Cookie

Redirect headers

access-control-allow-origin
*
content-length
0
date
Sun, 12 Feb 2023 03:33:27 GMT
location
https://news.isohnut.com/rc/a91581ead4?affclick=63e85e076aa21800015c03f1&pubid=503
server
nginx
x-adjust-use-original-forwarded-for
1
redirect.css
cdn.addlnk.com/ 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.addlnk.com/redirect.css
Requested by
Host: news.isohnut.com
URL: https://news.isohnut.com/rc/a91581ead4?affclick=63e85e076aa21800015c03f1&pubid=503
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:9efb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7817748dc7354950bf4943388276db534474269c0cd0ed6a629841ca3d7b81a1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Sun, 12 Feb 2023 03:33:27 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
SK3KBGMKJ4YWWVBV
age
2390
cf-polished
origSize=1680
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
eBDdEZo2g3ixnFPTboxVSgjMRQX3dQ63xWWEjrbl2vu0jkNe5fS7HtGt8F3jGl6QdU4QACxpR9I=
cf-bgj
minify
last-modified
Wed, 13 Mar 2019 00:03:12 GMT
server
cloudflare
etag
W/"3ae56d32551602b41f9046c14d1cfde2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n1M9H0C7%2BJ3J3xK0%2BI0U6DhE3V7Ss4d%2FihJFuaTkT4sRKRrkcB7RHHDPlNVQXDHrdi1nbTAIYL2TqGQJr1r18RjvghV4K18Zf9YZoOxTUt0kRNTJo64hRKV9GARJaAx1fqqCxhFhpQwpO%2BGuLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cf-ray
7982434ddf6f9b80-FRA
invisible.js
news.isohnut.com/cdn-cgi/challenge-platform/h/b/scripts/cb/ Frame 7850 		34 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://news.isohnut.com/cdn-cgi/challenge-platform/h/b/scripts/cb/invisible.js?cb=7982434cfccf90dd
Requested by
Host: monkey.redirectmaster.com
URL: https://monkey.redirectmaster.com/?utm_medium=9edef15e72214e8a973d0e5b01f40580976cda9b&utm_campaign=optimizedb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8591a149647b955e7017702b0d64b0f99e8c60739e78ec17bbf0882b168ff2b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Sun, 12 Feb 2023 03:33:27 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2U26WA3Yj5rL7zyiuixnr6OaYx1%2FVohwIh9D7%2FDY3I8KQwrJBP6h36EvN4Hcpt%2Boz0JEpYc%2BHTOpIvcZgOA%2BfHg7NUo4i3UMRnrycRZDupEaI018zJ%2FXlc8iFICxn9SIzYVEMYl6apAx1iUrQpvV"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
x-control-type-options
nosniff
cf-ray
7982434dfd2f90dd-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pica.js
news.isohnut.com/cdn-cgi/challenge-platform/h/b/scripts/ Frame 7850 		17 KB
8 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://news.isohnut.com/cdn-cgi/challenge-platform/h/b/scripts/pica.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
09bb267ad0e12cff711a3f43a8085a8802d098d4488e0eac92ee558a48422e9b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Sun, 12 Feb 2023 03:33:27 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mypPhfxf9UQaaLVU5CBwBsF6IXbVU5CrgOm6jwph3KhqnNjiXSK%2BYrrYR6E%2FdB30u1R3blD7lG8v2lLH%2BfV8XxqmcI%2BsxEo%2BmB1EprZ2BJolTCBKxasQwF%2FFGD94XBtFNk8CzoOgZfuv4cDREQv%2B"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
x-control-type-options
nosniff
cf-ray
7982434e2db792c9-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Primary Request chat
exact-offer.xyz/
Redirect Chain
  • https://perserymanked.com/b12060d5-e9c9-4b85-9eb5-b41285f82634?c2=9060a41f_503&c1=pubcab087883836465ca474a2ae3c38156d
  • https://exact-offer.xyz/chat?external_id=w673vhmf1v422jim20ikfidu&cost=&external_cid=b12060d5-e9c9-4b85-9eb5-b41285f82634&source=6efa2ba6-87c4-4bb2-b973-4ec73420e640&publisher=eran&placement=9060a4...
3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://exact-offer.xyz/chat?external_id=w673vhmf1v422jim20ikfidu&cost=&external_cid=b12060d5-e9c9-4b85-9eb5-b41285f82634&source=6efa2ba6-87c4-4bb2-b973-4ec73420e640&publisher=eran&placement=9060a41f_503&ts=c181ca30-04e8-4bfc-aa50-ac6cfc246e76&cid=8b6fd34c-5569-f705-1f17-d62a757242b1
Requested by
Host: news.isohnut.com
URL: https://news.isohnut.com/rc/a91581ead4?affclick=63e85e076aa21800015c03f1&pubid=503
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
88.214.193.29 , United Kingdom, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
/
Resource Hash
690e18b18dd5dce5e48624f2a0615e335e7738ca71ab40bd810bbb1b470e0678

Request headers

Referer
https://news.isohnut.com/rc/a91581ead4?affclick=63e85e076aa21800015c03f1&pubid=503
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-type
text/html; charset=utf-8
date
Sun, 12 Feb 2023 03:33:27 GMT
referrer-policy
no-referrer

Redirect headers

cache-control
no-store, no-cache, pre-check=0, post-check=0
content-length
0
date
Sun, 12 Feb 2023 03:33:27 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://exact-offer.xyz/chat?external_id=w673vhmf1v422jim20ikfidu&cost=&external_cid=b12060d5-e9c9-4b85-9eb5-b41285f82634&source=6efa2ba6-87c4-4bb2-b973-4ec73420e640&publisher=eran&placement=9060a41f_503&ts=c181ca30-04e8-4bfc-aa50-ac6cfc246e76&cid=8b6fd34c-5569-f705-1f17-d62a757242b1
pragma
no-cache
server
nginx
7982434cfccf90dd
news.isohnut.com/cdn-cgi/challenge-platform/h/b/cv/result/ Frame 7850 		2 B
670 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://news.isohnut.com/cdn-cgi/challenge-platform/h/b/cv/result/7982434cfccf90dd
Requested by
Host: news.isohnut.com
URL: https://news.isohnut.com/cdn-cgi/challenge-platform/h/b/scripts/cb/invisible.js?cb=7982434cfccf90dd
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 12 Feb 2023 03:33:27 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qPgNllWUPyJuqHkcme2HZJjCza9pQMVuBHGLpjHEwNh%2B0YjZD3zUgZ4Hz8e3Ya9Z4C3gCC8uS3d%2FZL7MebTz04EtlkkUx0BsS5h9hVdpz3KTHw3VJ2gJXm%2BNl1khGLqVrTTQJtAGSNayElkdrDBD"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
798243506ee792c9-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
5899cbfdfb42a10fc71439c795b3c9122854636f80c33e90409d3d76e0f1eb8c.js
j6g8i2b5.ssl.hwcdn.net/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://j6g8i2b5.ssl.hwcdn.net/5899cbfdfb42a10fc71439c795b3c9122854636f80c33e90409d3d76e0f1eb8c.js
Requested by
Host: exact-offer.xyz
URL: https://exact-offer.xyz/chat?external_id=w673vhmf1v422jim20ikfidu&cost=&external_cid=b12060d5-e9c9-4b85-9eb5-b41285f82634&source=6efa2ba6-87c4-4bb2-b973-4ec73420e640&publisher=eran&placement=9060a41f_503&ts=c181ca30-04e8-4bfc-aa50-ac6cfc246e76&cid=8b6fd34c-5569-f705-1f17-d62a757242b1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.16.175.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
tlb.hwcdn.net
Software
WasabiS3/7.9.1304-2022-10-31-72db312f54 (head03) /
Resource Hash
5899cbfdfb42a10fc71439c795b3c9122854636f80c33e90409d3d76e0f1eb8c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date
Sun, 12 Feb 2023 03:33:27 GMT
Content-Encoding
gzip
Last-Modified
Sat, 13 Aug 2022 15:53:17 GMT
Server
WasabiS3/7.9.1304-2022-10-31-72db312f54 (head03)
x-amz-request-id
9722FC3A478C5E8E
ETag
"aab9ce62210dcfe610dc0f0b69d070ad"
X-HW
1676172807.dop238.lo4.t,1676172807.cds302.lo4.shn,1676172807.dop238.lo4.t,1676172807.cds272.lo4.c
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
1650
x-amz-id-2
egYT4r/v0dhUzi6Ew2DdTPmw+SaK3rryK6F2EHzxWqzLOy6BJaN7bX8PmRr9UB8UThZE1Wp1DHrC
66c2d8246d11485cb79233d2b17bcb52.js
j6g8i2b5.ssl.hwcdn.net/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://j6g8i2b5.ssl.hwcdn.net/66c2d8246d11485cb79233d2b17bcb52.js
Requested by
Host: exact-offer.xyz
URL: https://exact-offer.xyz/chat?external_id=w673vhmf1v422jim20ikfidu&cost=&external_cid=b12060d5-e9c9-4b85-9eb5-b41285f82634&source=6efa2ba6-87c4-4bb2-b973-4ec73420e640&publisher=eran&placement=9060a41f_503&ts=c181ca30-04e8-4bfc-aa50-ac6cfc246e76&cid=8b6fd34c-5569-f705-1f17-d62a757242b1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.16.175.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
tlb.hwcdn.net
Software
WasabiS3/7.10.1198-2022-12-14-39a7a2e69e (head15) /
Resource Hash
3ed7fa93ef30b3bee1f9d9e498b53dcb8ffcc5c8eb9683ccc3c14b34a7c858ec

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date
Sun, 12 Feb 2023 03:33:27 GMT
Content-Encoding
gzip
Last-Modified
Sun, 12 Feb 2023 00:10:03 GMT
Server
WasabiS3/7.10.1198-2022-12-14-39a7a2e69e (head15)
x-amz-request-id
608023006348D3E4
ETag
"51a2580d28f7101567c88e62119338b1"
Transfer-Encoding
chunked
X-HW
1676172807.dop249.lo4.t,1676172807.cds004.lo4.shn,1676172807.dop249.lo4.t,1676172807.cds222.lo4.c
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Connection
Keep-Alive
Accept-Ranges
bytes
x-amz-id-2
VdCO76m1AJfm+oT7vRCV0vrvDrHwwmOOFhkx6o2I1ApCJYR73ElR6GJ75Mv+cQK9d7cOvWte/ADh
landed
trk.adnce.com/events/ 		0
64 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://trk.adnce.com/events/landed
Requested by
Host: j6g8i2b5.ssl.hwcdn.net
URL: https://j6g8i2b5.ssl.hwcdn.net/5899cbfdfb42a10fc71439c795b3c9122854636f80c33e90409d3d76e0f1eb8c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
88.214.193.29 , United Kingdom, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Sun, 12 Feb 2023 03:33:28 GMT
content-length
0
content-type
application/json; charset=utf-8
2615b36b-fca2-49be-9bb0-f09597052e5d
trk.adnce.com/tracker/ 		0
217 B 		Script
General
Check archive.org
Download Go to
Full URL
https://trk.adnce.com/tracker/2615b36b-fca2-49be-9bb0-f09597052e5d?external_id=w673vhmf1v422jim20ikfidu&cost=&external_cid=b12060d5-e9c9-4b85-9eb5-b41285f82634&source=6efa2ba6-87c4-4bb2-b973-4ec73420e640&publisher=eran&placement=9060a41f_503&ts=c181ca30-04e8-4bfc-aa50-ac6cfc246e76&cid=8b6fd34c-5569-f705-1f17-d62a757242b1
Requested by
Host: exact-offer.xyz
URL: https://exact-offer.xyz/chat?external_id=w673vhmf1v422jim20ikfidu&cost=&external_cid=b12060d5-e9c9-4b85-9eb5-b41285f82634&source=6efa2ba6-87c4-4bb2-b973-4ec73420e640&publisher=eran&placement=9060a41f_503&ts=c181ca30-04e8-4bfc-aa50-ac6cfc246e76&cid=8b6fd34c-5569-f705-1f17-d62a757242b1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
88.214.193.29 , United Kingdom, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Sun, 12 Feb 2023 03:33:28 GMT
content-length
0
css2
fonts.googleapis.com/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;500&display=swap
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3f8a233d057abaab43390e166b1525cc4821e863053e68d72fb4387c825f6110
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 12 Feb 2023 03:33:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 12 Feb 2023 01:58:05 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 12 Feb 2023 03:33:27 GMT
arrow-back-2x.png
d3rlh0lneatqqc.cloudfront.net/fb-chat/ 		276 B
671 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3rlh0lneatqqc.cloudfront.net/fb-chat/arrow-back-2x.png
Requested by
Host: exact-offer.xyz
URL: https://exact-offer.xyz/chat?external_id=w673vhmf1v422jim20ikfidu&cost=&external_cid=b12060d5-e9c9-4b85-9eb5-b41285f82634&source=6efa2ba6-87c4-4bb2-b973-4ec73420e640&publisher=eran&placement=9060a41f_503&ts=c181ca30-04e8-4bfc-aa50-ac6cfc246e76&cid=8b6fd34c-5569-f705-1f17-d62a757242b1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:2e00:5:5907:a500:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
785f95b271eb1e0e2280329ebb8eb700afbf6c99430c743a52a09f82c2514a72

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Sat, 28 Jan 2023 16:39:45 GMT
x-amz-version-id
3HYlq20m0BizhwgCjeiSqCei9HxV3evj
via
1.1 b073c20359d711b751afd124dda34076.cloudfront.net (CloudFront)
last-modified
Tue, 03 Dec 2019 09:04:37 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
age
1248823
etag
"af82283d1e25a5e034c15171120405cd"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
276
x-amz-cf-id
iL-TxkGol4rOCcRh965naEuJ2HSFJA4Lc6EQxioAS67mfW-SV1pTow==
phone-icon-2x.png
d3rlh0lneatqqc.cloudfront.net/fb-chat/ 		362 B
760 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3rlh0lneatqqc.cloudfront.net/fb-chat/phone-icon-2x.png
Requested by
Host: exact-offer.xyz
URL: https://exact-offer.xyz/chat?external_id=w673vhmf1v422jim20ikfidu&cost=&external_cid=b12060d5-e9c9-4b85-9eb5-b41285f82634&source=6efa2ba6-87c4-4bb2-b973-4ec73420e640&publisher=eran&placement=9060a41f_503&ts=c181ca30-04e8-4bfc-aa50-ac6cfc246e76&cid=8b6fd34c-5569-f705-1f17-d62a757242b1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:2e00:5:5907:a500:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b09979a1817a904d1b41a7ce0534a65169e03a8297b46e273aca7875b25ed2e8

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 13:09:02 GMT
x-amz-version-id
NOufki2ulJea5wZhYd_1vaXcZs_RSnBP
via
1.1 b073c20359d711b751afd124dda34076.cloudfront.net (CloudFront)
last-modified
Tue, 03 Dec 2019 09:04:38 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
age
2643866
etag
"c9173c4e80bd783b6d178322e582eacf"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
362
x-amz-cf-id
TJkNURfh3xMUJbdjcDyXRTpvNYRc41Owbg1C-tjnVq4ReD355keycw==
information-icon-2x.png
d3rlh0lneatqqc.cloudfront.net/fb-chat/ 		290 B
689 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3rlh0lneatqqc.cloudfront.net/fb-chat/information-icon-2x.png
Requested by
Host: exact-offer.xyz
URL: https://exact-offer.xyz/chat?external_id=w673vhmf1v422jim20ikfidu&cost=&external_cid=b12060d5-e9c9-4b85-9eb5-b41285f82634&source=6efa2ba6-87c4-4bb2-b973-4ec73420e640&publisher=eran&placement=9060a41f_503&ts=c181ca30-04e8-4bfc-aa50-ac6cfc246e76&cid=8b6fd34c-5569-f705-1f17-d62a757242b1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:2e00:5:5907:a500:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9da11b891e6a130d6ccace9947fe7b6c6eee816092c660ded093ba1f408aec4b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 13:09:02 GMT
x-amz-version-id
aUESQyrgeOOhkS_zj8DiuVzOckRJbkBh
via
1.1 b073c20359d711b751afd124dda34076.cloudfront.net (CloudFront)
last-modified
Tue, 03 Dec 2019 09:04:37 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
age
2643866
etag
"0b09565feb1555b3b65d50fca47f6e2f"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
290
x-amz-cf-id
MBEiUxKv19DvrYCdGP0HlSBa7YqOwuU2eFh3bVdOKKgOiWGj4av5AA==
dots.png
d3rlh0lneatqqc.cloudfront.net/fb-chat/ 		370 B
768 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3rlh0lneatqqc.cloudfront.net/fb-chat/dots.png
Requested by
Host: exact-offer.xyz
URL: https://exact-offer.xyz/chat?external_id=w673vhmf1v422jim20ikfidu&cost=&external_cid=b12060d5-e9c9-4b85-9eb5-b41285f82634&source=6efa2ba6-87c4-4bb2-b973-4ec73420e640&publisher=eran&placement=9060a41f_503&ts=c181ca30-04e8-4bfc-aa50-ac6cfc246e76&cid=8b6fd34c-5569-f705-1f17-d62a757242b1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:2e00:5:5907:a500:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6db28f7c67817aba1c6782156ae186a88d318d8f34e39964a28d9f1a06ab3a23

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 13:09:02 GMT
x-amz-version-id
IhGHMdMQCM8QbNJT2ICnCnQotmsGJ38q
via
1.1 b073c20359d711b751afd124dda34076.cloudfront.net (CloudFront)
last-modified
Tue, 03 Dec 2019 09:04:37 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
age
2643866
etag
"914ce425b785e18e110c1a35b198e9b2"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
370
x-amz-cf-id
9K0MnoEGscgDxU4uIodBM7E8KS1dWuBwCyrHCc41TaJK1-zLkEzr5w==
camera.png
d3rlh0lneatqqc.cloudfront.net/fb-chat/ 		413 B
810 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3rlh0lneatqqc.cloudfront.net/fb-chat/camera.png
Requested by
Host: exact-offer.xyz
URL: https://exact-offer.xyz/chat?external_id=w673vhmf1v422jim20ikfidu&cost=&external_cid=b12060d5-e9c9-4b85-9eb5-b41285f82634&source=6efa2ba6-87c4-4bb2-b973-4ec73420e640&publisher=eran&placement=9060a41f_503&ts=c181ca30-04e8-4bfc-aa50-ac6cfc246e76&cid=8b6fd34c-5569-f705-1f17-d62a757242b1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:2e00:5:5907:a500:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
93f3118e58641bb6cd4e9b9d9cef8d4d60de39eb85d3e620dbacd240138cdb7c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 00:51:12 GMT
x-amz-version-id
K5OHPWEoql8AQCCqsn.J5llLp_ahkB4O
via
1.1 b073c20359d711b751afd124dda34076.cloudfront.net (CloudFront)
last-modified
Tue, 03 Dec 2019 09:04:37 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
age
1737736
etag
"1c25fcf17664c088bf47f372cd50742a"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
413
x-amz-cf-id
EoGptal7w0NibCM594jwNwTRgwquK_gula5l2Yok0IMjn_pV5u-Pgg==
picture.png
d3rlh0lneatqqc.cloudfront.net/fb-chat/ 		237 B
634 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3rlh0lneatqqc.cloudfront.net/fb-chat/picture.png
Requested by
Host: exact-offer.xyz
URL: https://exact-offer.xyz/chat?external_id=w673vhmf1v422jim20ikfidu&cost=&external_cid=b12060d5-e9c9-4b85-9eb5-b41285f82634&source=6efa2ba6-87c4-4bb2-b973-4ec73420e640&publisher=eran&placement=9060a41f_503&ts=c181ca30-04e8-4bfc-aa50-ac6cfc246e76&cid=8b6fd34c-5569-f705-1f17-d62a757242b1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:2e00:5:5907:a500:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7b6c4fcd4f3afc2bf75d249c3657bd8421fbe5f5536b430d69f3ebae725f6493

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 00:51:15 GMT
x-amz-version-id
mvmw1hpKWcvZPujkGIYn.E3a0OSV8PC6
via
1.1 b073c20359d711b751afd124dda34076.cloudfront.net (CloudFront)
last-modified
Tue, 03 Dec 2019 09:04:38 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
age
1737733
etag
"e71293166c7e04a1cc21e5eef80c5209"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
237
x-amz-cf-id
daz4RVtFnZkjeuyQ7QKgzj29oTEBBCrmQCpQwQb7o5EgfkRV28w50Q==
microphone.png
d3rlh0lneatqqc.cloudfront.net/fb-chat/ 		343 B
743 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3rlh0lneatqqc.cloudfront.net/fb-chat/microphone.png
Requested by
Host: exact-offer.xyz
URL: https://exact-offer.xyz/chat?external_id=w673vhmf1v422jim20ikfidu&cost=&external_cid=b12060d5-e9c9-4b85-9eb5-b41285f82634&source=6efa2ba6-87c4-4bb2-b973-4ec73420e640&publisher=eran&placement=9060a41f_503&ts=c181ca30-04e8-4bfc-aa50-ac6cfc246e76&cid=8b6fd34c-5569-f705-1f17-d62a757242b1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:2e00:5:5907:a500:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
185db38521be96708101448521c1eb08b50d815f8a7e377048a1ce6544d7c340

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 13:09:02 GMT
x-amz-version-id
w3_.daCV20KIir1WnOpOOQ4I2RsPuVq8
via
1.1 b073c20359d711b751afd124dda34076.cloudfront.net (CloudFront)
last-modified
Tue, 03 Dec 2019 09:04:37 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
age
2643866
etag
"76fbf504747464c5efa85df8ec12cc58"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
343
x-amz-cf-id
PVkCjqFD-KEWwkk4r5Uny5LFiVd98hIq3YoYBl_CDMlz92PnONodXw==
thumb.png
d3rlh0lneatqqc.cloudfront.net/fb-chat/ 		380 B
778 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3rlh0lneatqqc.cloudfront.net/fb-chat/thumb.png
Requested by
Host: exact-offer.xyz
URL: https://exact-offer.xyz/chat?external_id=w673vhmf1v422jim20ikfidu&cost=&external_cid=b12060d5-e9c9-4b85-9eb5-b41285f82634&source=6efa2ba6-87c4-4bb2-b973-4ec73420e640&publisher=eran&placement=9060a41f_503&ts=c181ca30-04e8-4bfc-aa50-ac6cfc246e76&cid=8b6fd34c-5569-f705-1f17-d62a757242b1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:2e00:5:5907:a500:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4ebf854c003212a7c06f650ce3fa1983578f90ce190a85c390b1c5dfb5d0051a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Sun, 22 Jan 2023 04:58:42 GMT
x-amz-version-id
zkvhwMimPNyBwZKBF3yeSdfHiXeOIWd1
via
1.1 b073c20359d711b751afd124dda34076.cloudfront.net (CloudFront)
last-modified
Tue, 03 Dec 2019 09:04:38 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
age
1809286
etag
"058c4878c6f9e09a63aa6e5629790a50"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
380
x-amz-cf-id
jOLf7KFOSFd36VPpw2zakbXFRLTyT3n5hMixkm3Lr8oJzsxP3tX7ag==
e785c839cb36d6c6410b8d70010d6fdb6a9d9df86d7f60c3cac5b8872cb24ea9.png
j6g8i2b5.ssl.hwcdn.net/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://j6g8i2b5.ssl.hwcdn.net/e785c839cb36d6c6410b8d70010d6fdb6a9d9df86d7f60c3cac5b8872cb24ea9.png
Requested by
Host: exact-offer.xyz
URL: https://exact-offer.xyz/chat?external_id=w673vhmf1v422jim20ikfidu&cost=&external_cid=b12060d5-e9c9-4b85-9eb5-b41285f82634&source=6efa2ba6-87c4-4bb2-b973-4ec73420e640&publisher=eran&placement=9060a41f_503&ts=c181ca30-04e8-4bfc-aa50-ac6cfc246e76&cid=8b6fd34c-5569-f705-1f17-d62a757242b1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.16.175.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
tlb.hwcdn.net
Software
WasabiS3/7.10.1198-2022-12-14-39a7a2e69e (head12) /
Resource Hash
e785c839cb36d6c6410b8d70010d6fdb6a9d9df86d7f60c3cac5b8872cb24ea9

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date
Sun, 12 Feb 2023 03:33:27 GMT
Last-Modified
Sat, 13 Aug 2022 15:56:22 GMT
Server
WasabiS3/7.10.1198-2022-12-14-39a7a2e69e (head12)
x-amz-request-id
1A721E5D39AE53C9
ETag
"8fde31b9413eebdadf6e2aefe3286451"
X-HW
1676172807.dop249.lo4.t,1676172807.cds004.lo4.shn,1676172807.dop249.lo4.t,1676172807.cds080.lo4.c
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
16011
x-amz-id-2
dK+/mRK0GAG5gRsXc4nJttliBHNBgwkVWqm+dM1qi0PC2GyCzp6LY/Nfs0o4+n9mZuGN8dWuwTuV
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://exact-offer.xyz
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Thu, 09 Feb 2023 13:59:42 GMT
x-content-type-options
nosniff
age
221625
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 09 Feb 2024 13:59:42 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://exact-offer.xyz
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Thu, 09 Feb 2023 14:05:36 GMT
x-content-type-options
nosniff
age
221271
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 09 Feb 2024 14:05:36 GMT

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| oncontentvisibilityautostatechange function| sendEvent function| toOffer object| EndpointsProvider object| config object| DomainConfig function| metaTagRedirect function| sendSubscription function| urlBase64ToUint8Array function| subscribeWithServiceWorker function| getNotificationPermission boolean| ASK_NOTIFICATION_PERMISSION function| a0_0x5293 function| a0_0x19b1

8 Cookies

Domain/Path Name / Value
monkey.redirectmaster.com/ Name: u
Value: ebdf5791374a06773a51080c16504f21
admoustache.go2affise.com/ Name: afclick
Value: 63e85e076aa21800015c03f1
news.isohnut.com/ Name: AWSALB
Value: v3WUab2WKfNmUNFx8UVMzvwQxBnTEF6hsz9h6aUS1/HMg7sgWyCGZMO9ESKD45EXxdfEIN4c/iyRFdTYt5g2L8Mr4e/aPW6ZJ4rmZbwXuxRirXkwLGl2r7rBaQ6H
.perserymanked.com/ Name: b12060d5-e9c9-4b85-9eb5-b41285f82634-v4
Value: 54-FFIOygvsZ5l2nVMlN9-s9ADA32YKTmZPFLPIbUfw
.perserymanked.com/ Name: cc-v4
Value: wJVpIvm46jK80hglnoPr28gPPDOyd73dgNf1nM7KFj0gG1Oe7Dsq6cKAR%2B6i5HOp7JRA%2F6zNVqbZiIpEp4U5BcF36lcAeAp6YUYTw4vrIxJRtk7L7AvAX9gFMfE7Eh3dRZRy39SBzd%2F7OA89DrrlUA%3D%3D
.isohnut.com/ Name: __cf_bm
Value: 71fVeaBP4UlNVv8afbHjpDFjSAEtqbkAfrwOx9HMQYk-1676172807-0-AenQtBmVMu5pbUeqqYcYSN+/UT/8gSo9J2Xt9ugekjruYWqDg2C03bvvF4N0lDU1c3WBBWpdir0FaJh8myXIifCWmzpBuLK9VWUzRz6V059C7lx4yCbvivyMwtZTMJyBnEE5na79S9T+czFtz0BdaEo=
.adnce.com/ Name: click
Value: 1676172600-1-04a0e4e3-3a10-409a-948b-7401fc43a96a
.adnce.com/ Name: client
Value: 6a777db7-7e84-426e-b2f8-5dd33d0c671d

1 Console Messages

Source Level URL
Text
network error URL: https://trk.adnce.com/events/landed
Message:
Failed to load resource: the server responded with a status of 500 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubdomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

admoustache.go2affise.com
cdn.addlnk.com
d3rlh0lneatqqc.cloudfront.net
exact-offer.xyz
fonts.googleapis.com
fonts.gstatic.com
j6g8i2b5.ssl.hwcdn.net
monkey.redirectmaster.com
news.isohnut.com
perserymanked.com
polo.thegadgetguru.club
tiktok.8y8r.cloud
trk.adnce.com
www.turbotrck.art
149.3.170.207
18.158.88.249
2600:9000:214f:2e00:5:5907:a500:21
2606:4700:3035::ac43:9efb
2a00:1450:4001:803::200a
2a00:1450:4001:829::2003
2a06:98c1:3121::c
34.90.46.36
51.68.85.158
64.227.23.114
69.16.175.42
88.214.193.29
99.198.108.194
03db27ed5fa2cc1d0ce3aa37a15ec400ec5ac23d996e9f22589693a8da78c4d3
09bb267ad0e12cff711a3f43a8085a8802d098d4488e0eac92ee558a48422e9b
185db38521be96708101448521c1eb08b50d815f8a7e377048a1ce6544d7c340
3ed7fa93ef30b3bee1f9d9e498b53dcb8ffcc5c8eb9683ccc3c14b34a7c858ec
3f8a233d057abaab43390e166b1525cc4821e863053e68d72fb4387c825f6110
4ebf854c003212a7c06f650ce3fa1983578f90ce190a85c390b1c5dfb5d0051a
5899cbfdfb42a10fc71439c795b3c9122854636f80c33e90409d3d76e0f1eb8c
690e18b18dd5dce5e48624f2a0615e335e7738ca71ab40bd810bbb1b470e0678
6b69987db771fe1bd6c08e99ccad5b0b5386d983105e9c32ed78656f0c1ff12b
6db28f7c67817aba1c6782156ae186a88d318d8f34e39964a28d9f1a06ab3a23
7817748dc7354950bf4943388276db534474269c0cd0ed6a629841ca3d7b81a1
785f95b271eb1e0e2280329ebb8eb700afbf6c99430c743a52a09f82c2514a72
7b6c4fcd4f3afc2bf75d249c3657bd8421fbe5f5536b430d69f3ebae725f6493
8591a149647b955e7017702b0d64b0f99e8c60739e78ec17bbf0882b168ff2b1
93f3118e58641bb6cd4e9b9d9cef8d4d60de39eb85d3e620dbacd240138cdb7c
9da11b891e6a130d6ccace9947fe7b6c6eee816092c660ded093ba1f408aec4b
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b09979a1817a904d1b41a7ce0534a65169e03a8297b46e273aca7875b25ed2e8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e785c839cb36d6c6410b8d70010d6fdb6a9d9df86d7f60c3cac5b8872cb24ea9
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615