urlscan.io logo urlscan.io
SecurityTrails logo

exact-offer.xyz Open in urlscan Pro
88.214.193.29  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://vps-85109737.vps.ovh.net/oHT.php4?dfdd6ccc2wj9cxqT2cccF6cSc6MzNdvhjcbbb2D
Effective URL: https://exact-offer.xyz/chat?external_id=ws1lnmjcl23phmmi2ncl22mi&cost=&external_cid=b12060d5-e9c9-4b85-9eb5-b41285f8263...
Submission: On August 30 via api from BE — Scanned from FR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 4 countries across 12 domains to perform 23 HTTP transactions. The main IP is 88.214.193.29, located in United Kingdom and belongs to NATCOWEB, US. The main domain is exact-offer.xyz.
TLS certificate: Issued by R3 on August 2nd 2022. Valid for: 3 months.
This is the only time exact-offer.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2001:41d0:401... 16276 (OVH)
1 81.145.240.126 2856 (BT-UK-AS ...)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
4 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 1 18.158.88.249 16509 (AMAZON-02)
3 88.214.193.29 46636 (NATCOWEB)
3 69.16.175.42 20446 (STACKPATH...)
1 2a00:1450:400... 15169 (GOOGLE)
8 2600:9000:225... 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
23 8
1    2001:41d0:401:3000::361d (France)

ASN16276 (OVH, FR)
vps-85109737.vps.ovh.net
1    81.145.240.126 (Motherwell, United Kingdom)

ASN2856 (BT-UK-AS BTnet UK Regional network, GB)
PTR: websitenamehost.xyz
hostingoptimized.com
1    2606:4700:3031::ac43:92ee (United States)

ASN13335 (CLOUDFLARENET, US)
lynku.jukminung.com
4    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
www.tgiory.com
1    2606:4700:3033::6815:1446 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.addlnk.com
1    18.158.88.249 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-158-88-249.eu-central-1.compute.amazonaws.com
perserymanked.com
3    88.214.193.29 (United Kingdom)

ASN46636 (NATCOWEB, US)
exact-offer.xyz
trk.adnce.com
3    69.16.175.42 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: tlb.hwcdn.net
j6g8i2b5.ssl.hwcdn.net
1    2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
8    2600:9000:2250:1800:5:5907:a500:21 (United States)

ASN16509 (AMAZON-02, US)
d3rlh0lneatqqc.cloudfront.net
2    2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Domain Requested by
8 d3rlh0lneatqqc.cloudfront.net exact-offer.xyz
4 www.tgiory.com hostingoptimized.com
www.tgiory.com
3 j6g8i2b5.ssl.hwcdn.net exact-offer.xyz
2 fonts.gstatic.com fonts.googleapis.com
2 trk.adnce.com j6g8i2b5.ssl.hwcdn.net
exact-offer.xyz
1 fonts.googleapis.com client
1 exact-offer.xyz www.tgiory.com
1 perserymanked.com 1 redirects
1 cdn.addlnk.com www.tgiory.com
1 lynku.jukminung.com 1 redirects
1 hostingoptimized.com
1 vps-85109737.vps.ovh.net 1 redirects
23 12

This site contains no links.

Subject Issuer Validity Valid
hostingoptimized.com
Sectigo RSA Domain Validation Secure Server CA		 2022-01-24 -
2023-01-24		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-03-11 -
2023-03-10		 a year crt.sh
exact-offer.xyz
R3		 2022-08-02 -
2022-10-31		 3 months crt.sh
*.ssl.hwcdn.net
Sectigo RSA Domain Validation Secure Server CA		 2021-12-22 -
2023-01-19		 a year crt.sh
trk.adnce.com
R3		 2022-07-18 -
2022-10-16		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-08-08 -
2022-10-31		 3 months crt.sh
*.cloudfront.net
Amazon		 2022-02-01 -
2023-01-31		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-08-08 -
2022-10-31		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://exact-offer.xyz/chat?external_id=ws1lnmjcl23phmmi2ncl22mi&cost=&external_cid=b12060d5-e9c9-4b85-9eb5-b41285f82634&source=6efa2ba6-87c4-4bb2-b973-4ec73420e640&publisher=eran&placement=631c6e6c&ts=c181ca30-04e8-4bfc-aa50-ac6cfc246e76&cid=8b6fd34c-5569-f705-1f17-d62a757242b1
Frame ID: 7F059DD437FBED49239481E0D2935E32
Requests: 20 HTTP requests in this frame

Frame: https://www.tgiory.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1661889600
Frame ID: D0913A4415A08DC37E6D7D6263F56972
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Hello 👋 and congratulations!

Page URL History Show full URLs

  1. http://vps-85109737.vps.ovh.net/oHT.php4?dfdd6ccc2wj9cxqT2cccF6cSc6MzNdvhjcbbb2D HTTP 302
    https://hostingoptimized.com/17635053ca3b03a8800/1_184138_2565807/1795_3280294_3905657_45/402426909_2001+... Page URL
  2. https://lynku.jukminung.com/rc/9e8aef8068?affclick=1282851356&pubid=690290 HTTP 302
    https://www.tgiory.com/rc/4fae28eb48?af5=pubid-not-valid Page URL
  3. https://perserymanked.com/b12060d5-e9c9-4b85-9eb5-b41285f82634?c1=pub9811471151744d06b9e3eb5a83f72b89&... HTTP 302
    https://exact-offer.xyz/chat?external_id=ws1lnmjcl23phmmi2ncl22mi&cost=&external_cid=b12060d5-e9c9-4... Page URL

Page Statistics

23
Requests

100 %
HTTPS

64 %
IPv6

12
Domains

12
Subdomains

8
IPs

4
Countries

92 kB
Transfer

144 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://vps-85109737.vps.ovh.net/oHT.php4?dfdd6ccc2wj9cxqT2cccF6cSc6MzNdvhjcbbb2D HTTP 302
    https://hostingoptimized.com/17635053ca3b03a8800/1_184138_2565807/1795_3280294_3905657_45/402426909_2001+41d0+8+d154++7 Page URL
  2. https://lynku.jukminung.com/rc/9e8aef8068?affclick=1282851356&pubid=690290 HTTP 302
    https://www.tgiory.com/rc/4fae28eb48?af5=pubid-not-valid Page URL
  3. https://perserymanked.com/b12060d5-e9c9-4b85-9eb5-b41285f82634?c1=pub9811471151744d06b9e3eb5a83f72b89&c2=631c6e6c HTTP 302
    https://exact-offer.xyz/chat?external_id=ws1lnmjcl23phmmi2ncl22mi&cost=&external_cid=b12060d5-e9c9-4b85-9eb5-b41285f82634&source=6efa2ba6-87c4-4bb2-b973-4ec73420e640&publisher=eran&placement=631c6e6c&ts=c181ca30-04e8-4bfc-aa50-ac6cfc246e76&cid=8b6fd34c-5569-f705-1f17-d62a757242b1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://vps-85109737.vps.ovh.net/oHT.php4?dfdd6ccc2wj9cxqT2cccF6cSc6MzNdvhjcbbb2D HTTP 302
  • https://hostingoptimized.com/17635053ca3b03a8800/1_184138_2565807/1795_3280294_3905657_45/402426909_2001+41d0+8+d154++7
Request Chain 1
  • https://lynku.jukminung.com/rc/9e8aef8068?affclick=1282851356&pubid=690290 HTTP 302
  • https://www.tgiory.com/rc/4fae28eb48?af5=pubid-not-valid

23 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
402426909_2001+41d0+8+d154++7
hostingoptimized.com/17635053ca3b03a8800/1_184138_2565807/1795_3280294_3905657_45/
Redirect Chain
  • http://vps-85109737.vps.ovh.net/oHT.php4?dfdd6ccc2wj9cxqT2cccF6cSc6MzNdvhjcbbb2D
  • https://hostingoptimized.com/17635053ca3b03a8800/1_184138_2565807/1795_3280294_3905657_45/402426909_2001+41d0+8+d154++7
137 B
450 B 		Document
General
Check archive.org
Download Go to
Full URL
https://hostingoptimized.com/17635053ca3b03a8800/1_184138_2565807/1795_3280294_3905657_45/402426909_2001+41d0+8+d154++7
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
81.145.240.126 Motherwell, United Kingdom, ASN2856 (BT-UK-AS BTnet UK Regional network, GB),
Reverse DNS
websitenamehost.xyz
Software
Apache /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Connection
close
Content-Length
137
Content-Type
text/html; charset=UTF-8
Date
Tue, 30 Aug 2022 22:01:02 GMT
Server
Apache

Redirect headers

Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
Date
Tue, 30 Aug 2022 22:01:00 GMT
Location
https://hostingoptimized.com/17635053ca3b03a8800/1_184138_2565807/1795_3280294_3905657_45/402426909_2001+41d0+8+d154++7
Server
Apache
4fae28eb48
www.tgiory.com/rc/
Redirect Chain
  • https://lynku.jukminung.com/rc/9e8aef8068?affclick=1282851356&pubid=690290
  • https://www.tgiory.com/rc/4fae28eb48?af5=pubid-not-valid
3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.tgiory.com/rc/4fae28eb48?af5=pubid-not-valid
Requested by
Host: hostingoptimized.com
URL: https://hostingoptimized.com/17635053ca3b03a8800/1_184138_2565807/1795_3280294_3905657_45/402426909_2001+41d0+8+d154++7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3cb6f77505c633c895ebcd15225117ac839621d4c9fd568102cd461677ceff6f

Request headers

Referer
https://hostingoptimized.com/17635053ca3b03a8800/1_184138_2565807/1795_3280294_3905657_45/402426909_2001+41d0+8+d154++7
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7430cd7f2812d3af-CDG
content-encoding
br
content-language
en-us
content-type
text/html; charset=utf-8
date
Tue, 30 Aug 2022 22:01:02 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yOczt1ykGvQ%2Be1hsf9MalWVhyMNB2ttT%2BdwYcljehyxLfiPFFzbgxVSvDIU5s2GC2QWsfIwrwfPQ%2F%2Fhsw2ZlTtmrvsFI2sFM9zIDSC3KK4R15Rm8i3DxFWva8v5tWxz2KHl3VnA%2B5ldGVPCnDQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding, Accept-Language, Cookie

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7430cd7e4e5dd209-CDG
content-language
en-us
content-type
text/html; charset=utf-8
date
Tue, 30 Aug 2022 22:01:02 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location
https://www.tgiory.com/rc/4fae28eb48?af5=pubid-not-valid
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I%2FlnWbc09kHhI4XhQ4841%2B8DHm6kz8eVpo8GrsyIggdC4A6kvbbfUPEC6%2B5zM5HIf7dNv4CgXzAHAI6%2Fy77ZSXMJV8q%2F3vBSHlbiCEIDcnZrsswslHzcI1fRbRiZmwuVUwjWbCXOyYmf8iSTzOIQkTJd"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Language, Cookie
redirect.css
cdn.addlnk.com/ 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.addlnk.com/redirect.css
Requested by
Host: www.tgiory.com
URL: https://www.tgiory.com/rc/4fae28eb48?af5=pubid-not-valid
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:1446 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7817748dc7354950bf4943388276db534474269c0cd0ed6a629841ca3d7b81a1

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 30 Aug 2022 22:01:02 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3605
cf-polished
origSize=1680
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
XSZBRH7A3PWWSAEW
x-amz-id-2
nWRA1g863xa9XULNpDd037ZCAOWXVZ5GsNylXYh55p+lNPzkGILMCmZVimK4lPYlcPQzmucKHf4=
last-modified
Wed, 13 Mar 2019 00:03:12 GMT
server
cloudflare
etag
W/"3ae56d32551602b41f9046c14d1cfde2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PH%2B7VldLHd4M20rIQb2xwRWBoIJHXE5fhys%2BMavLeZqwD7Nl6jB%2B%2Fx6sZFvSqOEpQ1a8Xn0yrkhnffHwG9XS2B9eLacglP5YYKW%2FGLwSOUOGUCVQeDMebpE7dRGfVs6IG%2BO63Xd%2Fd1CtgA7PxQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cf-ray
7430cd805e52998a-CDG
cf-bgj
minify
invisible.js
www.tgiory.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/ Frame D091 		47 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.tgiory.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1661889600
Requested by
Host: hostingoptimized.com
URL: https://hostingoptimized.com/17635053ca3b03a8800/1_184138_2565807/1795_3280294_3905657_45/402426909_2001+41d0+8+d154++7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e3653c0bade98a69dbe903ec52d94a5fa890f1253b8b7c976a28b1fab6d3c45

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 30 Aug 2022 22:01:02 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FZbRS3uDAfpRIDxFL5v2g2xL%2FIm%2BKemLi4sgpgZNryr6FEMIFqQz6766UKNsMdWTTYDWHcdqZsFYUUo8xGZ5R8chzzSZpMMPRnLZpfI1phYj8%2FvrZYWjlgdCiDh6jBmgQmiY2f%2BB6dmZi6mEcg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
x-control-type-options
nosniff
cf-ray
7430cd80aae1d3af-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pica.js
www.tgiory.com/cdn-cgi/challenge-platform/h/b/scripts/ Frame D091 		22 KB
8 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.tgiory.com/cdn-cgi/challenge-platform/h/b/scripts/pica.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 30 Aug 2022 22:01:02 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QDPnw36Nd2C1OYAVvQuQCXtNS4PnWznUUq8SWFQoT8saum0UDZ64fOW0v7ebKt1DU%2BWrArdKuQYdc2s1vxcec39%2BOU5rJCuPmXBmsspPBWQ24BPoG2ZJ5hsiwtFhuDJigQCws%2BPXjpFwTG0z%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
x-control-type-options
nosniff
cf-ray
7430cd80eb63d3af-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Primary Request chat
exact-offer.xyz/
Redirect Chain
  • https://perserymanked.com/b12060d5-e9c9-4b85-9eb5-b41285f82634?c1=pub9811471151744d06b9e3eb5a83f72b89&c2=631c6e6c
  • https://exact-offer.xyz/chat?external_id=ws1lnmjcl23phmmi2ncl22mi&cost=&external_cid=b12060d5-e9c9-4b85-9eb5-b41285f82634&source=6efa2ba6-87c4-4bb2-b973-4ec73420e640&publisher=eran&placement=631c6e...
3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://exact-offer.xyz/chat?external_id=ws1lnmjcl23phmmi2ncl22mi&cost=&external_cid=b12060d5-e9c9-4b85-9eb5-b41285f82634&source=6efa2ba6-87c4-4bb2-b973-4ec73420e640&publisher=eran&placement=631c6e6c&ts=c181ca30-04e8-4bfc-aa50-ac6cfc246e76&cid=8b6fd34c-5569-f705-1f17-d62a757242b1
Requested by
Host: www.tgiory.com
URL: https://www.tgiory.com/rc/4fae28eb48?af5=pubid-not-valid
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
88.214.193.29 , United Kingdom, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
/
Resource Hash
4b6d2457ae3a852003c63752155269ba2c974b2eb73907c377432d0b38e32227

Request headers

Referer
https://www.tgiory.com/rc/4fae28eb48?af5=pubid-not-valid
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

content-type
text/html; charset=utf-8
date
Tue, 30 Aug 2022 22:01:03 GMT
referrer-policy
no-referrer

Redirect headers

cache-control
no-store, no-cache, pre-check=0, post-check=0
content-length
0
date
Tue, 30 Aug 2022 22:01:02 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://exact-offer.xyz/chat?external_id=ws1lnmjcl23phmmi2ncl22mi&cost=&external_cid=b12060d5-e9c9-4b85-9eb5-b41285f82634&source=6efa2ba6-87c4-4bb2-b973-4ec73420e640&publisher=eran&placement=631c6e6c&ts=c181ca30-04e8-4bfc-aa50-ac6cfc246e76&cid=8b6fd34c-5569-f705-1f17-d62a757242b1
pragma
no-cache
server
nginx
7430cd7f2812d3af
www.tgiory.com/cdn-cgi/challenge-platform/h/b/cv/result/ Frame D091 		2 B
754 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.tgiory.com/cdn-cgi/challenge-platform/h/b/cv/result/7430cd7f2812d3af
Requested by
Host: www.tgiory.com
URL: https://www.tgiory.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1661889600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 30 Aug 2022 22:01:03 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=STU1A5ufw6JqrFqd%2BMmR8CI2Ba7SVVxKb83luguaQ%2BCfH7IoKQKjnL2G9OfngapA%2BA6RHN1pUAyAMsyQqM7xOwaHhISLNWZoHA1MvmQwQYEk7zm2ieGrG7fonC9150Nf5K8hugvyoZBbLNHNDQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
7430cd82ae45d71e-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
5899cbfdfb42a10fc71439c795b3c9122854636f80c33e90409d3d76e0f1eb8c.js
j6g8i2b5.ssl.hwcdn.net/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://j6g8i2b5.ssl.hwcdn.net/5899cbfdfb42a10fc71439c795b3c9122854636f80c33e90409d3d76e0f1eb8c.js
Requested by
Host: exact-offer.xyz
URL: https://exact-offer.xyz/chat?external_id=ws1lnmjcl23phmmi2ncl22mi&cost=&external_cid=b12060d5-e9c9-4b85-9eb5-b41285f82634&source=6efa2ba6-87c4-4bb2-b973-4ec73420e640&publisher=eran&placement=631c6e6c&ts=c181ca30-04e8-4bfc-aa50-ac6cfc246e76&cid=8b6fd34c-5569-f705-1f17-d62a757242b1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.16.175.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
tlb.hwcdn.net
Software
WasabiS3/7.7.900-2022-08-19-6bff245bcf (head09) /
Resource Hash
5899cbfdfb42a10fc71439c795b3c9122854636f80c33e90409d3d76e0f1eb8c

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Tue, 30 Aug 2022 22:01:03 GMT
Content-Encoding
gzip
Last-Modified
Sat, 13 Aug 2022 15:53:17 GMT
Server
WasabiS3/7.7.900-2022-08-19-6bff245bcf (head09)
x-amz-request-id
08BD6A771C00F62F
ETag
"aab9ce62210dcfe610dc0f0b69d070ad"
X-HW
1661896863.dop211.pa1.t,1661896863.cds215.pa1.shn,1661896863.dop211.pa1.t,1661896863.cds231.pa1.c
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
1650
x-amz-id-2
vivhDdLxIuRLTYl9zwL711OylaGh6q4GHpCbz5ezrYxRzHfJH47OY9TxrPrYD0TPA551E+GylgGw
fb_wh.js
j6g8i2b5.ssl.hwcdn.net/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://j6g8i2b5.ssl.hwcdn.net/fb_wh.js
Requested by
Host: exact-offer.xyz
URL: https://exact-offer.xyz/chat?external_id=ws1lnmjcl23phmmi2ncl22mi&cost=&external_cid=b12060d5-e9c9-4b85-9eb5-b41285f82634&source=6efa2ba6-87c4-4bb2-b973-4ec73420e640&publisher=eran&placement=631c6e6c&ts=c181ca30-04e8-4bfc-aa50-ac6cfc246e76&cid=8b6fd34c-5569-f705-1f17-d62a757242b1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.16.175.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
tlb.hwcdn.net
Software
WasabiS3/7.7.900-2022-08-19-6bff245bcf (head14) /
Resource Hash
3ed7fa93ef30b3bee1f9d9e498b53dcb8ffcc5c8eb9683ccc3c14b34a7c858ec

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Tue, 30 Aug 2022 22:01:03 GMT
Content-Encoding
gzip
Last-Modified
Sat, 13 Aug 2022 15:56:50 GMT
Server
WasabiS3/7.7.900-2022-08-19-6bff245bcf (head14)
x-amz-request-id
2EDA46EEE0622BD5
ETag
"51a2580d28f7101567c88e62119338b1"
X-HW
1661896863.dop038.pa1.t,1661896863.cds237.pa1.shn,1661896863.dop038.pa1.t,1661896863.cds030.pa1.c
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
2602
x-amz-id-2
jp1uGpz9f445mQRjojasXOvq9YODMUEeoTHwDe43PY7aMThMc6402Lhj76X1MfLr886gBnroQL0C
landed
trk.adnce.com/events/ 		0
64 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://trk.adnce.com/events/landed
Requested by
Host: j6g8i2b5.ssl.hwcdn.net
URL: https://j6g8i2b5.ssl.hwcdn.net/5899cbfdfb42a10fc71439c795b3c9122854636f80c33e90409d3d76e0f1eb8c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
88.214.193.29 , United Kingdom, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 30 Aug 2022 22:01:03 GMT
content-length
0
content-type
application/json; charset=utf-8
2615b36b-fca2-49be-9bb0-f09597052e5d
trk.adnce.com/tracker/ 		0
215 B 		Script
General
Check archive.org
Download Go to
Full URL
https://trk.adnce.com/tracker/2615b36b-fca2-49be-9bb0-f09597052e5d?external_id=ws1lnmjcl23phmmi2ncl22mi&cost=&external_cid=b12060d5-e9c9-4b85-9eb5-b41285f82634&source=6efa2ba6-87c4-4bb2-b973-4ec73420e640&publisher=eran&placement=631c6e6c&ts=c181ca30-04e8-4bfc-aa50-ac6cfc246e76&cid=8b6fd34c-5569-f705-1f17-d62a757242b1
Requested by
Host: exact-offer.xyz
URL: https://exact-offer.xyz/chat?external_id=ws1lnmjcl23phmmi2ncl22mi&cost=&external_cid=b12060d5-e9c9-4b85-9eb5-b41285f82634&source=6efa2ba6-87c4-4bb2-b973-4ec73420e640&publisher=eran&placement=631c6e6c&ts=c181ca30-04e8-4bfc-aa50-ac6cfc246e76&cid=8b6fd34c-5569-f705-1f17-d62a757242b1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
88.214.193.29 , United Kingdom, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 30 Aug 2022 22:01:03 GMT
content-length
0
css2
fonts.googleapis.com/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;500&display=swap
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3f8a233d057abaab43390e166b1525cc4821e863053e68d72fb4387c825f6110
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 30 Aug 2022 20:22:19 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 30 Aug 2022 22:01:03 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 30 Aug 2022 22:01:03 GMT
arrow-back-2x.png
d3rlh0lneatqqc.cloudfront.net/fb-chat/ 		276 B
663 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3rlh0lneatqqc.cloudfront.net/fb-chat/arrow-back-2x.png
Requested by
Host: exact-offer.xyz
URL: https://exact-offer.xyz/chat?external_id=ws1lnmjcl23phmmi2ncl22mi&cost=&external_cid=b12060d5-e9c9-4b85-9eb5-b41285f82634&source=6efa2ba6-87c4-4bb2-b973-4ec73420e640&publisher=eran&placement=631c6e6c&ts=c181ca30-04e8-4bfc-aa50-ac6cfc246e76&cid=8b6fd34c-5569-f705-1f17-d62a757242b1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:1800:5:5907:a500:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
785f95b271eb1e0e2280329ebb8eb700afbf6c99430c743a52a09f82c2514a72

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 11:07:30 GMT
via
1.1 3fd7afcdda21f0b562dfcbf7920c44a0.cloudfront.net (CloudFront)
last-modified
Tue, 03 Dec 2019 09:04:37 GMT
server
AmazonS3
age
7642414
etag
"af82283d1e25a5e034c15171120405cd"
x-cache
Hit from cloudfront
x-amz-version-id
3HYlq20m0BizhwgCjeiSqCei9HxV3evj
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA60-P2
accept-ranges
bytes
content-type
image/png
content-length
276
x-amz-cf-id
b31uJNL6BLLcv_bK5r36K8oMzLPJu43s2Y2JqOxqbLPqMmSJf_bsjA==
phone-icon-2x.png
d3rlh0lneatqqc.cloudfront.net/fb-chat/ 		362 B
750 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3rlh0lneatqqc.cloudfront.net/fb-chat/phone-icon-2x.png
Requested by
Host: exact-offer.xyz
URL: https://exact-offer.xyz/chat?external_id=ws1lnmjcl23phmmi2ncl22mi&cost=&external_cid=b12060d5-e9c9-4b85-9eb5-b41285f82634&source=6efa2ba6-87c4-4bb2-b973-4ec73420e640&publisher=eran&placement=631c6e6c&ts=c181ca30-04e8-4bfc-aa50-ac6cfc246e76&cid=8b6fd34c-5569-f705-1f17-d62a757242b1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:1800:5:5907:a500:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b09979a1817a904d1b41a7ce0534a65169e03a8297b46e273aca7875b25ed2e8

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 11:07:30 GMT
via
1.1 3fd7afcdda21f0b562dfcbf7920c44a0.cloudfront.net (CloudFront)
last-modified
Tue, 03 Dec 2019 09:04:38 GMT
server
AmazonS3
age
7642413
etag
"c9173c4e80bd783b6d178322e582eacf"
x-cache
Hit from cloudfront
x-amz-version-id
NOufki2ulJea5wZhYd_1vaXcZs_RSnBP
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA60-P2
accept-ranges
bytes
content-type
image/png
content-length
362
x-amz-cf-id
WL7Pgyzejh54iBpe2-Mq19wNMpu8Q6J1o-sYw7_MDJVknLMJJAVevA==
information-icon-2x.png
d3rlh0lneatqqc.cloudfront.net/fb-chat/ 		290 B
679 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3rlh0lneatqqc.cloudfront.net/fb-chat/information-icon-2x.png
Requested by
Host: exact-offer.xyz
URL: https://exact-offer.xyz/chat?external_id=ws1lnmjcl23phmmi2ncl22mi&cost=&external_cid=b12060d5-e9c9-4b85-9eb5-b41285f82634&source=6efa2ba6-87c4-4bb2-b973-4ec73420e640&publisher=eran&placement=631c6e6c&ts=c181ca30-04e8-4bfc-aa50-ac6cfc246e76&cid=8b6fd34c-5569-f705-1f17-d62a757242b1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:1800:5:5907:a500:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9da11b891e6a130d6ccace9947fe7b6c6eee816092c660ded093ba1f408aec4b

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 11:07:30 GMT
via
1.1 3fd7afcdda21f0b562dfcbf7920c44a0.cloudfront.net (CloudFront)
last-modified
Tue, 03 Dec 2019 09:04:37 GMT
server
AmazonS3
age
7642413
etag
"0b09565feb1555b3b65d50fca47f6e2f"
x-cache
Hit from cloudfront
x-amz-version-id
aUESQyrgeOOhkS_zj8DiuVzOckRJbkBh
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA60-P2
accept-ranges
bytes
content-type
image/png
content-length
290
x-amz-cf-id
wmFPiFEthgzW3-2Ze89u287GBDY2cO5_JLT7SOqWKDzc5rQ16-Odhg==
dots.png
d3rlh0lneatqqc.cloudfront.net/fb-chat/ 		370 B
759 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3rlh0lneatqqc.cloudfront.net/fb-chat/dots.png
Requested by
Host: exact-offer.xyz
URL: https://exact-offer.xyz/chat?external_id=ws1lnmjcl23phmmi2ncl22mi&cost=&external_cid=b12060d5-e9c9-4b85-9eb5-b41285f82634&source=6efa2ba6-87c4-4bb2-b973-4ec73420e640&publisher=eran&placement=631c6e6c&ts=c181ca30-04e8-4bfc-aa50-ac6cfc246e76&cid=8b6fd34c-5569-f705-1f17-d62a757242b1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:1800:5:5907:a500:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6db28f7c67817aba1c6782156ae186a88d318d8f34e39964a28d9f1a06ab3a23

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 11:07:30 GMT
via
1.1 3fd7afcdda21f0b562dfcbf7920c44a0.cloudfront.net (CloudFront)
last-modified
Tue, 03 Dec 2019 09:04:37 GMT
server
AmazonS3
age
7642414
etag
"914ce425b785e18e110c1a35b198e9b2"
x-cache
Hit from cloudfront
x-amz-version-id
IhGHMdMQCM8QbNJT2ICnCnQotmsGJ38q
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA60-P2
accept-ranges
bytes
content-type
image/png
content-length
370
x-amz-cf-id
QcLavBmy2V1S5BZhwE9Q7sxN8JKF5pWCvM3USucuUATyOe5ZTUJzOA==
camera.png
d3rlh0lneatqqc.cloudfront.net/fb-chat/ 		413 B
802 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3rlh0lneatqqc.cloudfront.net/fb-chat/camera.png
Requested by
Host: exact-offer.xyz
URL: https://exact-offer.xyz/chat?external_id=ws1lnmjcl23phmmi2ncl22mi&cost=&external_cid=b12060d5-e9c9-4b85-9eb5-b41285f82634&source=6efa2ba6-87c4-4bb2-b973-4ec73420e640&publisher=eran&placement=631c6e6c&ts=c181ca30-04e8-4bfc-aa50-ac6cfc246e76&cid=8b6fd34c-5569-f705-1f17-d62a757242b1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:1800:5:5907:a500:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
93f3118e58641bb6cd4e9b9d9cef8d4d60de39eb85d3e620dbacd240138cdb7c

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 11:07:30 GMT
via
1.1 3fd7afcdda21f0b562dfcbf7920c44a0.cloudfront.net (CloudFront)
last-modified
Tue, 03 Dec 2019 09:04:37 GMT
server
AmazonS3
age
7642413
etag
"1c25fcf17664c088bf47f372cd50742a"
x-cache
Hit from cloudfront
x-amz-version-id
K5OHPWEoql8AQCCqsn.J5llLp_ahkB4O
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA60-P2
accept-ranges
bytes
content-type
image/png
content-length
413
x-amz-cf-id
nRNRS7axl6dXhpxduLU-TMQ71PzRdzlDOiIukpYO99Fp7SOCNC9s6w==
picture.png
d3rlh0lneatqqc.cloudfront.net/fb-chat/ 		237 B
624 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3rlh0lneatqqc.cloudfront.net/fb-chat/picture.png
Requested by
Host: exact-offer.xyz
URL: https://exact-offer.xyz/chat?external_id=ws1lnmjcl23phmmi2ncl22mi&cost=&external_cid=b12060d5-e9c9-4b85-9eb5-b41285f82634&source=6efa2ba6-87c4-4bb2-b973-4ec73420e640&publisher=eran&placement=631c6e6c&ts=c181ca30-04e8-4bfc-aa50-ac6cfc246e76&cid=8b6fd34c-5569-f705-1f17-d62a757242b1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:1800:5:5907:a500:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7b6c4fcd4f3afc2bf75d249c3657bd8421fbe5f5536b430d69f3ebae725f6493

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 11:07:30 GMT
via
1.1 3fd7afcdda21f0b562dfcbf7920c44a0.cloudfront.net (CloudFront)
last-modified
Tue, 03 Dec 2019 09:04:38 GMT
server
AmazonS3
age
7642414
etag
"e71293166c7e04a1cc21e5eef80c5209"
x-cache
Hit from cloudfront
x-amz-version-id
mvmw1hpKWcvZPujkGIYn.E3a0OSV8PC6
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA60-P2
accept-ranges
bytes
content-type
image/png
content-length
237
x-amz-cf-id
AzcTzOcHfn2eVz4NQOgvQVylJDbpu0CqyLuAiNjytXXCm7qZp0W-dg==
microphone.png
d3rlh0lneatqqc.cloudfront.net/fb-chat/ 		343 B
732 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3rlh0lneatqqc.cloudfront.net/fb-chat/microphone.png
Requested by
Host: exact-offer.xyz
URL: https://exact-offer.xyz/chat?external_id=ws1lnmjcl23phmmi2ncl22mi&cost=&external_cid=b12060d5-e9c9-4b85-9eb5-b41285f82634&source=6efa2ba6-87c4-4bb2-b973-4ec73420e640&publisher=eran&placement=631c6e6c&ts=c181ca30-04e8-4bfc-aa50-ac6cfc246e76&cid=8b6fd34c-5569-f705-1f17-d62a757242b1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:1800:5:5907:a500:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
185db38521be96708101448521c1eb08b50d815f8a7e377048a1ce6544d7c340

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 11:07:30 GMT
via
1.1 3fd7afcdda21f0b562dfcbf7920c44a0.cloudfront.net (CloudFront)
last-modified
Tue, 03 Dec 2019 09:04:37 GMT
server
AmazonS3
age
7642414
etag
"76fbf504747464c5efa85df8ec12cc58"
x-cache
Hit from cloudfront
x-amz-version-id
w3_.daCV20KIir1WnOpOOQ4I2RsPuVq8
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA60-P2
accept-ranges
bytes
content-type
image/png
content-length
343
x-amz-cf-id
1p4XWk5LMLY4GLE6mp_dThzbaPOBfavGTHRjSrf3IblS4OWtE7bbOA==
thumb.png
d3rlh0lneatqqc.cloudfront.net/fb-chat/ 		380 B
768 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3rlh0lneatqqc.cloudfront.net/fb-chat/thumb.png
Requested by
Host: exact-offer.xyz
URL: https://exact-offer.xyz/chat?external_id=ws1lnmjcl23phmmi2ncl22mi&cost=&external_cid=b12060d5-e9c9-4b85-9eb5-b41285f82634&source=6efa2ba6-87c4-4bb2-b973-4ec73420e640&publisher=eran&placement=631c6e6c&ts=c181ca30-04e8-4bfc-aa50-ac6cfc246e76&cid=8b6fd34c-5569-f705-1f17-d62a757242b1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:1800:5:5907:a500:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4ebf854c003212a7c06f650ce3fa1983578f90ce190a85c390b1c5dfb5d0051a

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 11:07:30 GMT
via
1.1 3fd7afcdda21f0b562dfcbf7920c44a0.cloudfront.net (CloudFront)
last-modified
Tue, 03 Dec 2019 09:04:38 GMT
server
AmazonS3
age
7642414
etag
"058c4878c6f9e09a63aa6e5629790a50"
x-cache
Hit from cloudfront
x-amz-version-id
zkvhwMimPNyBwZKBF3yeSdfHiXeOIWd1
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA60-P2
accept-ranges
bytes
content-type
image/png
content-length
380
x-amz-cf-id
eiCeeFmy4Qx-HKjNyJOCQamU9Doo9pm1c5uYL2tOxDj5Sryvapf3iA==
e785c839cb36d6c6410b8d70010d6fdb6a9d9df86d7f60c3cac5b8872cb24ea9.png
j6g8i2b5.ssl.hwcdn.net/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://j6g8i2b5.ssl.hwcdn.net/e785c839cb36d6c6410b8d70010d6fdb6a9d9df86d7f60c3cac5b8872cb24ea9.png
Requested by
Host: exact-offer.xyz
URL: https://exact-offer.xyz/chat?external_id=ws1lnmjcl23phmmi2ncl22mi&cost=&external_cid=b12060d5-e9c9-4b85-9eb5-b41285f82634&source=6efa2ba6-87c4-4bb2-b973-4ec73420e640&publisher=eran&placement=631c6e6c&ts=c181ca30-04e8-4bfc-aa50-ac6cfc246e76&cid=8b6fd34c-5569-f705-1f17-d62a757242b1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.16.175.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
tlb.hwcdn.net
Software
WasabiS3/7.7.900-2022-08-19-6bff245bcf (head11) /
Resource Hash
e785c839cb36d6c6410b8d70010d6fdb6a9d9df86d7f60c3cac5b8872cb24ea9

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Tue, 30 Aug 2022 22:01:03 GMT
Last-Modified
Sat, 13 Aug 2022 15:56:22 GMT
Server
WasabiS3/7.7.900-2022-08-19-6bff245bcf (head11)
x-amz-request-id
1F130581EE5E893F
ETag
"8fde31b9413eebdadf6e2aefe3286451"
X-HW
1661896863.dop038.pa1.t,1661896863.cds237.pa1.shn,1661896863.dop038.pa1.t,1661896863.cds240.pa1.c
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
16011
x-amz-id-2
5i2r7LxWcJT6IbRVRbDnxxm8y+sNdHvFIQdFdyWgkvwFXGvGv9nWFZ8/QgqsNgt5CRymvdf4wXlE
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://exact-offer.xyz
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 12:56:05 GMT
x-content-type-options
nosniff
age
119098
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 29 Aug 2023 12:56:05 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://exact-offer.xyz
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 19:07:55 GMT
x-content-type-options
nosniff
age
96788
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 29 Aug 2023 19:07:55 GMT

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| sendEvent function| toOffer object| EndpointsProvider object| config object| DomainConfig function| metaTagRedirect function| sendSubscription function| urlBase64ToUint8Array function| subscribeWithServiceWorker function| getNotificationPermission boolean| ASK_NOTIFICATION_PERMISSION function| a0_0x5293 function| a0_0x19b1

8 Cookies

Domain/Path Name / Value
hostingoptimized.com/ Name: uid15295
Value: 1282851356-20220830180102-e875416958e2dba6ce4884083f39bfa4-
lynku.jukminung.com/ Name: AWSALB
Value: tcgEqTpXOfdLltY77AWJaJlERU/7QqPeWIESV4va7kaf17kUkcxsuk5ZHXL5C7+f46XsjewoxvYePQsUZzk1tiAfcnI7RKSOBWhBgQxrlKv0sKXfSwELeVkamtmc
www.tgiory.com/ Name: AWSALB
Value: XkJGqRTlqDzbuMAQIwGQvcfNXqgZmoZyOOJ79ns75KI9hyHWAE3O1+NGuMdcWezRG43L592lvCNfwrBTzsTlYdfzTbaSsjAF6RmD4s4pse8jD2xRRj72xe6OLrbp
.perserymanked.com/ Name: b12060d5-e9c9-4b85-9eb5-b41285f82634-v4
Value: _mEvOvu__QkcATyMrEoEbLn6yE_EMT4TtdKST0sHXwI
.perserymanked.com/ Name: cc-v4
Value: JkNEO0MSSac7G1sIA5141wTGuk6zi8IzWTlO6CUbqvkfG3S3a%2BVsVLKMwa51l2a9hZsyMo3v9PqzQ%2BaAz4N%2BwsV554aflBjIm%2FpbttDnXdXZWHsmOeThoQuTtwYjCtCLM5HqU6g30iATERgvZryMNQ%3D%3D
.tgiory.com/ Name: __cf_bm
Value: HD9CQ5LrbVuN4CnpNtan97521q04T_mnQn33618GaHw-1661896863-0-Ae8bl8O6bP0vwuWlc2DtRL28vMxO1tUelpNqPqiY/5tNiA3VXP21bPtg0+TqDZ2k3zZ0JmnAzJ2wq4vdF6I7fu8LsClG24hWUSo6stmmXKG0PYTGoF7cEHfYY6NA1j8v/Q==
.adnce.com/ Name: click
Value: 1661896800-1-e33c00b9-0606-4ecc-b6a0-f8d416d9c6a5
.adnce.com/ Name: client
Value: 2feb4fec-81e0-4047-909e-06c0305f2919

1 Console Messages

Source Level URL
Text
network error URL: https://trk.adnce.com/events/landed
Message:
Failed to load resource: the server responded with a status of 500 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.addlnk.com
d3rlh0lneatqqc.cloudfront.net
exact-offer.xyz
fonts.googleapis.com
fonts.gstatic.com
hostingoptimized.com
j6g8i2b5.ssl.hwcdn.net
lynku.jukminung.com
perserymanked.com
trk.adnce.com
vps-85109737.vps.ovh.net
www.tgiory.com
18.158.88.249
2001:41d0:401:3000::361d
2600:9000:2250:1800:5:5907:a500:21
2606:4700:3031::ac43:92ee
2606:4700:3033::6815:1446
2a00:1450:4001:813::200a
2a00:1450:4001:828::2003
2a06:98c1:3121::3
69.16.175.42
81.145.240.126
88.214.193.29
185db38521be96708101448521c1eb08b50d815f8a7e377048a1ce6544d7c340
3cb6f77505c633c895ebcd15225117ac839621d4c9fd568102cd461677ceff6f
3ed7fa93ef30b3bee1f9d9e498b53dcb8ffcc5c8eb9683ccc3c14b34a7c858ec
3f8a233d057abaab43390e166b1525cc4821e863053e68d72fb4387c825f6110
4b6d2457ae3a852003c63752155269ba2c974b2eb73907c377432d0b38e32227
4ebf854c003212a7c06f650ce3fa1983578f90ce190a85c390b1c5dfb5d0051a
5899cbfdfb42a10fc71439c795b3c9122854636f80c33e90409d3d76e0f1eb8c
6db28f7c67817aba1c6782156ae186a88d318d8f34e39964a28d9f1a06ab3a23
7817748dc7354950bf4943388276db534474269c0cd0ed6a629841ca3d7b81a1
785f95b271eb1e0e2280329ebb8eb700afbf6c99430c743a52a09f82c2514a72
7b6c4fcd4f3afc2bf75d249c3657bd8421fbe5f5536b430d69f3ebae725f6493
7e3653c0bade98a69dbe903ec52d94a5fa890f1253b8b7c976a28b1fab6d3c45
93f3118e58641bb6cd4e9b9d9cef8d4d60de39eb85d3e620dbacd240138cdb7c
9da11b891e6a130d6ccace9947fe7b6c6eee816092c660ded093ba1f408aec4b
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b09979a1817a904d1b41a7ce0534a65169e03a8297b46e273aca7875b25ed2e8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e785c839cb36d6c6410b8d70010d6fdb6a9d9df86d7f60c3cac5b8872cb24ea9
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615