www.shofda.com Open in urlscan Pro
2606:4700:3034::ac43:b22e  Public Scan

23 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

29 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response www.shofda.com/	49 KB 7 KB	422ms 393ms	Document text/html	2606:4700:3034::ac43:b22e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.shofda.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3034::ac43:b22e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 46af108c0be059bc6018af7d52c9c24299972d89395e6d12e18a70b1f29b3bbe Request headers :method GET :authority www.shofda.com :scheme https :path / pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 14 Mar 2021 01:17:18 GMT content-type text/html set-cookie __cfduid=d2576f6c2b1ab31185b441377926227091615684638; expires=Tue, 13-Apr-21 01:17:18 GMT; path=/; domain=.shofda.com; HttpOnly; SameSite=Lax; Secure last-modified Thu, 14 Jan 2021 12:44:12 GMT cf-cache-status DYNAMIC cf-request-id 08cfe82e7b00004e4334122000000001 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Pelr9cJybJTLXhqGHiQ0LQEnkyDv4pIiWAu9YgmcBUjA964PoaRhRQzOw6v6xf71mcEalEotPMpyNzf2zG%2F6IX%2FXIqiKoAbgu3Sz6a26pAUkpH25jGaoCZ7qpg%3D%3D"}],"max_age":604800,"group":"cf-nel"} nel {"report_to":"cf-nel","max_age":604800} server cloudflare cf-ray 62f9a95d98b44e43-FRA content-encoding br alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
GET H/1.1	403 Forbidden	c5fa1276c4431a1cbd827580d8eec405.js skillpropulsion.com/c5/fa/12/	0 0	421ms 133ms	Script application/javascript	192.243.59.12 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL https://skillpropulsion.com/c5/fa/12/c5fa1276c4431a1cbd827580d8eec405.js Requested by Host: www.shofda.com URL: https://www.shofda.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.17.6 / Resource Hash Request headers Referer https://www.shofda.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Access-Control-Allow-Origin * Date Sun, 14 Mar 2021 01:17:19 GMT Server nginx/1.17.6 Connection keep-alive Content-Type application/javascript Content-Length 0 P3P CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
GET H/1.1	403 Forbidden	40357962811f47fdd8234d3b8b1e2af5.js skillpropulsion.com/40/35/79/	0 0	453ms 152ms	Script application/javascript	192.243.59.12 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL https://skillpropulsion.com/40/35/79/40357962811f47fdd8234d3b8b1e2af5.js Requested by Host: www.shofda.com URL: https://www.shofda.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.17.6 / Resource Hash Request headers Referer https://www.shofda.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Access-Control-Allow-Origin * Date Sun, 14 Mar 2021 01:17:19 GMT Server nginx/1.17.6 Connection keep-alive Content-Type application/javascript Content-Length 0 P3P CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
GET H2	200	apu.php Show response deloplen.com/	61 KB 22 KB	174ms 74ms	Script application/javascript	81.171.10.216 LEASEWEB-NL-AMS-0...
General Check archive.org Show headers Download Go to Full URL https://deloplen.com/apu.php?zoneid=2752277 Requested by Host: www.shofda.com URL: https://www.shofda.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 81.171.10.216 Nijverdal, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL), Reverse DNS Software nginx / Resource Hash 55b09f778aedcc7438e3ad3440a14ddb213779674d80dce298e8de69f07afe59 Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers Referer https://www.shofda.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-trace-id 760572ee6b21f1309c1e24d4ffc3a586 pragma no-cache date Sun, 14 Mar 2021 01:17:18 GMT content-encoding gzip x-content-type-options nosniff server nginx strict-transport-security max-age=1 access-control-allow-methods GET, POST, OPTIONS content-type application/javascript access-control-allow-origin * cache-control no-transform, no-store, no-cache, must-revalidate, max-age=0 access-control-allow-credentials true timing-allow-origin *, * access-control-allow-headers Accept, Content-Type, Content-Length, Accept-Encoding expires Tue, 11 Jan 1994 10:00:00 GMT
GET H/1.1	200 OK	ntfc.php Show response pushmono.com/	14 KB 6 KB	166ms 52ms	Script application/javascript	139.45.196.210 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://pushmono.com/ntfc.php?p=2752300 Requested by Host: www.shofda.com URL: https://www.shofda.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 139.45.196.210 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash c12963ca692f28ea67ac9637225d66eb1464d98f816728fb7a3faef6a1099403 Request headers Referer https://www.shofda.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Sun, 14 Mar 2021 01:17:14 GMT Content-Encoding gzip Last-Modified Fri, 12 Mar 2021 11:10:16 GMT Server nginx ETag W/"604b4c18-373e" Transfer-Encoding chunked Content-Type application/javascript Cache-Control no-cache Access-Control-Allow-Credentials true Connection keep-alive
GET H2	200	3485977 Show response in-page-push.com/400/	80 KB 28 KB	187ms 79ms	Script application/javascript	139.45.197.15 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://in-page-push.com/400/3485977 Requested by Host: www.shofda.com URL: https://www.shofda.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.45.197.15 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash 7cec8e207c0170a2c7a97952b4edfe5a4ed3fc07a5e8ab4f6183e8ab73388445 Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers Referer https://www.shofda.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-trace-id df042594c8cc1e3502e66f4ed65e86e1 pragma no-cache date Sun, 14 Mar 2021 01:17:18 GMT content-encoding gzip x-content-type-options nosniff server nginx vary Origin content-type application/javascript cache-control no-cache, no-store, no-transform, must-revalidate, private, max-age=0 strict-transport-security max-age=1 timing-allow-origin * expires Wed, 31 Dec 1969 19:00:00 EST
GET H2	200	cover.jpg www.tailwindtoolbox.com/templates/	64 KB 64 KB	270ms 110ms	Image image/jpeg	109.228.49.140 IONOS-AS This is ...
General Check archive.org Show headers Download Go to Show image Full URL https://www.tailwindtoolbox.com/templates/cover.jpg Requested by Host: www.shofda.com URL: https://www.shofda.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 109.228.49.140 , United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE), Reverse DNS tailwindtoolbox.com Software nginx / PleskLin Resource Hash 15e551f9b947b225875033378a3490a23e1cd44a1fd183dd7b7acdebba2b99e4 Request headers Referer https://www.shofda.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 14 Mar 2021 01:17:18 GMT last-modified Sat, 06 Feb 2021 18:10:13 GMT server nginx x-powered-by PleskLin etag "601edb85-100e0" content-type image/jpeg accept-ranges bytes content-length 65760
GET H2	200	fac.php Show response deloplen.com/ Frame 5685	203 B 647 B	49ms 49ms	Document text/html	81.171.10.216 LEASEWEB-NL-AMS-0...
General Check archive.org Show headers Download Go to Full URL https://deloplen.com/fac.php Requested by Host: deloplen.com URL: https://deloplen.com/apu.php?zoneid=2752277 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 81.171.10.216 Nijverdal, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL), Reverse DNS Software nginx / Resource Hash 784a34ad8ab40e1a36b18877baed92e25c4de3a1040905d00ff51a2774e8238e Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers :method GET :authority deloplen.com :scheme https :path /fac.php pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://www.shofda.com/ accept-encoding gzip, deflate, br accept-language en-US cookie OAID=c62b7b361c40468984cbfb4f3a610d36; oaidts=1615684638 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://www.shofda.com/ Response headers server nginx date Sun, 14 Mar 2021 01:17:19 GMT content-type text/html; charset=utf8 content-length 203 access-control-allow-origin * access-control-allow-credentials true access-control-allow-methods GET, POST, OPTIONS access-control-allow-headers Accept, Content-Type, Content-Length, Accept-Encoding pragma no-cache cache-control no-transform, no-store, no-cache, must-revalidate, max-age=0 expires Tue, 11 Jan 1994 10:00:00 GMT timing-allow-origin * * x-trace-id 348fa90ec58c97fe9c1a96c75d6a11b7 strict-transport-security max-age=1 x-content-type-options nosniff
GET H/1.1	200 OK	zone Show response pushmono.com/	689 B 1 KB	72ms 72ms	Fetch application/json	139.45.196.210 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://pushmono.com/zone?pub=0&zone_id=2752300&is_mobile=false&domain=www.shofda.com&var=&ymid=&var_3= Requested by Host: pushmono.com URL: https://pushmono.com/ntfc.php?p=2752300 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 139.45.196.210 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash 42c110c640fe6e7ed6cdc0a29a738872454f1fd53fa39f9834025039570b8c60 Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers Referer https://www.shofda.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers X-Trace-Id 5981f5c8443036d0460ea5bbbc88b95b Date Sun, 14 Mar 2021 01:17:15 GMT X-Content-Type-Options nosniff Server nginx Strict-Transport-Security max-age=1 Content-Type application/json; charset=utf-8 Access-Control-Allow-Origin https://www.shofda.com Access-Control-Allow-Credentials true Connection keep-alive Access-Control-Allow-Headers Origin, X-Requested-With, Content-Type, Accept Content-Length 689
GET H/1.1	200 OK	universal.min.js Show response pushmono.com/pfe/current/	106 KB 38 KB	211ms 89ms	Fetch application/javascript	139.45.196.210 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://pushmono.com/pfe/current/universal.min.js?v=3.1.285 Requested by Host: pushmono.com URL: https://pushmono.com/ntfc.php?p=2752300 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 139.45.196.210 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash f7c046a159a5cd014e09872e3541faec5203b53cecb2d17850674e6f68f65abe Request headers Referer https://www.shofda.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Sun, 14 Mar 2021 01:17:15 GMT Content-Encoding gzip Last-Modified Fri, 12 Mar 2021 11:10:16 GMT Server nginx ETag W/"604b4c18-1a9e3" Transfer-Encoding chunked Content-Type application/javascript Access-Control-Allow-Origin https://www.shofda.com Cache-Control no-cache Access-Control-Allow-Credentials true Connection keep-alive
GET H2	200	img.gif my.rtmark.net/ Frame 5685	43 B 491 B	186ms 62ms	Image image/gif	139.45.195.8 RETN-AS
General Check archive.org Show headers Download Go to Show image Full URL https://my.rtmark.net/img.gif?f=merge&userId=c62b7b361c40468984cbfb4f3a610d36 Requested by Host: deloplen.com URL: https://deloplen.com/fac.php Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers Referer https://deloplen.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 14 Mar 2021 01:17:19 GMT x-content-type-options nosniff server nginx strict-transport-security max-age=1 access-control-allow-methods POST, GET, OPTIONS, PUT, DELETE content-type image/gif access-control-allow-origin * access-control-expose-headers Authorization access-control-allow-credentials true timing-allow-origin *, * access-control-allow-headers Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token content-length 43
GET H2	200	gid.js Show response my.rtmark.net/	65 B 542 B	171ms 56ms	XHR application/json	139.45.195.8 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://my.rtmark.net/gid.js Requested by Host: in-page-push.com URL: https://in-page-push.com/400/3485977 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash 4fa1559f3c1c2e46aee9e3a2a12c01ee65ac113b3f86ddca725c325fe5b8f1f0 Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers Referer https://www.shofda.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 14 Mar 2021 01:17:19 GMT x-content-type-options nosniff server nginx strict-transport-security max-age=1 access-control-allow-methods POST, GET, OPTIONS, PUT, DELETE content-type application/json; charset=utf-8 access-control-allow-origin https://www.shofda.com access-control-expose-headers Authorization access-control-allow-credentials true timing-allow-origin *, * access-control-allow-headers Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token content-length 65
OPTIONS H2	204	options deloplen.com/ Frame	0 0	160ms 53ms	Preflight	81.171.10.216 LEASEWEB-NL-AMS-0...
General Check archive.org Show headers Download Go to Full URL https://deloplen.com/options?option_args=CJX-pwESIGM2MmI3YjM2MWM0MDQ2ODk4NGNiZmI0ZjNhNjEwZDM2GipodHRwOi8vZGVsb3BsZW4uY29tL2FwdS5waHA_em9uZWlkPTI3NTIyNzciF2h0dHBzOi8vd3d3LnNob2ZkYS5jb20vMiQ3NDE1NWYyOC1mYWM0LTQ2MmMtODA3Yy1lOTg1ZGI0ZGNmNzE= Protocol H2 Server 81.171.10.216 Nijverdal, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL), Reverse DNS Software nginx / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers Accept */* Access-Control-Request-Method POST Access-Control-Request-Headers content-type Origin https://www.shofda.com User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode cors Response headers server nginx date Sun, 14 Mar 2021 01:17:19 GMT access-control-allow-origin https://www.shofda.com access-control-allow-credentials true access-control-allow-methods GET, POST, OPTIONS access-control-allow-headers Accept, Content-Type, Content-Length, Accept-Encoding pragma no-cache cache-control no-transform, no-store, no-cache, must-revalidate, max-age=0 expires Tue, 11 Jan 1994 10:00:00 GMT timing-allow-origin * * strict-transport-security max-age=1 x-content-type-options nosniff
POST H2	200	options Show response deloplen.com/	0 448 B	51ms 51ms	XHR text/html	81.171.10.216 LEASEWEB-NL-AMS-0...
General Check archive.org Show headers Download Go to Full URL https://deloplen.com/options?option_args=CJX-pwESIGM2MmI3YjM2MWM0MDQ2ODk4NGNiZmI0ZjNhNjEwZDM2GipodHRwOi8vZGVsb3BsZW4uY29tL2FwdS5waHA_em9uZWlkPTI3NTIyNzciF2h0dHBzOi8vd3d3LnNob2ZkYS5jb20vMiQ3NDE1NWYyOC1mYWM0LTQ2MmMtODA3Yy1lOTg1ZGI0ZGNmNzE= Requested by Host: deloplen.com URL: https://deloplen.com/apu.php?zoneid=2752277 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 81.171.10.216 Nijverdal, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers Referer https://www.shofda.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-type application/json Response headers x-trace-id a4c12e1979756920adaad7f414ed4e47 pragma no-cache date Sun, 14 Mar 2021 01:17:19 GMT x-content-type-options nosniff server nginx strict-transport-security max-age=1 access-control-allow-methods GET, POST, OPTIONS content-type text/html; charset=utf8 access-control-allow-origin https://www.shofda.com cache-control no-transform, no-store, no-cache, must-revalidate, max-age=0 access-control-allow-credentials true timing-allow-origin *, * access-control-allow-headers Accept, Content-Type, Content-Length, Accept-Encoding content-length 0 expires Tue, 11 Jan 1994 10:00:00 GMT
OPTIONS H/1.1	200 OK	custom pushmono.com/ Frame	0 0	56ms 56ms	Preflight text/plain	139.45.196.210 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://pushmono.com/custom Protocol HTTP/1.1 Server 139.45.196.210 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash Request headers Accept */* Access-Control-Request-Method POST Access-Control-Request-Headers content-type Origin https://www.shofda.com User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode cors Response headers Server nginx Date Sun, 14 Mar 2021 01:17:15 GMT Content-Type text/plain; charset=utf-8 Content-Length 0 Connection keep-alive Access-Control-Allow-Origin https://www.shofda.com Access-Control-Allow-Credentials true Access-Control-Allow-Methods GET, POST, OPTIONS Access-Control-Allow-Headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type Access-Control-Max-Age 86400
OPTIONS H/1.1	200 OK	custom pushmono.com/ Frame	0 0	111ms 56ms	Preflight text/plain	139.45.196.210 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://pushmono.com/custom Protocol HTTP/1.1 Server 139.45.196.210 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash Request headers Accept */* Access-Control-Request-Method POST Access-Control-Request-Headers content-type Origin https://www.shofda.com User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode cors Response headers Server nginx Date Sun, 14 Mar 2021 01:17:15 GMT Content-Type text/plain; charset=utf-8 Content-Length 0 Connection keep-alive Access-Control-Allow-Origin https://www.shofda.com Access-Control-Allow-Credentials true Access-Control-Allow-Methods GET, POST, OPTIONS Access-Control-Allow-Headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type Access-Control-Max-Age 86400
POST H/1.1	200 OK	custom Show response pushmono.com/	39 B 489 B	71ms 70ms	Fetch application/json	139.45.196.210 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://pushmono.com/custom Requested by Host: www.shofda.com URL: https://www.shofda.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 139.45.196.210 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881 Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers Referer https://www.shofda.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type application/json Response headers X-Trace-Id 8127e984e46a6a787d1d1a40d8c50dfe Date Sun, 14 Mar 2021 01:17:15 GMT X-Content-Type-Options nosniff Server nginx Strict-Transport-Security max-age=1 Content-Type application/json; charset=utf-8 Access-Control-Allow-Origin https://www.shofda.com Access-Control-Allow-Credentials true Connection keep-alive Access-Control-Allow-Headers Origin, X-Requested-With, Content-Type, Accept Content-Length 39
POST H/1.1	200 OK	custom Show response pushmono.com/	39 B 489 B	68ms 53ms	Fetch application/json	139.45.196.210 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://pushmono.com/custom Requested by Host: www.shofda.com URL: https://www.shofda.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 139.45.196.210 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881 Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers Referer https://www.shofda.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type application/json Response headers X-Trace-Id 5b0495fbc012badd06862118af9a87b4 Date Sun, 14 Mar 2021 01:17:15 GMT X-Content-Type-Options nosniff Server nginx Strict-Transport-Security max-age=1 Content-Type application/json; charset=utf-8 Access-Control-Allow-Origin https://www.shofda.com Access-Control-Allow-Credentials true Connection keep-alive Access-Control-Allow-Headers Origin, X-Requested-With, Content-Type, Accept Content-Length 39
GET H2	404	propsw.js Show response www.shofda.com/	580 B 472 B	412ms 412ms	Fetch text/html	2606:4700:3034::ac43:b22e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.shofda.com/propsw.js Requested by Host: www.shofda.com URL: https://www.shofda.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3034::ac43:b22e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cbf1fdfdb7257daf8b0905d94bd04e2829c502c9c01b1d96bb979069e2ebc895 Request headers Referer https://www.shofda.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 14 Mar 2021 01:17:19 GMT content-encoding br cf-cache-status MISS nel {"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=3l5BTwrqeqN0%2Fz52L0wpl2%2B5b8f7D1IlVvcbTOhr1g6gT7BZaRURIBQ6e%2BHcBrpUQn0rPm8bUt37kEkKXCKXgFPZ9YfN%2F0nVIJiq2Xqyh1pSjoGXfrSC1EcRiw%3D%3D"}],"max_age":604800,"group":"cf-nel"} content-type text/html cache-control max-age=14400 cf-ray 62f9a964adb64e43-FRA alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 cf-request-id 08cfe832ee00004e4312aa2000000001
OPTIONS H2	200	3485977 in-page-push.com/500/ Frame	0 0	157ms 52ms	Preflight	139.45.197.15 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://in-page-push.com/500/3485977?excludes=&oaid=51db44e563a14a8aaab3c117a1ea03c4&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=1&pl=https%3A%2F%2Fwww.shofda.com%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false Protocol H2 Server 139.45.197.15 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers Accept */* Access-Control-Request-Method GET Access-Control-Request-Headers content-type Origin https://www.shofda.com User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode cors Response headers server nginx date Sun, 14 Mar 2021 01:17:19 GMT content-length 0 access-control-allow-credentials true access-control-allow-headers Content-Type access-control-allow-methods GET access-control-allow-origin https://www.shofda.com access-control-max-age 300 vary Origin Access-Control-Request-Method Access-Control-Request-Headers strict-transport-security max-age=1 x-content-type-options nosniff timing-allow-origin *
GET H2	200	3485977 Show response in-page-push.com/500/	1 KB 2 KB	56ms 56ms	XHR application/javascript	139.45.197.15 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://in-page-push.com/500/3485977?excludes=&oaid=51db44e563a14a8aaab3c117a1ea03c4&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=1&pl=https%3A%2F%2Fwww.shofda.com%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false Requested by Host: in-page-push.com URL: https://in-page-push.com/400/3485977 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.45.197.15 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash 76be23d07ceaca0239d8c631dab8ee78afca2e2262a929010887a1ddf20a8869 Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers Referer https://www.shofda.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type application/json Response headers x-trace-id 55a7ddbf1839140273af9459b6e080c2 pragma no-cache date Sun, 14 Mar 2021 01:17:19 GMT content-encoding gzip x-content-type-options nosniff server nginx vary Origin content-type application/javascript access-control-allow-origin https://www.shofda.com access-control-expose-headers Link cache-control no-cache, no-store, no-transform, must-revalidate, private, max-age=0 access-control-allow-credentials true strict-transport-security max-age=1 timing-allow-origin * expires Wed, 31 Dec 1969 19:00:00 EST
GET H/1.1	200 OK	0809963022804.png static.cdnativepush.com/contents/s/d9/f0/1e/cfb5aecc1eb938157da864a923/	3 KB 4 KB	226ms 56ms	Image image/png	139.45.197.188 RETN-AS
General Check archive.org Show headers Download Go to Show image Full URL https://static.cdnativepush.com/contents/s/d9/f0/1e/cfb5aecc1eb938157da864a923/0809963022804.png Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_128_CBC Server 139.45.197.188 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash 29f293142b202afb2cc5a3ffaf273b8579d619481adbff6e08f4ca7830599650 Request headers Referer https://www.shofda.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Sun, 14 Mar 2021 01:17:20 GMT Last-Modified Mon, 26 Oct 2020 16:18:06 GMT Server nginx ETag "5f96f6be-c33" Access-Control-Allow-Methods GET, POST, OPTIONS, HEAD Content-Type image/png Access-Control-Allow-Origin * Access-Control-Expose-Headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range Connection keep-alive Accept-Ranges bytes Access-Control-Allow-Headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range Content-Length 3123
OPTIONS H/1.1	200 OK	custom pushmono.com/ Frame	0 0	56ms 56ms	Preflight text/plain	139.45.196.210 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://pushmono.com/custom Protocol HTTP/1.1 Server 139.45.196.210 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash Request headers Accept */* Access-Control-Request-Method POST Access-Control-Request-Headers content-type Origin https://www.shofda.com User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode cors Response headers Server nginx Date Sun, 14 Mar 2021 01:17:15 GMT Content-Type text/plain; charset=utf-8 Content-Length 0 Connection keep-alive Access-Control-Allow-Origin https://www.shofda.com Access-Control-Allow-Credentials true Access-Control-Allow-Methods GET, POST, OPTIONS Access-Control-Allow-Headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type Access-Control-Max-Age 86400
POST H/1.1	200 OK	custom Show response pushmono.com/	39 B 489 B	53ms 52ms	Fetch application/json	139.45.196.210 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://pushmono.com/custom Requested by Host: www.shofda.com URL: https://www.shofda.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 139.45.196.210 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881 Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers Referer https://www.shofda.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type application/json Response headers X-Trace-Id 8b48e35a902ea049d9b1cde0eb98603d Date Sun, 14 Mar 2021 01:17:15 GMT X-Content-Type-Options nosniff Server nginx Strict-Transport-Security max-age=1 Content-Type application/json; charset=utf-8 Access-Control-Allow-Origin https://www.shofda.com Access-Control-Allow-Credentials true Connection keep-alive Access-Control-Allow-Headers Origin, X-Requested-With, Content-Type, Accept Content-Length 39
GET H2	200	FLA0RyisnwvMAXg97n0CYDpTwQxJlbAp9w_tsY4UbmavjbKJizB8plxfvVGMTqiNKXQrCBL2DRElhC_Z0s8yd1GQzEohWN2EvgDAKpb2j-KOKCftcKhQ4x12h0zcsQxIvn3ZyxABkyV7rO7GSGd747glNWTC5m03LaLW-LWbzQuTIpFE7dJe3avR9Fy9tf35qNNPH... dutorterraom.com/impression/	43 B 326 B	178ms 63ms	Image image/gif	139.45.197.14 RETN-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dutorterraom.com/impression/FLA0RyisnwvMAXg97n0CYDpTwQxJlbAp9w_tsY4UbmavjbKJizB8plxfvVGMTqiNKXQrCBL2DRElhC_Z0s8yd1GQzEohWN2EvgDAKpb2j-KOKCftcKhQ4x12h0zcsQxIvn3ZyxABkyV7rO7GSGd747glNWTC5m03LaLW-LWbzQuTIpFE7dJe3avR9Fy9tf35qNNPHHJmypEqvjRjZYNXbanNlvcSUB1AOI7Pjq2Biuxl5KMVZRe27EMSdfQt4mPNcIj535vC7EjhC5jbPZGJPTscib7WSGe5tC42GZiyksPt5MxRWwlqylzvLEIaX-VU79NgWvkepkAdJ6qNemjDQYa5Kx8KFw0tSGp8BmRhux-ix2aMTpKLVxSc-EArzYYSjJtT9JiWcZtRS4cAvPXEOxg2E52kT_fd8hJbCgmbgKrSufVkaKMVd8xC5xsGifu5q68HL0Scdlid3eQQXv_zYfyTXi5QNY3YK8U3US866Y0Jw9dey3Ri6zERxk7buq6vhZbvjWMbDaB6JQ64K9HKVOjtydyAtHHco4v3HiBpGEFlctqmcmKYqwrKAFWzRT8ugVOEYWCypwTJkFjrrgYc7b0tdxmLDA6cwoiLKGNeTvzQX_DsTk_spKZodenL_e4ZhYX0aSze7J844BmJP_zXqsrt3p_CkzuwhM_uF-aMJfTsFs4QSzwwmke-5UnnMpZA8000Fg==?z=3485977&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=1&pl=https%3A%2F%2Fwww.shofda.com%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.45.197.14 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers Referer https://www.shofda.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-trace-id 550fdd814c6f2e45cd8f7359c93b514e pragma no-cache date Sun, 14 Mar 2021 01:17:28 GMT x-content-type-options nosniff server nginx vary Origin content-type image/gif cache-control no-cache, no-store, no-transform, must-revalidate, private, max-age=0 strict-transport-security max-age=1 timing-allow-origin * content-length 43 expires Wed, 31 Dec 1969 19:00:00 EST
GET H/1.1	200 OK	0809963022804.png static.cdnativepush.com/contents/s/d9/f0/1e/cfb5aecc1eb938157da864a923/ Frame 6841	3 KB 4 KB	56ms 56ms	Image image/png	139.45.197.188 RETN-AS
General Check archive.org Show headers Download Go to Show image Full URL https://static.cdnativepush.com/contents/s/d9/f0/1e/cfb5aecc1eb938157da864a923/0809963022804.png Requested by Host: in-page-push.com URL: https://in-page-push.com/400/3485977 Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_128_CBC Server 139.45.197.188 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash 29f293142b202afb2cc5a3ffaf273b8579d619481adbff6e08f4ca7830599650 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Sun, 14 Mar 2021 01:17:29 GMT Last-Modified Mon, 26 Oct 2020 16:18:06 GMT Server nginx ETag "5f96f6be-c33" Access-Control-Allow-Methods GET, POST, OPTIONS, HEAD Content-Type image/png Access-Control-Allow-Origin * Access-Control-Expose-Headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range Connection keep-alive Accept-Ranges bytes Access-Control-Allow-Headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range Content-Length 3123
OPTIONS H2	200	3485977 in-page-push.com/500/ Frame	0 0	52ms 52ms	Preflight	139.45.197.15 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://in-page-push.com/500/3485977?excludes=7804823&oaid=51db44e563a14a8aaab3c117a1ea03c4&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=2&pl=https%3A%2F%2Fwww.shofda.com%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false Protocol H2 Server 139.45.197.15 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers Accept */* Access-Control-Request-Method GET Access-Control-Request-Headers content-type Origin https://www.shofda.com User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode cors Response headers server nginx date Sun, 14 Mar 2021 01:17:29 GMT content-length 0 access-control-allow-credentials true access-control-allow-headers Content-Type access-control-allow-methods GET access-control-allow-origin https://www.shofda.com access-control-max-age 300 vary Origin Access-Control-Request-Method Access-Control-Request-Headers strict-transport-security max-age=1 x-content-type-options nosniff timing-allow-origin *
GET H2	200	3485977 Show response in-page-push.com/500/	2 KB 1 KB	55ms 55ms	XHR application/javascript	139.45.197.15 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://in-page-push.com/500/3485977?excludes=7804823&oaid=51db44e563a14a8aaab3c117a1ea03c4&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=2&pl=https%3A%2F%2Fwww.shofda.com%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false Requested by Host: in-page-push.com URL: https://in-page-push.com/400/3485977 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.45.197.15 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash 9789f86bdaa3f51f074263bf90883578f3e8a29ae6440ef3a192d3b7026baf74 Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers Referer https://www.shofda.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type application/json Response headers x-trace-id 5dcfe3b8b37a0c042f57df197d6f16f5 pragma no-cache date Sun, 14 Mar 2021 01:17:29 GMT content-encoding gzip x-content-type-options nosniff server nginx vary Origin content-type application/javascript access-control-allow-origin https://www.shofda.com access-control-expose-headers Link cache-control no-cache, no-store, no-transform, must-revalidate, private, max-age=0 access-control-allow-credentials true strict-transport-security max-age=1 timing-allow-origin * expires Wed, 31 Dec 1969 19:00:00 EST
GET H/1.1	200 OK	0196471816470.png static.cdnativepush.com/contents/s/ad/0e/be/780f933e6f1ea77de05eec0c88/	4 KB 5 KB	58ms 58ms	Image image/png	139.45.197.188 RETN-AS
General Check archive.org Show headers Download Go to Show image Full URL https://static.cdnativepush.com/contents/s/ad/0e/be/780f933e6f1ea77de05eec0c88/0196471816470.png Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_128_CBC Server 139.45.197.188 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash ab3a29d98cf32e380b24af35c6f664484ee539e4a9630ac42237bb2de36310a1 Request headers Referer https://www.shofda.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Sun, 14 Mar 2021 01:17:29 GMT Last-Modified Mon, 27 Apr 2020 09:46:48 GMT Server nginx ETag "5ea6aa08-102f" Access-Control-Allow-Methods GET, POST, OPTIONS, HEAD Content-Type image/png Access-Control-Allow-Origin * Access-Control-Expose-Headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range Connection keep-alive Accept-Ranges bytes Access-Control-Allow-Headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range Content-Length 4143

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| cookiesStr function| onClickTrigger object| khm7i42a42 object| zfgformats boolean| zfgloadedpopup object| webpushlogs object| sdk boolean| installOnFly

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			deloplen.com/	1970-01-20 01:33:40	Name: oaidts Value: 1615684638
			deloplen.com/	1970-01-20 01:33:40	Name: OAID Value: c62b7b361c40468984cbfb4f3a610d36
			.www.shofda.com/	1970-01-19 16:48:08	Name: __PPU_BACKCLCK_2752277 Value: true
			.shofda.com/	1970-01-19 17:31:16	Name: __cfduid Value: d2576f6c2b1ab31185b441377926227091615684638

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	(Line 1) Message: service worker path (u): /propsw.js event domain: https://pushmono.com

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

deloplen.com
dutorterraom.com
in-page-push.com
my.rtmark.net
pushmono.com
skillpropulsion.com
static.cdnativepush.com
www.shofda.com
www.tailwindtoolbox.com
109.228.49.140
139.45.195.8
139.45.196.210
139.45.197.14
139.45.197.15
139.45.197.188
192.243.59.12
2606:4700:3034::ac43:b22e
81.171.10.216
15e551f9b947b225875033378a3490a23e1cd44a1fd183dd7b7acdebba2b99e4
29f293142b202afb2cc5a3ffaf273b8579d619481adbff6e08f4ca7830599650
42c110c640fe6e7ed6cdc0a29a738872454f1fd53fa39f9834025039570b8c60
46af108c0be059bc6018af7d52c9c24299972d89395e6d12e18a70b1f29b3bbe
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4fa1559f3c1c2e46aee9e3a2a12c01ee65ac113b3f86ddca725c325fe5b8f1f0
55b09f778aedcc7438e3ad3440a14ddb213779674d80dce298e8de69f07afe59
76be23d07ceaca0239d8c631dab8ee78afca2e2262a929010887a1ddf20a8869
784a34ad8ab40e1a36b18877baed92e25c4de3a1040905d00ff51a2774e8238e
7cec8e207c0170a2c7a97952b4edfe5a4ed3fc07a5e8ab4f6183e8ab73388445
9789f86bdaa3f51f074263bf90883578f3e8a29ae6440ef3a192d3b7026baf74
ab3a29d98cf32e380b24af35c6f664484ee539e4a9630ac42237bb2de36310a1
c12963ca692f28ea67ac9637225d66eb1464d98f816728fb7a3faef6a1099403
cbf1fdfdb7257daf8b0905d94bd04e2829c502c9c01b1d96bb979069e2ebc895
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f7c046a159a5cd014e09872e3541faec5203b53cecb2d17850674e6f68f65abe
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881