urlscan.io logo urlscan.io
SecurityTrails logo

app.offramp.xyz Open in urlscan Pro
2606:4700:3033::ac43:c22c  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://app.offramp.xyz/
Effective URL: https://app.offramp.xyz/
Submission: On June 22 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 3 countries across 9 domains to perform 20 HTTP transactions. The main IP is 2606:4700:3033::ac43:c22c, located in United States and belongs to CLOUDFLARENET, US. The main domain is app.offramp.xyz.
TLS certificate: Issued by GTS CA 1P5 on May 15th 2024. Valid for: 3 months.
This is the only time app.offramp.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 2606:4700:303... 13335 (CLOUDFLAR...)
2 104.16.160.145 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 3 104.17.2.184 13335 (CLOUDFLAR...)
1 18.66.102.51 16509 (AMAZON-02)
2 2600:1901:0:b... 396982 (GOOGLE-CL...)
1 2001:4860:480... 15169 (GOOGLE)
1 13.32.27.21 16509 (AMAZON-02)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 13.224.189.74 16509 (AMAZON-02)
3 18.245.46.20 16509 (AMAZON-02)
1 52.55.91.222 14618 (AMAZON-AES)
20 12
3    2606:4700:3033::ac43:c22c (United States)

ASN13335 (CLOUDFLARENET, US)
app.offramp.xyz
2    104.16.160.145 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.onesignal.com
2    2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    104.17.2.184 (None, )

ASN13335 (CLOUDFLARENET, US)
challenges.cloudflare.com
1    18.66.102.51 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-102-51.fra56.r.cloudfront.net
static.hotjar.com
2    2600:1901:0:bc29:: (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
cdn.mxpnl.com
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    13.32.27.21 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-21.fra56.r.cloudfront.net
script.hotjar.com
1    2606:4700:3037::6815:5494 (United States)

ASN13335 (CLOUDFLARENET, US)
assets.offramp.xyz
1    13.224.189.74 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-74.fra2.r.cloudfront.net
widget.intercom.io
3    18.245.46.20 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-46-20.fra56.r.cloudfront.net
js.intercomcdn.com
1    52.55.91.222 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-55-91-222.compute-1.amazonaws.com
api-iam.intercom.io
Apex Domain
Subdomains		 Transfer
4 offramp.xyz
app.offramp.xyz
assets.offramp.xyz
2 MB
3 intercomcdn.com
js.intercomcdn.com — Cisco Umbrella Rank: 4674
298 KB
3 cloudflare.com
challenges.cloudflare.com — Cisco Umbrella Rank: 4311
14 KB
2 intercom.io
widget.intercom.io — Cisco Umbrella Rank: 3016
api-iam.intercom.io — Cisco Umbrella Rank: 3077
6 KB
2 mxpnl.com
cdn.mxpnl.com — Cisco Umbrella Rank: 6280
22 KB
2 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 894
script.hotjar.com — Cisco Umbrella Rank: 1260
60 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 81
180 KB
2 onesignal.com
cdn.onesignal.com — Cisco Umbrella Rank: 5074
64 KB
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2355
20 9
Domain Requested by
3 js.intercomcdn.com widget.intercom.io
js.intercomcdn.com
3 challenges.cloudflare.com 1 redirects app.offramp.xyz
challenges.cloudflare.com
3 app.offramp.xyz app.offramp.xyz
2 cdn.mxpnl.com www.googletagmanager.com
cdn.mxpnl.com
2 www.googletagmanager.com app.offramp.xyz
www.googletagmanager.com
2 cdn.onesignal.com app.offramp.xyz
cdn.onesignal.com
1 api-iam.intercom.io js.intercomcdn.com
1 widget.intercom.io www.googletagmanager.com
1 assets.offramp.xyz app.offramp.xyz
1 script.hotjar.com static.hotjar.com
1 region1.google-analytics.com www.googletagmanager.com
1 static.hotjar.com www.googletagmanager.com
20 12

This site contains no links.

Subject Issuer Validity Valid
app.offramp.xyz
GTS CA 1P5		 2024-05-15 -
2024-08-13		 3 months crt.sh
onesignal.com
GTS CA 1P5		 2024-05-31 -
2024-08-29		 3 months crt.sh
*.google-analytics.com
WR2		 2024-06-03 -
2024-08-26		 3 months crt.sh
*.hotjar.com
Amazon RSA 2048 M03		 2024-05-22 -
2025-06-20		 a year crt.sh
*.mxpnl.com
GeoTrust TLS RSA CA G1		 2023-07-12 -
2024-08-11		 a year crt.sh
challenges.cloudflare.com
Cloudflare Inc ECC CA-3		 2023-08-18 -
2024-08-17		 a year crt.sh
*.assets.offramp.xyz
E1		 2024-04-15 -
2024-07-14		 3 months crt.sh
*.intercom.com
Amazon RSA 2048 M03		 2024-01-15 -
2025-02-11		 a year crt.sh
*.intercomcdn.com
Amazon RSA 2048 M02		 2023-12-01 -
2024-12-29		 a year crt.sh

This page contains 3 frames:

Primary Page: https://app.offramp.xyz/
Frame ID: 866042761CED0326E262AE25D2D5EC0B
Requests: 15 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/s65ir/0x4AAAAAAAHyOLnIJ0hvONYg/auto/normal
Frame ID: 64B18CCC94833AB09489216CAD334769
Requests: 1 HTTP requests in this frame

Frame: https://js.intercomcdn.com/frame-modern.fff688a5.js
Frame ID: 37C426E94F4005603204E296B1953371
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Offramp.xyz - Card

Page URL History Show full URLs

  1. http://app.offramp.xyz/ HTTP 307
    https://app.offramp.xyz/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/
Overall confidence: 100%
Detected patterns
  • cdn\.onesignal\.com

Page Statistics

20
Requests

95 %
HTTPS

42 %
IPv6

9
Domains

12
Subdomains

12
IPs

3
Countries

2688 kB
Transfer

9176 kB
Size

9
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://app.offramp.xyz/ HTTP 307
    https://app.offramp.xyz/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3
  • https://challenges.cloudflare.com/turnstile/v0/api.js?onload=onloadTurnstileCallback__cf-turnstile&render=explicit HTTP 302
  • https://challenges.cloudflare.com/turnstile/v0/b/c7e29c8c8b6e/api.js

20 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
app.offramp.xyz/
Redirect Chain
  • http://app.offramp.xyz/
  • https://app.offramp.xyz/
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://app.offramp.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:c22c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c07595b79bb04146daafdc0e18f223239699a01bc10b77f9ab34e4719682dfc0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
public,max-age=10,s-maxage=86400
cf-cache-status
DYNAMIC
cf-ray
897d91f33da29214-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Sat, 22 Jun 2024 16:21:15 GMT
last-modified
Sat, 22 Jun 2024 16:15:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6WxQQE8Ksg4UltIkGonb%2FVoBxBSERAEToO%2BOJ8AqgNAf42%2FTpo%2Fdfzg0pnYzM2oSFfsSJMwTxG41N2XRENMuet8IkSojb5SbHbdCgno31Wr7vcV2SIBQ%2B%2Bre7aUg%2BsK6BR8pLI%2BwQpcqODy%2BU5E%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-amz-request-id
tx000008828c750b9ca25f9-006676f9fb-52adc8f8-sfo3a
x-do-app-origin
7fd4da4d-d3d3-4d5f-9cb7-8cd1faa65679
x-do-orig-status
200
x-do-static-catchall-document
index.html
x-envoy-upstream-healthchecked-cluster
x-rgw-object-type
Normal

Redirect headers

Location
https://app.offramp.xyz/
Non-Authoritative-Reason
HttpsUpgrades
index-B4Wy5iHn.js
app.offramp.xyz/assets/ 		7 MB
2 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.offramp.xyz/assets/index-B4Wy5iHn.js
Requested by
Host: app.offramp.xyz
URL: https://app.offramp.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:c22c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8865228cd5b0566db39052224a11efb3b5e9bb1cfbbfafefada37d088e438afb

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://app.offramp.xyz/
Origin
https://app.offramp.xyz
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 16:21:18 GMT
content-encoding
gzip
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-do-app-origin
7fd4da4d-d3d3-4d5f-9cb7-8cd1faa65679
x-amz-request-id
tx000003967abbe24dadebf-006676f9fc-52adc8f8-sfo3a
x-do-orig-status
200
x-envoy-upstream-healthchecked-cluster
alt-svc
h3=":443"; ma=86400
last-modified
Sat, 22 Jun 2024 16:15:03 GMT
server
cloudflare
etag
W/"48bc5dd80e6d3835207e485322109821-2"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vqgSpu87SKA1ZIPh3%2BL1uXrt0MGuXtf161p9%2B%2FmjXIxhbDhxHbDaipK2qfBydo4RZJktqb24uXp1P5F8f2mcUJXt%2BZrs1UbxMk8ZPvgnRnZmM5n4vopSg2HqIODZDt86LIbIo0p5CU7EcozzqkI%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
https://app.offramp.xyz
x-rgw-object-type
Normal
cache-control
public, max-age=14400, s-maxage=86400
x-do-static-catchall-document
index.html
cf-ray
897d920529a39214-FRA
OneSignalSDK.page.js
cdn.onesignal.com/sdks/web/v16/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/web/v16/OneSignalSDK.page.js
Requested by
Host: app.offramp.xyz
URL: https://app.offramp.xyz/assets/index-B4Wy5iHn.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.160.145 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d1cc8e2214a41a9230081c383912319694ad158fac9483a22ec3f6230af88826
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://app.offramp.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 16:21:21 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
age
1964
etag
W/"e97acd0bc7104d45af67c0c1d883418e"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
897d92268afd9295-FRA
access-control-allow-headers
OneSignal-Subscription-Id
alt-svc
h3=":443"; ma=86400
expires
Tue, 25 Jun 2024 16:21:21 GMT
gtm.js
www.googletagmanager.com/ 		228 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PJ8VL7FN&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Requested by
Host: app.offramp.xyz
URL: https://app.offramp.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6ac59f59adb67d1ad0d17c0cf04c6d2a6fce6c08da2d0f81dbe7172bbd76e9f6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://app.offramp.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 16:21:21 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
80136
x-xss-protection
0
last-modified
Sat, 22 Jun 2024 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 22 Jun 2024 16:21:21 GMT
api.js
challenges.cloudflare.com/turnstile/v0/b/c7e29c8c8b6e/
Redirect Chain
  • https://challenges.cloudflare.com/turnstile/v0/api.js?onload=onloadTurnstileCallback__cf-turnstile&render=explicit
  • https://challenges.cloudflare.com/turnstile/v0/b/c7e29c8c8b6e/api.js
42 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/turnstile/v0/b/c7e29c8c8b6e/api.js
Requested by
Host: app.offramp.xyz
URL: https://app.offramp.xyz/
Protocol
H3
Server
104.17.2.184 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fdf9b58fcf84b6c75c42ba56855fb02e0a990771aa1932c18a0fa73ef640000a

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://app.offramp.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 22 Jun 2024 16:21:21 GMT
content-encoding
br
last-modified
Wed, 19 Jun 2024 17:35:52 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
897d9229682c91dd-FRA
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Sat, 22 Jun 2024 16:21:21 GMT
server
cloudflare
vary
Accept-Encoding
access-control-allow-origin
*
location
/turnstile/v0/b/c7e29c8c8b6e/api.js
cache-control
max-age=300, public
cross-origin-resource-policy
cross-origin
cf-ray
897d92293ff791dd-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
OneSignalSDK.page.es6.js
cdn.onesignal.com/sdks/web/v16/ 		258 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/web/v16/OneSignalSDK.page.es6.js?v=160201
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/web/v16/OneSignalSDK.page.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.160.145 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b7dd280e791355b7f6e369682a827331ac63a72f9464667a5f02e77a6c5bff63
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://app.offramp.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 16:21:21 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
age
1963
etag
W/"8d9626ae2ebb9d6fa774cc728c36861f"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
897d9228fded9295-FRA
access-control-allow-headers
OneSignal-Subscription-Id
alt-svc
h3=":443"; ma=86400
expires
Tue, 25 Jun 2024 16:21:21 GMT
js
www.googletagmanager.com/gtag/ 		305 KB
102 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-G9FYZQ6RSZ&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PJ8VL7FN&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5dff281165a71a0d3c2eeaa01010dab8d9e66a533216657f72a1e56e74c4b603
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://app.offramp.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 16:21:21 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
104016
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 22 Jun 2024 16:21:21 GMT
hotjar-3682044.js
static.hotjar.com/c/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-3682044.js?sv=7
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PJ8VL7FN&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.102.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-102-51.fra56.r.cloudfront.net
Software
/
Resource Hash
dd74f3c426907541dfdad14447f38927db10254b2317185774c38458fbb74fea
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://app.offramp.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 16:21:21 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 c2e56cd54e2593df95ccca8a6d98c958.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
etag
W/9d0158d7f06d872821b73b4c805d5eaf
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=60
x-cache-hit
1
cross-origin-resource-policy
cross-origin
x-amz-cf-id
VaVdVhtyOgOQqbLDq89o4w1jCBZlz7N7RgpHOMFgx-KOivJR4bRWTQ==
mixpanel-js-wrapper.js
cdn.mxpnl.com/libs/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.mxpnl.com/libs/mixpanel-js-wrapper.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PJ8VL7FN&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:bc29:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
UploadServer /
Resource Hash
b810a55c064062bb2e7c21978cde65aea63b035c95f1e3bc47abe054c513f28f

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://app.offramp.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 16:15:11 GMT
content-encoding
gzip
age
370
x-guploader-uploadid
ACJd0NoAKziv3kyHQ_BABhb8mcHgojL2c5OeoQTECxDCUN5fyca76ipgj_sQ3RnPgm-hPyOVPg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2756
last-modified
Fri, 21 Jun 2024 22:06:25 GMT
server
UploadServer
etag
"3f7946bfd5d9ee3fdef4db46cfc35c5a"
vary
Accept-Encoding
x-goog-generation
1719007585120805
x-goog-hash
crc32c=/UNgLg==, md5=P3lGv9XZ7j/e9NtGz8NcWg==
access-control-allow-origin
*
content-type
text/javascript
cache-control
public,max-age=600
x-goog-stored-content-length
2756
accept-ranges
bytes
expires
Sat, 22 Jun 2024 16:25:11 GMT
mixpanel-2-latest.min.js
cdn.mxpnl.com/libs/ 		55 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.mxpnl.com/libs/mixpanel-2-latest.min.js
Requested by
Host: cdn.mxpnl.com
URL: https://cdn.mxpnl.com/libs/mixpanel-js-wrapper.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:bc29:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
UploadServer /
Resource Hash
60f5f911fd8f366f29390166716a1977430d5472b02b6a1298c818096d7d2aac

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://app.offramp.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 16:11:32 GMT
content-encoding
gzip
age
589
x-guploader-uploadid
ACJd0Nrq0yFSeCRDtI9onHRo5lAlzGOrQnJAOih1fZsrpXpc6sKJXrSevNP3ko4SUC3ybc-8B8g
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18820
last-modified
Fri, 21 Jun 2024 22:06:07 GMT
server
UploadServer
etag
"264255e7eaaa8cfa38c236557516b1d2"
vary
Accept-Encoding
x-goog-generation
1719007567436070
x-goog-hash
crc32c=lF4D6Q==, md5=JkJV5+qqjPo4wjZVdRax0g==
access-control-allow-origin
*
content-type
text/javascript
cache-control
public,max-age=600
x-goog-stored-content-length
18820
accept-ranges
bytes
expires
Sat, 22 Jun 2024 16:21:32 GMT
normal
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/s65ir/0x4AAAAAAAHyOLnIJ0hvONYg/auto/ Frame 64B1 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/s65ir/0x4AAAAAAAHyOLnIJ0hvONYg/auto/normal
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/api.js?onload=onloadTurnstileCallback__cf-turnstile&render=explicit
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.2.184 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-src https://challenges.cloudflare.com/; base-uri 'self'

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://app.offramp.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
alt-svc
h3=":443"; ma=86400
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
897d9229d8879a41-FRA
content-encoding
br
content-security-policy
frame-src https://challenges.cloudflare.com/; base-uri 'self'
content-type
text/html; charset=UTF-8
critical-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
cross-origin
date
Sat, 22 Jun 2024 16:21:21 GMT
document-policy
js-profiling
origin-agent-cluster
?1
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy
same-origin
server
cloudflare
collect
region1.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-G9FYZQ6RSZ&gtm=45je46j0v9168916613z89168910236za200zb9168910236&_p=1719073281226&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=526261604.1719073282&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1719073281&sct=1&seg=0&dl=https%3A%2F%2Fapp.offramp.xyz%2F&dt=Offramp.xyz%20-%20Card&en=page_view&_fv=1&_nsi=1&_ss=1&ep.event_source_domain=app.offramp.xyz&tfd=8858&_z=fetch
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-G9FYZQ6RSZ&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://app.offramp.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 22 Jun 2024 16:21:21 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://app.offramp.xyz
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
modules.ef112488b1de7ff5f962.js
script.hotjar.com/ 		223 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.ef112488b1de7ff5f962.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-3682044.js?sv=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-21.fra56.r.cloudfront.net
Software
/
Resource Hash
4bb1ac874a76d6bc873350d839b4ae5bcbea002f2a6f1907a197027c2dfc1fe8
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://app.offramp.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 15:21:06 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 dca6db3c8f31f3cd48bb06d78a8be624.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2
age
176415
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
56326
last-modified
Thu, 20 Jun 2024 15:20:30 GMT
etag
"4bf3c968ca73f7170da42a1ae7ed463c"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
gU-GOONYnW0ErowlIW8MD5zBUcCl--mVuiYVH5t-rXbUjzETxGlyYA==
Uncut-Sans-Regular.otf
assets.offramp.xyz/fonts/ 		59 KB
38 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.offramp.xyz/fonts/Uncut-Sans-Regular.otf
Requested by
Host: app.offramp.xyz
URL: https://app.offramp.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:5494 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c7dc8fdbd0d8f3690c43626345397c975bd35795d0ebc92d4a08858c6c1747c4
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://app.offramp.xyz/
Origin
https://app.offramp.xyz
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 16:21:22 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
tx0000009630412e1b531c5-00664f17eb-3bfb8894-sgp1b
x-envoy-upstream-healthchecked-cluster
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 15 Apr 2024 09:36:57 GMT
server
cloudflare
etag
W/"4a80fb578b363546665ac62f095d1620"
vary
Origin,Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
font/otf
access-control-allow-origin
https://app.offramp.xyz
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=g32PSkCOe5RS9pQ5vxmsM97Qq4sWZaCmsAMOlNnu8nxOqUuZnVyUY%2BUn9VdHy1DjGWakUfa%2BLiws7UnXNjmRFoLjvq6Qse2soRN6TKWe%2BUucmI%2ByBw6%2FMVJcCC3q2X02x0DE8xGGHiPwVQXrns7yFpM%3D"}],"group":"cf-nel","max_age":604800}
x-do-cdn-uuid
b50ac465-e054-48d9-9577-ad36e16b6a6c
x-rgw-object-type
Normal
cache-control
max-age=14400
access-control-max-age
7200
cf-ray
897d922bea4937fe-FRA
ejlvg5px
widget.intercom.io/widget/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.intercom.io/widget/ejlvg5px
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PJ8VL7FN&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-74.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ceef7cd2db4ba660abfc47e122d1337ac5cce2520acd66e6aabb50f6554b6814

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://app.offramp.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
RUm9gLEUIJFhk_aoqJuxrbeymgO5zbap
content-encoding
gzip
via
1.1 b6d1611761652d7a383651f2bf480596.cloudfront.net (CloudFront)
date
Sat, 22 Jun 2024 16:16:02 GMT
x-amz-cf-pop
FRA2-C1
age
328
x-amz-server-side-encryption
AES256
x-cache
Error from cloudfront
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
2670
last-modified
Fri, 21 Jun 2024 11:20:21 GMT
server
AmazonS3
etag
"dc2eb5e77345e9091880a333f2990d3d"
vary
Accept-Encoding, Origin
content-type
application/javascript; charset=UTF-8
cache-control
max-age=300, s-maxage=300, public
accept-ranges
bytes
x-amz-cf-id
ah94rIrexfTc1n-VXPMJNjqSMceUaefcfgnmG6lBs4YAg7OLTDI-6A==
favicon.svg
app.offramp.xyz/favicon/ 		405 B
713 B 		Other
General
Check archive.org
Download Go to
Full URL
https://app.offramp.xyz/favicon/favicon.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:c22c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
224e41ab1887ea922df079ffd6c7e0757b99919b016f4c0750ca8f26bd1de836

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://app.offramp.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 16:21:22 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-do-app-origin
7fd4da4d-d3d3-4d5f-9cb7-8cd1faa65679
x-amz-request-id
tx0000015e911689947d9d4-006674eb8a-52adc8f8-sfo3a
x-do-orig-status
200
x-envoy-upstream-healthchecked-cluster
age
4538
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 20 Jun 2024 09:18:39 GMT
server
cloudflare
etag
W/"bab5edeb8c3b4e13ed0bcb38e5af05db"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Vj5o7DUiV8JO4ea1Ah%2FJzE%2F1OcfZqMzIF19ZPsmAl8GI7JAnTP3nVHh42%2Bsgt8mjOwWsJYAqc6L2CZqxhkubvvml8dI6ebT7xqpFF3B9CK%2BuHuoUNU%2B%2BnP7bUglWDLbpdJ7Prfe9c%2FaGpXC2LEc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
x-rgw-object-type
Normal
cache-control
public, max-age=14400, s-maxage=86400
x-do-static-catchall-document
index.html
cf-ray
897d922dfad09214-FRA
frame-modern.fff688a5.js
js.intercomcdn.com/ Frame 37C4 		460 KB
139 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/frame-modern.fff688a5.js
Requested by
Host: widget.intercom.io
URL: https://widget.intercom.io/widget/ejlvg5px
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.46.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-46-20.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e6c993a5c8ab198fcc5fe5bb2a7ff4e9412570bb4f44b179390269c91082154f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
xMf_Q.6_EEtPbCLQmym1A_CmInAvRpjJ
content-encoding
gzip
via
1.1 5a2cb96a37aeca3f9626798c4e9dab28.cloudfront.net (CloudFront)
date
Sat, 22 Jun 2024 15:20:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
FRA56-P9
age
3658
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
141248
last-modified
Fri, 21 Jun 2024 11:17:05 GMT
server
AmazonS3
etag
"3297f290275a7e6e083710806e64a4f7"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=31536000, s-maxage=7200, public
accept-ranges
bytes
x-amz-cf-id
ttd1yWYPg6cMRfnFGDceHzXU3Wwllh63Z-DitYCCU_4JUOSLEnH7Mw==
vendor-modern.a0d657ae.js
js.intercomcdn.com/ Frame 37C4 		480 KB
149 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/vendor-modern.a0d657ae.js
Requested by
Host: widget.intercom.io
URL: https://widget.intercom.io/widget/ejlvg5px
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.46.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-46-20.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f2ffcde94bdef31362ec0b8fc7b7472b6ef17393753b10cd31aac9c9c43fc6a5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
XwuR0NsztnMqlDOV_52XzBhxcaUf8LH5
content-encoding
gzip
via
1.1 5a2cb96a37aeca3f9626798c4e9dab28.cloudfront.net (CloudFront)
date
Sat, 22 Jun 2024 15:31:43 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
FRA56-P9
age
2980
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
152080
last-modified
Wed, 19 Jun 2024 15:28:34 GMT
server
AmazonS3
etag
"4c3f6cae904a1382fb46ef35d139fc2c"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=31536000, s-maxage=7200, public
accept-ranges
bytes
x-amz-cf-id
GVbzCznu9MFBRxnLD6JBFiTo3wef5MuTF7LHdALha10FgvjDsV9RaQ==
ping
api-iam.intercom.io/messenger/web/ Frame 37C4 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-iam.intercom.io/messenger/web/ping
Requested by
Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.fff688a5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.55.91.222 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-55-91-222.compute-1.amazonaws.com
Software
nginx /
Resource Hash
7726521263086f08c1ca5197ff318495cac3886eea9299cc319f6d58652b7bae
Security Headers
Name Value
Strict-Transport-Security max-age=31556952; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Sat, 22 Jun 2024 16:21:23 GMT
strict-transport-security
max-age=31556952; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
x-ami-version
ami-0e825a06bead32c4c
status
200 OK
x-xss-protection
1; mode=block
x-request-id
0004g2qnre5vfkok1g6g
x-runtime
0.255553
server
nginx
etag
W/"7726521263086f08c1ca5197ff318495"
x-request-queueing
0
vary
Accept,Accept-Encoding
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://app.offramp.xyz
x-intercom-version
42e51b3c4fd3d3c9a7d1acc348145a803e220de6
access-control-expose-headers
x-request-id
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-frame-options
SAMEORIGIN
access-control-allow-headers
Content-Type, Idempotency-Key, X-INTERCOM-APP, X-INTERCOM-PAGE-TITLE, X-INTERCOM-USER-DATA
vendors~locale-de-json-modern.4bdb1cae.js
js.intercomcdn.com/ Frame 37C4 		33 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/vendors~locale-de-json-modern.4bdb1cae.js
Requested by
Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.fff688a5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.46.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-46-20.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1ce4d766681bfb135f3b487cc34bcbcbbae8c5da9b3b34509cf3b7c10c0c1c4b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
Cici6A4NdZ.PuDSykIu8TZmUfBsOZF5A
content-encoding
gzip
via
1.1 5a2cb96a37aeca3f9626798c4e9dab28.cloudfront.net (CloudFront)
date
Sat, 22 Jun 2024 15:38:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
FRA56-P9
age
2576
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
9357
last-modified
Fri, 14 Jun 2024 14:22:03 GMT
server
AmazonS3
etag
"46a5bf015ac537064f69bdda86b5725b"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=31536000, s-maxage=7200, public
accept-ranges
bytes
x-amz-cf-id
6JATRZkWppWI7Z3ubolTyli0dtlv1irTdaxnISYq6ZdM_57oLjkVjw==

Verdicts & Comments Add Verdict or Comment

43 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 undefined| event object| fence object| sharedStorage string| __reactRouterVersion object| regeneratorRuntime object| global object| process function| OneSignalDeferred object| _ethers function| Buffer function| CoinbaseWalletSDK function| CoinbaseWalletProvider function| WalletLink function| WalletLinkProvider function| MerkleTree function| MerkleMountainRange function| IncrementalMerkleTree function| MerkleSumTree object| dataLayer function| onloadTurnstileCallback__cf-turnstile object| google_tag_manager object| google_tag_data function| hj object| _hjSettings number| __oneSignalSdkLoadCount function| OneSignal string| MIXPANEL_LIB_URL object| mixpanel function| _mixpanel object| turnstile function| onYouTubeIframeAPIReady object| gaGlobal object| hjSiteSettings function| hjBootstrap object| hjLazyModules object| hjBootstrapCalled object| intercomSettings function| Intercom function| __intercomAssignLocation function| __intercomReloadLocation

9 Cookies

Domain/Path Name / Value
.onesignal.com/ Name: __cf_bm
Value: y0e.QCtlNKRNoMdTsL_ezGavHylmrFwTUSEJ_oX.avg-1719073281-1.0.1.1-IdqyRsLxnSZy8aDs2JOcjmkfIhe6StgS.b5E1O6rBgQPUxe8pYzUhzrj6FDN7JRUex.v9HBbL9EmncOA8YmCrw
.offramp.xyz/ Name: mp_4991bf41981b2d0528db63fbd8d84632_mixpanel
Value: %7B%22distinct_id%22%3A%20%22%24device%3A19040c096062243-03e7c1c560376a-26001f51-1d4c00-19040c096062243%22%2C%22%24device_id%22%3A%20%2219040c096062243-03e7c1c560376a-26001f51-1d4c00-19040c096062243%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%2C%22__mps%22%3A%20%7B%7D%2C%22__mpso%22%3A%20%7B%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D%2C%22__mpus%22%3A%20%7B%7D%2C%22__mpa%22%3A%20%7B%7D%2C%22__mpu%22%3A%20%7B%7D%2C%22__mpr%22%3A%20%5B%5D%2C%22__mpap%22%3A%20%5B%5D%7D
.offramp.xyz/ Name: _ga
Value: GA1.1.526261604.1719073282
.offramp.xyz/ Name: _ga_G9FYZQ6RSZ
Value: GS1.1.1719073281.1.0.1719073281.0.0.0
.offramp.xyz/ Name: _hjSessionUser_3682044
Value: eyJpZCI6ImIwOTNmNTVkLTljY2UtNTYzNS1iNjZiLTA0YThkNWMzNGE0YiIsImNyZWF0ZWQiOjE3MTkwNzMyODE4MjEsImV4aXN0aW5nIjpmYWxzZX0=
.offramp.xyz/ Name: _hjSession_3682044
Value: eyJpZCI6IjIxMzBiYTg3LTQ3YTItNDVlMC05Y2ZjLWYzYTMzZDQ2ZGQyNCIsImMiOjE3MTkwNzMyODE4MjIsInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=
.offramp.xyz/ Name: intercom-id-ejlvg5px
Value: 948ae1aa-9e73-4b34-b28d-9fd569eff086
.offramp.xyz/ Name: intercom-session-ejlvg5px
Value:
.offramp.xyz/ Name: intercom-device-id-ejlvg5px
Value: f15bc9c1-3aae-4377-8d0d-d6b73c75ccb7

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api-iam.intercom.io
app.offramp.xyz
assets.offramp.xyz
cdn.mxpnl.com
cdn.onesignal.com
challenges.cloudflare.com
js.intercomcdn.com
region1.google-analytics.com
script.hotjar.com
static.hotjar.com
widget.intercom.io
www.googletagmanager.com
104.16.160.145
104.17.2.184
13.224.189.74
13.32.27.21
18.245.46.20
18.66.102.51
2001:4860:4802:34::36
2600:1901:0:bc29::
2606:4700:3033::ac43:c22c
2606:4700:3037::6815:5494
2a00:1450:4001:831::2008
52.55.91.222
1ce4d766681bfb135f3b487cc34bcbcbbae8c5da9b3b34509cf3b7c10c0c1c4b
224e41ab1887ea922df079ffd6c7e0757b99919b016f4c0750ca8f26bd1de836
4bb1ac874a76d6bc873350d839b4ae5bcbea002f2a6f1907a197027c2dfc1fe8
5dff281165a71a0d3c2eeaa01010dab8d9e66a533216657f72a1e56e74c4b603
60f5f911fd8f366f29390166716a1977430d5472b02b6a1298c818096d7d2aac
6ac59f59adb67d1ad0d17c0cf04c6d2a6fce6c08da2d0f81dbe7172bbd76e9f6
7726521263086f08c1ca5197ff318495cac3886eea9299cc319f6d58652b7bae
8865228cd5b0566db39052224a11efb3b5e9bb1cfbbfafefada37d088e438afb
b7dd280e791355b7f6e369682a827331ac63a72f9464667a5f02e77a6c5bff63
b810a55c064062bb2e7c21978cde65aea63b035c95f1e3bc47abe054c513f28f
c07595b79bb04146daafdc0e18f223239699a01bc10b77f9ab34e4719682dfc0
c7dc8fdbd0d8f3690c43626345397c975bd35795d0ebc92d4a08858c6c1747c4
ceef7cd2db4ba660abfc47e122d1337ac5cce2520acd66e6aabb50f6554b6814
d1cc8e2214a41a9230081c383912319694ad158fac9483a22ec3f6230af88826
dd74f3c426907541dfdad14447f38927db10254b2317185774c38458fbb74fea
e6c993a5c8ab198fcc5fe5bb2a7ff4e9412570bb4f44b179390269c91082154f
f2ffcde94bdef31362ec0b8fc7b7472b6ef17393753b10cd31aac9c9c43fc6a5
fdf9b58fcf84b6c75c42ba56855fb02e0a990771aa1932c18a0fa73ef640000a