Submitted URL: http://1shorten.com/xwaDjy
Effective URL: https://1shorten.com/xwaDjy
Submission: On June 26 via manual from US — Scanned from DE

Summary

This website contacted 17 IPs in 3 countries across 15 domains to perform 38 HTTP transactions. The main IP is 151.139.128.10, located in United States and belongs to STACKPATH-CDN, US. The main domain is 1shorten.com.
TLS certificate: Issued by R3 on May 6th 2022. Valid for: 3 months.
This is the only time 1shorten.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Apex Domain
Subdomains
Transfer
12 1shorten.com
1shorten.com
156 KB
5 quantcast.com
test.cmp.quantcast.com
cmp.quantcast.com — Cisco Umbrella Rank: 495891
audit-tcfv2.cmp.quantcast.com
130 KB
4 littlecdn.com
ipp.littlecdn.com — Cisco Umbrella Rank: 227896
236 KB
3 tauvoojo.net
tauvoojo.net — Cisco Umbrella Rank: 918933
33 KB
3 imgur.com
i.imgur.com — Cisco Umbrella Rank: 5855
2 MB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 49
20 KB
2 consensu.org
quantcast.mgr.consensu.org — Cisco Umbrella Rank: 2293
45 KB
1 rtmark.net
my.rtmark.net — Cisco Umbrella Rank: 11393
542 B
1 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 54
5 KB
1 itskiddoan.club
cdn.itskiddoan.club — Cisco Umbrella Rank: 32125
2 KB
1 gstatic.com
fonts.gstatic.com
31 KB
1 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 120
56 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 89
39 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 231
6 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 71
1 KB
38 15
Domain Requested by
12 1shorten.com 1 redirects 1shorten.com
4 ipp.littlecdn.com
3 cmp.quantcast.com quantcast.mgr.consensu.org
1shorten.com
3 tauvoojo.net 1shorten.com
3 i.imgur.com 1shorten.com
2 www.google-analytics.com www.googletagmanager.com
1shorten.com
2 quantcast.mgr.consensu.org 1shorten.com
quantcast.mgr.consensu.org
1 audit-tcfv2.cmp.quantcast.com 1shorten.com
1 my.rtmark.net 1shorten.com
1 test.cmp.quantcast.com 1shorten.com
1 googleads.g.doubleclick.net pagead2.googlesyndication.com
1 cdn.itskiddoan.club tauvoojo.net
1 fonts.gstatic.com fonts.googleapis.com
1 pagead2.googlesyndication.com 1shorten.com
1 www.googletagmanager.com 1shorten.com
1 cdnjs.cloudflare.com 1shorten.com
1 fonts.googleapis.com 1shorten.com
38 17

This site contains links to these domains. Also see Links.

Domain
link1s.com
note1s.com
sub1s.com
Subject Issuer Validity Valid
1shorten.com
R3
2022-05-06 -
2022-08-04
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2022-06-06 -
2022-08-29
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2021-09-21 -
2022-09-20
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2022-06-06 -
2022-08-29
3 months crt.sh
*.imgur.com
DigiCert TLS RSA SHA256 2020 CA1
2022-03-08 -
2023-03-16
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2022-06-06 -
2022-08-29
3 months crt.sh
*.cmp.quantcast.com
R3
2022-06-24 -
2022-09-22
3 months crt.sh
tauvoojo.net
R3
2022-06-20 -
2022-09-18
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2022-06-06 -
2022-08-29
3 months crt.sh
cdn.itskiddoan.club
Sectigo RSA Domain Validation Secure Server CA
2021-10-04 -
2022-10-04
a year crt.sh
*.rtmark.net
Sectigo RSA Domain Validation Secure Server CA
2021-11-20 -
2022-11-26
a year crt.sh

This page contains 3 frames:

Primary Page: https://1shorten.com/xwaDjy
Frame ID: 489A153CFB2442D804771840987AB3B7
Requests: 33 HTTP requests in this frame

Frame: https://1shorten.com/sbbi/?sbbpg=sbbShell&gprid=pV
Frame ID: 6F79649F674C72EACC96EBD55CA52BAC
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220622/r20190131/zrt_lookup.html
Frame ID: F9C0CDF1E5295A650DF72376C05A056B
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

1Shorten.com - Manage All Shorten

Page URL History Show full URLs

  1. http://1shorten.com/xwaDjy HTTP 301
    https://1shorten.com/xwaDjy Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • quantcast\.mgr\.consensu\.org

Page Statistics

38
Requests

100 %
HTTPS

65 %
IPv6

15
Domains

17
Subdomains

17
IPs

3
Countries

2399 kB
Transfer

3668 kB
Size

18
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://1shorten.com/xwaDjy HTTP 301
    https://1shorten.com/xwaDjy Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

38 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request xwaDjy
1shorten.com/
Redirect Chain
  • http://1shorten.com/xwaDjy
  • https://1shorten.com/xwaDjy
24 KB
11 KB
Document
General
Full URL
https://1shorten.com/xwaDjy
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
fbs / LarVPS
Resource Hash
749843966dac50484031e60a2c5ba92c791991142c779e6a75c7e3151b54123c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 26 Jun 2022 23:47:01 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
server
fbs
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-hw
1656287221.cds273.fr8.hn,1656287221.cds273.fr8.sc,1656287221.cdn2-wafbe04-fra1.stackpath.systems.-.wx,1656287221.cds273.fr8.p
x-powered-by
LarVPS
x-robots-tag
noindex, nofollow
x-xss-protection
1; mode=block

Redirect headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Cache-Control
max-age=0
Connection
keep-alive
Content-Length
0
Date
Sun, 26 Jun 2022 23:47:01 GMT
Location
https://1shorten.com/xwaDjy
X-HW
1656287221.cds267.fr8.h2,1656287221.cds273.fr8.c
css
fonts.googleapis.com/
11 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Montserrat:300,400,500,600,700,800,900
Requested by
Host: 1shorten.com
URL: https://1shorten.com/xwaDjy
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b2d878b667d54c03cad23bf230559cab36e53baa5ddff26ddbadd4f275ccb53e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1shorten.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 26 Jun 2022 22:41:29 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sun, 26 Jun 2022 23:47:01 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 26 Jun 2022 23:47:01 GMT
1shorten-darkyu-theme-v1.css
1shorten.com/darkyu_theme/build/css/
162 KB
33 KB
Stylesheet
General
Full URL
https://1shorten.com/darkyu_theme/build/css/1shorten-darkyu-theme-v1.css?ver=6.4.0
Requested by
Host: 1shorten.com
URL: https://1shorten.com/xwaDjy
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
fbs / LarVPS
Resource Hash
639f4a869a580f2712c7f50b57b0693262c36c25f8a51925ec673dd8a4bd281d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1shorten.com/xwaDjy
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 26 Jun 2022 23:47:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-powered-by
LarVPS
content-length
33400
x-xss-protection
1; mode=block
last-modified
Sun, 18 Oct 2020 09:08:30 GMT
server
fbs
etag
W/"5f8c060e-28849"
x-download-options
noopen
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-hw
1656287221.cds273.fr8.hn,1656287221.cds128.fr8.c
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/
30 KB
6 KB
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: 1shorten.com
URL: https://1shorten.com/xwaDjy
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1shorten.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 26 Jun 2022 23:47:01 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
872430
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5631
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:10:07 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e5f-7918"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mF4UeU2zpPd9gK60m6O9xgMJiBPqkCqJxeNTezglTvis4U3nFcBo%2F5bqGvEJ4vDi5FuyreKLD54544fDCtV5SNB8TYq285TJ32aTojJicru5NyTPT4o4CkO0Dm7wdPcxn8%2Bt73ovQLa3Pv9ZUtKX50pU"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
7219d360fa5e9189-FRA
expires
Fri, 16 Jun 2023 23:47:01 GMT
js
www.googletagmanager.com/gtag/
101 KB
39 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-180808660-1
Requested by
Host: 1shorten.com
URL: https://1shorten.com/xwaDjy
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
41cef8ad918b8441cd469d2520f89062496c734b98e0f867610ba4487e86f39a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1shorten.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 26 Jun 2022 23:47:02 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39790
x-xss-protection
0
last-modified
Sun, 26 Jun 2022 21:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 26 Jun 2022 23:47:02 GMT
logo.png
1shorten.com/
29 KB
29 KB
Image
General
Full URL
https://1shorten.com/logo.png
Requested by
Host: 1shorten.com
URL: https://1shorten.com/xwaDjy
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
fbs /
Resource Hash
1c684bca91a1322651e51c3e793adecf8fc9016dc338047e60f5fd007bc8ba07

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1shorten.com/xwaDjy
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 26 Jun 2022 23:47:01 GMT
last-modified
Thu, 29 Oct 2020 06:30:24 GMT
server
fbs
etag
"5f9a6180-7324"
x-hw
1656287221.cds273.fr8.hn,1656287221.cds123.fr8.c
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000, public
accept-ranges
bytes
content-length
29476
WgG8q9D.gif
i.imgur.com/
576 KB
576 KB
Image
General
Full URL
https://i.imgur.com/WgG8q9D.gif
Requested by
Host: 1shorten.com
URL: https://1shorten.com/xwaDjy
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
77d18d1ff20c1d1a4cf90a01a436bcf2336068e9beba53fd98e74cb6de51156f
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1shorten.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 26 Jun 2022 23:47:02 GMT
x-content-type-options
nosniff
age
1606014
x-cache
HIT, HIT
x-amz-storage-class
STANDARD_IA
content-length
589772
x-served-by
cache-iad-kjyo7100035-IAD, cache-hhn4032-HHN
last-modified
Tue, 16 Nov 2021 02:26:13 GMT
server
cat factory 1.0
x-timer
S1656287222.054333,VS0,VE3
etag
"c15f8d8c3954ad538e1ae2ad8face58a"
strict-transport-security
max-age=300
access-control-allow-methods
GET, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1, 1
ZFylXch.gif
i.imgur.com/
247 KB
248 KB
Image
General
Full URL
https://i.imgur.com/ZFylXch.gif
Requested by
Host: 1shorten.com
URL: https://1shorten.com/xwaDjy
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
7d11d6f76d82b6d2bdfab8b85ab6f3ada92c458af5f2a511efc97752719bb564
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1shorten.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 26 Jun 2022 23:47:02 GMT
x-content-type-options
nosniff
age
2819697
x-cache
HIT, HIT
x-amz-storage-class
STANDARD_IA
content-length
253292
x-served-by
cache-iad-kiad7000155-IAD, cache-hhn4032-HHN
last-modified
Thu, 02 Dec 2021 13:00:30 GMT
server
cat factory 1.0
x-timer
S1656287222.054301,VS0,VE2
etag
"e74a5bf059b5a2241b23e81733f0a1b6"
strict-transport-security
max-age=300
access-control-allow-methods
GET, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1, 1
fM8Zacj.gif
i.imgur.com/
815 KB
815 KB
Image
General
Full URL
https://i.imgur.com/fM8Zacj.gif
Requested by
Host: 1shorten.com
URL: https://1shorten.com/xwaDjy
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
1879fbfc2917606e790867075f6c64a41436a54c6a0633ad75cc479b53ca9dde
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1shorten.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 26 Jun 2022 23:47:02 GMT
x-content-type-options
nosniff
age
2274202
x-cache
HIT, HIT
x-amz-storage-class
STANDARD_IA
content-length
834256
x-served-by
cache-iad-kjyo7100055-IAD, cache-hhn4032-HHN
last-modified
Thu, 02 Dec 2021 13:06:10 GMT
server
cat factory 1.0
x-timer
S1656287222.054427,VS0,VE3
etag
"064f762fe453d8a73e726bf9072c6ee5"
strict-transport-security
max-age=300
access-control-allow-methods
GET, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1, 1
ads.js
1shorten.com/js/
191 B
299 B
Script
General
Full URL
https://1shorten.com/js/ads.js
Requested by
Host: 1shorten.com
URL: https://1shorten.com/xwaDjy
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
fbs / LarVPS
Resource Hash
347f6365abfcb020615486b3d7e0a6021a507bc720e5fc70efb8bacce6a160ca
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1shorten.com/xwaDjy
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 26 Jun 2022 23:47:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-powered-by
LarVPS
content-length
160
x-xss-protection
1; mode=block
last-modified
Mon, 02 Sep 2019 23:24:48 GMT
server
fbs
etag
"5d6da4c0-bf"
x-download-options
noopen
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-hw
1656287221.cds273.fr8.hn,1656287221.cds238.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
script.min.js
1shorten.com/darkyu_theme/build/js/
202 KB
68 KB
Script
General
Full URL
https://1shorten.com/darkyu_theme/build/js/script.min.js?ver=6.4.0
Requested by
Host: 1shorten.com
URL: https://1shorten.com/xwaDjy
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
fbs / LarVPS
Resource Hash
d3e11add51a712cac881faf3531e284b185f6cbd2f33ea99b291ddf329b05bb9
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1shorten.com/xwaDjy
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 26 Jun 2022 23:47:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-powered-by
LarVPS
content-length
69408
x-xss-protection
1; mode=block
last-modified
Sun, 18 Oct 2020 07:52:04 GMT
server
fbs
etag
W/"5f8bf424-3295b"
x-download-options
noopen
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-hw
1656287221.cds273.fr8.hn,1656287221.cds257.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
165 KB
56 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: 1shorten.com
URL: https://1shorten.com/xwaDjy
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6730c3d0dd41ed0373ecbc110628d8130d4a38ecab7c21bfc9cef078f2949f09
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1shorten.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 26 Jun 2022 23:47:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
56455
x-xss-protection
0
server
cafe
etag
14498152810525297214
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 26 Jun 2022 23:47:02 GMT
choice.js
quantcast.mgr.consensu.org/choice/6Fv0cGNfc_bw8/www.themoneytizer.com/
3 KB
2 KB
Script
General
Full URL
https://quantcast.mgr.consensu.org/choice/6Fv0cGNfc_bw8/www.themoneytizer.com/choice.js
Requested by
Host: 1shorten.com
URL: https://1shorten.com/xwaDjy
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:2400:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8f24dc76070927cc3d13b4f52f8ecb898fce1875c32563e7a3fae2450ef6babc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1shorten.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Sun, 26 Jun 2022 23:46:20 GMT
content-encoding
br
last-modified
Mon, 13 Sep 2021 14:18:10 GMT
server
AmazonS3
age
42
etag
W/"a7fa5501113779849b63118ade529910"
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront)
cache-control
max-age=900
cross-origin-resource-policy
cross-origin
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
VEIF17MZp8j3P5zgZaXMviAJmR3uC-vaKOfqc5in8sLWGINNGKx7QA==
/
1shorten.com/sbbi/ Frame 6F79
25 KB
11 KB
Document
General
Full URL
https://1shorten.com/sbbi/?sbbpg=sbbShell&gprid=pV&sbbgs=h471818160a1ccb601f2f67b1be447e6d949&ddl=-1
Requested by
Host: 1shorten.com
URL: https://1shorten.com/xwaDjy
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
fbs /
Resource Hash
238931da165e7441123b95aa181a67d49f8c381d3dc0a726a2afb92173ea93a3

Request headers

Referer
https://1shorten.com/xwaDjy
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-store, no-cache, max-age=0, must-revalidate, private, max-stale=0, post-check=0, pre-check=0
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 26 Jun 2022 23:47:01 GMT
server
fbs
x-accel-expires
0
x-hw
1656287221.cds273.fr8.hn,1656287221.cds160.fr8.sc,1656287221.cdn2-wafbe02-fra1.stackpath.systems.-.i,1656287221.cds160.fr8.p
/
1shorten.com/sbbi/
43 B
176 B
Image
General
Full URL
https://1shorten.com/sbbi/?sbbpg=utMedia&vii=ah14c77198a1b8a186c02ab1fc8cbbf6c0d1cf326f0687bb515b9ec4d4170e66sdr9l4p9
Requested by
Host: 1shorten.com
URL: https://1shorten.com/xwaDjy
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
fbs /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1shorten.com/xwaDjy
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-origin
*
x-accel-expires
0
date
Sun, 26 Jun 2022 23:47:01 GMT
cache-control
no-store, no-cache, max-age=0, must-revalidate, private, max-stale=0, post-check=0, pre-check=0
server
fbs
x-hw
1656287221.cds273.fr8.hn,1656287221.cds131.fr8.sc,1656287221.cdn2-wafbe02-fra1.stackpath.systems.-.i,1656287221.cds131.fr8.p
content-type
image/gif
5112623
tauvoojo.net/400/
78 KB
30 KB
Script
General
Full URL
https://tauvoojo.net/400/5112623
Requested by
Host: 1shorten.com
URL: https://1shorten.com/xwaDjy
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
8983bd9426c02c479bf30056193836c73b525bebdbf7cfd370d453a6759672a2
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1shorten.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-trace-id
8e8e2f357ee501a6ae1430ffd8e40808
pragma
no-cache
date
Sun, 26 Jun 2022 23:47:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx
vary
Origin
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Link
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials
true
strict-transport-security
max-age=1
timing-allow-origin
*, *
expires
Tue, 11 Jan 1994 10:00:00 GMT
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v24/
30 KB
31 KB
Font
General
Full URL
https://fonts.gstatic.com/s/montserrat/v24/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:300,400,500,600,700,800,900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c8f7c04f8d691138d54380550d91349271ca19cfc0f3f6666c401cfa892a12f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://1shorten.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 21 Jun 2022 17:08:21 GMT
x-content-type-options
nosniff
age
455921
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30876
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 14:37:35 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 21 Jun 2023 17:08:21 GMT
cmp2.js
quantcast.mgr.consensu.org/tcfv2/
177 KB
43 KB
Script
General
Full URL
https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=www.themoneytizer.com
Requested by
Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/choice/6Fv0cGNfc_bw8/www.themoneytizer.com/choice.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:2400:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
42310df4073c8488550d8fbc0d7dba17d0319051ce5338ae6ecb4eac290202a4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1shorten.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 26 Jun 2022 23:46:10 GMT
content-encoding
br
age
53
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
access-control-max-age
86400
access-control-allow-origin
*
last-modified
Wed, 22 Jun 2022 19:56:20 GMT
server
AmazonS3
etag
W/"46ca30e9a03da80448753564a63ea512"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
text/javascript;charset=UTF-8
via
1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront)
cache-control
max-age=3600
x-amz-meta-qc-ineu
True
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
XdttYC1xKhw2O5ScCHD9EcU7t3Y8EhHlgAjosIb75DnkACegT2Jqyw==
apu.php
cdn.itskiddoan.club/
968 B
2 KB
Script
General
Full URL
https://cdn.itskiddoan.club/apu.php?zoneid=5115166
Requested by
Host: tauvoojo.net
URL: https://tauvoojo.net/400/5112623
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.236 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
fc3eaf7210aab1b1ec4a7c8f0addd020f4bbd1ae270421d21b2f3b908b2f7f78
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1shorten.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 26 Jun 2022 23:47:02 GMT
x-content-type-options
nosniff
access-control-max-age
86400
content-length
968
x-trace-id
ba605366f71268d31b766d18ae0975f8
pragma
no-cache
server
nginx
strict-transport-security
max-age=1
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding
expires
Tue, 11 Jan 1994 10:00:00 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220622/r20190131/ Frame F9C0
10 KB
5 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220622/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
75a2067c9dff8e58ae83cdb8ee4fe896013966ac4e8f3f1d5e8a75f27c9a1ae2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1shorten.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
5286
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4414
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 26 Jun 2022 22:18:56 GMT
etag
10429905676100781186
expires
Sun, 10 Jul 2022 22:18:56 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
analytics.js
www.google-analytics.com/
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-180808660-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1shorten.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
3475
date
Sun, 26 Jun 2022 22:49:07 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Mon, 27 Jun 2022 00:49:07 GMT
cmp-list.json
test.cmp.quantcast.com/GVL-v2/
9 KB
3 KB
XHR
General
Full URL
https://test.cmp.quantcast.com/GVL-v2/cmp-list.json
Requested by
Host: 1shorten.com
URL: https://1shorten.com/xwaDjy
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:3000:3:a4cd:8380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bc77d672b1c657ca11ff665ff7f4f4265618bc78dc6da334e2457654afe32fd6

Request headers

Accept
application/json, text/plain, */*
Referer
https://1shorten.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 26 Jun 2022 03:00:36 GMT
content-encoding
br
age
74787
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
access-control-max-age
86400
access-control-allow-origin
*
last-modified
Sat, 18 Jun 2022 19:52:29 GMT
server
AmazonS3
etag
W/"754b1e001f99326f9b342fa2d6e55b5d"
vary
Accept-Encoding
access-control-allow-methods
GET
x-amz-version-id
AYwkM.IW.38hT0sA3d1Ppda2bZVmYyuQ
via
1.1 ccfe5851ecd4194e2d976fb32dec7538.cloudfront.net (CloudFront)
cache-control
max-age=172800
x-amz-cf-pop
FRA2-C2
content-type
application/json
x-amz-cf-id
I4ZfzatYFUdhoySIxxii17oUAnd_fiVG5nJLmSLXCnk1KLB0ZDeB0A==
gid.js
my.rtmark.net/
65 B
542 B
XHR
General
Full URL
https://my.rtmark.net/gid.js
Requested by
Host: 1shorten.com
URL: https://1shorten.com/xwaDjy
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
db4daac2c5f32adbd520201b18ec63804bec7b294570c809cebf4c6ad29cfd30
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1shorten.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 26 Jun 2022 23:47:02 GMT
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=1
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://1shorten.com
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
65
collect
www.google-analytics.com/j/
1 B
203 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1075142904&t=pageview&_s=1&dl=https%3A%2F%2F1shorten.com%2FxwaDjy&ul=en-us&de=UTF-8&dt=1Shorten.com%20-%20Manage%20All%20Shorten&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1183315372&gjid=1890876139&cid=1818651397.1656287221&tid=UA-180808660-1&_gid=1350454604.1656287221&_r=1&gtm=2ou6m0&z=1827024520
Requested by
Host: 1shorten.com
URL: https://1shorten.com/xwaDjy
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://1shorten.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 26 Jun 2022 23:47:02 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://1shorten.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
1shorten.com/sbbi/ Frame 6F79
516 B
474 B
Document
General
Full URL
https://1shorten.com/sbbi/?sbbpg=sbbShell&gprid=pV&sbbgs=h471818160a1ccb601f2f67b1be447e6d949&ddl=-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
fbs /
Resource Hash
d155160aea288964eebe06a362795ab879ed657ca75f7ca60d5a1c8e9fe05d7b

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://1shorten.com
Referer
https://1shorten.com/sbbi/?sbbpg=sbbShell&gprid=pV&sbbgs=h471818160a1ccb601f2f67b1be447e6d949&ddl=-1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-store, no-cache, max-age=0, must-revalidate, private, max-stale=0, post-check=0, pre-check=0
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 26 Jun 2022 23:47:02 GMT
server
fbs
x-accel-expires
0
x-hw
1656287222.cds273.fr8.hn,1656287222.cds204.fr8.sc,1656287222.cdn2-wafbe03-fra1.stackpath.systems.-.i,1656287222.cds204.fr8.p
cmp2ui-en.js
cmp.quantcast.com/tcfv2/42/
230 KB
56 KB
Script
General
Full URL
https://cmp.quantcast.com/tcfv2/42/cmp2ui-en.js
Requested by
Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=www.themoneytizer.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:a000:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
62a9ab66cac0afdced4732a27d4e2139d6975a0e92816f638c16d60a544faa2c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1shorten.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 26 Jun 2022 22:10:10 GMT
content-encoding
br
age
13789
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
access-control-max-age
86400
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
last-modified
Wed, 22 Jun 2022 19:56:05 GMT
server
AmazonS3
etag
W/"24932b3e61742029985961c24d35dbb7"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
text/javascript;charset=UTF-8
via
1.1 cdcb559c2f25d8ad2ccf0419bee33b02.cloudfront.net (CloudFront)
cache-control
max-age=172800
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
sxTZsvKyRynCF-Ex7rnNge3ms4Getvd8hk8FetMES70Rj3C0TqjHZg==
vendor-list-trimmed-v1.json
cmp.quantcast.com/GVL-v2/
296 KB
35 KB
XHR
General
Full URL
https://cmp.quantcast.com/GVL-v2/vendor-list-trimmed-v1.json
Requested by
Host: 1shorten.com
URL: https://1shorten.com/xwaDjy
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:a000:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3dd900a2184c85ade5545276525bfa91f9930c19144a1333c5b473c11d63d6d8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1shorten.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 26 Jun 2022 03:05:15 GMT
content-encoding
br
vary
Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
age
74508
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Sun, 26 Jun 2022 03:00:33 GMT
server
AmazonS3
etag
W/"7b1978bc8c161596c5a74c7e0b433aea"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/json
via
1.1 0e75d8f2d484ce463fc04f5c422aa178.cloudfront.net (CloudFront)
cache-control
max-age=172800
access-control-allow-credentials
true
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
q4FldWSFNtelhTN3ToN6NwJdYmkO0mTlZyOkU2ZeFSMOJO2tRdtUNA==
google-atp-list.json
cmp.quantcast.com/tcfv2/
152 KB
36 KB
XHR
General
Full URL
https://cmp.quantcast.com/tcfv2/google-atp-list.json
Requested by
Host: 1shorten.com
URL: https://1shorten.com/xwaDjy
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:a000:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
aa327c5f63b19c620b2ac21a10907476e04aa62d61dc290261e99073760c9d13

Request headers

Accept
application/json, text/plain, */*
Referer
https://1shorten.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 26 Jun 2022 03:00:31 GMT
content-encoding
br
vary
Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
age
74792
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Sun, 26 Jun 2022 03:00:27 GMT
server
AmazonS3
etag
W/"63bf7316dc8d3ef635079bf6367ee60f"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/json
via
1.1 0e75d8f2d484ce463fc04f5c422aa178.cloudfront.net (CloudFront)
cache-control
max-age=172800
access-control-allow-credentials
true
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
LKC24f6BR5ilQT52f37X6F6dnyq6j5dB01IPlDCySAAplcstRXLR9g==
5112623
tauvoojo.net/500/
4 KB
2 KB
XHR
General
Full URL
https://tauvoojo.net/500/5112623?excludes=&oaid=23a4fa22bcb64cb08cf65a979f9df184&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=4&pl=https%3A%2F%2F1shorten.com%2FxwaDjy&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
Requested by
Host: 1shorten.com
URL: https://1shorten.com/xwaDjy
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
5fe1e36635e8b6b0c9b92b54f89770d7f76cfa79de3331b9859efb795c7f2ce9
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://1shorten.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
application/json

Response headers

x-trace-id
a078e28aae1dcde4a58366072aeee481
pragma
no-cache
date
Sun, 26 Jun 2022 23:47:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx
vary
Origin
content-type
application/javascript
access-control-allow-origin
https://1shorten.com
access-control-expose-headers
Link
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials
true
strict-transport-security
max-age=1
timing-allow-origin
*, *
expires
Tue, 11 Jan 1994 10:00:00 GMT
5112623
tauvoojo.net/500/ Frame
0
0
Preflight
General
Full URL
https://tauvoojo.net/500/5112623?excludes=&oaid=23a4fa22bcb64cb08cf65a979f9df184&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=4&pl=https%3A%2F%2F1shorten.com%2FxwaDjy&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://1shorten.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://1shorten.com
access-control-max-age
600
allow
GET, OPTIONS
content-length
0
date
Sun, 26 Jun 2022 23:47:02 GMT
server
nginx
strict-transport-security
max-age=1
timing-allow-origin
*
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options
nosniff
/
1shorten.com/sbbi/ Frame 6F79
7 KB
3 KB
Document
General
Full URL
https://1shorten.com/sbbi/?sbbpg=sbbShell&gprid=pV
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
fbs /
Resource Hash
68e7ca183fcb5bf97a8826113f65f92bf5ee1a3d6f5490b3526cc1e1f4aae2a6

Request headers

Referer
https://1shorten.com/sbbi/?sbbpg=sbbShell&gprid=pV&sbbgs=h471818160a1ccb601f2f67b1be447e6d949&ddl=-1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-store, no-cache, max-age=0, must-revalidate, private, max-stale=0, post-check=0, pre-check=0
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 26 Jun 2022 23:47:02 GMT
server
fbs
x-accel-expires
0
x-hw
1656287222.cds273.fr8.hn,1656287222.cds156.fr8.sc,1656287222.cdn2-wafbe04-fra1.stackpath.systems.-.i,1656287222.cds156.fr8.p
/
audit-tcfv2.cmp.quantcast.com/
2 B
101 B
XHR
General
Full URL
https://audit-tcfv2.cmp.quantcast.com/?log=%7B%22accountId%22%3A%226Fv0cGNfc_bw8%22%2C%22domain%22%3A%221shorten.com%22%2C%22publisher%22%3A%22themoneytizer.com%22%2C%22cmpId%22%3A10%2C%22cmpVersion%22%3A%222.42%22%2C%22displayType%22%3A%22tcfui%3Amandatory%22%2C%22configurationHashCode%22%3A%22HbxGb%2B34XCkQ4dJL2MD7TA%22%2C%22clientTimestamp%22%3A1656287221483%2C%22operationType%22%3A%22init%22%2C%22sessionId%22%3A%22GDPR-ugam7wboy1a8tufrd19x%22%7D
Requested by
Host: 1shorten.com
URL: https://1shorten.com/xwaDjy
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.122.40.161 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-122-40-161.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Accept
application/json, text/plain, */*
Referer
https://1shorten.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 26 Jun 2022 23:47:03 GMT
content-length
2
content-type
text/plain; charset=utf-8
anime_bg.png
ipp.littlecdn.com/web/static/
193 KB
193 KB
Image
General
Full URL
https://ipp.littlecdn.com/web/static/anime_bg.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:a62 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0c33471158b183e0cc6bde6fd6fa614e82220087dc9a05017571ddad9c4426b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1shorten.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 26 Jun 2022 23:47:03 GMT
cf-cache-status
HIT
last-modified
Thu, 24 Sep 2020 10:59:05 GMT
server
cloudflare
age
2089
etag
"a72c40cac24998b80ccdaba87731a296"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
7219d369bc87916a-FRA
content-length
197263
expires
Mon, 27 Jun 2022 23:12:14 GMT
anime_close.png
ipp.littlecdn.com/web/static/
10 KB
10 KB
Image
General
Full URL
https://ipp.littlecdn.com/web/static/anime_close.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:a62 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
29c05b59c065f80b61637991e37a9e69757d76b64b43d227b5c17a0593f23ccd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1shorten.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 26 Jun 2022 23:47:03 GMT
cf-cache-status
HIT
last-modified
Thu, 24 Sep 2020 10:59:06 GMT
server
cloudflare
age
643
etag
"d05a5f55b79df2c78093c4088ad8ecda"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
7219d369bc88916a-FRA
content-length
10386
expires
Mon, 27 Jun 2022 23:36:20 GMT
anime_female.png
ipp.littlecdn.com/web/static/
17 KB
17 KB
Image
General
Full URL
https://ipp.littlecdn.com/web/static/anime_female.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:a62 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af00002220c22fbb4d3b3fcf80eac8e89f1f1432ad4c0b5f010a083c769f0210

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1shorten.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 26 Jun 2022 23:47:03 GMT
cf-cache-status
HIT
last-modified
Thu, 24 Sep 2020 10:59:08 GMT
server
cloudflare
age
1023
etag
"6c7efb9606534b9559fd8489a9552de7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
7219d369bc8a916a-FRA
content-length
17347
expires
Mon, 27 Jun 2022 23:30:00 GMT
anime_male.png
ipp.littlecdn.com/web/static/
16 KB
16 KB
Image
General
Full URL
https://ipp.littlecdn.com/web/static/anime_male.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:a62 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f40eb8f12acaa274789ed4fd686d118c75446d263a3951e27a0ed27a3cddfc8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1shorten.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 26 Jun 2022 23:47:03 GMT
cf-cache-status
HIT
last-modified
Thu, 24 Sep 2020 10:59:09 GMT
server
cloudflare
age
643
etag
"07ca5abe3dc9bf4ebbc7c8ed98b2491e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
7219d369bc8c916a-FRA
content-length
16050
expires
Mon, 27 Jun 2022 23:36:20 GMT
go
1shorten.com/links/
192 B
337 B
XHR
General
Full URL
https://1shorten.com/links/go
Requested by
Host: 1shorten.com
URL: https://1shorten.com/xwaDjy
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
fbs / LarVPS
Resource Hash
a04aace55527cf6c6c498063877d6443f6392d082edc6b38ce4fa4bb029fa90e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

X-MOD-SBB-CTYPE
xhr
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://1shorten.com/xwaDjy
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 26 Jun 2022 23:47:05 GMT
x-content-type-options
nosniff
server
fbs
x-powered-by
LarVPS
x-download-options
noopen
vary
Accept-Encoding
x-hw
1656287225.cds273.fr8.hn,1656287225.cds109.fr8.sc,1656287225.cdn2-redis01-fra1.stackpath.systems.-.wx,1656287225.cds109.fr8.p
content-type
application/json
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-xss-protection
1; mode=block
expires
Thu, 19 Nov 1981 08:52:00 GMT
skip-ad.png
1shorten.com/darkyu_theme/build/img/
400 B
531 B
Image
General
Full URL
https://1shorten.com/darkyu_theme/build/img/skip-ad.png
Requested by
Host: 1shorten.com
URL: https://1shorten.com/darkyu_theme/build/css/1shorten-darkyu-theme-v1.css?ver=6.4.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
fbs /
Resource Hash
484272debf8bee61e076fa142a6106effb2d0dd012a072aafe8701f9672b86a2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1shorten.com/darkyu_theme/build/css/1shorten-darkyu-theme-v1.css?ver=6.4.0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 26 Jun 2022 23:47:05 GMT
last-modified
Mon, 20 Apr 2020 07:51:32 GMT
server
fbs
etag
"5e9d5484-190"
x-hw
1656287225.cds273.fr8.hn,1656287225.cds258.fr8.c
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000, public
accept-ranges
bytes
content-length
400

Verdicts & Comments Add Verdict or Comment

105 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| gtag object| dataLayer function| __tcfapi function| __uspapi string| sbbvscc string| sbbgscc function| genPid function| nsbbfetch function| sbbgc function| addmg function| addprid function| sbbeccf function| m2vr function| sbbls string| y string| x string| gprid object| sbbeccfi string| sbbgs object| app_vars object| e object| wow function| fixHeight undefined| captchaShort undefined| captchaContact undefined| captchaSignin undefined| captchaSignup undefined| captchaForgotpassword undefined| captchaShortlink undefined| invisibleCaptchaShort undefined| invisibleCaptchaContact undefined| invisibleCaptchaSignin undefined| invisibleCaptchaSignup undefined| invisibleCaptchaForgotpassword undefined| invisibleCaptchaShortlink function| onloadRecaptchaCallback function| setCookie function| getCookie object| go_popup function| checkAdblockUser function| checkAdsbypasserUser function| checkPrivateMode object| body string| ad_type object| counter_start_object object| selectedTab object| clipboard function| setTooltip function| cookie_accept function| $ function| jQuery function| WOW function| ClipboardJS number| lX number| lY string| csr object| otr object| cnv string| lk__ function| setUGEvals number| tt number| sbbtstflgsbbhbka boolean| sbbhbka object| google_tag_manager object| zfgstorage object| 32uytfa6pzj object| zfgformats object| webpushlogs object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state boolean| _gfp_a_ object| adsbygoogle string| GoogleAnalyticsObject function| ga string| google_user_agent_client_hint object| regeneratorRuntime function| __tcfapiui object| syncCallbacks string| DEFAULT_FORMATS_PROPERTY object| currentScript object| windows object| gaplugins object| gaGlobal object| gaData boolean| sbrmp

18 Cookies

Domain/Path Name / Value
1shorten.com/ Name: SPSI
Value: a1c79aba8c2bf8bfcdc3608b559cd106
1shorten.com/ Name: SPSE
Value: hAJ7UGLyw50Ijvp95HfTsx+jF+7e9P7bpyZ2Tnpw3yddXZj6Hyj8KZDxoEE7re0cqjFJcdvcN0nqM0Nzh4BjIg==
1shorten.com/ Name: spcsrf
Value: 7a0164dae044600d1007be3a6d5dc7ce
1shorten.com/ Name: AppSession
Value: vgqs7bpa0od6mie2mgbdqno5v4
1shorten.com/ Name: csrfToken
Value: ba46bb46f64e41ae6b7a738e50cafe817d642807969feff901f1033898b9723c509a56a41f1932a8e8382d41f63748c4d577dd8be8eb486f0d75befc07dd95cf
1shorten.com/ Name: app_visitor
Value: Q2FrZQ%3D%3D.MTgwODk2ZTgwNGE3NDQwYzkxYmJlMTkyZGQwMTlmZTYxMTJmN2Y5MjQwZjUwMDk5YTRhOGQ3NDVhMjk5OWIzYpW2CmCmJQi8SUNZF3Vwtyxl%2BaRTim99sQYMqUBzbPruuF566oQyspov%2BsJGEc8kccSDyysJxSAlgzaa2NOO9M6pE2vnciRUwKm3YWNCA5Yz
1shorten.com/ Name: sp_lit
Value: 4I7grgJwzoft+C8T3uCg7A==
1shorten.com/ Name: PRLST
Value: pV
1shorten.com/ Name: UTGv2
Value: h471818160a1ccb601f2f67b1be447e6d949
1shorten.com/ Name: ab
Value: 2
1shorten.com/ Name: adOtr
Value: 971aaac8b2c
cdn.itskiddoan.club/ Name: OAID
Value: 6dda553f2c0f48ffa8636b225743817b
cdn.itskiddoan.club/ Name: oaidts
Value: 1656287222
.1shorten.com/ Name: _ga
Value: GA1.2.1818651397.1656287221
.1shorten.com/ Name: _gid
Value: GA1.2.1350454604.1656287221
.1shorten.com/ Name: _gat_gtag_UA_180808660_1
Value: 1
my.rtmark.net/ Name: ID
Value: 23a4fa22bcb64cb08cf65a979f9df184
tauvoojo.net/ Name: OAID
Value: 23a4fa22bcb64cb08cf65a979f9df184

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1shorten.com
audit-tcfv2.cmp.quantcast.com
cdn.itskiddoan.club
cdnjs.cloudflare.com
cmp.quantcast.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.imgur.com
ipp.littlecdn.com
my.rtmark.net
pagead2.googlesyndication.com
quantcast.mgr.consensu.org
tauvoojo.net
test.cmp.quantcast.com
www.google-analytics.com
www.googletagmanager.com
139.45.195.8
139.45.197.236
139.45.197.239
151.101.112.193
151.139.128.10
2600:9000:20eb:2400:9:46dc:4700:93a1
2600:9000:20eb:a000:9:46dc:4700:93a1
2600:9000:21f3:3000:3:a4cd:8380:93a1
2606:4700:10::ac43:a62
2606:4700::6811:190e
2a00:1450:4001:810::200e
2a00:1450:4001:811::200a
2a00:1450:4001:827::2003
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2002
2a00:1450:4001:830::2008
3.122.40.161
1879fbfc2917606e790867075f6c64a41436a54c6a0633ad75cc479b53ca9dde
1c684bca91a1322651e51c3e793adecf8fc9016dc338047e60f5fd007bc8ba07
238931da165e7441123b95aa181a67d49f8c381d3dc0a726a2afb92173ea93a3
29c05b59c065f80b61637991e37a9e69757d76b64b43d227b5c17a0593f23ccd
347f6365abfcb020615486b3d7e0a6021a507bc720e5fc70efb8bacce6a160ca
3dd900a2184c85ade5545276525bfa91f9930c19144a1333c5b473c11d63d6d8
41cef8ad918b8441cd469d2520f89062496c734b98e0f867610ba4487e86f39a
42310df4073c8488550d8fbc0d7dba17d0319051ce5338ae6ecb4eac290202a4
484272debf8bee61e076fa142a6106effb2d0dd012a072aafe8701f9672b86a2
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5fe1e36635e8b6b0c9b92b54f89770d7f76cfa79de3331b9859efb795c7f2ce9
62a9ab66cac0afdced4732a27d4e2139d6975a0e92816f638c16d60a544faa2c
639f4a869a580f2712c7f50b57b0693262c36c25f8a51925ec673dd8a4bd281d
6730c3d0dd41ed0373ecbc110628d8130d4a38ecab7c21bfc9cef078f2949f09
68e7ca183fcb5bf97a8826113f65f92bf5ee1a3d6f5490b3526cc1e1f4aae2a6
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
749843966dac50484031e60a2c5ba92c791991142c779e6a75c7e3151b54123c
75a2067c9dff8e58ae83cdb8ee4fe896013966ac4e8f3f1d5e8a75f27c9a1ae2
77d18d1ff20c1d1a4cf90a01a436bcf2336068e9beba53fd98e74cb6de51156f
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7d11d6f76d82b6d2bdfab8b85ab6f3ada92c458af5f2a511efc97752719bb564
8983bd9426c02c479bf30056193836c73b525bebdbf7cfd370d453a6759672a2
8f24dc76070927cc3d13b4f52f8ecb898fce1875c32563e7a3fae2450ef6babc
8f40eb8f12acaa274789ed4fd686d118c75446d263a3951e27a0ed27a3cddfc8
a04aace55527cf6c6c498063877d6443f6392d082edc6b38ce4fa4bb029fa90e
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
aa327c5f63b19c620b2ac21a10907476e04aa62d61dc290261e99073760c9d13
af00002220c22fbb4d3b3fcf80eac8e89f1f1432ad4c0b5f010a083c769f0210
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2d878b667d54c03cad23bf230559cab36e53baa5ddff26ddbadd4f275ccb53e
bc77d672b1c657ca11ff665ff7f4f4265618bc78dc6da334e2457654afe32fd6
c8f7c04f8d691138d54380550d91349271ca19cfc0f3f6666c401cfa892a12f8
d155160aea288964eebe06a362795ab879ed657ca75f7ca60d5a1c8e9fe05d7b
d3e11add51a712cac881faf3531e284b185f6cbd2f33ea99b291ddf329b05bb9
db4daac2c5f32adbd520201b18ec63804bec7b294570c809cebf4c6ad29cfd30
e0c33471158b183e0cc6bde6fd6fa614e82220087dc9a05017571ddad9c4426b
fc3eaf7210aab1b1ec4a7c8f0addd020f4bbd1ae270421d21b2f3b908b2f7f78