urlscan.io logo urlscan.io
SecurityTrails logo

www.shoptastic.io Open in urlscan Pro
52.53.88.18  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://28877535-141-ex.gancypnectist.com/iCxPCIc3NA7nZtczvVvFLyZJnJMRooyIfvpXO56cTp8RY5-Vpt9X88LcW9NmetTIkN8HKqIhhf_WQumxGvu7YAmVnMLDubOB...
Effective URL: https://www.shoptastic.io/de/store/bstn-com-de-cpc?pubId=10439&subId=885927586121920579_N&country=DE&campaignid=8543937
Submission: On November 28 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 4 countries across 7 domains to perform 17 HTTP transactions. The main IP is 52.53.88.18, located in San Jose, United States and belongs to AMAZON-02, US. The main domain is www.shoptastic.io. The Cisco Umbrella rank of the primary domain is 279931.
TLS certificate: Issued by Amazon RSA 2048 M03 on October 6th 2024. Valid for: a year.
This is the only time www.shoptastic.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 88.208.22.2 39572 (ADVANCEDH...)
2 45.13.225.41 58087 (FlorianKo...)
2 12 104.18.22.222 13335 (CLOUDFLAR...)
2 188.114.97.3 13335 (CLOUDFLAR...)
1 1 2606:4700:310... 13335 (CLOUDFLAR...)
1 52.53.88.18 16509 (AMAZON-02)
17 5
1    88.208.22.2 (Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL)
28877535-141-ex.gancypnectist.com
2    45.13.225.41 (Germany)

ASN58087 (FlorianKolb Florian Kolb, DE)
PTR: 41.225.13.45.in-addr.arpa
redwingshere.xyz
12    104.18.22.222 (None, )

ASN13335 (CLOUDFLARENET, US)
meherdewogoud.com
2    188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
my.rtmark.net
1    2606:4700:3108::ac42:28f5 (United States)

ASN13335 (CLOUDFLARENET, US)
www.share365.net
1    52.53.88.18 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-53-88-18.us-west-1.compute.amazonaws.com
www.shoptastic.io
Apex Domain
Subdomains		 Transfer
12 meherdewogoud.com
meherdewogoud.com — Cisco Umbrella Rank: 237439
33 KB
2 rtmark.net
my.rtmark.net — Cisco Umbrella Rank: 10565
2 KB
2 redwingshere.xyz
redwingshere.xyz — Cisco Umbrella Rank: 220818
969 B
1 shoptastic.io
www.shoptastic.io — Cisco Umbrella Rank: 279931
337 B
1 share365.net
www.share365.net — Cisco Umbrella Rank: 481928
3 KB
1 gancypnectist.com
28877535-141-ex.gancypnectist.com
557 B
0 clcktrck.com Failed
clcktrck.com Failed
17 7
Domain Requested by
12 meherdewogoud.com 2 redirects meherdewogoud.com
2 my.rtmark.net meherdewogoud.com
2 redwingshere.xyz
1 www.shoptastic.io
1 www.share365.net 1 redirects
1 28877535-141-ex.gancypnectist.com 1 redirects
0 clcktrck.com Failed www.shoptastic.io
17 7

This site contains no links.

Subject Issuer Validity Valid
redwingshere.xyz
E5		 2024-10-08 -
2025-01-06		 3 months crt.sh
meherdewogoud.com
WE1		 2024-11-24 -
2025-02-22		 3 months crt.sh
my.rtmark.net
WE1		 2024-11-06 -
2025-02-04		 3 months crt.sh
shoptastic.io
Amazon RSA 2048 M03		 2024-10-06 -
2025-11-05		 a year crt.sh

This page contains 1 frames:

Frame: https://clcktrck.com/de/s/red_u_plain.php?uid=274460734&t=direct&s=22214&pub=10439&d=bstn.com
Frame ID: 2F1A163ED39953D2126CA81D22B458A4
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://28877535-141-ex.gancypnectist.com/iCxPCIc3NA7nZtczvVvFLyZJnJMRooyIfvpXO56cTp8RY5-Vpt9X88LcW9NmetTIkN8HKqIhhf_W... HTTP 307
    https://redwingshere.xyz/go/8286/3?subid2={hostId} Page URL
  2. https://meherdewogoud.com/4/7482447?var=8286_%7BhostId%7D&ymid=158t5r4400083 Page URL
  3. https://meherdewogoud.com/?z=7482447&syncedCookie=true&rhd=false HTTP 302
    https://meherdewogoud.com/4/6118780?var=7482447&btz=Europe/Berlin&bto=-60&bar=x Page URL
  4. https://meherdewogoud.com/?z=6118780&syncedCookie=false&rhd=false HTTP 302
    https://www.share365.net/vip/rds/de?subId=885927586121920579_N&country=DE&campaignid=8543937 HTTP 302
    https://www.shoptastic.io/de/store/bstn-com-de-cpc?pubId=10439&subId=885927586121920579_N&country=DE&c... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns

Page Statistics

17
Requests

88 %
HTTPS

17 %
IPv6

7
Domains

7
Subdomains

5
IPs

4
Countries

34 kB
Transfer

62 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://28877535-141-ex.gancypnectist.com/iCxPCIc3NA7nZtczvVvFLyZJnJMRooyIfvpXO56cTp8RY5-Vpt9X88LcW9NmetTIkN8HKqIhhf_WQumxGvu7YAmVnMLDubOBdQsUTtduBmRehKwww73h5UKnrPnr?kws=tanar%2Cfilme%2Cporno%2Cbabe%2Ctara%2Cmatura%2Csex%2Cpizde&abl=0&fsb=0&pageUri=https%3A%2F%2Fro.videosmadur...%20312%20...se%22%2C%22%5B%5D%22%5D&prsl=1 HTTP 307
    https://redwingshere.xyz/go/8286/3?subid2={hostId} Page URL
  2. https://meherdewogoud.com/4/7482447?var=8286_%7BhostId%7D&ymid=158t5r4400083 Page URL
  3. https://meherdewogoud.com/?z=7482447&syncedCookie=true&rhd=false HTTP 302
    https://meherdewogoud.com/4/6118780?var=7482447&btz=Europe/Berlin&bto=-60&bar=x Page URL
  4. https://meherdewogoud.com/?z=6118780&syncedCookie=false&rhd=false HTTP 302
    https://www.share365.net/vip/rds/de?subId=885927586121920579_N&country=DE&campaignid=8543937 HTTP 302
    https://www.shoptastic.io/de/store/bstn-com-de-cpc?pubId=10439&subId=885927586121920579_N&country=DE&campaignid=8543937 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://28877535-141-ex.gancypnectist.com/iCxPCIc3NA7nZtczvVvFLyZJnJMRooyIfvpXO56cTp8RY5-Vpt9X88LcW9NmetTIkN8HKqIhhf_WQumxGvu7YAmVnMLDubOBdQsUTtduBmRehKwww73h5UKnrPnr?kws=tanar%2Cfilme%2Cporno%2Cbabe%2Ctara%2Cmatura%2Csex%2Cpizde&abl=0&fsb=0&pageUri=https%3A%2F%2Fro.videosmadur...%20312%20...se%22%2C%22%5B%5D%22%5D&prsl=1 HTTP 307
  • https://redwingshere.xyz/go/8286/3?subid2={hostId}
Request Chain 7
  • https://meherdewogoud.com/?z=7482447&syncedCookie=true&rhd=false HTTP 302
  • https://meherdewogoud.com/4/6118780?var=7482447&btz=Europe/Berlin&bto=-60&bar=x

17 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
3
redwingshere.xyz/go/8286/
Redirect Chain
  • https://28877535-141-ex.gancypnectist.com/iCxPCIc3NA7nZtczvVvFLyZJnJMRooyIfvpXO56cTp8RY5-Vpt9X88LcW9NmetTIkN8HKqIhhf_WQumxGvu7YAmVnMLDubOBdQsUTtduBmRehKwww73h5UKnrPnr?kws=tanar%2Cfilme%2Cporno%2Cba...
  • https://redwingshere.xyz/go/8286/3?subid2={hostId}
293 B
815 B 		Document
General
Check archive.org
Download Go to
Full URL
https://redwingshere.xyz/go/8286/3?subid2={hostId}
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.13.225.41 , Germany, ASN58087 (FlorianKolb Florian Kolb, DE),
Reverse DNS
41.225.13.45.in-addr.arpa
Software
nginx / PHP/7.2.34-51+ubuntu22.04.1+deb.sury.org+1
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Connection
keep-alive
Content-Encoding
identity
Content-Length
293
Content-Type
text/html; charset=utf-8
Date
Thu, 28 Nov 2024 09:11:53 GMT
Expires
Mon, 26 Jul 1997 05:00:00 GMT
Last-Modified
Thu, 28 Nov 2024 09:11:53 GMT
Pragma
no-cache
Server
nginx
X-Powered-By
PHP/7.2.34-51+ubuntu22.04.1+deb.sury.org+1

Redirect headers

accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Device-Memory
accept-ch-lifetime
31536000
access-control-allow-credentials
true
access-control-allow-origin
*
access-control-max-age
86400
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-length
0
content-type
text/plain; charset=UTF-8
date
Thu, 28 Nov 2024 09:11:52 GMT
expires
Thu, 28 Nov 2024 09:11:52 UTC
last-modified
Thu, 28 Nov 2024 09:11:52 UTC
location
https://redwingshere.xyz/go/8286/3?subid2={hostId}
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
pragma
no-cache
referrer-policy
no-referrer
server
nginx
7482447
meherdewogoud.com/4/ 		31 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://meherdewogoud.com/4/7482447?var=8286_%7BhostId%7D&ymid=158t5r4400083
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.22.222 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
862904e5dfc1e2acbf8eb3738acc70f08659bc983c7210909ef63beb4e436407
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
86400
alt-svc
h3=":443"; ma=86400
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
cf-cache-status
DYNAMIC
cf-ray
8e993bb2dd4f1981-FRA
content-encoding
gzip
content-type
text/html; charset=utf8
date
Thu, 28 Nov 2024 09:11:54 GMT
expires
Tue, 11 Jan 1994 10:00:00 GMT
link
<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch"
pragma
no-cache
server
cloudflare
strict-transport-security
max-age=1
timing-allow-origin
* *
x-content-type-options
nosniff
x-trace-id
b04b164c8afe8cd0d8b581ab21d9ca87
favicon.ico
redwingshere.xyz/ 		0
154 B 		Other
General
Check archive.org
Download Go to
Full URL
https://redwingshere.xyz/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.13.225.41 , Germany, ASN58087 (FlorianKolb Florian Kolb, DE),
Reverse DNS
41.225.13.45.in-addr.arpa
Software
nginx /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Length
0
Date
Thu, 28 Nov 2024 09:11:53 GMT
Content-Type
text/html; charset=UTF-8
Server
nginx
Connection
keep-alive
sftouch
meherdewogoud.com/ 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://meherdewogoud.com/sftouch?userId=00812265410e4563e892264d8fdd490b&z=7482447&p_rid=cb04f3fe-cf93-4d01-b9c6-a8f64fd84636&p_src=sf&branchId=0&rb=m6mmj_jq06eAPMwst_oyIh-WLbyynJt8iQLC5TEryURkumDcv5ZEZ5qKX5C269-qKpDdmbF599brRA6k3aQJ6UaR3y5RuGaGydnOo1voByFymsxEvmg6itWrQZZ7lceOUbif0zIlrnTeijNxXIfXbznIymr9Qd5ccP-zF2k9VciPPFFJPcBlasWqjoamcq4crctzffGdn0VoUy9XLZ_4Lx1nA2pqMZRt4GJqnCH0BFW5n8uMCUCZZPNhXgA-DjPpObacwKGt9akSsgX9Z4SnHNzmViI7HHClwcORRoXHKXMtI-NFJiHUo838F9TsctP_vrYNgk5RTuqxoJk4sFGoIQ==&w_img=1
Requested by
Host: meherdewogoud.com
URL: https://meherdewogoud.com/4/7482447?var=8286_%7BhostId%7D&ymid=158t5r4400083
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.22.222 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://meherdewogoud.com/4/7482447?var=8286_%7BhostId%7D&ymid=158t5r4400083

Response headers

access-control-max-age
86400
cf-cache-status
DYNAMIC
access-control-allow-methods
GET, POST, OPTIONS
x-content-type-options
nosniff
expires
Tue, 11 Jan 1994 10:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 28 Nov 2024 09:11:54 GMT
content-type
image/gif
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
strict-transport-security
max-age=1
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*, *
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
pragma
no-cache
access-control-allow-credentials
true
x-trace-id
a43991c7b0c6ad5a682f041a879861b9
cf-ray
8e993bb55fed1981-FRA
access-control-allow-origin
*
content-length
43
server
cloudflare
add
meherdewogoud.com/log/ 		12 B
234 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://meherdewogoud.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=cb04f3fe-cf93-4d01-b9c6-a8f64fd84636
Requested by
Host: meherdewogoud.com
URL: https://meherdewogoud.com/4/7482447?var=8286_%7BhostId%7D&ymid=158t5r4400083
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.22.222 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe85cceb474303eb80a5ca9a60b16d92208a8e0b38647647654b0c42447b51f7
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://meherdewogoud.com/4/7482447?var=8286_%7BhostId%7D&ymid=158t5r4400083

Response headers

strict-transport-security
max-age=1
timing-allow-origin
*
cf-cache-status
DYNAMIC
access-control-allow-credentials
true
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
x-content-type-options
nosniff
cf-ray
8e993bb5982d1981-FRA
access-control-allow-origin
https://meherdewogoud.com
alt-svc
h3=":443"; ma=86400
content-length
12
date
Thu, 28 Nov 2024 09:11:54 GMT
content-type
application/json; charset=utf-8
server
cloudflare
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
img.gif
my.rtmark.net/ 		43 B
882 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://my.rtmark.net/img.gif?f=merge&userId=00812265410e4563e892264d8fdd490b&z=7482447&p_rid=cb04f3fe-cf93-4d01-b9c6-a8f64fd84636&p_src=sf
Requested by
Host: meherdewogoud.com
URL: https://meherdewogoud.com/4/7482447?var=8286_%7BhostId%7D&ymid=158t5r4400083
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://meherdewogoud.com/

Response headers

access-control-expose-headers
Authorization
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zQPdLdCjQRvHO1aOkrI%2Ba%2B6o1m%2BJyy4alWyUEqT9FvKiiIeLREFkfr7oKLNGNsRsK1yVdUK8QVkY5%2Bs%2BKVsE%2BtmpvdHfaZHT20PRnvTpMMdEhRAj5DqUAvGhlKAC97KR"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=25281&min_rtt=15007&rtt_var=11083&sent=12&recv=9&lost=0&retrans=0&sent_bytes=4160&recv_bytes=4468&delivery_rate=38446&cwnd=12000&unsent_bytes=0&cid=8c554e8ad5e49494&ts=89&x=1", cfExtPri, cfHdrFlush;dur=0
date
Thu, 28 Nov 2024 09:11:54 GMT
content-type
image/gif
priority
u=3,i
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
strict-transport-security
max-age=1
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
timing-allow-origin
*, *
access-control-allow-credentials
true
cf-ray
8e993bb608c162d2-HAM
access-control-allow-origin
*
content-length
43
server
cloudflare
add
meherdewogoud.com/async_log/ 		0
297 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://meherdewogoud.com/async_log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=cb04f3fe-cf93-4d01-b9c6-a8f64fd84636
Requested by
Host: meherdewogoud.com
URL: https://meherdewogoud.com/4/7482447?var=8286_%7BhostId%7D&ymid=158t5r4400083
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.22.222 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://meherdewogoud.com/4/7482447?var=8286_%7BhostId%7D&ymid=158t5r4400083

Response headers

strict-transport-security
max-age=1
timing-allow-origin
*
cf-cache-status
DYNAMIC
access-control-allow-credentials
true
x-content-type-options
nosniff
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
cf-ray
8e993bb62fdb2bcb-FRA
access-control-allow-origin
https://meherdewogoud.com
alt-svc
h3=":443"; ma=86400
content-length
0
date
Thu, 28 Nov 2024 09:11:54 GMT
server
cloudflare
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
6118780
meherdewogoud.com/4/
Redirect Chain
  • https://meherdewogoud.com/?z=7482447&syncedCookie=true&rhd=false
  • https://meherdewogoud.com/4/6118780?var=7482447&btz=Europe/Berlin&bto=-60&bar=x
31 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://meherdewogoud.com/4/6118780?var=7482447&btz=Europe/Berlin&bto=-60&bar=x
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.22.222 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f8425b40556bcaca745a5bbdd800766bba2f1ebf9c9c92eef339348007352efd
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://meherdewogoud.com
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
86400
alt-svc
h3=":443"; ma=86400
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
cf-cache-status
DYNAMIC
cf-ray
8e993bb97a612bcb-FRA
content-encoding
gzip
content-type
text/html; charset=utf8
date
Thu, 28 Nov 2024 09:11:55 GMT
expires
Tue, 11 Jan 1994 10:00:00 GMT
link
<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch"
pragma
no-cache
server
cloudflare
strict-transport-security
max-age=1
timing-allow-origin
* *
x-content-type-options
nosniff
x-trace-id
5a8cc06d23e23d7277a57f0125572782

Redirect headers

accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://meherdewogoud.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=86400
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
cf-cache-status
DYNAMIC
cf-ray
8e993bb899bc2bcb-FRA
content-length
0
date
Thu, 28 Nov 2024 09:11:54 GMT
expires
Tue, 11 Jan 1994 10:00:00 GMT
link
<https://meherdewogoud.com>; rel="preconnect dns-prefetch",<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
location
https://meherdewogoud.com/4/6118780?var=7482447&btz=Europe/Berlin&bto=-60&bar=x
pragma
no-cache
referrer-policy
no-referrer
server
cloudflare
strict-transport-security
max-age=1
timing-allow-origin
* *
x-content-type-options
nosniff
x-trace-id
fb3741621a425e3224ab28f5f7199fab
favicon.ico
meherdewogoud.com/ 		0
0
img.gif
my.rtmark.net/ 		43 B
856 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://my.rtmark.net/img.gif?f=merge&userId=00812265410e4563e892264d8fdd490b&z=6118780&p_rid=67aaa7b8-c790-4e3f-aff0-27c73367e793&p_src=sf
Requested by
Host: meherdewogoud.com
URL: https://meherdewogoud.com/4/6118780?var=7482447&btz=Europe/Berlin&bto=-60&bar=x
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://meherdewogoud.com/

Response headers

access-control-expose-headers
Authorization
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DETCEe1HHDv1GmPLo8L63HjbOv4aZ5K4xdBcCou00Elvy4DobpaoFpSYAfXdeOtiWXhGf14rdBMq7dQOdmod6eEg4c6aBEubY9umUvKW2LzrlpkJqPgaGTKFtp2IvhLJ"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=24230&min_rtt=15007&rtt_var=10414&sent=14&recv=11&lost=0&retrans=0&sent_bytes=5089&recv_bytes=4929&delivery_rate=20445&cwnd=12000&unsent_bytes=0&cid=8c554e8ad5e49494&ts=823&x=1", cfExtPri, cfHdrFlush;dur=0
date
Thu, 28 Nov 2024 09:11:55 GMT
content-type
image/gif
priority
u=4,i
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
strict-transport-security
max-age=1
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
timing-allow-origin
*, *
access-control-allow-credentials
true
cf-ray
8e993bbaae0062d2-HAM
access-control-allow-origin
https://meherdewogoud.com
content-length
43
server
cloudflare
sftouch
meherdewogoud.com/ 		43 B
531 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://meherdewogoud.com/sftouch?userId=00812265410e4563e892264d8fdd490b&z=6118780&p_rid=67aaa7b8-c790-4e3f-aff0-27c73367e793&p_src=sf&branchId=0&rb=39HRm60II8xWyThULSqbxH1FDItCBg9uXlCyXOIkTTGddP0TEPisXdQSKutr71bej7EQlhiZZEU0r6thOjAa1L4j0Hmr7jTzpBmIw8S9vBp2I7Y9HeeLxy8IHCvUUgfQzSLLmtojMQVvK9OlSCb8tZmr4khPXns9uhuTJskJyuh3M9FNAE0rgek4kh8RwGPbrgCtSUF61FrRvNRhKqmkQdKNsC1MzEoTLfvIL2raW21TQzV6IcohvdyUVdtHOKgFydEkgMkiRGN54yMPvfUGkV_9jtngQmLuJAbU8d5jS0zA5yQtV99lcA==&w_img=1
Requested by
Host: meherdewogoud.com
URL: https://meherdewogoud.com/4/6118780?var=7482447&btz=Europe/Berlin&bto=-60&bar=x
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.22.222 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://meherdewogoud.com/4/6118780?var=7482447&btz=Europe/Berlin&bto=-60&bar=x

Response headers

access-control-max-age
86400
cf-cache-status
DYNAMIC
access-control-allow-methods
GET, POST, OPTIONS
x-content-type-options
nosniff
expires
Tue, 11 Jan 1994 10:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 28 Nov 2024 09:11:55 GMT
content-type
image/gif
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
strict-transport-security
max-age=1
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*, *
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
pragma
no-cache
access-control-allow-credentials
true
x-trace-id
4a7f28fea4ffe4a3bc98a6e5b7b0e8cc
cf-ray
8e993bbaab512bcb-FRA
access-control-allow-origin
*
content-length
43
server
cloudflare
add
meherdewogoud.com/log/ 		12 B
305 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://meherdewogoud.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=67aaa7b8-c790-4e3f-aff0-27c73367e793
Requested by
Host: meherdewogoud.com
URL: https://meherdewogoud.com/4/6118780?var=7482447&btz=Europe/Berlin&bto=-60&bar=x
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.22.222 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://meherdewogoud.com/4/6118780?var=7482447&btz=Europe/Berlin&bto=-60&bar=x

Response headers

strict-transport-security
max-age=1
timing-allow-origin
*
cf-cache-status
DYNAMIC
access-control-allow-credentials
true
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
x-content-type-options
nosniff
cf-ray
8e993bbb9c732bcb-FRA
access-control-allow-origin
https://meherdewogoud.com
alt-svc
h3=":443"; ma=86400
content-length
12
date
Thu, 28 Nov 2024 09:11:55 GMT
content-type
application/json; charset=utf-8
server
cloudflare
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
add
meherdewogoud.com/async_log/ 		0
261 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://meherdewogoud.com/async_log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=67aaa7b8-c790-4e3f-aff0-27c73367e793
Requested by
Host: meherdewogoud.com
URL: https://meherdewogoud.com/4/6118780?var=7482447&btz=Europe/Berlin&bto=-60&bar=x
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.22.222 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://meherdewogoud.com/4/6118780?var=7482447&btz=Europe/Berlin&bto=-60&bar=x

Response headers

strict-transport-security
max-age=1
timing-allow-origin
*
cf-cache-status
DYNAMIC
access-control-allow-credentials
true
x-content-type-options
nosniff
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
cf-ray
8e993bbb9c762bcb-FRA
access-control-allow-origin
https://meherdewogoud.com
alt-svc
h3=":443"; ma=86400
content-length
0
date
Thu, 28 Nov 2024 09:11:55 GMT
server
cloudflare
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
favicon.ico
meherdewogoud.com/ 		0
181 B 		Other
General
Check archive.org
Download Go to
Full URL
https://meherdewogoud.com/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.22.222 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://meherdewogoud.com/afu.php?zoneid=6118780&var=6118780&rid=33-IJ2mCiw9DGbmF2LWarg%3D%3D&rhd=false&ab2r=0&sf=1&is_mobile=false

Response headers

cache-control
public, max-age=315360000
cf-cache-status
HIT
pragma
public
age
34786
cf-ray
8e993bbc0ccd2bcb-FRA
expires
Sun, 26 Nov 2034 09:11:55 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 28 Nov 2024 09:11:55 GMT
vary
Accept-Encoding
server
cloudflare
Primary Request bstn-com-de-cpc
www.shoptastic.io/de/store/
Redirect Chain
  • https://meherdewogoud.com/?z=6118780&syncedCookie=false&rhd=false
  • https://www.share365.net/vip/rds/de?subId=885927586121920579_N&country=DE&campaignid=8543937
  • https://www.shoptastic.io/de/store/bstn-com-de-cpc?pubId=10439&subId=885927586121920579_N&country=DE&campaignid=8543937
134 B
337 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.shoptastic.io/de/store/bstn-com-de-cpc?pubId=10439&subId=885927586121920579_N&country=DE&campaignid=8543937
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.53.88.18 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-53-88-18.us-west-1.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
d336c529159b194afa37abc0eba17ddd668c9c28ed446c7ae21410c21aaa46d1

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://meherdewogoud.com
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

content-encoding
gzip
content-language
en-US
content-type
text/html;charset=UTF-8
date
Thu, 28 Nov 2024 09:11:57 GMT
server
nginx/1.18.0 (Ubuntu)
vary
origin,access-control-request-method,access-control-request-headers,accept-encoding

Redirect headers

cache-control
no-cache, private
cf-cache-status
DYNAMIC
cf-ray
8e993bc45dd1dc4c-FRA
content-type
text/html; charset=UTF-8
date
Thu, 28 Nov 2024 09:11:56 GMT
location
https://www.shoptastic.io/de/store/bstn-com-de-cpc?pubId=10439&subId=885927586121920579_N&country=DE&campaignid=8543937
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OK2ZKRacKzbBNj%2Btxn5ifCVXFtFZYpdreQ8prEXN%2FyT7VwABVI%2F79ZWVSpKlvIZdb%2F3b0HLyTXpf6K59u2gEGu78s8vr5m4pQTnO7DIp4%2BXJy8hhxMnddWI0VWBP9ay5dcdjGnyU6GhxiK0jFKA%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfCacheStatus;desc="DYNAMIC" cfL4;desc="?proto=TCP&rtt=7351&min_rtt=6548&rtt_var=1353&sent=6&recv=13&lost=0&retrans=0&sent_bytes=4042&recv_bytes=2433&delivery_rate=592778&cwnd=254&unsent_bytes=0&cid=511aee07a383d3d8&ts=227&x=0"
strict-transport-security
max-age=31536000
favicon.ico
meherdewogoud.com/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://meherdewogoud.com/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.22.222 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://meherdewogoud.com/afu.php?zoneid=6118780&var=6118780&rid=33-IJ2mCiw9DGbmF2LWarg%3D%3D&rhd=false&ab2r=0&sf=1&is_mobile=false

Response headers

cache-control
public, max-age=315360000
cf-cache-status
HIT
pragma
public
age
34786
cf-ray
8e993bbc0ccd2bcb-FRA
expires
Sun, 26 Nov 2034 09:11:55 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 28 Nov 2024 09:11:55 GMT
vary
Accept-Encoding
server
cloudflare
red_u_plain.php
clcktrck.com/de/s/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
meherdewogoud.com
URL
https://meherdewogoud.com/favicon.ico
Domain
clcktrck.com
URL
https://clcktrck.com/de/s/red_u_plain.php?uid=274460734&t=direct&s=22214&pub=10439&d=bstn.com

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Domain/Path Name / Value
redwingshere.xyz/ Name: mobitck
Value: 1
meherdewogoud.com/ Name: OAID
Value: 00812265410e4563e892264d8fdd490b
meherdewogoud.com/ Name: oaidts
Value: 1732785114
my.rtmark.net/ Name: ID
Value: 00812265410e4563e892264d8fdd490b
meherdewogoud.com/ Name: syncedCookie
Value: true
www.share365.net/ Name: XSRF-TOKEN
Value: eyJpdiI6IkpLTDFnQ0JzOEZGRVJ3cVBzOENZcnc9PSIsInZhbHVlIjoiaEN2RUhIRHk2STRVN245b1hzczZzNHA0YktoVmxaTHVvZld1TXY5bkZQNHptWHdtSEcrUjhNN3BOMmFNK2NNaSIsIm1hYyI6IjA0N2FlNzE4NTExN2VmODJkOTRhODE1NWJhZWNlNjA4MDUyZjI0Njg5MWRmZmVjZTI4ZWVmMjczZTdjMmNkMmMifQ%3D%3D
www.share365.net/ Name: laravel_session
Value: eyJpdiI6Ik5LSm04MncxeEtWWENNZ3RJVklRWWc9PSIsInZhbHVlIjoiSDhWemN6U1Z0T1NWbCs4eEtCMHNUaVVcLzlrdjZicVFKN0YrS3NYeFRcL3VOdE15TU5xcG43WVwvOUJJUmMrbXc2RCIsIm1hYyI6IjdjODBhM2ZkOGJjMWVkYmVmMjFlMTg5NmE2YjFhM2NkYzE2OTM5ZmM4NjQ5YmNhZjk3ODExNTk2NTk5OGMwN2YifQ%3D%3D
www.share365.net/ Name: __cflb
Value: 0H28vVobGc6CutkxgoxseCJNYfYqVa8zgKSrPajYGNf

4 Console Messages

Source Level URL
Text
rendering warning URL: https://meherdewogoud.com/4/7482447?var=8286_%7BhostId%7D&ymid=158t5r4400083
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A0F01C0094120000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering warning URL: https://meherdewogoud.com/afu.php?zoneid=7482447&var=7482447&rid=XXz4jyvWNyEJSqRKY8d18w%3D%3D&rhd=false&ab2r=0&sf=1&is_mobile=false
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A090EC0094120000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering warning URL: https://meherdewogoud.com/4/6118780?var=7482447&btz=Europe/Berlin&bto=-60&bar=x
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A090EC0094120000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering warning URL: https://meherdewogoud.com/afu.php?zoneid=6118780&var=6118780&rid=33-IJ2mCiw9DGbmF2LWarg%3D%3D&rhd=false&ab2r=0&sf=1&is_mobile=false
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A0F01C0094120000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.