![](/screenshots/7da82c74-868a-4ab9-bced-0eb4538b079b.png)
oferteweb.hexat.com
Open in
urlscan Pro
54.36.158.41
Public Scan
Submission: On June 17 via api from US — Scanned from FR
Summary
TLS certificate: Issued by R3 on May 18th 2024. Valid for: 3 months.
This is the only time oferteweb.hexat.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
3 | 54.36.158.41 54.36.158.41 | 16276 (OVH) (OVH) | |
1 5 | 212.117.190.201 212.117.190.201 | 7979 (SERVERS-COM) (SERVERS-COM) | |
7 | 141.94.172.213 141.94.172.213 | 16276 (OVH) (OVH) | |
2 | 2620:116:800d... 2620:116:800d:21:de2e:c7b3:55c0:d5a0 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 2600:9000:223... 2600:9000:223c:e00:6:44e3:f8c0:93a1 | 16509 (AMAZON-02) (AMAZON-02) | |
1 1 | 212.117.190.217 212.117.190.217 | 7979 (SERVERS-COM) (SERVERS-COM) | |
17 | 5 |
ASN16276 (OVH, FR)
xtgem.com | |
5.thumbs.xtstatic.com | |
enif.images.xtstatic.com | |
cif.images.xtstatic.com |
ASN16509 (AMAZON-02, US)
secure.quantserve.com | |
pixel.quantserve.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
5 |
mgyccfrshz.com
1 redirects
mgyccfrshz.com — Cisco Umbrella Rank: 728387 |
48 KB |
4 |
xtgem.com
xtgem.com — Cisco Umbrella Rank: 483420 |
3 KB |
3 |
xtstatic.com
5.thumbs.xtstatic.com enif.images.xtstatic.com cif.images.xtstatic.com |
2 KB |
3 |
hexat.com
oferteweb.hexat.com |
31 KB |
2 |
quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 1587 pixel.quantserve.com — Cisco Umbrella Rank: 1141 |
10 KB |
1 |
coosync.com
1 redirects
coosync.com — Cisco Umbrella Rank: 28177 |
499 B |
1 |
quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 1551 |
643 B |
17 | 7 |
Domain | Requested by | |
---|---|---|
5 | mgyccfrshz.com |
1 redirects
oferteweb.hexat.com
mgyccfrshz.com |
4 | xtgem.com |
oferteweb.hexat.com
|
3 | oferteweb.hexat.com |
oferteweb.hexat.com
|
1 | coosync.com | 1 redirects |
1 | pixel.quantserve.com |
oferteweb.hexat.com
|
1 | rules.quantcount.com |
secure.quantserve.com
|
1 | cif.images.xtstatic.com |
oferteweb.hexat.com
|
1 | enif.images.xtstatic.com |
oferteweb.hexat.com
|
1 | secure.quantserve.com |
oferteweb.hexat.com
|
1 | 5.thumbs.xtstatic.com |
oferteweb.hexat.com
|
17 | 10 |
This site contains links to these domains. Also see Links.
Domain |
---|
xtgem.com |
pop-star.hi2.ro |
2wap.net |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.hexat.com R3 |
2024-05-18 - 2024-08-16 |
3 months | crt.sh |
Buypass Class 2 CA 5 |
2024-01-09 - 2024-07-06 |
6 months | crt.sh |
*.xtgem.com R10 |
2024-06-15 - 2024-09-13 |
3 months | crt.sh |
xtstatic.com R3 |
2024-04-18 - 2024-07-17 |
3 months | crt.sh |
quantserve.com R3 |
2024-04-25 - 2024-07-24 |
3 months | crt.sh |
This page contains 6 frames:
Primary Page:
https://oferteweb.hexat.com/
Frame ID: 80BA8FFA19E5998115D0BE332287E615
Requests: 12 HTTP requests in this frame
Frame:
https://enif.images.xtstatic.com/tp.gif
Frame ID: 47C337CAA08BD7A8EB661210A24C4C49
Requests: 1 HTTP requests in this frame
Frame:
https://cif.images.xtstatic.com/tp.gif
Frame ID: 1A22A0D11D89ACC82E1C1D425A870BDD
Requests: 1 HTTP requests in this frame
Frame:
https://xtgem.com/__xt_authbar?data=eyJ1cmwiOiJodHRwOlwvXC9vZmVydGV3ZWIuaGV4YXQuY29tXC9pbmRleCIsImxvZ2dlZF9pbiI6ZmFsc2UsImRvbWFpbiI6Im9mZXJ0ZXdlYi5oZXhhdC5jb20iLCJwb3NpdGlvbiI6eyJhYnNvbHV0ZSI6ImZpeGVkIn19
Frame ID: ADEDC8715BB97135162A50E4CFB0280D
Requests: 1 HTTP requests in this frame
Frame:
https://mgyccfrshz.com/third.html
Frame ID: EBB2C0B9AEDCA10061839A57E721037D
Requests: 1 HTTP requests in this frame
Frame:
https://mgyccfrshz.com/sn/ps/2014799?freq=0&im=1&puid=0&so=1&wcks=1
Frame ID: 195C16669E45B9A192821E277ED25C73
Requests: 1 HTTP requests in this frame
Screenshot
![](/screenshots/7da82c74-868a-4ab9-bced-0eb4538b079b.png)
Page Title
oferteweb.hexat.comDetected technologies
![](/vendor/wappa/icons/Quantcast.png)
Detected patterns
- \.quantserve\.com/quant\.js
Page Statistics
4 Outgoing links
These are links going to different origins than the main page.
Title: Build your mobile website
Search URL Search Domain Scan URL
Title: ma puteti gasi aici
Search URL Search Domain Scan URL
Title: comanda chat/script/domeniu
Search URL Search Domain Scan URL
Title: Disneyland 1972 Love the »
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 14- https://mgyccfrshz.com/sn/pr/2014799?p=2014799&jp=_cl5if6lhpb4jxbhx29e10h&nojs=0&abvar=0&febuild=1.0.263&t=0&wcks=1&wgl=1&cnvs=1&os=-120&tz=Europe/Paris&ss=1&ls=1&bb=0&cti=0&fn=2&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=fr-FR&pf=Win32&cd=24&vcv=Intel%20Inc.&vcn=Intel%20Iris%20OpenGL%20Engine&ix=0&x=1600&y=1200&md=0&afid=3208853883445760&eclog=0&im=1&cha=x86&chb=64&chbr=%22Google%20Chrome%22;v=%22126%22,%20%22Not:A-Brand%22;v=%228%22,%20%22Chromium%22;v=%22126%22&chf=%22Not/A)Brand%22;v=%228.0.0.0%22,%20%22Chromium%22;v=%22126.0.6478.61%22,%20%22Google%20Chrome%22;v=%22126.0.6478.61%22&chm=false&chmd=&chp=Win32&chv=10.0.0&cs=5&freq=0&uf=0 HTTP 302
- https://coosync.com/sn/c?zoneid=2014799&freq=0&srp=welROR11BBV_pN7rW8Hts3YqHjCC034MxANduRbc3eVc-4qAGI7jJA0t5zwo0GP2t3qbxWYyHZdC9ATgoL4uq7f7Cg-x79tjLUhm3caqw8OP&im=1&wcks=1 HTTP 302
- https://mgyccfrshz.com/sn/ps/2014799?freq=0&im=1&puid=0&so=1&wcks=1
17 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
oferteweb.hexat.com/ |
15 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
kep.js
mgyccfrshz.com/q/tdl/95/dnt/2014799/ |
100 KB 39 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Oferte%20web_thumb.png
oferteweb.hexat.com/images/ |
25 KB 26 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
france.gif
xtgem.com/images/country_flags/ |
131 B 409 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
disneyland-1972-love-the-old-s-92184.jpg
5.thumbs.xtstatic.com/100/50/-/5a863a045714f1131d9c0a62603ddf96/backtooldschool.xtgem.com/images/blog/ |
2 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
quant.js
secure.quantserve.com/ |
23 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tp.gif
enif.images.xtstatic.com/ Frame 47C3 |
0 0 |
Document
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tp.gif
cif.images.xtstatic.com/ Frame 1A22 |
0 0 |
Document
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
__xt_authbar
xtgem.com/ Frame ADED |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
arrow.gif
xtgem.com/images/ |
2 KB 2 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
close2.png
xtgem.com/images/ |
564 B 843 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
third.html
mgyccfrshz.com/ Frame EBB2 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rules-p-0cfM8Oh7M9bVQ.js
rules.quantcount.com/ |
160 B 643 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2014799
mgyccfrshz.com/get/ |
12 KB 8 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pixel;r=792966425;rf=0;a=p-0cfM8Oh7M9bVQ;url=https%3A%2F%2Foferteweb.hexat.com%2F;uht=2;fpan=1;fpa=P0-1972540554-1718584283750;pbc=;ns=0;ce=1;qjs=1;qv=b70d35e8-20231208114759;cm=;gdpr=0;ref=;d=hexa...
pixel.quantserve.com/ |
35 B 456 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2014799
mgyccfrshz.com/sn/ps/ Frame 195C Redirect Chain
|
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.0 |
favicon.ico
oferteweb.hexat.com/ |
0 146 B |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
23 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 object| 3 object| 4 undefined| event object| fence object| sharedStorage object| _qevents boolean| cookies number| len function| handleException function| c2ss boolean| zfgloadedcode object| RmVlZEZyZXFDYXBTdG9yYWdl function| quantserve function| __qc object| ezt object| _qoptions number| cs__param function| _cl5if6lhpb4jxbhx29e10h number| puidSyncFrame boolean| zfgloadedpopup9 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.hexat.com/ | Name: _xta_uid Value: a07c310b8e7dd915bd52bf8ff4c62562 |
|
.hexat.com/ | Name: _xta_vid Value: f2c37a5b1a954c21d46194e8038d1651-1718584283 |
|
oferteweb.hexat.com/ | Name: Value: test |
|
mgyccfrshz.com/ | Name: cart Value: 1 |
|
mgyccfrshz.com/ | Name: cart_p Value: 2 |
|
mgyccfrshz.com/ | Name: UID Value: 240616193134fa03719c8a47be8b2bbdc962 |
|
mgyccfrshz.com/ | Name: CHCK Value: 1 |
|
.quantserve.com/ | Name: mc Value: 666f83db-d9357-2a641-6aa24 |
|
.hexat.com/ | Name: __qca Value: P0-1972540554-1718584283750 |
3 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
5.thumbs.xtstatic.com
cif.images.xtstatic.com
coosync.com
enif.images.xtstatic.com
mgyccfrshz.com
oferteweb.hexat.com
pixel.quantserve.com
rules.quantcount.com
secure.quantserve.com
xtgem.com
141.94.172.213
212.117.190.201
212.117.190.217
2600:9000:223c:e00:6:44e3:f8c0:93a1
2620:116:800d:21:de2e:c7b3:55c0:d5a0
54.36.158.41
01e8c64b761cce7a14c9a7f82d4fa2162138e5e6e556350df4730498ea6417bf
27d51942268b4b7030273a885d2947544a09d65a4be8bf61c2dee64ba1a2ae4a
45a4c240a17a4d5f925ef0e125b86d882c6ad7549028d9cbf6f4f06fd1dd897d
498c1d557beac14d2e88efb4372a95532b7f8bce3b2af575d60d6850d07b41a6
544d25d874558d9d430ae1ae9c38a480a9e3f84c4d45369c972fb5bbeeb028ea
61a65d459daad29e3af0864f54477f26751b184ff83b6510d8c04c0344e86c66
6fa7cc456f18afeca00f724864c356163cf0e503be670546d039b318200fd6bb
80d51c7ba140613ee57b6281328b44a23b266a2979650065a7920ca1a9a577d8
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
bc5dcb35fc074321d66b9d7809e286e4afe72c7b08d1e799672126c92150ecd3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8f1b41fac508bd7dd92b9eeb8c6838228e55df5709e6b02e97f0f1b5ad8f2e3