urlscan.io logo urlscan.io
SecurityTrails logo

offernow24.com Open in urlscan Pro
2606:4700:3037::ac43:8db4  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://shorter.gg/qPLrQN
Effective URL: https://offernow24.com/step.html?an=pa&cid=840277508883746941&sid=7393037
Submission: On July 25 via manual from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 3 countries across 12 domains to perform 56 HTTP transactions. The main IP is 2606:4700:3037::ac43:8db4, located in United States and belongs to CLOUDFLARENET, US. The main domain is offernow24.com. The Cisco Umbrella rank of the primary domain is 152109.
TLS certificate: Issued by WE1 on June 24th 2024. Valid for: 3 months.
This is the only time offernow24.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

13    2606:4700:3030::6815:4ae9 (United States)

ASN13335 (CLOUDFLARENET, US)
shorter.gg
1    2606:4700::6810:4f49 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
1    139.45.197.252 (United Kingdom)

ASN9002 (RETN-AS, GB)
desenteir.com
2    2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
12    139.45.197.251 (United Kingdom)

ASN9002 (RETN-AS, GB)
woudaufe.net
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
3    139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)
my.rtmark.net
14    139.45.197.239 (United Kingdom)

ASN9002 (RETN-AS, GB)
oodrampi.com
3    2606:4700:3037::ac43:8db4 (United States)

ASN13335 (CLOUDFLARENET, US)
offernow24.com
1    2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
Apex Domain
Subdomains		 Transfer
14 oodrampi.com
oodrampi.com — Cisco Umbrella Rank: 562596
34 KB
13 shorter.gg
shorter.gg
132 KB
12 woudaufe.net
woudaufe.net — Cisco Umbrella Rank: 270083
19 KB
3 offernow24.com
offernow24.com — Cisco Umbrella Rank: 152109
14 KB
3 rtmark.net
my.rtmark.net — Cisco Umbrella Rank: 5822
2 KB
3 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 3123
2 gstatic.com
fonts.gstatic.com
32 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 112
204 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 110
1 KB
1 desenteir.com
desenteir.com — Cisco Umbrella Rank: 355983
831 B
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 1223
7 KB
0 Failed
function sub() { [native code] }. Failed
56 12
Domain Requested by
14 oodrampi.com 2 redirects shorter.gg
oodrampi.com
13 shorter.gg shorter.gg
static.cloudflareinsights.com
woudaufe.net
12 woudaufe.net shorter.gg
woudaufe.net
3 offernow24.com offernow24.com
3 my.rtmark.net woudaufe.net
oodrampi.com
3 region1.google-analytics.com www.googletagmanager.com
2 fonts.gstatic.com fonts.googleapis.com
2 www.googletagmanager.com shorter.gg
offernow24.com
1 fonts.googleapis.com offernow24.com
1 desenteir.com shorter.gg
1 static.cloudflareinsights.com shorter.gg
0 invalid Failed offernow24.com
56 12

This site contains links to these domains. Also see Links.

Domain
adblock-360.com
Subject Issuer Validity Valid
shorter.gg
WE1		 2024-07-07 -
2024-10-05		 3 months crt.sh
cloudflareinsights.com
WE1		 2024-07-06 -
2024-10-04		 3 months crt.sh
desenteir.com
E5		 2024-06-29 -
2024-09-27		 3 months crt.sh
*.google-analytics.com
WR2		 2024-07-01 -
2024-09-23		 3 months crt.sh
woudaufe.net
E5		 2024-07-04 -
2024-10-02		 3 months crt.sh
rtmark.net
R11		 2024-07-05 -
2024-10-03		 3 months crt.sh
oodrampi.com
R10		 2024-07-11 -
2024-10-09		 3 months crt.sh
offernow24.com
WE1		 2024-06-24 -
2024-09-22		 3 months crt.sh
upload.video.google.com
WR2		 2024-07-01 -
2024-09-23		 3 months crt.sh
*.gstatic.com
WR2		 2024-07-01 -
2024-09-23		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://offernow24.com/step.html?an=pa&cid=840277508883746941&sid=7393037
Frame ID: E78298D29BD8BD305D8F5FA8EF541B22
Requests: 56 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Stop Ads

Page URL History Show full URLs

  1. http://shorter.gg/qPLrQN HTTP 307
    https://shorter.gg/qPLrQN Page URL
  2. https://oodrampi.com/4/7769307 Page URL
  3. https://oodrampi.com/?z=7769307&syncedCookie=true&rhd=false HTTP 302
    https://oodrampi.com/4/7393037/?var=7769307 Page URL
  4. https://oodrampi.com/?z=7393037&syncedCookie=false&rhd=false HTTP 302
    https://offernow24.com/step.html?an=pa&cid=840277508883746941&sid=7393037 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

56
Requests

95 %
HTTPS

67 %
IPv6

12
Domains

12
Subdomains

13
IPs

3
Countries

442 kB
Transfer

1202 kB
Size

9
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://shorter.gg/qPLrQN HTTP 307
    https://shorter.gg/qPLrQN Page URL
  2. https://oodrampi.com/4/7769307 Page URL
  3. https://oodrampi.com/?z=7769307&syncedCookie=true&rhd=false HTTP 302
    https://oodrampi.com/4/7393037/?var=7769307 Page URL
  4. https://oodrampi.com/?z=7393037&syncedCookie=false&rhd=false HTTP 302
    https://offernow24.com/step.html?an=pa&cid=840277508883746941&sid=7393037 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://shorter.gg/qPLrQN HTTP 307
  • https://shorter.gg/qPLrQN
Request Chain 36
  • https://oodrampi.com/?z=7769307&syncedCookie=true&rhd=false HTTP 302
  • https://oodrampi.com/4/7393037/?var=7769307

56 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
qPLrQN
shorter.gg/
Redirect Chain
  • http://shorter.gg/qPLrQN
  • https://shorter.gg/qPLrQN
6 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://shorter.gg/qPLrQN
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:4ae9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.33
Resource Hash
e4945914dea22d24962c997a32d8596b982d8f8fde6926b808ac3e6e6d56bb95
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8a8b453e2cfa18db-FRA
content-type
text/html; charset=UTF-8
date
Thu, 25 Jul 2024 09:54:46 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rJnhaqF7OhrcjBfZPMwVrW2AunpxwBqBachIJNgy%2BvzU3t8qppNWdp9UajieDzpizA7okGQhz4W8jQ5POhhnTX%2BeAsHNgJsBK0GP3MLPRyl30Dv0u9%2FQaVpLQ1TezLNo0aIIVGxPqN3%2B"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-powered-by
PHP/7.4.33
x-robots-tag
noindex

Redirect headers

Location
https://shorter.gg/qPLrQN
Non-Authoritative-Reason
HttpsUpgrades
bootstrap.min.css
shorter.gg/static/ 		187 KB
28 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://shorter.gg/static/bootstrap.min.css
Requested by
Host: shorter.gg
URL: https://shorter.gg/qPLrQN
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:4ae9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
667244226d2cae230d34813312d2b962e94b8454fac7bd98606e67c41929f44a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://shorter.gg/qPLrQN
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 25 Jul 2024 09:54:46 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 01 Sep 2023 16:24:24 GMT
server
cloudflare
etag
W/"64f21038-2ec23"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vxFk10lXZ6BIzHh7exmzEP4uCJjI1sDJg%2BuKRSEkBpDCfzO32Vxzn6uBxCae46Ug0DaX6MonglHS9f0WNSanoJTe4vxW00TygqQcfxfY%2Fiq8af4HMXVyIYxMNwNWUOc7S2lo44A4sdCW"}],"group":"cf-nel","max_age":604800}
content-type
text/css
vary
Accept-Encoding
cache-control
max-age=16070400
cf-ray
8a8b453faf6818db-FRA
priority
u=0,i=?0
all.min.css
shorter.gg/static/frontend/libs/fontawesome/ 		100 KB
23 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://shorter.gg/static/frontend/libs/fontawesome/all.min.css
Requested by
Host: shorter.gg
URL: https://shorter.gg/qPLrQN
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:4ae9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
58fdbb37ecb0c8a4d514714e322edef085c1f9d71e703b3925b054437f446166
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://shorter.gg/qPLrQN
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 25 Jul 2024 09:54:46 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 16 Aug 2023 08:51:14 GMT
server
cloudflare
etag
W/"64dc8e02-18efb"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FdwOudOXlSlnEICu8Pshl7Qt7FataZ6gZTdw0UvR50BVIgVvCX6yj2TdU5zSNM0EKuU7lb4%2FLAmhqyaRF0YCKq92k8CkxHhGo2niJnVJTkWkbcHGcu4AUtH5tocKdBmA9s3zC7byZVIe"}],"group":"cf-nel","max_age":604800}
content-type
text/css
vary
Accept-Encoding
cache-control
max-age=16070400
cf-ray
8a8b453faf6a18db-FRA
priority
u=0,i=?0
cookieconsent.css
shorter.gg/static/frontend/libs/cookieconsent/ 		18 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://shorter.gg/static/frontend/libs/cookieconsent/cookieconsent.css
Requested by
Host: shorter.gg
URL: https://shorter.gg/qPLrQN
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:4ae9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e5a1815609e1b500701e8a9c63a4ee98c47794025a0de9bbc7b8a3fdc4419e6
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://shorter.gg/qPLrQN
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 25 Jul 2024 09:54:46 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 12 Dec 2022 23:10:38 GMT
server
cloudflare
etag
W/"6397b4ee-4973"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NWfN4y%2Bi%2F%2B8Ax6GOrF0UiSWSUydzbRKu6T40XkM%2B8jj4e9OTk5LrQAqeVzD8tN6CC8uXpexSt4d6JlsNCLJxlM6np2HkJ2pVpdB74dNrzrGtcStZZ3V6yxiqLNDo1h3NfjFGvJxr2Yd%2F"}],"group":"cf-nel","max_age":604800}
content-type
text/css
vary
Accept-Encoding
cache-control
max-age=16070400
cf-ray
8a8b453faf6c18db-FRA
priority
u=0,i=?0
style.min.css
shorter.gg/static/ 		20 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://shorter.gg/static/style.min.css
Requested by
Host: shorter.gg
URL: https://shorter.gg/qPLrQN
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:4ae9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a90a14a43d80fbef4134eb4e8ccc884d631b7e22c09f7256e40cde66448c964a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://shorter.gg/qPLrQN
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 25 Jul 2024 09:54:46 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 24 Jun 2024 12:45:24 GMT
server
cloudflare
etag
W/"66796a64-4e71"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kjasAF4OsVTBTDClG2TTsdk3cGpNSzE33Pcp87mhYAp%2B2EShI%2FJ2db%2BrnTFEM8pX5QhB10D8%2FkTk%2BO5yPwmPfi10thikYBM5PgPvoqMbo170jKlV%2B9E8eYOLc0bO4qnfHn1PQHQ2CGJj"}],"group":"cf-nel","max_age":604800}
content-type
text/css
vary
Accept-Encoding
cache-control
max-age=16070400
cf-ray
8a8b453faf6e18db-FRA
priority
u=0,i=?0
gg.png
shorter.gg/content/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://shorter.gg/content/gg.png
Requested by
Host: shorter.gg
URL: https://shorter.gg/qPLrQN
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:4ae9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3dc63f1bd32e4fe5e0cf11c13ddbeb37fff4071eb48c5c1556f7147f77687801
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://shorter.gg/qPLrQN
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 25 Jul 2024 09:54:46 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
14390
last-modified
Mon, 18 Sep 2023 07:24:29 GMT
server
cloudflare
etag
"6507fb2d-3836"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pXWKRcVXvfqyXrIaMHVxqzgZ%2FwlF04T20yRntpl1BFKxZA%2BtPlMTcPtbGJwGWM6yyExf6sGd%2B%2Bl1rUUJA8iEbWv%2BKKfTP%2FhnVpVqOPnjwp%2Fx5hrxrW5xUg3UBcQjm3jOLFVNVEGbc3v8"}],"group":"cf-nel","max_age":604800}
content-type
image/png
vary
Accept-Encoding
cache-control
max-age=16070400
accept-ranges
bytes
cf-ray
8a8b453faf7018db-FRA
priority
u=2,i
rocket-loader.min.js
shorter.gg/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://shorter.gg/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: shorter.gg
URL: https://shorter.gg/qPLrQN
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:4ae9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://shorter.gg/qPLrQN
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 25 Jul 2024 09:54:46 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Tue, 16 Jul 2024 17:12:08 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
content-encoding
gzip
etag
W/"6696a9e8-302c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=38MafRJiQw%2BN9Bt0fB45Fh7EBvWFEAWSrQyQDJPARBCcALuKBbQgFN%2BwJMTM7a2TCqfV3%2F5R9DoPs5wUeRZW%2Bd0oX4KPOHk20MwT8ovNE1n1vHfmYzAZ3NMhOmqPC47fwJfG9kEK%2BhLe"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
8a8b454058f418db-FRA
expires
Sat, 27 Jul 2024 09:54:46 GMT
vcd15cbe7772f49c399c6a5babf22c1241717689176015
static.cloudflareinsights.com/beacon.min.js/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Requested by
Host: shorter.gg
URL: https://shorter.gg/qPLrQN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:4f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f

Request headers

Referer
https://shorter.gg/
Origin
https://shorter.gg
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 25 Jul 2024 09:54:46 GMT
content-encoding
gzip
last-modified
Thu, 06 Jun 2024 15:52:56 GMT
server
cloudflare
etag
W/"2024.6.1"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
8a8b4540fa0a9191-FRA
variables.css
shorter.gg/content/ 		341 B
679 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://shorter.gg/content/variables.css
Requested by
Host: shorter.gg
URL: https://shorter.gg/static/style.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:4ae9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee8e6cef533cf05ed69efcfb5e2535937069c6963588e88808ff7f760dfbaf44
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://shorter.gg/static/style.min.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 25 Jul 2024 09:54:46 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 16 Apr 2024 14:36:28 GMT
server
cloudflare
etag
W/"661e8cec-155"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=on%2Bz4IN%2BkJR7BLy27Xi4sukprlDqE7XQ%2FiKPJhiTEH310uuSzRos52ikSk8SsRiKZbUPQF6iSDVsEBJYZwictG3OjvAiJuiWYW8wblcee6AGOsHWGmy80dPUWv3ThGLiH%2BRbzbFn1j4b"}],"group":"cf-nel","max_age":604800}
content-type
text/css
vary
Accept-Encoding
cache-control
max-age=16070400
cf-ray
8a8b4540794418db-FRA
priority
u=0,i=?0
reverse.min.js
desenteir.com/act/files/ 		1 KB
831 B 		Script
General
Check archive.org
Download Go to
Full URL
https://desenteir.com/act/files/reverse.min.js?sf=1
Requested by
Host: shorter.gg
URL: https://shorter.gg/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.252 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
772c6889d6be065e04c009a2c427d650c666ac6013b0f43f04db8d5bb537b00f

Request headers

Referer
https://shorter.gg/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Jul 2024 09:54:46 GMT
content-encoding
gzip
last-modified
Wed, 24 Jul 2024 13:41:31 GMT
server
nginx
etag
W/"66a1048b-599"
content-type
application/javascript
cache-control
no-cache
access-control-allow-credentials
true
js
www.googletagmanager.com/gtag/ 		305 KB
102 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-7H7DFBV1DV
Requested by
Host: shorter.gg
URL: https://shorter.gg/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3124b92b9ec50fb1ae1a7385b6c869d9c40cb6d7afc234b38a28915c7ccc9794
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://shorter.gg/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 25 Jul 2024 09:54:46 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
103750
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 25 Jul 2024 09:54:46 GMT
nunito-sans-v12-latin-700.woff2
shorter.gg/static/frontend/fonts/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://shorter.gg/static/frontend/fonts/nunito-sans-v12-latin-700.woff2
Requested by
Host: shorter.gg
URL: https://shorter.gg/static/style.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:4ae9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
280aaa8929329764ac3213ca093c63505cfcc665347939c79905c426d33867c5
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://shorter.gg/static/style.min.css
Origin
https://shorter.gg
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 25 Jul 2024 09:54:46 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
17116
last-modified
Sun, 06 Nov 2022 18:25:02 GMT
server
cloudflare
etag
"6367fbfe-42dc"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0%2FJKXY3Dda0Kz%2BuimZXGiwJM6jWLJjs8i38EFXHsZlOwc%2B6KYnfSTMR7irGURxoe2zk0O%2BcoPyOlzp%2BEtkjyHL68kspjb8bOr3%2B2MKs4AncJxgPV09XBovGdzsU%2Bp2MHTm3GF78WE7%2Bz"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
vary
Accept-Encoding
cache-control
max-age=16070400
accept-ranges
bytes
cf-ray
8a8b45412a6f18db-FRA
priority
u=0,i=?0
nunito-sans-v12-latin-regular.woff2
shorter.gg/static/frontend/fonts/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://shorter.gg/static/frontend/fonts/nunito-sans-v12-latin-regular.woff2
Requested by
Host: shorter.gg
URL: https://shorter.gg/static/style.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:4ae9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
97d5a594e7f76c7e50045b67667fd6b74b268515efe6425097be1b2647079787
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://shorter.gg/static/style.min.css
Origin
https://shorter.gg
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 25 Jul 2024 09:54:46 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
16980
last-modified
Sun, 06 Nov 2022 18:25:02 GMT
server
cloudflare
etag
"6367fbfe-4254"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rxYw841n9FRPhDxYlNIG92rtkt8MKC%2BGm8jRoEQgfjFQ3XWQMmTShIw0k6sOaAjYKc3M48x%2FR54GXyLZqg2Bz6QYUUTa2H1%2BnQbkOiS8gNmBwviPgA91glAMaW7zGXaNbKRepkT0Zb8Z"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
vary
Accept-Encoding
cache-control
max-age=16070400
accept-ranges
bytes
cf-ray
8a8b45412a7018db-FRA
priority
u=0,i=?0
micro.tag.min.js
woudaufe.net/act/files/ 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://woudaufe.net/act/files/micro.tag.min.js?z=7769304&sw=/sw-check-permissions-9c47d.js
Requested by
Host: shorter.gg
URL: https://shorter.gg/qPLrQN
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
c0323fbc592a66ec227799fb6c7deee56a0e672a1163a1c470761570e0e5171d

Request headers

Referer
https://shorter.gg/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Jul 2024 09:54:46 GMT
content-encoding
gzip
last-modified
Wed, 24 Jul 2024 13:41:30 GMT
server
nginx
etag
W/"66a1048a-b1e0"
content-type
application/javascript
cache-control
no-cache
access-control-allow-credentials
true
rum
shorter.gg/cdn-cgi/ 		0
138 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://shorter.gg/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:4ae9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://shorter.gg/qPLrQN
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
application/json

Response headers

date
Thu, 25 Jul 2024 09:54:46 GMT
x-content-type-options
nosniff
server
cloudflare
vary
Origin
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://shorter.gg
x-frame-options
DENY
access-control-allow-credentials
true
cf-ray
8a8b4541ab6118db-FRA
collect
region1.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-7H7DFBV1DV&gtm=45je47o0v9116115539za200&_p=1721901286655&gcd=13l3l3l2l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=877569518.1721901287&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1721901286&sct=1&seg=0&dl=https%3A%2F%2Fshorter.gg%2FqPLrQN&dt=Unsafe%20Link%20Detected%20-%20Shorter.gg%20-%20Free%20Url%20Shortener%2C%20Link%20in%20Bio%20and%20QR%20Codes&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=665
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-7H7DFBV1DV
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://shorter.gg/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Jul 2024 09:54:46 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://shorter.gg
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
favicon.png
shorter.gg/content/ 		9 KB
10 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://shorter.gg/content/favicon.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:4ae9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
de7c4826c2529dffcfb09ceab59fff0bc4ef3261d82706e96d87cfcae845cfd8
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://shorter.gg/qPLrQN
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 25 Jul 2024 09:54:46 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
9457
last-modified
Wed, 10 May 2023 16:52:29 GMT
server
cloudflare
etag
"645bcbcd-24f1"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XUEEAQqmaax5E20s2%2F%2BUO%2Bi9%2B14o9zqHYDQzEn05LGMcdX21G4l9T4%2FeEKJEdwdxMjz1853pPynyQ%2BPPhV97oCzSCUNi0cowrJhXTVH7mzONBzI4U0gB8KywGUjDwTyy3T5GvLk9bNXO"}],"group":"cf-nel","max_age":604800}
content-type
image/png
vary
Accept-Encoding
cache-control
max-age=16070400
accept-ranges
bytes
cf-ray
8a8b45422c7b18db-FRA
priority
u=1,i
sw-check-permissions-9c47d.js
shorter.gg/ 		0
813 B 		Other
General
Check archive.org
Download Go to
Full URL
https://shorter.gg/sw-check-permissions-9c47d.js?zoneId=7769304
Requested by
Host: woudaufe.net
URL: https://woudaufe.net/act/files/micro.tag.min.js?z=7769304&sw=/sw-check-permissions-9c47d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:4ae9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://shorter.gg/qPLrQN
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 25 Jul 2024 09:54:46 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 23 Jul 2024 11:29:10 GMT
server
cloudflare
etag
W/"669f9406-234"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=F%2F%2FhtVNV2tbncmE6g4dfPnxVxQjNHry1lSVz1qC9xZ5RPD6Tsxa5RU8ES8%2BrFqVhtSSTu3N%2B7D6ev4bs0VsaIstbME27cLZVUpWEQSb4hexTni7E0IueXOuJlxg9CpidG6N2txS1N%2FYG"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
cache-control
max-age=16070400
cf-ray
8a8b45435eb218db-FRA
priority
u=4,i
custom
woudaufe.net/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://woudaufe.net/custom
Requested by
Host: woudaufe.net
URL: https://woudaufe.net/act/files/micro.tag.min.js?z=7769304&sw=/sw-check-permissions-9c47d.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://shorter.gg/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
zone
woudaufe.net/ 		0
332 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://woudaufe.net/zone?&pub=0&zone_id=7769304&is_mobile=false&domain=shorter.gg&var=&ymid=&var_3=&var_4=&dsig=&tg=1&sw=3.1.540&trace_id=96d0fef8-6c63-423e-9373-718724de0b29&action=prerequest&ch=eyJhcmNoaXRlY3R1cmUiOiIiLCJiaXRuZXNzIjoiIiwiYnJhbmRzIjpbXSwiZnVsbFZlcnNpb25MaXN0IjpbXSwibW9iaWxlIjpmYWxzZSwibW9kZWwiOiIiLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsIndvdzY0IjpmYWxzZX0=&drf=
Requested by
Host: woudaufe.net
URL: https://woudaufe.net/act/files/micro.tag.min.js?z=7769304&sw=/sw-check-permissions-9c47d.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://shorter.gg/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 25 Jul 2024 09:54:46 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
server
nginx
access-control-allow-origin
https://shorter.gg
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, X-Oaid, Content-Type, Accept
content-length
0
gid.js
my.rtmark.net/ 		65 B
541 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://my.rtmark.net/gid.js?pub=0&userId=&zoneId=7769304&checkDuplicate=true&ymid=&var=&source=pusher
Requested by
Host: woudaufe.net
URL: https://woudaufe.net/act/files/micro.tag.min.js?z=7769304&sw=/sw-check-permissions-9c47d.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
122fcf4169ace716a5728f6add74a1eb2c9036034d90e76f6c37a2e565e74b41
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://shorter.gg/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 25 Jul 2024 09:54:47 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://shorter.gg
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
65
custom
woudaufe.net/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://woudaufe.net/custom
Requested by
Host: woudaufe.net
URL: https://woudaufe.net/act/files/micro.tag.min.js?z=7769304&sw=/sw-check-permissions-9c47d.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://shorter.gg/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
custom
woudaufe.net/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://woudaufe.net/custom
Requested by
Host: woudaufe.net
URL: https://woudaufe.net/act/files/micro.tag.min.js?z=7769304&sw=/sw-check-permissions-9c47d.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://shorter.gg/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
custom
woudaufe.net/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://woudaufe.net/custom
Requested by
Host: woudaufe.net
URL: https://woudaufe.net/act/files/micro.tag.min.js?z=7769304&sw=/sw-check-permissions-9c47d.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://shorter.gg/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
custom
woudaufe.net/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://woudaufe.net/custom
Requested by
Host: woudaufe.net
URL: https://woudaufe.net/act/files/micro.tag.min.js?z=7769304&sw=/sw-check-permissions-9c47d.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://shorter.gg/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
custom
woudaufe.net/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://woudaufe.net/custom
Requested by
Host: woudaufe.net
URL: https://woudaufe.net/act/files/micro.tag.min.js?z=7769304&sw=/sw-check-permissions-9c47d.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://shorter.gg/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
zone
woudaufe.net/ 		798 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://woudaufe.net/zone?&pub=0&zone_id=7769304&is_mobile=false&domain=shorter.gg&var=&ymid=&var_3=&var_4=&dsig=&tg=1&sw=3.1.540&trace_id=96d0fef8-6c63-423e-9373-718724de0b29&action=settings&ch=eyJhcmNoaXRlY3R1cmUiOiIiLCJiaXRuZXNzIjoiIiwiYnJhbmRzIjpbXSwiZnVsbFZlcnNpb25MaXN0IjpbXSwibW9iaWxlIjpmYWxzZSwibW9kZWwiOiIiLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsIndvdzY0IjpmYWxzZX0=
Requested by
Host: woudaufe.net
URL: https://woudaufe.net/act/files/micro.tag.min.js?z=7769304&sw=/sw-check-permissions-9c47d.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
cd4fa62796b368c1faa1bef28d6df434e4162515993a1d27b3efe59c23c45056
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://shorter.gg/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 25 Jul 2024 09:54:47 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
content-type
application/json; charset=utf-8
access-control-allow-origin
https://shorter.gg
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, X-Oaid, Content-Type, Accept
content-length
798
custom
woudaufe.net/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://woudaufe.net/custom
Requested by
Host: woudaufe.net
URL: https://woudaufe.net/act/files/micro.tag.min.js?z=7769304&sw=/sw-check-permissions-9c47d.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://shorter.gg/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
custom
woudaufe.net/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://woudaufe.net/custom
Requested by
Host: woudaufe.net
URL: https://woudaufe.net/act/files/micro.tag.min.js?z=7769304&sw=/sw-check-permissions-9c47d.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://shorter.gg/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
custom
woudaufe.net/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://woudaufe.net/custom
Requested by
Host: woudaufe.net
URL: https://woudaufe.net/act/files/micro.tag.min.js?z=7769304&sw=/sw-check-permissions-9c47d.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://shorter.gg/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
7769307
oodrampi.com/4/ 		31 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://oodrampi.com/4/7769307
Requested by
Host: shorter.gg
URL: https://shorter.gg/qPLrQN
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
91f749af513f8b498ccc51a3766913abe6b4078e363facbf3fb39a18ed918ffe
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://shorter.gg/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
content-encoding
gzip
content-type
text/html; charset=utf8
date
Thu, 25 Jul 2024 09:54:48 GMT
expires
Tue, 11 Jan 1994 10:00:00 GMT
link
<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch"
pragma
no-cache
server
nginx
strict-transport-security
max-age=1
timing-allow-origin
* *
x-content-type-options
nosniff
x-trace-id
aa602221d46c8d4ce57948f32ab21345
sftouch
oodrampi.com/ 		2 B
603 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://oodrampi.com/sftouch?userId=0080a4b70ea9451df864d1ed073d126c&z=7769307&p_rid=66e25398-003d-45b6-aee8-356094a28a2d&p_src=sf&branchId=0&rb=hY0f1VWib3Mo3fzKRP5D1mmZ6GUz3BrYbuiOa774hEockwR7J77aC7NcZ9kORnlTVz8zWP_WJbgzC-8fwZ-xxBe-1vnW2BOQ_-PQcT1k6OO-wTJ6m9DV6l42-yP1zeRUgo2pqshypM4xfImOA7BHkWeYwxBpBf6eh5ZzXMzRAMcXeasnGQ-Uyy_iUJtNGXwONDqoRYOFvDZYvD9fsyW5yyMCBqTja4ZbjQoWIQ2UNWpJfq2fmpvXQDUZHBAM0kfxk_nyjcXCiGPesIIAisgmiRf1jDg6YqtgxiLCG6jrFJcPh123W2ceMOEI2Bg=
Requested by
Host: oodrampi.com
URL: https://oodrampi.com/4/7769307
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://oodrampi.com/4/7769307
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 25 Jul 2024 09:54:48 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
content-length
2
x-trace-id
5882cf35d99670314a6aeec696d9078f
pragma
no-cache
server
nginx
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain
access-control-allow-origin
https://oodrampi.com
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
expires
Tue, 11 Jan 1994 10:00:00 GMT
img.gif
my.rtmark.net/ 		43 B
492 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://my.rtmark.net/img.gif?f=merge&userId=0080a4b70ea9451df864d1ed073d126c&z=7769307&p_rid=66e25398-003d-45b6-aee8-356094a28a2d&p_src=sf
Requested by
Host: oodrampi.com
URL: https://oodrampi.com/4/7769307
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://oodrampi.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 25 Jul 2024 09:54:48 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
43
add
oodrampi.com/log/ 		12 B
383 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://oodrampi.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=66e25398-003d-45b6-aee8-356094a28a2d
Requested by
Host: oodrampi.com
URL: https://oodrampi.com/4/7769307
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
fe85cceb474303eb80a5ca9a60b16d92208a8e0b38647647654b0c42447b51f7
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://oodrampi.com/4/7769307
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 25 Jul 2024 09:54:48 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://oodrampi.com
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
content-length
12
add
oodrampi.com/async_log/ 		16 B
527 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://oodrampi.com/async_log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=66e25398-003d-45b6-aee8-356094a28a2d
Requested by
Host: oodrampi.com
URL: https://oodrampi.com/4/7769307
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
e836cf151c055c64b3b2991de7067f3d9e925b51d1050e57ff93a7b88667031f

Request headers

Referer
https://oodrampi.com/4/7769307
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 25 Jul 2024 09:54:48 GMT
server
nginx
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://oodrampi.com
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
content-length
16
expires
Tue, 11 Jan 1994 10:00:00 GMT
favicon.ico
oodrampi.com/ 		0
151 B 		Other
General
Check archive.org
Download Go to
Full URL
https://oodrampi.com/favicon.ico
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://oodrampi.com/4/7769307
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
public
date
Thu, 25 Jul 2024 09:54:48 GMT
cache-control
max-age=315360000, public, must-revalidate, proxy-revalidate
server
nginx
expires
Thu, 31 Dec 2037 23:55:55 GMT
/
oodrampi.com/4/7393037/
Redirect Chain
  • https://oodrampi.com/?z=7769307&syncedCookie=true&rhd=false
  • https://oodrampi.com/4/7393037/?var=7769307
31 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://oodrampi.com/4/7393037/?var=7769307
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
ffdb93498a15ab2090b7a2329852f95943761d9f36042a54769f1b77af6cd5a8
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://oodrampi.com
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
content-encoding
gzip
content-type
text/html; charset=utf8
date
Thu, 25 Jul 2024 09:54:48 GMT
expires
Tue, 11 Jan 1994 10:00:00 GMT
link
<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch"
pragma
no-cache
server
nginx
strict-transport-security
max-age=1
timing-allow-origin
* *
x-content-type-options
nosniff
x-trace-id
d51d877f0f08634d075fe43c35c3f01e

Redirect headers

accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://oodrampi.com
access-control-max-age
86400
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
content-length
0
date
Thu, 25 Jul 2024 09:54:48 GMT
expires
Tue, 11 Jan 1994 10:00:00 GMT
link
<https://oodrampi.com>; rel="preconnect dns-prefetch",<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
location
https://oodrampi.com/4/7393037/?var=7769307
pragma
no-cache
referrer-policy
no-referrer
server
nginx
strict-transport-security
max-age=1
timing-allow-origin
* *
x-content-type-options
nosniff
x-trace-id
393b30c6a5c2401017c2a5e6327f1016
favicon.ico
oodrampi.com/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://oodrampi.com/favicon.ico
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://oodrampi.com/afu.php?zoneid=7769307&var=7769307&rid=BPTR34PbLD67mf1dYD5JaA%3D%3D&rhd=false&ab2r=0&sf=1&is_mobile=false
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
public
date
Thu, 25 Jul 2024 09:54:48 GMT
cache-control
max-age=315360000, public, must-revalidate, proxy-revalidate
server
nginx
expires
Thu, 31 Dec 2037 23:55:55 GMT
sftouch
oodrampi.com/ 		2 B
603 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://oodrampi.com/sftouch?userId=0180a427e60c4df7f9a28fd2abc71a24&z=7393037&p_rid=13a8a043-dfcd-4b84-9e1b-96fd1bdeb494&p_src=sf&branchId=0&rb=J3NY3aUK8HocrA6DF7Nd4zurJZOimYp3eXjJqk_BpJghmCEwxtKT45-gZ0jkxrgtyr1iZ8uk6H-T6ftHRsNHDzXl2zd21ik8YQhMdu2rf7zJJ4vxkaZzt-_q71ZO0tYE1mNpPWnH_wgrACdKYGXYvV1rT1z2oakBMoyfGQkhmj6pMWVqoEXozJlVAGwNstx32yDSVRB8NadopT486uZp4b1JRQLLpUwbWWMHOWsi2CM29T6iprb8fd8W3bdIdo8HACPGhdyhNnbeMd5lnkAs2z9-tdgQctzklbjPAQ==
Requested by
Host: oodrampi.com
URL: https://oodrampi.com/4/7393037/?var=7769307
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://oodrampi.com/4/7393037/?var=7769307
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 25 Jul 2024 09:54:48 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
content-length
2
x-trace-id
5443a72afcff6ab3ae80481310327218
pragma
no-cache
server
nginx
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain
access-control-allow-origin
https://oodrampi.com
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
expires
Tue, 11 Jan 1994 10:00:00 GMT
img.gif
my.rtmark.net/ 		43 B
504 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://my.rtmark.net/img.gif?f=merge&userId=0180a427e60c4df7f9a28fd2abc71a24&z=7393037&p_rid=13a8a043-dfcd-4b84-9e1b-96fd1bdeb494&p_src=sf
Requested by
Host: oodrampi.com
URL: https://oodrampi.com/4/7393037/?var=7769307
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://oodrampi.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 25 Jul 2024 09:54:48 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
image/gif
access-control-allow-origin
https://oodrampi.com
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
43
add
oodrampi.com/log/ 		12 B
383 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://oodrampi.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=13a8a043-dfcd-4b84-9e1b-96fd1bdeb494
Requested by
Host: oodrampi.com
URL: https://oodrampi.com/4/7393037/?var=7769307
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://oodrampi.com/4/7393037/?var=7769307
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 25 Jul 2024 09:54:48 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://oodrampi.com
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
content-length
12
favicon.ico
oodrampi.com/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://oodrampi.com/favicon.ico
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://oodrampi.com/4/7393037/?var=7769307
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
public
date
Thu, 25 Jul 2024 09:54:48 GMT
cache-control
max-age=315360000, public, must-revalidate, proxy-revalidate
server
nginx
expires
Thu, 31 Dec 2037 23:55:55 GMT
Primary Request step.html
offernow24.com/
Redirect Chain
  • https://oodrampi.com/?z=7393037&syncedCookie=false&rhd=false
  • https://offernow24.com/step.html?an=pa&cid=840277508883746941&sid=7393037
14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://offernow24.com/step.html?an=pa&cid=840277508883746941&sid=7393037
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:8db4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
73c1a40cc303f9c26b2aa3119141294cfeb940a25be3441d6fa2038312dc332f
Security Headers
Name Value
Strict-Transport-Security max-age=16000000

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://oodrampi.com
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8a8b454fca23a06a-FRA
content-encoding
br
content-type
text/html
date
Thu, 25 Jul 2024 09:54:48 GMT
last-modified
Fri, 26 Apr 2024 10:15:52 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=x6XZZQjTkzYlz83EgSRqKKxAwMzZ1JIJYGDw8a%2Fp7ujmxB%2Fovo%2FBOQexy1Ws0PhVsMXE65anXlVf8KCeHf5FEnh8YiwVc5oZK0U7g1Z7w9zLbquGrdia%2B%2B0uLbAVtETFQYivbKD6O4MUYdrUUQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=16000000
vary
Accept-Encoding

Redirect headers

accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://oodrampi.com
access-control-max-age
86400
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
content-length
0
date
Thu, 25 Jul 2024 09:54:48 GMT
expires
Tue, 11 Jan 1994 10:00:00 GMT
link
<https://offernow24.com>; rel="preconnect dns-prefetch",<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
location
https://offernow24.com/step.html?an=pa&cid=840277508883746941&sid=7393037
pragma
no-cache
referrer-policy
no-referrer
server
nginx
strict-transport-security
max-age=1
timing-allow-origin
* *
x-content-type-options
nosniff
x-trace-id
01aab7825daa63ba7872e9193a81cd7a
add
oodrampi.com/async_log/ 		16 B
527 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://oodrampi.com/async_log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=13a8a043-dfcd-4b84-9e1b-96fd1bdeb494
Requested by
Host: oodrampi.com
URL: https://oodrampi.com/4/7393037/?var=7769307
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://oodrampi.com/afu.php?zoneid=7393037&var=7393037&rid=UOc2oKHlKAQMxeQ00KE1Mg%3D%3D&rhd=false&ab2r=0&sf=1&is_mobile=false
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 25 Jul 2024 09:54:48 GMT
server
nginx
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://oodrampi.com
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
content-length
16
expires
Tue, 11 Jan 1994 10:00:00 GMT
favicon.ico
oodrampi.com/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://oodrampi.com/favicon.ico
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://oodrampi.com/afu.php?zoneid=7393037&var=7393037&rid=UOc2oKHlKAQMxeQ00KE1Mg%3D%3D&rhd=false&ab2r=0&sf=1&is_mobile=false
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
public
date
Thu, 25 Jul 2024 09:54:48 GMT
cache-control
max-age=315360000, public, must-revalidate, proxy-revalidate
server
nginx
expires
Thu, 31 Dec 2037 23:55:55 GMT
css2
fonts.googleapis.com/ 		9 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@100;200;300;400;500&display=swap
Requested by
Host: offernow24.com
URL: https://offernow24.com/step.html?an=pa&cid=840277508883746941&sid=7393037
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
93409fefbf430829f6f20820a2af72cd14ea1e8f4d67dc0cee0f091c583eb331
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 25 Jul 2024 09:54:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 25 Jul 2024 09:16:31 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 25 Jul 2024 09:54:49 GMT
js
www.googletagmanager.com/gtag/ 		308 KB
102 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-15SDG98XYJ
Requested by
Host: offernow24.com
URL: https://offernow24.com/step.html?an=pa&cid=840277508883746941&sid=7393037
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
523ebd575e960276a68fffdb2228343be55834437af80e9cebf20021495c09cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 25 Jul 2024 09:54:49 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
103938
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 25 Jul 2024 09:54:49 GMT
ChromeWebStore_Badge_v2_340x96.png
offernow24.com/img/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://offernow24.com/img/ChromeWebStore_Badge_v2_340x96.png
Requested by
Host: offernow24.com
URL: https://offernow24.com/step.html?an=pa&cid=840277508883746941&sid=7393037
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:8db4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f49e4bff319083c20b3386f23547315773631e155e389ed42550295e4913e12d
Security Headers
Name Value
Strict-Transport-Security max-age=16000000

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 25 Jul 2024 09:54:49 GMT
strict-transport-security
max-age=16000000
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6009
alt-svc
h3=":443"; ma=86400
content-length
5640
last-modified
Fri, 26 Apr 2024 10:15:55 GMT
server
cloudflare
etag
"1608-616fd307406fd"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FHnq5LX%2BEM7%2FVha8hf7Bn67jInxdvtrNGavfsw5uEHyyGaL18PuvxoFNrVeyRi5OHTaboJ7EA%2B2lAFFdkXRCvneKop0zUkvMW2y%2B4x9XjYfi%2FFCAZ%2FV0XR7yJTjnn3kB9No7GIVrEzh2hW4JyA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8a8b45503acaa06a-FRA
/
invalid/ 		0
0
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@100;200;300;400;500&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://offernow24.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 23 Jul 2024 12:29:10 GMT
x-content-type-options
nosniff
age
163539
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 23 Jul 2025 12:29:10 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@100;200;300;400;500&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://offernow24.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 23 Jul 2024 14:43:18 GMT
x-content-type-options
nosniff
age
155491
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 23 Jul 2025 14:43:18 GMT
collect
region1.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-15SDG98XYJ&gtm=45je47o0v9171646941za200&_p=1721901289084&gcd=13l3l3l2l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=768494339.1721901289&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1721901289&sct=1&seg=0&dl=https%3A%2F%2Foffernow24.com%2Fstep.html%3Fan%3Dpa%26cid%3D840277508883746941%26sid%3D7393037&dt=Stop%20Ads&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=355
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-15SDG98XYJ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Jul 2024 09:54:49 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://offernow24.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-15SDG98XYJ&gtm=45je47o0v9171646941za200&_p=1721901289084&gcd=13l3l3l2l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=768494339.1721901289&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=2&sid=1721901289&sct=1&seg=0&dl=https%3A%2F%2Foffernow24.com%2Fstep.html%3Fan%3Dpa%26cid%3D840277508883746941%26sid%3D7393037&dt=Stop%20Ads&en=step&_ee=1&ep.adNet=pa&ep.action=view&_et=2&tfd=368
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-15SDG98XYJ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Jul 2024 09:54:49 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://offernow24.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
favicon.ico
offernow24.com/ 		2 KB
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://offernow24.com/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:8db4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5407c173dfcbc26b399dc49e2e180ec0f36f5daaf97e16bdd9a6cf9bda98f1c4
Security Headers
Name Value
Strict-Transport-Security max-age=16000000

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 25 Jul 2024 09:54:49 GMT
strict-transport-security
max-age=16000000
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 26 Apr 2024 10:28:17 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2335
etag
W/"8e1-616fd5ca9f431"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nfiWb4Mat8q5TYIi4RdrpSwmPbtfiW8Ly5Us7R8eeg63UsOBnm8X3KKVIfqg6sedHmjlMEz%2FW2YlEytSbUa6l9GBReIAGTV0p8F0FdZfHRyoDQORsyxsfuARefmkp5N1xivOEVvi7sRQAdGQUQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/vnd.microsoft.icon
cache-control
max-age=14400
cf-ray
8a8b4551acc5a06a-FRA
alt-svc
h3=":443"; ma=86400
/
invalid/ 		0
0
/
invalid/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
invalid
URL
chrome-extension://invalid/
Domain
invalid
URL
chrome-extension://invalid/
Domain
invalid
URL
chrome-extension://invalid/

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| gtag object| article function| get_i18n function| ga function| popupcws function| chromeInitControl object| dataLayer object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal

9 Cookies

Domain/Path Name / Value
shorter.gg/ Name: PHPSESSID
Value: 120a40e85f4c27261a1fea2b2102d2ee
.shorter.gg/ Name: _ga
Value: GA1.1.877569518.1721901287
my.rtmark.net/ Name: ID
Value: 0180a427e60c4df7f9a28fd2abc71a24
oodrampi.com/ Name: oaidts
Value: 1721901288
.shorter.gg/ Name: _ga_7H7DFBV1DV
Value: GS1.1.1721901286.1.0.1721901288.0.0.0
oodrampi.com/ Name: OAID
Value: 0180a427e60c4df7f9a28fd2abc71a24
oodrampi.com/ Name: syncedCookie
Value: true
.offernow24.com/ Name: _ga
Value: GA1.1.768494339.1721901289
.offernow24.com/ Name: _ga_15SDG98XYJ
Value: GS1.1.1721901289.1.0.1721901289.0.0.0

7 Console Messages

Source Level URL
Text
network error URL: https://shorter.gg/qPLrQN
Message:
Failed to load resource: the server responded with a status of 410 ()
intervention error (Line 10)
Message:
Blocked attempt to show a 'beforeunload' confirmation panel for a frame that never had a user gesture since its load. https://www.chromestatus.com/feature/5082396709879808
network error URL: https://oodrampi.com/async_log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=66e25398-003d-45b6-aee8-356094a28a2d
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://oodrampi.com/async_log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=13a8a043-dfcd-4b84-9e1b-96fd1bdeb494
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: chrome-extension://invalid/
Message:
Failed to load resource: net::ERR_BLOCKED_BY_CLIENT
network error URL: chrome-extension://invalid/
Message:
Failed to load resource: net::ERR_BLOCKED_BY_CLIENT
network error URL: chrome-extension://invalid/
Message:
Failed to load resource: net::ERR_BLOCKED_BY_CLIENT

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

desenteir.com
fonts.googleapis.com
fonts.gstatic.com
invalid
my.rtmark.net
offernow24.com
oodrampi.com
region1.google-analytics.com
shorter.gg
static.cloudflareinsights.com
woudaufe.net
www.googletagmanager.com
invalid
139.45.195.8
139.45.197.239
139.45.197.251
139.45.197.252
2001:4860:4802:32::36
2001:4860:4802:34::36
2606:4700:3030::6815:4ae9
2606:4700:3037::ac43:8db4
2606:4700::6810:4f49
2a00:1450:4001:813::2008
2a00:1450:4001:82b::200a
2a00:1450:4001:831::2003
122fcf4169ace716a5728f6add74a1eb2c9036034d90e76f6c37a2e565e74b41
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
280aaa8929329764ac3213ca093c63505cfcc665347939c79905c426d33867c5
3124b92b9ec50fb1ae1a7385b6c869d9c40cb6d7afc234b38a28915c7ccc9794
3dc63f1bd32e4fe5e0cf11c13ddbeb37fff4071eb48c5c1556f7147f77687801
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e5a1815609e1b500701e8a9c63a4ee98c47794025a0de9bbc7b8a3fdc4419e6
523ebd575e960276a68fffdb2228343be55834437af80e9cebf20021495c09cb
5407c173dfcbc26b399dc49e2e180ec0f36f5daaf97e16bdd9a6cf9bda98f1c4
58fdbb37ecb0c8a4d514714e322edef085c1f9d71e703b3925b054437f446166
667244226d2cae230d34813312d2b962e94b8454fac7bd98606e67c41929f44a
73c1a40cc303f9c26b2aa3119141294cfeb940a25be3441d6fa2038312dc332f
772c6889d6be065e04c009a2c427d650c666ac6013b0f43f04db8d5bb537b00f
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f
91f749af513f8b498ccc51a3766913abe6b4078e363facbf3fb39a18ed918ffe
93409fefbf430829f6f20820a2af72cd14ea1e8f4d67dc0cee0f091c583eb331
97d5a594e7f76c7e50045b67667fd6b74b268515efe6425097be1b2647079787
a90a14a43d80fbef4134eb4e8ccc884d631b7e22c09f7256e40cde66448c964a
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
c0323fbc592a66ec227799fb6c7deee56a0e672a1163a1c470761570e0e5171d
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cd4fa62796b368c1faa1bef28d6df434e4162515993a1d27b3efe59c23c45056
de7c4826c2529dffcfb09ceab59fff0bc4ef3261d82706e96d87cfcae845cfd8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4945914dea22d24962c997a32d8596b982d8f8fde6926b808ac3e6e6d56bb95
e836cf151c055c64b3b2991de7067f3d9e925b51d1050e57ff93a7b88667031f
ee8e6cef533cf05ed69efcfb5e2535937069c6963588e88808ff7f760dfbaf44
f49e4bff319083c20b3386f23547315773631e155e389ed42550295e4913e12d
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
fe85cceb474303eb80a5ca9a60b16d92208a8e0b38647647654b0c42447b51f7
ffdb93498a15ab2090b7a2329852f95943761d9f36042a54769f1b77af6cd5a8