urlscan.io logo urlscan.io
SecurityTrails logo

exact-offer.xyz Open in urlscan Pro
88.214.193.29  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://aditmedia.g2afse.com/click?pid=10&offer_id=19708&sub1=167971908810000tcatv412800184464vdb&sub2=6674990&sub3=86077
Effective URL: https://exact-offer.xyz/chat?external_id=wqg4u7iumbteuehni9tk4r9u&cost=&external_cid=b12060d5-e9c9-4b85-9eb5-b41285f8263...
Submission: On March 25 via manual from CL — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 5 countries across 13 domains to perform 29 HTTP transactions. The main IP is 88.214.193.29, located in United Kingdom and belongs to NATCOWEB, US. The main domain is exact-offer.xyz.
TLS certificate: Issued by R3 on January 29th 2023. Valid for: 3 months.
This is the only time exact-offer.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 34.141.179.97 396982 (GOOGLE-CL...)
3 67.212.184.146 32475 (SINGLEHOP...)
2 3 51.68.81.31 16276 (OVH)
1 1 34.91.27.112 396982 (GOOGLE-CL...)
4 2606:4700:303... 13335 (CLOUDFLAR...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 1 18.158.88.249 16509 (AMAZON-02)
5 88.214.193.29 46636 (NATCOWEB)
3 69.16.175.10 20446 (STACKPATH...)
1 2a00:1450:400... 15169 (GOOGLE)
8 2600:9000:214... 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
29 10
1    34.141.179.97 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 97.179.141.34.bc.googleusercontent.com
aditmedia.g2afse.com
3    67.212.184.146 (United States)

ASN32475 (SINGLEHOP-LLC, US)
PTR: server04.com-2.mobi
serve.marootrack.co
3    51.68.81.31 (France)

ASN16276 (OVH, FR)
www.turbotrck.art
1    34.91.27.112 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 112.27.91.34.bc.googleusercontent.com
admoustache.media-412.com
4    2606:4700:3034::6815:210f (United States)

ASN13335 (CLOUDFLARENET, US)
78eb8c99.mobilerlk.com
1    2606:4700:3035::ac43:9efb (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.addlnk.com
1    18.158.88.249 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-158-88-249.eu-central-1.compute.amazonaws.com
perserymanked.com
5    88.214.193.29 (United Kingdom)

ASN46636 (NATCOWEB, US)
exact-offer.xyz
trk.adnce.com
3    69.16.175.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: tlb.hwcdn.net
j6g8i2b5.ssl.hwcdn.net
1    2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
8    2600:9000:214f:5400:5:5907:a500:21 (United States)

ASN16509 (AMAZON-02, US)
d3rlh0lneatqqc.cloudfront.net
2    2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
8 cloudfront.net
d3rlh0lneatqqc.cloudfront.net
6 KB
4 adnce.com
trk.adnce.com
328 B
4 mobilerlk.com
78eb8c99.mobilerlk.com
19 KB
3 hwcdn.net
j6g8i2b5.ssl.hwcdn.net
22 KB
3 turbotrck.art
www.turbotrck.art
6 KB
3 marootrack.co
serve.marootrack.co
7 KB
2 gstatic.com
fonts.gstatic.com
32 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 31
1 KB
1 exact-offer.xyz
exact-offer.xyz
1.exact-offer.xyz Failed
3 KB
1 perserymanked.com
perserymanked.com
760 B
1 addlnk.com
cdn.addlnk.com — Cisco Umbrella Rank: 385628
1 KB
1 media-412.com
admoustache.media-412.com — Cisco Umbrella Rank: 651252
274 B
1 g2afse.com
aditmedia.g2afse.com — Cisco Umbrella Rank: 176895
371 B
29 13
Domain Requested by
8 d3rlh0lneatqqc.cloudfront.net exact-offer.xyz
4 trk.adnce.com j6g8i2b5.ssl.hwcdn.net
exact-offer.xyz
4 78eb8c99.mobilerlk.com www.turbotrck.art
serve.marootrack.co
78eb8c99.mobilerlk.com
3 j6g8i2b5.ssl.hwcdn.net exact-offer.xyz
3 www.turbotrck.art 2 redirects serve.marootrack.co
3 serve.marootrack.co serve.marootrack.co
2 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com client
1 exact-offer.xyz 78eb8c99.mobilerlk.com
1 perserymanked.com 1 redirects
1 cdn.addlnk.com 78eb8c99.mobilerlk.com
1 admoustache.media-412.com 1 redirects
1 aditmedia.g2afse.com 1 redirects
0 1.exact-offer.xyz Failed j6g8i2b5.ssl.hwcdn.net
29 14

This site contains no links.

Subject Issuer Validity Valid
serve.marootrack.co
R3		 2023-01-19 -
2023-04-19		 3 months crt.sh
www.turbotrck.art
R3		 2023-02-28 -
2023-05-29		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-05-15 -
2023-05-15		 a year crt.sh
exact-offer.xyz
R3		 2023-01-29 -
2023-04-29		 3 months crt.sh
*.ssl.hwcdn.net
Sectigo RSA Domain Validation Secure Server CA		 2022-12-30 -
2024-01-19		 a year crt.sh
trk.adnce.com
R3		 2023-03-15 -
2023-06-13		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-03-06 -
2023-05-29		 3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2022-12-08 -
2023-12-07		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-03-06 -
2023-05-29		 3 months crt.sh

This page contains 2 frames:

Frame: intent://1.exact-offer.xyz/chat?cid=8b6fd34c-5569-f705-1f17-d62a757242b1&cost=&external_cid=b12060d5-e9c9-4b85-9eb5-b41285f82634&external_id=wqg4u7iumbteuehni9tk4r9u&placement=8fe20426_503&publisher=eran&source=6efa2ba6-87c4-4bb2-b973-4ec73420e640&ts=c181ca30-04e8-4bfc-aa50-ac6cfc246e76
Frame ID: 126650E96E674A491D8D9E60D7B00CB8
Requests: 26 HTTP requests in this frame

Frame: https://78eb8c99.mobilerlk.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1679716800
Frame ID: EF3189652789792FE6B48342FA3E9CDB
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Hello 👋 and congratulations!

Page URL History Show full URLs

  1. https://aditmedia.g2afse.com/click?pid=10&offer_id=19708&sub1=167971908810000tcatv412800184464vdb&sub2=66... HTTP 302
    https://serve.marootrack.co/?utm_medium=11224099e613c662a9735da41be9e2797b49f2b7&utm_campaign=target_CA_... Page URL
  2. https://serve.marootrack.co/?utm_term=7214369627827077193&ver=4viyaptcjo&utm_content=fdc2c69a9cafac9c949... Page URL
  3. https://serve.marootrack.co/proc.php?043921b91f19c96f474b3b47f1f07645a51da053 Page URL
  4. https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7214369627827077193&website... Page URL
  5. https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7214369627827077193&website... HTTP 302
    https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7214369627827077193&website... HTTP 302
    https://admoustache.media-412.com/sl?id=63ef5a2a8dec34873b6049c7&pid=503&sub1=330000e2bdc39238c5408fabc191338e... HTTP 302
    https://78eb8c99.mobilerlk.com/rc/a91581ead4?affclick=641e96f5ebc7f1000183ae00&pubid=503 Page URL
  6. https://perserymanked.com/b12060d5-e9c9-4b85-9eb5-b41285f82634?c2=8fe20426_503&c1=pubf314bc237bfe4c979... HTTP 302
    https://exact-offer.xyz/chat?external_id=wqg4u7iumbteuehni9tk4r9u&cost=&external_cid=b12060d5-e9c9-4... Page URL

Page Statistics

29
Requests

97 %
HTTPS

42 %
IPv6

13
Domains

14
Subdomains

10
IPs

5
Countries

95 kB
Transfer

130 kB
Size

10
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://aditmedia.g2afse.com/click?pid=10&offer_id=19708&sub1=167971908810000tcatv412800184464vdb&sub2=6674990&sub3=86077 HTTP 302
    https://serve.marootrack.co/?utm_medium=11224099e613c662a9735da41be9e2797b49f2b7&utm_campaign=target_CA_66365c&1=10_6674990&cid=641e96f39551f500010706a0 Page URL
  2. https://serve.marootrack.co/?utm_term=7214369627827077193&ver=4viyaptcjo&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2f5f6f3f3f3f3f3e8efe8edeaebefe9e074 Page URL
  3. https://serve.marootrack.co/proc.php?043921b91f19c96f474b3b47f1f07645a51da053 Page URL
  4. https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7214369627827077193&website=16099-e27f0498&placement=16099&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2f5f6f3f3f3f3f3e8efe8edeaebefe9e074 Page URL
  5. https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7214369627827077193&website=16099-e27f0498&placement=16099&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2f5f6f3f3f3f3f3e8efe8edeaebefe9e074&eyeg=b39613b9653bdf4cbfac71dc3740d816&eyer=0.6401230506429776&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=serve.marootrack.co HTTP 302
    https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7214369627827077193&website=16099-e27f0498&placement=16099&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2f5f6f3f3f3f3f3e8efe8edeaebefe9e074&eyeg=3&eyer=0.6401230506429776&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=serve.marootrack.co HTTP 302
    https://admoustache.media-412.com/sl?id=63ef5a2a8dec34873b6049c7&pid=503&sub1=330000e2bdc39238c5408fabc191338eec9ef0325-202303-flb*5564921-b2be6*M7214369627827077193*sl_5564921-b2be6*d75d7aef980163bc9aec8ce9782c6b09669e0d5a*16099-e27f0498*16099 HTTP 302
    https://78eb8c99.mobilerlk.com/rc/a91581ead4?affclick=641e96f5ebc7f1000183ae00&pubid=503 Page URL
  6. https://perserymanked.com/b12060d5-e9c9-4b85-9eb5-b41285f82634?c2=8fe20426_503&c1=pubf314bc237bfe4c979aee5b280d58de73 HTTP 302
    https://exact-offer.xyz/chat?external_id=wqg4u7iumbteuehni9tk4r9u&cost=&external_cid=b12060d5-e9c9-4b85-9eb5-b41285f82634&source=6efa2ba6-87c4-4bb2-b973-4ec73420e640&publisher=eran&placement=8fe20426_503&ts=c181ca30-04e8-4bfc-aa50-ac6cfc246e76&cid=8b6fd34c-5569-f705-1f17-d62a757242b1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://aditmedia.g2afse.com/click?pid=10&offer_id=19708&sub1=167971908810000tcatv412800184464vdb&sub2=6674990&sub3=86077 HTTP 302
  • https://serve.marootrack.co/?utm_medium=11224099e613c662a9735da41be9e2797b49f2b7&utm_campaign=target_CA_66365c&1=10_6674990&cid=641e96f39551f500010706a0
Request Chain 4
  • https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7214369627827077193&website=16099-e27f0498&placement=16099&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2f5f6f3f3f3f3f3e8efe8edeaebefe9e074&eyeg=b39613b9653bdf4cbfac71dc3740d816&eyer=0.6401230506429776&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=serve.marootrack.co HTTP 302
  • https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7214369627827077193&website=16099-e27f0498&placement=16099&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2f5f6f3f3f3f3f3e8efe8edeaebefe9e074&eyeg=3&eyer=0.6401230506429776&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=serve.marootrack.co HTTP 302
  • https://admoustache.media-412.com/sl?id=63ef5a2a8dec34873b6049c7&pid=503&sub1=330000e2bdc39238c5408fabc191338eec9ef0325-202303-flb*5564921-b2be6*M7214369627827077193*sl_5564921-b2be6*d75d7aef980163bc9aec8ce9782c6b09669e0d5a*16099-e27f0498*16099 HTTP 302
  • https://78eb8c99.mobilerlk.com/rc/a91581ead4?affclick=641e96f5ebc7f1000183ae00&pubid=503

29 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
serve.marootrack.co/
Redirect Chain
  • https://aditmedia.g2afse.com/click?pid=10&offer_id=19708&sub1=167971908810000tcatv412800184464vdb&sub2=6674990&sub3=86077
  • https://serve.marootrack.co/?utm_medium=11224099e613c662a9735da41be9e2797b49f2b7&utm_campaign=target_CA_66365c&1=10_6674990&cid=641e96f39551f500010706a0
3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://serve.marootrack.co/?utm_medium=11224099e613c662a9735da41be9e2797b49f2b7&utm_campaign=target_CA_66365c&1=10_6674990&cid=641e96f39551f500010706a0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.212.184.146 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
server04.com-2.mobi
Software
nginx / PHP/8.2.0
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate, max-age=0
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 25 Mar 2023 06:38:44 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://serve.marootrack.co/?utm_term=7214369627827077193&ver=4viyaptcjo
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubdomains
vary
Accept-Encoding
x-powered-by
PHP/8.2.0

Redirect headers

access-control-allow-origin
*
content-length
0
date
Sat, 25 Mar 2023 06:38:43 GMT
location
https://serve.marootrack.co/?utm_medium=11224099e613c662a9735da41be9e2797b49f2b7&utm_campaign=target_CA_66365c&1=10_6674990&cid=641e96f39551f500010706a0
server
nginx
x-adjust-use-original-forwarded-for
1
/
serve.marootrack.co/ 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://serve.marootrack.co/?utm_term=7214369627827077193&ver=4viyaptcjo&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2f5f6f3f3f3f3f3e8efe8edeaebefe9e074
Requested by
Host: serve.marootrack.co
URL: https://serve.marootrack.co/?utm_medium=11224099e613c662a9735da41be9e2797b49f2b7&utm_campaign=target_CA_66365c&1=10_6674990&cid=641e96f39551f500010706a0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.212.184.146 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
server04.com-2.mobi
Software
nginx / PHP/8.2.0
Resource Hash
0786cb35fff93f0e16cddbaaee3d4fbe308bfeab496db8c1bc798ba0099248b7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains

Request headers

Referer
https://serve.marootrack.co/?utm_medium=11224099e613c662a9735da41be9e2797b49f2b7&utm_campaign=target_CA_66365c&1=10_6674990&cid=641e96f39551f500010706a0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate, max-age=0
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Sat, 25 Mar 2023 06:38:45 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubdomains
vary
Accept-Encoding
x-powered-by
PHP/8.2.0
proc.php
serve.marootrack.co/ 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://serve.marootrack.co/proc.php?043921b91f19c96f474b3b47f1f07645a51da053
Requested by
Host: serve.marootrack.co
URL: https://serve.marootrack.co/?utm_term=7214369627827077193&ver=4viyaptcjo&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2f5f6f3f3f3f3f3e8efe8edeaebefe9e074
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.212.184.146 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
server04.com-2.mobi
Software
nginx / PHP/8.2.0
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains

Request headers

Referer
https://serve.marootrack.co/?utm_term=7214369627827077193&ver=4viyaptcjo&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2f5f6f3f3f3f3f3e8efe8edeaebefe9e074
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate, max-age=0
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 25 Mar 2023 06:38:45 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7214369627827077193&website=16099-e27f0498&placement=16099
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubdomains
vary
Accept-Encoding
x-powered-by
PHP/8.2.0
/
www.turbotrck.art/ 		5 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7214369627827077193&website=16099-e27f0498&placement=16099&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2f5f6f3f3f3f3f3e8efe8edeaebefe9e074
Requested by
Host: serve.marootrack.co
URL: https://serve.marootrack.co/proc.php?043921b91f19c96f474b3b47f1f07645a51da053
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.68.81.31 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://serve.marootrack.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

Accept-CH
Sec-CH-UA-Platform-Version
Cache-Control
no-transform
Connection
keep-alive
Content-Type
text/html
Date
Sat, 25 Mar 2023 06:38:45 GMT
Transfer-Encoding
chunked
a91581ead4
78eb8c99.mobilerlk.com/rc/
Redirect Chain
  • https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7214369627827077193&website=16099-e27f0498&placement=16099&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd838...
  • https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7214369627827077193&website=16099-e27f0498&placement=16099&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd838...
  • https://admoustache.media-412.com/sl?id=63ef5a2a8dec34873b6049c7&pid=503&sub1=330000e2bdc39238c5408fabc191338eec9ef0325-202303-flb*5564921-b2be6*M7214369627827077193*sl_5564921-b2be6*d75d7aef980163...
  • https://78eb8c99.mobilerlk.com/rc/a91581ead4?affclick=641e96f5ebc7f1000183ae00&pubid=503
3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://78eb8c99.mobilerlk.com/rc/a91581ead4?affclick=641e96f5ebc7f1000183ae00&pubid=503
Requested by
Host: www.turbotrck.art
URL: https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7214369627827077193&website=16099-e27f0498&placement=16099&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2f5f6f3f3f3f3f3e8efe8edeaebefe9e074
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:210f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee4161c86832d5940f181d65acba24f45b9137b3f59b2a0f79c7ec16c175d936

Request headers

Referer
https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7214369627827077193&website=16099-e27f0498&placement=16099&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2f5f6f3f3f3f3f3e8efe8edeaebefe9e074
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7ad527212e1a0a67-AMS
content-encoding
br
content-language
en-us
content-type
text/html; charset=utf-8
date
Sat, 25 Mar 2023 06:38:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aMQfosp6r1LksAY8eEqF4MIJqCwjILSGYXhwBMTSY1lhuq9aD5x0KzqxGCbTYUAR21ILmzNNP49IJD3Ay5PVhXDwKXHheIok6iGlAf1h5Di7c%2BaGgMyR4Rq%2BlhNGGy%2F1nEm%2FKt1pvwDrJjgP%2FoweaKEpdIft"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding, Accept-Language, Cookie

Redirect headers

access-control-allow-origin
*
content-length
0
date
Sat, 25 Mar 2023 06:38:45 GMT
location
https://78eb8c99.mobilerlk.com/rc/a91581ead4?affclick=641e96f5ebc7f1000183ae00&pubid=503
referer
referrer-policy
no-referrer
server
nginx
x-adjust-use-original-forwarded-for
1
redirect.css
cdn.addlnk.com/ 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.addlnk.com/redirect.css
Requested by
Host: 78eb8c99.mobilerlk.com
URL: https://78eb8c99.mobilerlk.com/rc/a91581ead4?affclick=641e96f5ebc7f1000183ae00&pubid=503
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:9efb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7817748dc7354950bf4943388276db534474269c0cd0ed6a629841ca3d7b81a1

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Sat, 25 Mar 2023 06:38:46 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
9M6XZ0VYQF9YS6V6
age
4879
cf-polished
origSize=1680
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
7cUJfkaBwc0c8qr8VM6gPyHLDbAKYnN0xuwtXfJx2AZnhSzu34GDZ7IJ06703GE+x3BUbxl8sdc=
cf-bgj
minify
last-modified
Wed, 13 Mar 2019 00:03:12 GMT
server
cloudflare
etag
W/"3ae56d32551602b41f9046c14d1cfde2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ePmSFz%2FBlvwmDC18apXhtAbK%2BjtVG60rFFVQzEFuTcu%2F%2BO%2FnUUdXNinf8TvDzdFmgwwy%2FbKJh2yQZ93Y3vXN7Hj7vPqneLWYdyOq69frhT%2FXed6kl7SM8nDFI%2B17yVILpKlR0tLk%2B1Q16TfgeQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cf-ray
7ad527226a670a61-AMS
invisible.js
78eb8c99.mobilerlk.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/ Frame EF31 		28 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://78eb8c99.mobilerlk.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1679716800
Requested by
Host: serve.marootrack.co
URL: https://serve.marootrack.co/?utm_medium=11224099e613c662a9735da41be9e2797b49f2b7&utm_campaign=target_CA_66365c&1=10_6674990&cid=641e96f39551f500010706a0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:210f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8dc7041dba913c8f55a0f2132c5e6ecd6156945b034d5c345927107d0ad667c4

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Sat, 25 Mar 2023 06:38:46 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8JYBbTUpy3YWXRq%2FuKttRUt%2BsbT8i0vBeaV5ARfx4YPutemFZ%2B67IXRRJv8AQsVPkhn%2FJWZHONnebH8IEJAmcgDof%2F%2FmpNWL0lt8d2QatsKC62ZMK4e7GOa7a%2Fn2I5eBypr93Ltzy2Rxw26mCA2GQVhum49p"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
x-control-type-options
nosniff
cf-ray
7ad52722d8150a67-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pica.js
78eb8c99.mobilerlk.com/cdn-cgi/challenge-platform/h/b/scripts/ Frame EF31 		7 KB
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://78eb8c99.mobilerlk.com/cdn-cgi/challenge-platform/h/b/scripts/pica.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:210f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Sat, 25 Mar 2023 06:38:46 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GKQcgXSPPI%2F1amMwiHxbvQpuuPWdqFfIQvrEJ8nEKTRE3ECkIIKEodHA24y%2FwLbpgusLakxCPECcomybkV3I4zyxO429Jg1OHVJFdfTliowRRvfkR%2FOqnHywHZBdAM8gryV%2BEiAGMz2cYL2ezkR%2B%2BOmqOx6j"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
x-control-type-options
nosniff
cf-ray
7ad527231a991ede-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Primary Request chat
exact-offer.xyz/
Redirect Chain
  • https://perserymanked.com/b12060d5-e9c9-4b85-9eb5-b41285f82634?c2=8fe20426_503&c1=pubf314bc237bfe4c979aee5b280d58de73
  • https://exact-offer.xyz/chat?external_id=wqg4u7iumbteuehni9tk4r9u&cost=&external_cid=b12060d5-e9c9-4b85-9eb5-b41285f82634&source=6efa2ba6-87c4-4bb2-b973-4ec73420e640&publisher=eran&placement=8fe204...
3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://exact-offer.xyz/chat?external_id=wqg4u7iumbteuehni9tk4r9u&cost=&external_cid=b12060d5-e9c9-4b85-9eb5-b41285f82634&source=6efa2ba6-87c4-4bb2-b973-4ec73420e640&publisher=eran&placement=8fe20426_503&ts=c181ca30-04e8-4bfc-aa50-ac6cfc246e76&cid=8b6fd34c-5569-f705-1f17-d62a757242b1
Requested by
Host: 78eb8c99.mobilerlk.com
URL: https://78eb8c99.mobilerlk.com/rc/a91581ead4?affclick=641e96f5ebc7f1000183ae00&pubid=503
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
88.214.193.29 , United Kingdom, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
/
Resource Hash
136d6f3fa59fcf526bdaa29b372eb0312767c7e8b0d938581bb6d87916e473e5

Request headers

Referer
https://78eb8c99.mobilerlk.com/rc/a91581ead4?affclick=641e96f5ebc7f1000183ae00&pubid=503
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

content-type
text/html; charset=utf-8
date
Sat, 25 Mar 2023 06:38:46 GMT
referrer-policy
no-referrer

Redirect headers

cache-control
no-store, no-cache, pre-check=0, post-check=0
content-length
0
date
Sat, 25 Mar 2023 06:38:46 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://exact-offer.xyz/chat?external_id=wqg4u7iumbteuehni9tk4r9u&cost=&external_cid=b12060d5-e9c9-4b85-9eb5-b41285f82634&source=6efa2ba6-87c4-4bb2-b973-4ec73420e640&publisher=eran&placement=8fe20426_503&ts=c181ca30-04e8-4bfc-aa50-ac6cfc246e76&cid=8b6fd34c-5569-f705-1f17-d62a757242b1
pragma
no-cache
server
nginx
7ad527212e1a0a67
78eb8c99.mobilerlk.com/cdn-cgi/challenge-platform/h/b/cv/result/ Frame EF31 		2 B
670 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://78eb8c99.mobilerlk.com/cdn-cgi/challenge-platform/h/b/cv/result/7ad527212e1a0a67
Requested by
Host: 78eb8c99.mobilerlk.com
URL: https://78eb8c99.mobilerlk.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1679716800
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:210f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 25 Mar 2023 06:38:46 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a%2Fqa9b26XT%2FDRNgoDzZt0OAcJ2kozBHIcys7VVmO%2BiVNDfgPdAJe1zPXYaEhzBe5N8gZPKH7MiHOTIoAxZk12qe6xE%2Bzh3VTRrMdvijKwSFHPHdTrbTUABAmrjtwkjUggGXWtk%2BeKZilmKOOr5Npn%2BvVZBgx"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
7ad52724ab2a1ede-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
5899cbfdfb42a10fc71439c795b3c9122854636f80c33e90409d3d76e0f1eb8c.js
j6g8i2b5.ssl.hwcdn.net/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://j6g8i2b5.ssl.hwcdn.net/5899cbfdfb42a10fc71439c795b3c9122854636f80c33e90409d3d76e0f1eb8c.js
Requested by
Host: exact-offer.xyz
URL: https://exact-offer.xyz/chat?external_id=wqg4u7iumbteuehni9tk4r9u&cost=&external_cid=b12060d5-e9c9-4b85-9eb5-b41285f82634&source=6efa2ba6-87c4-4bb2-b973-4ec73420e640&publisher=eran&placement=8fe20426_503&ts=c181ca30-04e8-4bfc-aa50-ac6cfc246e76&cid=8b6fd34c-5569-f705-1f17-d62a757242b1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
tlb.hwcdn.net
Software
WasabiS3/7.7.900-2022-08-19-6bff245bcf (head17) /
Resource Hash
5899cbfdfb42a10fc71439c795b3c9122854636f80c33e90409d3d76e0f1eb8c

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date
Sat, 25 Mar 2023 06:38:46 GMT
Content-Encoding
gzip
Last-Modified
Sat, 13 Aug 2022 15:53:17 GMT
Server
WasabiS3/7.7.900-2022-08-19-6bff245bcf (head17)
x-amz-request-id
81D36C542F51A998
ETag
"aab9ce62210dcfe610dc0f0b69d070ad"
X-HW
1679726326.dop228.am5.t,1679726326.cds015.am5.shn,1679726326.dop228.am5.t,1679726326.cds150.am5.c
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
1650
x-amz-id-2
EIEoQq1aJYlb4+joAM9/RX1VpnbBXY2nhQLDKd4u6Cn/MEGfuOom3qCdUKnZkogpjTM7O33L93hP
7730c4d64cfc4a7daa244d2d96f2ac35.js
j6g8i2b5.ssl.hwcdn.net/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://j6g8i2b5.ssl.hwcdn.net/7730c4d64cfc4a7daa244d2d96f2ac35.js
Requested by
Host: exact-offer.xyz
URL: https://exact-offer.xyz/chat?external_id=wqg4u7iumbteuehni9tk4r9u&cost=&external_cid=b12060d5-e9c9-4b85-9eb5-b41285f82634&source=6efa2ba6-87c4-4bb2-b973-4ec73420e640&publisher=eran&placement=8fe20426_503&ts=c181ca30-04e8-4bfc-aa50-ac6cfc246e76&cid=8b6fd34c-5569-f705-1f17-d62a757242b1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
tlb.hwcdn.net
Software
WasabiS3/7.12.1004-2023-02-17-7ff2f5bdd9 (A27-U12) /
Resource Hash
3ed7fa93ef30b3bee1f9d9e498b53dcb8ffcc5c8eb9683ccc3c14b34a7c858ec

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date
Sat, 25 Mar 2023 06:38:46 GMT
Content-Encoding
gzip
Last-Modified
Sat, 25 Mar 2023 00:10:07 GMT
Server
WasabiS3/7.12.1004-2023-02-17-7ff2f5bdd9 (A27-U12)
x-amz-request-id
9D7B78A2494C6C26:B
ETag
"51a2580d28f7101567c88e62119338b1"
X-HW
1679726326.dop228.am5.t,1679726326.cds015.am5.shn,1679726326.dop228.am5.t,1679726326.cds316.am5.c
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
2602
x-amz-id-2
j/rIEqg4UMn4a7WuUT8kHXDuW5gpagAXIh1fVj3IApkNe1i4mj4KLnal+vvqzNF2FBL+RPWLQV7p
landed
trk.adnce.com/events/ 		0
64 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://trk.adnce.com/events/landed
Requested by
Host: j6g8i2b5.ssl.hwcdn.net
URL: https://j6g8i2b5.ssl.hwcdn.net/5899cbfdfb42a10fc71439c795b3c9122854636f80c33e90409d3d76e0f1eb8c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
88.214.193.29 , United Kingdom, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Sat, 25 Mar 2023 06:38:47 GMT
content-length
0
content-type
application/json; charset=utf-8
2615b36b-fca2-49be-9bb0-f09597052e5d
trk.adnce.com/tracker/ 		0
217 B 		Script
General
Check archive.org
Download Go to
Full URL
https://trk.adnce.com/tracker/2615b36b-fca2-49be-9bb0-f09597052e5d?external_id=wqg4u7iumbteuehni9tk4r9u&cost=&external_cid=b12060d5-e9c9-4b85-9eb5-b41285f82634&source=6efa2ba6-87c4-4bb2-b973-4ec73420e640&publisher=eran&placement=8fe20426_503&ts=c181ca30-04e8-4bfc-aa50-ac6cfc246e76&cid=8b6fd34c-5569-f705-1f17-d62a757242b1
Requested by
Host: exact-offer.xyz
URL: https://exact-offer.xyz/chat?external_id=wqg4u7iumbteuehni9tk4r9u&cost=&external_cid=b12060d5-e9c9-4b85-9eb5-b41285f82634&source=6efa2ba6-87c4-4bb2-b973-4ec73420e640&publisher=eran&placement=8fe20426_503&ts=c181ca30-04e8-4bfc-aa50-ac6cfc246e76&cid=8b6fd34c-5569-f705-1f17-d62a757242b1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
88.214.193.29 , United Kingdom, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Sat, 25 Mar 2023 06:38:47 GMT
content-length
0
css2
fonts.googleapis.com/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;500&display=swap
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3f8a233d057abaab43390e166b1525cc4821e863053e68d72fb4387c825f6110
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 25 Mar 2023 06:38:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 25 Mar 2023 06:06:57 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 25 Mar 2023 06:38:47 GMT
arrow-back-2x.png
d3rlh0lneatqqc.cloudfront.net/fb-chat/ 		276 B
662 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3rlh0lneatqqc.cloudfront.net/fb-chat/arrow-back-2x.png
Requested by
Host: exact-offer.xyz
URL: https://exact-offer.xyz/chat?external_id=wqg4u7iumbteuehni9tk4r9u&cost=&external_cid=b12060d5-e9c9-4b85-9eb5-b41285f82634&source=6efa2ba6-87c4-4bb2-b973-4ec73420e640&publisher=eran&placement=8fe20426_503&ts=c181ca30-04e8-4bfc-aa50-ac6cfc246e76&cid=8b6fd34c-5569-f705-1f17-d62a757242b1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:5400:5:5907:a500:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
785f95b271eb1e0e2280329ebb8eb700afbf6c99430c743a52a09f82c2514a72

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Sat, 28 Jan 2023 16:39:45 GMT
x-amz-version-id
3HYlq20m0BizhwgCjeiSqCei9HxV3evj
via
1.1 16dc09493f48bbc1fd2cdd6e175a94f6.cloudfront.net (CloudFront)
last-modified
Tue, 03 Dec 2019 09:04:37 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
age
4802343
etag
"af82283d1e25a5e034c15171120405cd"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
276
x-amz-cf-id
95EDVeGlP0cWiRmJx0H6fVFVUdGTjPVg3ws6feRcMM1odYhI71Ue-A==
phone-icon-2x.png
d3rlh0lneatqqc.cloudfront.net/fb-chat/ 		362 B
752 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3rlh0lneatqqc.cloudfront.net/fb-chat/phone-icon-2x.png
Requested by
Host: exact-offer.xyz
URL: https://exact-offer.xyz/chat?external_id=wqg4u7iumbteuehni9tk4r9u&cost=&external_cid=b12060d5-e9c9-4b85-9eb5-b41285f82634&source=6efa2ba6-87c4-4bb2-b973-4ec73420e640&publisher=eran&placement=8fe20426_503&ts=c181ca30-04e8-4bfc-aa50-ac6cfc246e76&cid=8b6fd34c-5569-f705-1f17-d62a757242b1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:5400:5:5907:a500:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b09979a1817a904d1b41a7ce0534a65169e03a8297b46e273aca7875b25ed2e8

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 13:09:02 GMT
x-amz-version-id
NOufki2ulJea5wZhYd_1vaXcZs_RSnBP
via
1.1 16dc09493f48bbc1fd2cdd6e175a94f6.cloudfront.net (CloudFront)
last-modified
Tue, 03 Dec 2019 09:04:38 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
age
6197386
etag
"c9173c4e80bd783b6d178322e582eacf"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
362
x-amz-cf-id
hEaMZ7NI-ZqGxHP77Nz6eEIfvmt7xTBEffd_Yg2VhO3Wo-XGUvhspA==
information-icon-2x.png
d3rlh0lneatqqc.cloudfront.net/fb-chat/ 		290 B
681 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3rlh0lneatqqc.cloudfront.net/fb-chat/information-icon-2x.png
Requested by
Host: exact-offer.xyz
URL: https://exact-offer.xyz/chat?external_id=wqg4u7iumbteuehni9tk4r9u&cost=&external_cid=b12060d5-e9c9-4b85-9eb5-b41285f82634&source=6efa2ba6-87c4-4bb2-b973-4ec73420e640&publisher=eran&placement=8fe20426_503&ts=c181ca30-04e8-4bfc-aa50-ac6cfc246e76&cid=8b6fd34c-5569-f705-1f17-d62a757242b1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:5400:5:5907:a500:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9da11b891e6a130d6ccace9947fe7b6c6eee816092c660ded093ba1f408aec4b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 13:09:02 GMT
x-amz-version-id
aUESQyrgeOOhkS_zj8DiuVzOckRJbkBh
via
1.1 16dc09493f48bbc1fd2cdd6e175a94f6.cloudfront.net (CloudFront)
last-modified
Tue, 03 Dec 2019 09:04:37 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
age
6197386
etag
"0b09565feb1555b3b65d50fca47f6e2f"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
290
x-amz-cf-id
HFq5ACPYu_UMdK81w3R3JRHZ591HbtGTHRZHwo9hM9tbFmY6ceYwOQ==
dots.png
d3rlh0lneatqqc.cloudfront.net/fb-chat/ 		370 B
759 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3rlh0lneatqqc.cloudfront.net/fb-chat/dots.png
Requested by
Host: exact-offer.xyz
URL: https://exact-offer.xyz/chat?external_id=wqg4u7iumbteuehni9tk4r9u&cost=&external_cid=b12060d5-e9c9-4b85-9eb5-b41285f82634&source=6efa2ba6-87c4-4bb2-b973-4ec73420e640&publisher=eran&placement=8fe20426_503&ts=c181ca30-04e8-4bfc-aa50-ac6cfc246e76&cid=8b6fd34c-5569-f705-1f17-d62a757242b1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:5400:5:5907:a500:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6db28f7c67817aba1c6782156ae186a88d318d8f34e39964a28d9f1a06ab3a23

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 13:09:02 GMT
x-amz-version-id
IhGHMdMQCM8QbNJT2ICnCnQotmsGJ38q
via
1.1 16dc09493f48bbc1fd2cdd6e175a94f6.cloudfront.net (CloudFront)
last-modified
Tue, 03 Dec 2019 09:04:37 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
age
6197386
etag
"914ce425b785e18e110c1a35b198e9b2"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
370
x-amz-cf-id
-gbWYOH5lHnvYYnelkLbNXmP1mipl-MJqvB2v0CC-Ttz30PHgdolyw==
camera.png
d3rlh0lneatqqc.cloudfront.net/fb-chat/ 		413 B
801 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3rlh0lneatqqc.cloudfront.net/fb-chat/camera.png
Requested by
Host: exact-offer.xyz
URL: https://exact-offer.xyz/chat?external_id=wqg4u7iumbteuehni9tk4r9u&cost=&external_cid=b12060d5-e9c9-4b85-9eb5-b41285f82634&source=6efa2ba6-87c4-4bb2-b973-4ec73420e640&publisher=eran&placement=8fe20426_503&ts=c181ca30-04e8-4bfc-aa50-ac6cfc246e76&cid=8b6fd34c-5569-f705-1f17-d62a757242b1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:5400:5:5907:a500:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
93f3118e58641bb6cd4e9b9d9cef8d4d60de39eb85d3e620dbacd240138cdb7c

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 00:51:12 GMT
x-amz-version-id
K5OHPWEoql8AQCCqsn.J5llLp_ahkB4O
via
1.1 16dc09493f48bbc1fd2cdd6e175a94f6.cloudfront.net (CloudFront)
last-modified
Tue, 03 Dec 2019 09:04:37 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
age
5291256
etag
"1c25fcf17664c088bf47f372cd50742a"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
413
x-amz-cf-id
1IZQDScGxpBL-k5IRLcU5iTmpj0wBezNaG_JanRmPpoVivfB1bmJ_w==
picture.png
d3rlh0lneatqqc.cloudfront.net/fb-chat/ 		237 B
625 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3rlh0lneatqqc.cloudfront.net/fb-chat/picture.png
Requested by
Host: exact-offer.xyz
URL: https://exact-offer.xyz/chat?external_id=wqg4u7iumbteuehni9tk4r9u&cost=&external_cid=b12060d5-e9c9-4b85-9eb5-b41285f82634&source=6efa2ba6-87c4-4bb2-b973-4ec73420e640&publisher=eran&placement=8fe20426_503&ts=c181ca30-04e8-4bfc-aa50-ac6cfc246e76&cid=8b6fd34c-5569-f705-1f17-d62a757242b1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:5400:5:5907:a500:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7b6c4fcd4f3afc2bf75d249c3657bd8421fbe5f5536b430d69f3ebae725f6493

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 00:51:15 GMT
x-amz-version-id
mvmw1hpKWcvZPujkGIYn.E3a0OSV8PC6
via
1.1 16dc09493f48bbc1fd2cdd6e175a94f6.cloudfront.net (CloudFront)
last-modified
Tue, 03 Dec 2019 09:04:38 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
age
5291253
etag
"e71293166c7e04a1cc21e5eef80c5209"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
237
x-amz-cf-id
RIC2ZDEFuXT_lqMQMp5Qaudb6bUxFHjqeaz3Z0_QJFf7NS-cnGAOCg==
microphone.png
d3rlh0lneatqqc.cloudfront.net/fb-chat/ 		343 B
732 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3rlh0lneatqqc.cloudfront.net/fb-chat/microphone.png
Requested by
Host: exact-offer.xyz
URL: https://exact-offer.xyz/chat?external_id=wqg4u7iumbteuehni9tk4r9u&cost=&external_cid=b12060d5-e9c9-4b85-9eb5-b41285f82634&source=6efa2ba6-87c4-4bb2-b973-4ec73420e640&publisher=eran&placement=8fe20426_503&ts=c181ca30-04e8-4bfc-aa50-ac6cfc246e76&cid=8b6fd34c-5569-f705-1f17-d62a757242b1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:5400:5:5907:a500:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
185db38521be96708101448521c1eb08b50d815f8a7e377048a1ce6544d7c340

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 13:09:02 GMT
x-amz-version-id
w3_.daCV20KIir1WnOpOOQ4I2RsPuVq8
via
1.1 16dc09493f48bbc1fd2cdd6e175a94f6.cloudfront.net (CloudFront)
last-modified
Tue, 03 Dec 2019 09:04:37 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
age
6197386
etag
"76fbf504747464c5efa85df8ec12cc58"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
343
x-amz-cf-id
rfsG6vxPLmSSxhsajQl0LIGw-nDY7hBG-S1s3OqqKTYYgiHJ3fH52A==
thumb.png
d3rlh0lneatqqc.cloudfront.net/fb-chat/ 		380 B
770 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3rlh0lneatqqc.cloudfront.net/fb-chat/thumb.png
Requested by
Host: exact-offer.xyz
URL: https://exact-offer.xyz/chat?external_id=wqg4u7iumbteuehni9tk4r9u&cost=&external_cid=b12060d5-e9c9-4b85-9eb5-b41285f82634&source=6efa2ba6-87c4-4bb2-b973-4ec73420e640&publisher=eran&placement=8fe20426_503&ts=c181ca30-04e8-4bfc-aa50-ac6cfc246e76&cid=8b6fd34c-5569-f705-1f17-d62a757242b1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:5400:5:5907:a500:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4ebf854c003212a7c06f650ce3fa1983578f90ce190a85c390b1c5dfb5d0051a

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Sun, 22 Jan 2023 04:58:42 GMT
x-amz-version-id
zkvhwMimPNyBwZKBF3yeSdfHiXeOIWd1
via
1.1 16dc09493f48bbc1fd2cdd6e175a94f6.cloudfront.net (CloudFront)
last-modified
Tue, 03 Dec 2019 09:04:38 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
age
5362806
etag
"058c4878c6f9e09a63aa6e5629790a50"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
380
x-amz-cf-id
ywhXWWQMs19KrqFxl-mjMW7OsuEuP0ks3mhT5Uej-jum29jruGIUTA==
e785c839cb36d6c6410b8d70010d6fdb6a9d9df86d7f60c3cac5b8872cb24ea9.png
j6g8i2b5.ssl.hwcdn.net/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://j6g8i2b5.ssl.hwcdn.net/e785c839cb36d6c6410b8d70010d6fdb6a9d9df86d7f60c3cac5b8872cb24ea9.png
Requested by
Host: exact-offer.xyz
URL: https://exact-offer.xyz/chat?external_id=wqg4u7iumbteuehni9tk4r9u&cost=&external_cid=b12060d5-e9c9-4b85-9eb5-b41285f82634&source=6efa2ba6-87c4-4bb2-b973-4ec73420e640&publisher=eran&placement=8fe20426_503&ts=c181ca30-04e8-4bfc-aa50-ac6cfc246e76&cid=8b6fd34c-5569-f705-1f17-d62a757242b1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
tlb.hwcdn.net
Software
WasabiS3/7.10.1198-2022-12-14-39a7a2e69e (head13) /
Resource Hash
e785c839cb36d6c6410b8d70010d6fdb6a9d9df86d7f60c3cac5b8872cb24ea9

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date
Sat, 25 Mar 2023 06:38:46 GMT
Last-Modified
Sat, 13 Aug 2022 15:56:22 GMT
Server
WasabiS3/7.10.1198-2022-12-14-39a7a2e69e (head13)
x-amz-request-id
56455975C5541EA7
ETag
"8fde31b9413eebdadf6e2aefe3286451"
X-HW
1679726326.dop228.am5.t,1679726326.cds015.am5.shn,1679726326.dop228.am5.t,1679726326.cds277.am5.c
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
16011
x-amz-id-2
PCkxi3unuv9aLcsARoBBIQpk+FKYwgzTfLzy+C/PLmfivn60arAp6Mvzd3iOyRfhP3jKieBq4n/j
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://exact-offer.xyz
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Tue, 21 Mar 2023 08:37:39 GMT
x-content-type-options
nosniff
age
338468
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Mar 2024 08:37:39 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://exact-offer.xyz
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Tue, 21 Mar 2023 08:37:38 GMT
x-content-type-options
nosniff
age
338469
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Mar 2024 08:37:38 GMT
sw_too_fast
trk.adnce.com/events/ 		0
35 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://trk.adnce.com/events/sw_too_fast
Requested by
Host: j6g8i2b5.ssl.hwcdn.net
URL: https://j6g8i2b5.ssl.hwcdn.net/5899cbfdfb42a10fc71439c795b3c9122854636f80c33e90409d3d76e0f1eb8c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
88.214.193.29 , United Kingdom, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Sat, 25 Mar 2023 06:38:51 GMT
content-length
0
denied_with_back_button
trk.adnce.com/events/ 		0
12 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://trk.adnce.com/events/denied_with_back_button
Requested by
Host: j6g8i2b5.ssl.hwcdn.net
URL: https://j6g8i2b5.ssl.hwcdn.net/5899cbfdfb42a10fc71439c795b3c9122854636f80c33e90409d3d76e0f1eb8c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
88.214.193.29 , United Kingdom, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Sat, 25 Mar 2023 06:38:51 GMT
content-length
0
chat
1.exact-offer.xyz/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
1.exact-offer.xyz
URL
intent://1.exact-offer.xyz/chat?cid=8b6fd34c-5569-f705-1f17-d62a757242b1&cost=&external_cid=b12060d5-e9c9-4b85-9eb5-b41285f82634&external_id=wqg4u7iumbteuehni9tk4r9u&placement=8fe20426_503&publisher=eran&source=6efa2ba6-87c4-4bb2-b973-4ec73420e640&ts=c181ca30-04e8-4bfc-aa50-ac6cfc246e76

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless function| sendEvent function| toOffer object| EndpointsProvider object| config object| DomainConfig function| metaTagRedirect function| sendSubscription function| urlBase64ToUint8Array function| subscribeWithServiceWorker function| getNotificationPermission boolean| ASK_NOTIFICATION_PERMISSION function| a0_0x5293 function| a0_0x19b1

10 Cookies

Domain/Path Name / Value
aditmedia.g2afse.com/ Name: afclick
Value: 641e96f39551f500010706a0
aditmedia.g2afse.com/ Name: afoffers
Value: {"19708":1679726323}
serve.marootrack.co/ Name: u
Value: 3ab6eed86ba93e8648bb6ed507ce0242
admoustache.media-412.com/ Name: afclick
Value: 641e96f5ebc7f1000183ae00
78eb8c99.mobilerlk.com/ Name: AWSALB
Value: 3wLjGsBOyzucDLGBr9jBkmoVyIqjGhKjD4swBWOetBlCUyceDnjjEHjp5TOKYXsO1El2jxhXcMJFrAAfzUqHv0aCFeJkSvjAeRGc3IGUMBiTHLSyUV/nWK/szQyD
.perserymanked.com/ Name: b12060d5-e9c9-4b85-9eb5-b41285f82634-v4
Value: -bvIdnqfnFNpfjn-hKRVjh00yrW48Gyxt0L8xC1j3vQ
.perserymanked.com/ Name: cc-v4
Value: xdv1A24C8UJtBFzbGNqel1h%2BXWXJX35%2FVD5%2BOUOWa5wVOptWfs3%2BVQ9Jr0RLAc9NWyopinU0FbcOlcVIeQ%2FgWxPIZNC%2Fw%2FvUxItciug6KyLjZm8U8RUZdylWloxRHv1vI5c4MqG%2FzvviBiyLaFL18Q%3D%3D
.mobilerlk.com/ Name: __cf_bm
Value: wW2qyqXwe0MZqC7.qb3Nhqs5DqRuMRwnJmEGQo4opL4-1679726326-0-AT+AIB3D6TAv9wtL+16SSJJ+WOiW+COzgqhSKRB7SfVdVxdjNWm1rIv2b2GB1IE16WTFdHB+Z40Y4lb6tHFzveDtmNWGAniEhwN+WY66HQQZduyeeuO+FWpC5K71n7pPBQ==
.adnce.com/ Name: click
Value: 1679726100-1-7d0dc239-9905-4dc3-a1d5-c485479a8238
.adnce.com/ Name: client
Value: 17c0511f-6ccd-4a46-af4b-fc0a6bb40a01

1 Console Messages

Source Level URL
Text
network error URL: https://trk.adnce.com/events/landed
Message:
Failed to load resource: the server responded with a status of 500 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubdomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.exact-offer.xyz
78eb8c99.mobilerlk.com
aditmedia.g2afse.com
admoustache.media-412.com
cdn.addlnk.com
d3rlh0lneatqqc.cloudfront.net
exact-offer.xyz
fonts.googleapis.com
fonts.gstatic.com
j6g8i2b5.ssl.hwcdn.net
perserymanked.com
serve.marootrack.co
trk.adnce.com
www.turbotrck.art
1.exact-offer.xyz
18.158.88.249
2600:9000:214f:5400:5:5907:a500:21
2606:4700:3034::6815:210f
2606:4700:3035::ac43:9efb
2a00:1450:4001:80b::200a
2a00:1450:4001:831::2003
34.141.179.97
34.91.27.112
51.68.81.31
67.212.184.146
69.16.175.10
88.214.193.29
0786cb35fff93f0e16cddbaaee3d4fbe308bfeab496db8c1bc798ba0099248b7
136d6f3fa59fcf526bdaa29b372eb0312767c7e8b0d938581bb6d87916e473e5
185db38521be96708101448521c1eb08b50d815f8a7e377048a1ce6544d7c340
3ed7fa93ef30b3bee1f9d9e498b53dcb8ffcc5c8eb9683ccc3c14b34a7c858ec
3f8a233d057abaab43390e166b1525cc4821e863053e68d72fb4387c825f6110
4ebf854c003212a7c06f650ce3fa1983578f90ce190a85c390b1c5dfb5d0051a
5899cbfdfb42a10fc71439c795b3c9122854636f80c33e90409d3d76e0f1eb8c
6db28f7c67817aba1c6782156ae186a88d318d8f34e39964a28d9f1a06ab3a23
7817748dc7354950bf4943388276db534474269c0cd0ed6a629841ca3d7b81a1
785f95b271eb1e0e2280329ebb8eb700afbf6c99430c743a52a09f82c2514a72
7b6c4fcd4f3afc2bf75d249c3657bd8421fbe5f5536b430d69f3ebae725f6493
8dc7041dba913c8f55a0f2132c5e6ecd6156945b034d5c345927107d0ad667c4
93f3118e58641bb6cd4e9b9d9cef8d4d60de39eb85d3e620dbacd240138cdb7c
9da11b891e6a130d6ccace9947fe7b6c6eee816092c660ded093ba1f408aec4b
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b09979a1817a904d1b41a7ce0534a65169e03a8297b46e273aca7875b25ed2e8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e785c839cb36d6c6410b8d70010d6fdb6a9d9df86d7f60c3cac5b8872cb24ea9
ee4161c86832d5940f181d65acba24f45b9137b3f59b2a0f79c7ec16c175d936
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615