umqx.wowoffersnow.com Open in urlscan Pro
66.195.197.24 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://norentagart.com/4yoxlv2403oehw118rqqdxjsury4endnbmgqvrzaiux2405etzx407e9
Effective URL:
https://umqx.wowoffersnow.com/t/8f0d93c8664e/6a265922-eedd-11ee-9856-adb124de84ea/6a2e20d0-eedd-11ee-8338-05f15cb8950d
Submission: On March 30 via api (March 30th 2024, 9:35:25 pm UTC) from US — Scanned from US

Summary HTTP 21 Redirects Behaviour Indicators

Summary

This website contacted 6 IPs in 1 countries across 8 domains to perform 21 HTTP transactions. The main IP is 66.195.197.24, located in and belongs to . The main domain is umqx.wowoffersnow.com.
TLS certificate: Issued by R3 on February 26th 2024. Valid for: 3 months.

This is the only time umqx.wowoffersnow.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	2606:4700:303... 2606:4700:3030::ac43:dced	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 3	34.76.189.27 34.76.189.27	() ()
1 15	66.195.197.24 66.195.197.24	() ()
1	2607:f8b0:400... 2607:f8b0:4006:81c::200a	() ()
1	2607:f8b0:400... 2607:f8b0:4006:80b::200a	() ()
1	2a04:4e42:200... 2a04:4e42:200::649	() ()
1	2607:f8b0:400... 2607:f8b0:4006:820::2003	() ()
21	6

3 2606:4700:3030::ac43:dced (United States)

ASN13335 (CLOUDFLARENET, US)

norentagart.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.76.189.27 (None, ) 3 redirects

ASN- ()

directfwd-2.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
gopaloso.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 66.195.197.24 (None, ) 1 redirects

ASN- ()

umqx.quickredir.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
umqx.wowoffersnow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:81c::200a (None, )

ASN- ()

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80b::200a (None, )

ASN- ()

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::649 (None, )

ASN- ()

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:820::2003 (None, )

ASN- ()

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	wowoffersnow.com umqx.wowoffersnow.com	735 KB
3	norentagart.com norentagart.com	2 KB
2	googleapis.com fonts.googleapis.com ajax.googleapis.com	35 KB
2	directfwd-2.com 2 redirects directfwd-2.com	784 B
1	gstatic.com fonts.gstatic.com	21 KB
1	jquery.com code.jquery.com	33 KB
1	quickredir.com 1 redirects umqx.quickredir.com	704 B
1	gopaloso.com 1 redirects gopaloso.com	695 B
21	8

	Domain	Requested by
14	umqx.wowoffersnow.com	norentagart.com umqx.wowoffersnow.com
3	norentagart.com	norentagart.com
2	directfwd-2.com	2 redirects
1	fonts.gstatic.com	fonts.googleapis.com
1	code.jquery.com	umqx.wowoffersnow.com
1	ajax.googleapis.com	umqx.wowoffersnow.com
1	fonts.googleapis.com	umqx.wowoffersnow.com
1	umqx.quickredir.com	1 redirects
1	gopaloso.com	1 redirects
21	9

This site contains no links.

Subject Issuer	Validity	Valid
norentagart.com GTS CA 1P5	`2024-03-25` - `2024-06-23`	3 months	crt.sh
wowoffersnow.com R3	`2024-02-26` - `2024-05-26`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://umqx.wowoffersnow.com/t/8f0d93c8664e/6a265922-eedd-11ee-9856-adb124de84ea/6a2e20d0-eedd-11ee-8338-05f15cb8950d
Frame ID: 1F9ED30FBB2725DE4DB553089F326DD1
Requests: 21 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://norentagart.com/4yoxlv2403oehw118rqqdxjsury4endnbmgqvrzaiux2405etzx407e9 HTTP 307
https://norentagart.com/4yoxlv2403oehw118rqqdxjsury4endnbmgqvrzaiux2405etzx407e9 Page URL
https://norentagart.com/t/4yoxlv2403oehw118rqqdxjsury4endnbmgqvrzaiux2405etzx407e9 Page URL
https://directfwd-2.com/?a=7983&oc=20032&c=54168&m=3&s1=9&s2=118-2403&s3=4-2405-407 HTTP 302
https://directfwd-2.com/?a=7983&oc=20032&c=54168&m=3&s1=9&s2=118-2403&s3=4-2405-407&ch-redir=1&ckmxi... HTTP 302
https://gopaloso.com/?a=7983&oc=20032&c=54168&m=3&s1=9&s2=118-2403&s3=4-2405-407&ch-redir=1&ckmxi... HTTP 302
https://umqx.quickredir.com/?s1=361219144 HTTP 302
https://umqx.wowoffersnow.com/t/8f0d93c8664e/6a265922-eedd-11ee-9856-adb124de84ea/6a2e20d0-eedd-11ee-8338-... Page URL

Detected technologies

Livewire (Web frameworks) Expand

Overall confidence: 100%
Detected patterns

livewire(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

21
Requests

100 %
HTTPS

71 %
IPv6

8
Domains

9
Subdomains

6
IPs

1
Countries

825 kB
Transfer

969 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://norentagart.com/4yoxlv2403oehw118rqqdxjsury4endnbmgqvrzaiux2405etzx407e9 HTTP 307
https://norentagart.com/4yoxlv2403oehw118rqqdxjsury4endnbmgqvrzaiux2405etzx407e9 Page URL
https://norentagart.com/t/4yoxlv2403oehw118rqqdxjsury4endnbmgqvrzaiux2405etzx407e9 Page URL
https://directfwd-2.com/?a=7983&oc=20032&c=54168&m=3&s1=9&s2=118-2403&s3=4-2405-407 HTTP 302
https://directfwd-2.com/?a=7983&oc=20032&c=54168&m=3&s1=9&s2=118-2403&s3=4-2405-407&ch-redir=1&ckmxid=co48b6a600004s20snlg HTTP 302
https://gopaloso.com/?a=7983&oc=20032&c=54168&m=3&s1=9&s2=118-2403&s3=4-2405-407&ch-redir=1&ckmxid=co48b6a600004s20snlg&ckmguid=4eef5e68-8627-4002-8496-eb1dc63ed1a2 HTTP 302
https://umqx.quickredir.com/?s1=361219144 HTTP 302
https://umqx.wowoffersnow.com/t/8f0d93c8664e/6a265922-eedd-11ee-9856-adb124de84ea/6a2e20d0-eedd-11ee-8338-05f15cb8950d Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://norentagart.com/4yoxlv2403oehw118rqqdxjsury4endnbmgqvrzaiux2405etzx407e9 HTTP 307
https://norentagart.com/4yoxlv2403oehw118rqqdxjsury4endnbmgqvrzaiux2405etzx407e9

21 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3

200

4yoxlv2403oehw118rqqdxjsury4endnbmgqvrzaiux2405etzx407e9 Show response
norentagart.com/
Redirect Chain

http://norentagart.com/4yoxlv2403oehw118rqqdxjsury4endnbmgqvrzaiux2405etzx407e9
https://norentagart.com/4yoxlv2403oehw118rqqdxjsury4endnbmgqvrzaiux2405etzx407e9

458 B
830 B

548ms
308ms

Document
text/html

2606:4700:3030::ac43:dced
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://norentagart.com/4yoxlv2403oehw118rqqdxjsury4endnbmgqvrzaiux2405etzx407e9
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:dced , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0f3a07f36d6bddee418f7d7548bc165b09817e10764a359d2773388cdec9ff8a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 86cb3a824b0c43fe-EWR
content-encoding: br
content-type: text/html; charset=utf-8
date: Sat, 30 Mar 2024 21:35:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=y3J2tlGjhOUYgvInLJ8k86nlxahDWEiaje7oHvRgMmKHAw1ZKPh5lxc8iLWcrIOgxuogjDjgeQlrNbARECdJgcJYfNmE0%2FnoKIJLLP%2F6lhwFCyd720yRwukOI6Ms2yKZGDcbyh048d23iPmsBN4%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-address: gin_throttle_mw_7200000000_2600:803:a88:1021::21
x-ratelimit-limit: 500
x-ratelimit-remaining: 499
x-ratelimit-reset: 1711838115

Redirect headers

Location: https://norentagart.com/4yoxlv2403oehw118rqqdxjsury4endnbmgqvrzaiux2405etzx407e9
Non-Authoritative-Reason: HttpsUpgrades

GET
H3 404 favicon.ico
norentagart.com/ 0
540 B 288ms
280ms Other
text/plain 2606:4700:3030::ac43:dced
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://norentagart.com/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:dced , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://norentagart.com/4yoxlv2403oehw118rqqdxjsury4endnbmgqvrzaiux2405etzx407e9
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 30 Mar 2024 21:35:18 GMT
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-ratelimit-remaining: 498
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=03R1CfuW9aWrsC7A23zO%2F5EjDKPWc0JgjbCPVokHEycjsRf5lauESHjOMU9odMgphKsGZ%2BOLAe8s8DCiBRAAok9vWIHzqSYrebn3bcpGM1U%2Bbp1dKcNyJn5JfngogZdOSpv99oZA%2F7Hj9BjK9HA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
x-address: gin_throttle_mw_7200000000_2600:803:a88:1021::21
x-ratelimit-reset: 1711838115
x-ratelimit-limit: 500
cf-ray: 86cb3a882aac43fe-EWR
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 4yoxlv2403oehw118rqqdxjsury4endnbmgqvrzaiux2405etzx407e9 Show response
norentagart.com/t/ 292 B
668 B 475ms
472ms Document
text/html 2606:4700:3030::ac43:dced
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://norentagart.com/t/4yoxlv2403oehw118rqqdxjsury4endnbmgqvrzaiux2405etzx407e9
Requested by: Host: norentagart.com
URL: https://norentagart.com/4yoxlv2403oehw118rqqdxjsury4endnbmgqvrzaiux2405etzx407e9
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:dced , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ea65d0c165f50ff130696ad929b54b01074cec74aa58c054aff7b0010a5c252d

Request headers

Referer: https://norentagart.com/4yoxlv2403oehw118rqqdxjsury4endnbmgqvrzaiux2405etzx407e9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: en-US,en;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 86cb3a8d586d43fe-EWR
content-encoding: br
content-type: text/html; charset=utf-8
date: Sat, 30 Mar 2024 21:35:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AnzM6M9ERtxMnPeQlMr9qTF6JX7gJndPwlQr33ko%2Fm%2FddW33SPg2VcN82FB4DACA7sa3ofL%2FJm9FO4kayCMXqH6LACCDFP43rPNHAl080qS9T0MasmhCpPleGQ8mHOOE%2BevoEyeTXUKVt8ixsy8%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-address: gin_throttle_mw_7200000000_2600:803:a88:1021::21
x-ratelimit-limit: 500
x-ratelimit-remaining: 497
x-ratelimit-reset: 1711838115

GET
H2

200

Primary Request 6a2e20d0-eedd-11ee-8338-05f15cb8950d Show response
umqx.wowoffersnow.com/t/8f0d93c8664e/6a265922-eedd-11ee-9856-adb124de84ea/
Redirect Chain

https://directfwd-2.com/?a=7983&oc=20032&c=54168&m=3&s1=9&s2=118-2403&s3=4-2405-407
https://directfwd-2.com/?a=7983&oc=20032&c=54168&m=3&s1=9&s2=118-2403&s3=4-2405-407&ch-redir=1&ckmxid=co48b6a600004s20snlg
https://gopaloso.com/?a=7983&oc=20032&c=54168&m=3&s1=9&s2=118-2403&s3=4-2405-407&ch-redir=1&ckmxid=co48b6a600004s20snlg&ckmguid=4eef5e68-8627-4002-8496-eb1dc63ed1a2
https://umqx.quickredir.com/?s1=361219144
https://umqx.wowoffersnow.com/t/8f0d93c8664e/6a265922-eedd-11ee-9856-adb124de84ea/6a2e20d0-eedd-11ee-8338-05f15cb8950d

15 KB
5 KB

581ms
355ms

Document
text/html

66.195.197.24

General

Check archive.org

Show headers Download Go to

Full URL

https://umqx.wowoffersnow.com/t/8f0d93c8664e/6a265922-eedd-11ee-9856-adb124de84ea/6a2e20d0-eedd-11ee-8338-05f15cb8950d

Requested by

Host: norentagart.com
URL: https://norentagart.com/t/4yoxlv2403oehw118rqqdxjsury4endnbmgqvrzaiux2405etzx407e9

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

66.195.197.24 -, , ASN (),

Reverse DNS

Software

swoole-http-server /

Resource Hash

6095af652b5b6a437e6b03d14d33f0a7760613b284d9a59010ecd221825662a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://norentagart.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: en-US,en;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cache-control: no-cache, private
content-encoding: br
content-length: 4638
content-type: text/html; charset=UTF-8
date: Sat, 30 Mar 2024 21:35:23 GMT
server: swoole-http-server
strict-transport-security: max-age=15768000
x-redir: true

Redirect headers

cache-control: no-cache, private
content-encoding: br
content-length: 280
content-type: text/html; charset=UTF-8
date: Sat, 30 Mar 2024 21:35:23 GMT
location: https://umqx.wowoffersnow.com/t/8f0d93c8664e/6a265922-eedd-11ee-9856-adb124de84ea/6a2e20d0-eedd-11ee-8338-05f15cb8950d
server: swoole-http-server
strict-transport-security: max-age=15768000
x-redir: true

GET
H2 200 css
fonts.googleapis.com/ 13 KB
2 KB 170ms
49ms Stylesheet
text/css 2607:f8b0:4006:81c::200a

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto+Condensed%7COpen+Sans:400,700

Requested by

Host: umqx.wowoffersnow.com
URL: https://umqx.wowoffersnow.com/t/8f0d93c8664e/6a265922-eedd-11ee-9856-adb124de84ea/6a2e20d0-eedd-11ee-8338-05f15cb8950d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::200a -, , ASN (),

Reverse DNS

Software

ESF /

Resource Hash

bc70b894f68762d4351c7bdadc128ea1b61e1b1609adb10bfdb9121cade81600

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://umqx.wowoffersnow.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Sat, 30 Mar 2024 21:35:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 30 Mar 2024 21:35:24 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 30 Mar 2024 21:35:24 GMT

GET
H2 200 style.css
umqx.wowoffersnow.com/templates/templates/spin-casino_MASTER/css/ 25 KB
25 KB 86ms
78ms Stylesheet
text/css 66.195.197.24

General

Check archive.org

Show headers Download Go to

Full URL

https://umqx.wowoffersnow.com/templates/templates/spin-casino_MASTER/css/style.css

Requested by

Host: umqx.wowoffersnow.com
URL: https://umqx.wowoffersnow.com/t/8f0d93c8664e/6a265922-eedd-11ee-9856-adb124de84ea/6a2e20d0-eedd-11ee-8338-05f15cb8950d

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

66.195.197.24 -, , ASN (),

Reverse DNS

Software

swoole-http-server /

Resource Hash

b3abc7d062dd918279e7cc25483bd8a070bde5437eb94be4eeec1009f561160b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://umqx.wowoffersnow.com/t/8f0d93c8664e/6a265922-eedd-11ee-9856-adb124de84ea/6a2e20d0-eedd-11ee-8338-05f15cb8950d
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 18:35:49 GMT
via: 1.1 varnish (Varnish/7.4)
strict-transport-security: max-age=15768000
server: swoole-http-server
age: 183574
x-varnish: 334587 458845
content-type: text/css
accept-ranges: bytes
content-length: 25478

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.10.2/ 91 KB
33 KB 140ms
43ms Script
text/javascript 2607:f8b0:4006:80b::200a

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js

Requested by

Host: umqx.wowoffersnow.com
URL: https://umqx.wowoffersnow.com/t/8f0d93c8664e/6a265922-eedd-11ee-9856-adb124de84ea/6a2e20d0-eedd-11ee-8338-05f15cb8950d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::200a -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://umqx.wowoffersnow.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 07:49:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 308767
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32954
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 27 Mar 2025 07:49:17 GMT

GET
H2 200 app-a9e7adfd.css
umqx.wowoffersnow.com/build/assets/ 38 KB
38 KB 62ms
56ms Stylesheet
text/css 66.195.197.24

General

Check archive.org

Show headers Download Go to

Full URL

https://umqx.wowoffersnow.com/build/assets/app-a9e7adfd.css

Requested by

Host: umqx.wowoffersnow.com
URL: https://umqx.wowoffersnow.com/t/8f0d93c8664e/6a265922-eedd-11ee-9856-adb124de84ea/6a2e20d0-eedd-11ee-8338-05f15cb8950d

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

66.195.197.24 -, , ASN (),

Reverse DNS

Software

swoole-http-server /

Resource Hash

a9e7adfd94bd605958f72c497425ef2f17c3604966fb959f9cb21c9a88eb0c74

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://umqx.wowoffersnow.com/t/8f0d93c8664e/6a265922-eedd-11ee-9856-adb124de84ea/6a2e20d0-eedd-11ee-8338-05f15cb8950d
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 18:39:56 GMT
via: 1.1 varnish (Varnish/7.4)
strict-transport-security: max-age=15768000
server: swoole-http-server
age: 183327
x-varnish: 1308521 491557
content-type: text/css
accept-ranges: bytes
content-length: 38529

GET
H2 200 push_na_push.js Show response
umqx.wowoffersnow.com/ 1 KB
1 KB 116ms
111ms Script
application/javascript 66.195.197.24

General

Check archive.org

Show headers Download Go to

Full URL

https://umqx.wowoffersnow.com/push_na_push.js?aff_id=1163&custom=v2&s2=6a7ad1f0-eedd-11ee-871e-552ce4b99a68

Requested by

Host: umqx.wowoffersnow.com
URL: https://umqx.wowoffersnow.com/t/8f0d93c8664e/6a265922-eedd-11ee-9856-adb124de84ea/6a2e20d0-eedd-11ee-8338-05f15cb8950d

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

66.195.197.24 -, , ASN (),

Reverse DNS

Software

swoole-http-server /

Resource Hash

94a00bc5c03dd099842a347526a2d2dcbaebd159122da6d62278310607483c20

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://umqx.wowoffersnow.com/t/8f0d93c8664e/6a265922-eedd-11ee-9856-adb124de84ea/6a2e20d0-eedd-11ee-8338-05f15cb8950d
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 30 Mar 2024 21:35:23 GMT
content-encoding: gzip
via: 1.1 varnish (Varnish/7.4)
strict-transport-security: max-age=15768000
server: swoole-http-server
age: 0
vary: Accept-Encoding
content-type: application/javascript
x-varnish: 1313816
x-redir: true
cache-control: no-cache, private
accept-ranges: bytes
content-length: 783
service-worker-allowed: /

GET
H2 200 overlay.png
umqx.wowoffersnow.com/templates/templates/spin-casino_MASTER/images/ 18 KB
18 KB 103ms
100ms Image
image/png 66.195.197.24

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://umqx.wowoffersnow.com/templates/templates/spin-casino_MASTER/images/overlay.png

Requested by

Host: umqx.wowoffersnow.com
URL: https://umqx.wowoffersnow.com/t/8f0d93c8664e/6a265922-eedd-11ee-9856-adb124de84ea/6a2e20d0-eedd-11ee-8338-05f15cb8950d

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

66.195.197.24 -, , ASN (),

Reverse DNS

Software

swoole-http-server /

Resource Hash

bd03836c50a13a9d0c5868a5656f4112f69909cc52c50ca21de772da164e13a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://umqx.wowoffersnow.com/t/8f0d93c8664e/6a265922-eedd-11ee-9856-adb124de84ea/6a2e20d0-eedd-11ee-8338-05f15cb8950d
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 18:35:49 GMT
via: 1.1 varnish (Varnish/7.4)
strict-transport-security: max-age=15768000
server: swoole-http-server
age: 183574
x-varnish: 360652 196635
content-type: image/png
accept-ranges: bytes
content-length: 18661

GET
H2 200 overlay2.png
umqx.wowoffersnow.com/templates/templates/spin-casino_MASTER/images/ 18 KB
18 KB 113ms
110ms Image
image/png 66.195.197.24

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://umqx.wowoffersnow.com/templates/templates/spin-casino_MASTER/images/overlay2.png

Requested by

Host: umqx.wowoffersnow.com
URL: https://umqx.wowoffersnow.com/t/8f0d93c8664e/6a265922-eedd-11ee-9856-adb124de84ea/6a2e20d0-eedd-11ee-8338-05f15cb8950d

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

66.195.197.24 -, , ASN (),

Reverse DNS

Software

swoole-http-server /

Resource Hash

677aebad5741b57c1a3a51f8a65cd295a7aae1d656958313a882ef199f046418

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://umqx.wowoffersnow.com/t/8f0d93c8664e/6a265922-eedd-11ee-9856-adb124de84ea/6a2e20d0-eedd-11ee-8338-05f15cb8950d
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 18:35:49 GMT
via: 1.1 varnish (Varnish/7.4)
strict-transport-security: max-age=15768000
server: swoole-http-server
age: 183574
x-varnish: 687002 32821
content-type: image/png
accept-ranges: bytes
content-length: 18646

GET
H2 200 dollar_reel.fs8.png
umqx.wowoffersnow.com/templates/templates/spin-casino_MASTER/images/ 253 KB
253 KB 40ms
39ms Image
image/png 66.195.197.24

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://umqx.wowoffersnow.com/templates/templates/spin-casino_MASTER/images/dollar_reel.fs8.png

Requested by

Host: umqx.wowoffersnow.com
URL: https://umqx.wowoffersnow.com/t/8f0d93c8664e/6a265922-eedd-11ee-9856-adb124de84ea/6a2e20d0-eedd-11ee-8338-05f15cb8950d

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

66.195.197.24 -, , ASN (),

Reverse DNS

Software

swoole-http-server /

Resource Hash

b9e962e0f9810e278130875315423d3205bbe90b01a19137b738d378ddda7bad

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://umqx.wowoffersnow.com/t/8f0d93c8664e/6a265922-eedd-11ee-9856-adb124de84ea/6a2e20d0-eedd-11ee-8338-05f15cb8950d
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 18:39:58 GMT
via: 1.1 varnish (Varnish/7.4)
strict-transport-security: max-age=15768000
server: swoole-http-server
age: 183325
x-varnish: 1313818 65636
content-type: image/png
accept-ranges: bytes
content-length: 259089

GET
H2 200 spin1.png
umqx.wowoffersnow.com/templates/templates/spin-casino_MASTER/images/ 83 KB
83 KB 103ms
87ms Image
image/png 66.195.197.24

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://umqx.wowoffersnow.com/templates/templates/spin-casino_MASTER/images/spin1.png

Requested by

Host: umqx.wowoffersnow.com
URL: https://umqx.wowoffersnow.com/t/8f0d93c8664e/6a265922-eedd-11ee-9856-adb124de84ea/6a2e20d0-eedd-11ee-8338-05f15cb8950d

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

66.195.197.24 -, , ASN (),

Reverse DNS

Software

swoole-http-server /

Resource Hash

bc50750cd41cbabc77efc8143fb1b210c983a23e5c954b65b02562958b922e63

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://umqx.wowoffersnow.com/t/8f0d93c8664e/6a265922-eedd-11ee-9856-adb124de84ea/6a2e20d0-eedd-11ee-8338-05f15cb8950d
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 18:35:49 GMT
via: 1.1 varnish (Varnish/7.4)
strict-transport-security: max-age=15768000
server: swoole-http-server
age: 183574
x-varnish: 687004 98328
content-type: image/png
accept-ranges: bytes
content-length: 85123

GET
H2 200 spin2.png
umqx.wowoffersnow.com/templates/templates/spin-casino_MASTER/images/ 86 KB
86 KB 103ms
86ms Image
image/png 66.195.197.24

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://umqx.wowoffersnow.com/templates/templates/spin-casino_MASTER/images/spin2.png

Requested by

Host: umqx.wowoffersnow.com
URL: https://umqx.wowoffersnow.com/t/8f0d93c8664e/6a265922-eedd-11ee-9856-adb124de84ea/6a2e20d0-eedd-11ee-8338-05f15cb8950d

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

66.195.197.24 -, , ASN (),

Reverse DNS

Software

swoole-http-server /

Resource Hash

ada8eb4421bf605c058c123aa95bd5e4590b4507c68809f563c921e4db31ea8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://umqx.wowoffersnow.com/t/8f0d93c8664e/6a265922-eedd-11ee-9856-adb124de84ea/6a2e20d0-eedd-11ee-8338-05f15cb8950d
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 18:35:49 GMT
via: 1.1 varnish (Varnish/7.4)
strict-transport-security: max-age=15768000
server: swoole-http-server
age: 183574
x-varnish: 360653 458851
content-type: image/png
accept-ranges: bytes
content-length: 88130

GET
H2 200 loader.gif
umqx.wowoffersnow.com/templates/templates/spin-casino_MASTER/images/ 3 KB
3 KB 93ms
77ms Image
image/gif 66.195.197.24

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://umqx.wowoffersnow.com/templates/templates/spin-casino_MASTER/images/loader.gif

Requested by

Host: umqx.wowoffersnow.com
URL: https://umqx.wowoffersnow.com/t/8f0d93c8664e/6a265922-eedd-11ee-9856-adb124de84ea/6a2e20d0-eedd-11ee-8338-05f15cb8950d

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

66.195.197.24 -, , ASN (),

Reverse DNS

Software

swoole-http-server /

Resource Hash

2a020670608060e8f05776815edaa0696f1dd553545ee49946e24be7741433f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://umqx.wowoffersnow.com/t/8f0d93c8664e/6a265922-eedd-11ee-9856-adb124de84ea/6a2e20d0-eedd-11ee-8338-05f15cb8950d
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 18:35:49 GMT
via: 1.1 varnish (Varnish/7.4)
strict-transport-security: max-age=15768000
server: swoole-http-server
age: 183574
x-varnish: 334588 23
content-type: image/gif
accept-ranges: bytes
content-length: 2892

GET
H2 200 jquery-1.11.3.min.js Show response
code.jquery.com/ 94 KB
33 KB 410ms
31ms Script
application/javascript 2a04:4e42:200::649

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-1.11.3.min.js
Requested by: Host: umqx.wowoffersnow.com
URL: https://umqx.wowoffersnow.com/t/8f0d93c8664e/6a265922-eedd-11ee-9856-adb124de84ea/6a2e20d0-eedd-11ee-8338-05f15cb8950d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:200::649 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://umqx.wowoffersnow.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 30 Mar 2024 21:35:24 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 17033888
x-cache: HIT, HIT
content-length: 33261
x-served-by: cache-lga21975-LGA, cache-ewr18154-EWR
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1711834524.418653,VS0,VE0
etag: W/"28feccc0-176d5"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 112, 29646

GET
H2 200 livewire.js Show response
umqx.wowoffersnow.com/livewire/ 171 KB
171 KB 57ms
40ms Script
application/javascript 66.195.197.24

General

Check archive.org

Show headers Download Go to

Full URL

https://umqx.wowoffersnow.com/livewire/livewire.js?id=90730a3b0e7144480175

Requested by

Host: umqx.wowoffersnow.com
URL: https://umqx.wowoffersnow.com/t/8f0d93c8664e/6a265922-eedd-11ee-9856-adb124de84ea/6a2e20d0-eedd-11ee-8338-05f15cb8950d

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

66.195.197.24 -, , ASN (),

Reverse DNS

Software

swoole-http-server /

Resource Hash

38a4dc885f9d1267bbfaf361e24fbf51994bd7f6743784ec3e4a267bbe74a0be

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://umqx.wowoffersnow.com/t/8f0d93c8664e/6a265922-eedd-11ee-9856-adb124de84ea/6a2e20d0-eedd-11ee-8338-05f15cb8950d
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 18:35:49 GMT
via: 1.1 varnish (Varnish/7.4)
strict-transport-security: max-age=15768000
last-modified: Fri, 11 Aug 2023 04:02:34 GMT
server: swoole-http-server
age: 183574
content-type: application/javascript; charset=utf-8
x-varnish: 1313819 32823
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 174819
service-worker-allowed: /
expires: Fri, 28 Mar 2025 18:35:49 GMT

GET
H2 200 push_proxnapush.js Show response
umqx.wowoffersnow.com/ 17 KB
9 KB 94ms
78ms Script
application/javascript 66.195.197.24

General

Check archive.org

Show headers Download Go to

Full URL

https://umqx.wowoffersnow.com/push_proxnapush.js?v=1&custom=true

Requested by

Host: norentagart.com
URL: https://norentagart.com/4yoxlv2403oehw118rqqdxjsury4endnbmgqvrzaiux2405etzx407e9

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

66.195.197.24 -, , ASN (),

Reverse DNS

Software

swoole-http-server /

Resource Hash

d97140baac38de7446121bd7fd8c6fd76194281fa0a9e4f1c636ce1cc1a0babe

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://umqx.wowoffersnow.com/t/8f0d93c8664e/6a265922-eedd-11ee-9856-adb124de84ea/6a2e20d0-eedd-11ee-8338-05f15cb8950d
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 18:35:50 GMT
content-encoding: gzip
via: 1.1 varnish (Varnish/7.4)
strict-transport-security: max-age=15768000
server: swoole-http-server
age: 183573
vary: Accept-Encoding
content-type: application/javascript
x-varnish: 1313820 32825
x-redir: true
cache-control: no-cache, private
accept-ranges: bytes
content-length: 8973
service-worker-allowed: /

GET
H2 200 gratorama-progjackpot-v3.gif
umqx.wowoffersnow.com/templates/templates/spin-casino_MASTER/images/ 23 KB
23 KB 54ms
51ms Image
image/gif 66.195.197.24

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://umqx.wowoffersnow.com/templates/templates/spin-casino_MASTER/images/gratorama-progjackpot-v3.gif

Requested by

Host: umqx.wowoffersnow.com
URL: https://umqx.wowoffersnow.com/templates/templates/spin-casino_MASTER/css/style.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

66.195.197.24 -, , ASN (),

Reverse DNS

Software

swoole-http-server /

Resource Hash

bdc936e847facab60f4b4a9153dc8145ebccdeca49becc4cd684e007cd0459ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://umqx.wowoffersnow.com/templates/templates/spin-casino_MASTER/css/style.css
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 18:35:50 GMT
via: 1.1 varnish (Varnish/7.4)
strict-transport-security: max-age=15768000
server: swoole-http-server
age: 183574
x-varnish: 1376441 98330
content-type: image/gif
accept-ranges: bytes
content-length: 23095

GET
H2 200 ieVo2ZhZI2eCN5jzbjEETS9weq8-_d6T_POl0fRJeyWyosBO5Xw.woff2
fonts.gstatic.com/s/robotocondensed/v27/ 20 KB
21 KB 122ms
33ms Font
font/woff2 2607:f8b0:4006:820::2003

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v27/ieVo2ZhZI2eCN5jzbjEETS9weq8-_d6T_POl0fRJeyWyosBO5Xw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed%7COpen+Sans:400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2003 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

948d25dc34ee935a5254468691714c9f2e53a2927652a077c2ca84cb03fa4895

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fonts.googleapis.com/
Origin: https://umqx.wowoffersnow.com
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 07:59:59 GMT
x-content-type-options: nosniff
age: 308125
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20824
x-xss-protection: 0
last-modified: Wed, 18 Oct 2023 17:53:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 27 Mar 2025 07:59:59 GMT

GET
H2 200 favicon.ico
umqx.wowoffersnow.com/ 0
165 B 36ms
35ms Other
image/x-icon 66.195.197.24

General

Check archive.org

Show headers Download Go to

Full URL

https://umqx.wowoffersnow.com/favicon.ico

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

66.195.197.24 -, , ASN (),

Reverse DNS

Software

swoole-http-server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://umqx.wowoffersnow.com/t/8f0d93c8664e/6a265922-eedd-11ee-9856-adb124de84ea/6a2e20d0-eedd-11ee-8338-05f15cb8950d
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 18:41:10 GMT
via: 1.1 varnish (Varnish/7.4)
strict-transport-security: max-age=15768000
server: swoole-http-server
age: 183253
x-varnish: 1507444 1015818
content-type: image/x-icon
accept-ranges: bytes
content-length: 0

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onpagereveal

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://norentagart.com/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()
other	error	URL: https://umqx.wowoffersnow.com/t/8f0d93c8664e/6a265922-eedd-11ee-9856-adb124de84ea/6a2e20d0-eedd-11ee-8338-05f15cb8950d Message: Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
code.jquery.com
directfwd-2.com
fonts.googleapis.com
fonts.gstatic.com
gopaloso.com
norentagart.com
umqx.quickredir.com
umqx.wowoffersnow.com
2606:4700:3030::ac43:dced
2607:f8b0:4006:80b::200a
2607:f8b0:4006:81c::200a
2607:f8b0:4006:820::2003
2a04:4e42:200::649
34.76.189.27
66.195.197.24
0f3a07f36d6bddee418f7d7548bc165b09817e10764a359d2773388cdec9ff8a
2a020670608060e8f05776815edaa0696f1dd553545ee49946e24be7741433f5
38a4dc885f9d1267bbfaf361e24fbf51994bd7f6743784ec3e4a267bbe74a0be
6095af652b5b6a437e6b03d14d33f0a7760613b284d9a59010ecd221825662a5
677aebad5741b57c1a3a51f8a65cd295a7aae1d656958313a882ef199f046418
89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e
948d25dc34ee935a5254468691714c9f2e53a2927652a077c2ca84cb03fa4895
94a00bc5c03dd099842a347526a2d2dcbaebd159122da6d62278310607483c20
a9e7adfd94bd605958f72c497425ef2f17c3604966fb959f9cb21c9a88eb0c74
ada8eb4421bf605c058c123aa95bd5e4590b4507c68809f563c921e4db31ea8a
b3abc7d062dd918279e7cc25483bd8a070bde5437eb94be4eeec1009f561160b
b9e962e0f9810e278130875315423d3205bbe90b01a19137b738d378ddda7bad
bc50750cd41cbabc77efc8143fb1b210c983a23e5c954b65b02562958b922e63
bc70b894f68762d4351c7bdadc128ea1b61e1b1609adb10bfdb9121cade81600
bd03836c50a13a9d0c5868a5656f4112f69909cc52c50ca21de772da164e13a2
bdc936e847facab60f4b4a9153dc8145ebccdeca49becc4cd684e007cd0459ca
d97140baac38de7446121bd7fd8c6fd76194281fa0a9e4f1c636ce1cc1a0babe
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea65d0c165f50ff130696ad929b54b01074cec74aa58c054aff7b0010a5c252d
ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8

umqx.wowoffersnow.com Open in urlscan Pro 66.195.197.24 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

21 Requests

100 %HTTPS

71 %IPv6

8 Domains

9 Subdomains

6 IPs

1 Countries

825 kBTransfer

969 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

21 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

0 Cookies

2 Console Messages

Indicators

umqx.wowoffersnow.com Open in urlscan Pro
66.195.197.24 Public Scan

Screenshot
Live screenshot

Full Image

21
Requests

100 %
HTTPS

71 %
IPv6

8
Domains

9
Subdomains

6
IPs

1
Countries

825 kB
Transfer

969 kB
Size

0
Cookies

21 HTTP transactions
0 data transactions