urlscan.io logo urlscan.io
SecurityTrails logo

go.etoro.com Open in urlscan Pro
104.102.20.147  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://28906137-30440-ex.lotwiliticate.com/jSZDCoQ5OwnnZtczvVjEKidMl9kRvoHRdvlTM87KGJgdN5mXo99WpsuHVddgc4ablI0FcKUmgv7seuuzHOKnYBaKm6CluL-K...
Effective URL: https://go.etoro.com/de/ai-stocks?utm_medium=Networks&utm_source=94116&utm_content=20866&utm_serial=wcdslm8q76r8hcc6j...
Submission: On December 17 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 3 countries across 7 domains to perform 12 HTTP transactions. The main IP is 104.102.20.147, located in Frankfurt am Main, Germany and belongs to AKAMAI-AS, US. The main domain is go.etoro.com. The Cisco Umbrella rank of the primary domain is 291166.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on December 31st 2023. Valid for: a year.
This is the only time go.etoro.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 88.208.22.1 39572 (ADVANCEDH...)
2 45.13.225.41 58087 (FlorianKo...)
1 6 104.18.23.222 13335 (CLOUDFLAR...)
2 188.114.97.3 13335 (CLOUDFLAR...)
2 2 18.192.108.151 16509 (AMAZON-02)
1 2 104.102.20.147 16625 (AKAMAI-AS)
12 5
1    88.208.22.1 (Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL)
PTR: mail.armadaboard.com
28906137-30440-ex.lotwiliticate.com
2    45.13.225.41 (Germany)

ASN58087 (FlorianKolb Florian Kolb, DE)
PTR: 41.225.13.45.in-addr.arpa
redwingshere.xyz
6    104.18.23.222 (None, )

ASN13335 (CLOUDFLARENET, US)
meherdewogoud.com
2    188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
my.rtmark.net
2    18.192.108.151 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-192-108-151.eu-central-1.compute.amazonaws.com
camp.purchase-shop.com
2    104.102.20.147 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-102-20-147.deploy.static.akamaitechnologies.com
med.etoro.com
go.etoro.com
Apex Domain
Subdomains		 Transfer
6 meherdewogoud.com
meherdewogoud.com — Cisco Umbrella Rank: 237439
16 KB
2 etoro.com
med.etoro.com — Cisco Umbrella Rank: 144129
go.etoro.com — Cisco Umbrella Rank: 291166
1 KB
2 purchase-shop.com
camp.purchase-shop.com — Cisco Umbrella Rank: 511857
1 KB
2 rtmark.net
my.rtmark.net — Cisco Umbrella Rank: 10565
1 KB
2 redwingshere.xyz
redwingshere.xyz — Cisco Umbrella Rank: 220818
911 B
1 lotwiliticate.com
28906137-30440-ex.lotwiliticate.com
557 B
0 etorostatic.com Failed
marketing.etorostatic.com Failed
etoro-cdn.etorostatic.com Failed
12 7
Domain Requested by
6 meherdewogoud.com 1 redirects meherdewogoud.com
2 camp.purchase-shop.com 2 redirects
2 my.rtmark.net meherdewogoud.com
2 redwingshere.xyz
1 go.etoro.com
1 med.etoro.com 1 redirects
1 28906137-30440-ex.lotwiliticate.com 1 redirects
0 etoro-cdn.etorostatic.com Failed go.etoro.com
0 marketing.etorostatic.com Failed go.etoro.com
12 9

This site contains no links.

Subject Issuer Validity Valid
redwingshere.xyz
E6		 2024-12-07 -
2025-03-07		 3 months crt.sh
meherdewogoud.com
WE1		 2024-11-24 -
2025-02-22		 3 months crt.sh
my.rtmark.net
WE1		 2024-11-06 -
2025-02-04		 3 months crt.sh
*.etoro.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-31 -
2025-01-03		 a year crt.sh

This page contains 1 frames:

Primary Page: https://go.etoro.com/de/ai-stocks?utm_medium=Networks&utm_source=94116&utm_content=20866&utm_serial=wcdslm8q76r8hcc6j0vmgbre&utm_campaign=wcdslm8q76r8hcc6j0vmgbre&utm_term=
Frame ID: 8512F860D711AEDB0E7D6D9032BECBFD
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://28906137-30440-ex.lotwiliticate.com/jSZDCoQ5OwnnZtczvVjEKidMl9kRvoHRdvlTM87KGJgdN5mXo99WpsuHVddgc4ablI0FcKUmgv7s... HTTP 307
    https://redwingshere.xyz/go/8286/3?subid2={hostId} Page URL
  2. https://meherdewogoud.com/4/7482447?var=8286_%7BhostId%7D&ymid=15f6vmhd00082 Page URL
  3. https://meherdewogoud.com/?z=7482447&syncedCookie=true&rhd=false HTTP 302
    https://camp.purchase-shop.com/3967415d-e788-42c8-80dd-646c236ac447?zoneid=7482447&bannerid=8989624&browser... HTTP 307
    https://camp.purchase-shop.com/3967415d-e788-42c8-80dd-646c236ac447/2?zoneid=7482447&bannerid=8989624&brows... HTTP 302
    https://med.etoro.com/B20866_A94116_TClick_Swcdslm8q76r8hcc6j0vmgbre.aspx HTTP 301
    https://go.etoro.com/de/ai-stocks?utm_medium=Networks&utm_source=94116&utm_content=20866&utm_seri... Page URL

Page Statistics

12
Requests

83 %
HTTPS

0 %
IPv6

7
Domains

9
Subdomains

5
IPs

3
Countries

17 kB
Transfer

179 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://28906137-30440-ex.lotwiliticate.com/jSZDCoQ5OwnnZtczvVjEKidMl9kRvoHRdvlTM87KGJgdN5mXo99WpsuHVddgc4ablI0FcKUmgv7seuuzHOKnYBaKm6CluL-KdQYfSrtOzPbZMgUfA3E-II3UJBG0iw?kws=valentina%2Cmia%2Csoldier%2Cboi%2Ctranny%2Cvideos&abl=0&fsb=0&pageUri=https%3A%2F%2Fwww.trannyvideosx.c...%20312%20...se%22%2C%22%5B%5D%22%5D&prsl=1 HTTP 307
    https://redwingshere.xyz/go/8286/3?subid2={hostId} Page URL
  2. https://meherdewogoud.com/4/7482447?var=8286_%7BhostId%7D&ymid=15f6vmhd00082 Page URL
  3. https://meherdewogoud.com/?z=7482447&syncedCookie=true&rhd=false HTTP 302
    https://camp.purchase-shop.com/3967415d-e788-42c8-80dd-646c236ac447?zoneid=7482447&bannerid=8989624&browser=chrome&os=linux&device=desktop&region=he&isp=s.c.%20gvm%20sistem%202003%20s.r.l.&useragent=Mozilla/5.0%20(X11;%20Linux%20x86_64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/131.0.0.0%20Safari/537.36&language=de&connectiontype=broadband&cost=0.000600&visitor_id=892861657880203595 HTTP 307
    https://camp.purchase-shop.com/3967415d-e788-42c8-80dd-646c236ac447/2?zoneid=7482447&bannerid=8989624&browser=chrome&os=linux&device=desktop&region=he&isp=s.c.%20gvm%20sistem%202003%20s.r.l.&useragent=Mozilla/5.0%20(X11;%20Linux%20x86_64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/131.0.0.0%20Safari/537.36&language=de&connectiontype=broadband&cost=0.000600&visitor_id=892861657880203595 HTTP 302
    https://med.etoro.com/B20866_A94116_TClick_Swcdslm8q76r8hcc6j0vmgbre.aspx HTTP 301
    https://go.etoro.com/de/ai-stocks?utm_medium=Networks&utm_source=94116&utm_content=20866&utm_serial=wcdslm8q76r8hcc6j0vmgbre&utm_campaign=wcdslm8q76r8hcc6j0vmgbre&utm_term= Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://28906137-30440-ex.lotwiliticate.com/jSZDCoQ5OwnnZtczvVjEKidMl9kRvoHRdvlTM87KGJgdN5mXo99WpsuHVddgc4ablI0FcKUmgv7seuuzHOKnYBaKm6CluL-KdQYfSrtOzPbZMgUfA3E-II3UJBG0iw?kws=valentina%2Cmia%2Csoldier%2Cboi%2Ctranny%2Cvideos&abl=0&fsb=0&pageUri=https%3A%2F%2Fwww.trannyvideosx.c...%20312%20...se%22%2C%22%5B%5D%22%5D&prsl=1 HTTP 307
  • https://redwingshere.xyz/go/8286/3?subid2={hostId}

12 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
3
redwingshere.xyz/go/8286/
Redirect Chain
  • https://28906137-30440-ex.lotwiliticate.com/jSZDCoQ5OwnnZtczvVjEKidMl9kRvoHRdvlTM87KGJgdN5mXo99WpsuHVddgc4ablI0FcKUmgv7seuuzHOKnYBaKm6CluL-KdQYfSrtOzPbZMgUfA3E-II3UJBG0iw?kws=valentina%2Cmia%2Csold...
  • https://redwingshere.xyz/go/8286/3?subid2={hostId}
293 B
757 B 		Document
General
Check archive.org
Download Go to
Full URL
https://redwingshere.xyz/go/8286/3?subid2={hostId}
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.13.225.41 , Germany, ASN58087 (FlorianKolb Florian Kolb, DE),
Reverse DNS
41.225.13.45.in-addr.arpa
Software
nginx /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Connection
keep-alive
Content-Encoding
identity
Content-Length
293
Content-Type
text/html; charset=utf-8
Date
Tue, 17 Dec 2024 12:25:24 GMT
Expires
Mon, 26 Jul 1997 05:00:00 GMT
Last-Modified
Tue, 17 Dec 2024 12:25:24 GMT
Pragma
no-cache
Server
nginx

Redirect headers

accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Device-Memory
accept-ch-lifetime
31536000
access-control-allow-credentials
true
access-control-allow-origin
*
access-control-max-age
86400
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-length
0
content-type
text/plain; charset=UTF-8
date
Tue, 17 Dec 2024 12:25:23 GMT
expires
Tue, 17 Dec 2024 12:25:23 UTC
last-modified
Tue, 17 Dec 2024 12:25:23 UTC
location
https://redwingshere.xyz/go/8286/3?subid2={hostId}
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
pragma
no-cache
referrer-policy
no-referrer
server
nginx
7482447
meherdewogoud.com/4/ 		31 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://meherdewogoud.com/4/7482447?var=8286_%7BhostId%7D&ymid=15f6vmhd00082
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.23.222 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
139df9d6aca9059b41c408c6f5faa0c128d84d54afda7339c41b9cf141f4ce0b
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
86400
alt-svc
h3=":443"; ma=86400
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
cf-cache-status
DYNAMIC
cf-ray
8f36e54f585be4b4-OTP
content-encoding
gzip
content-type
text/html; charset=utf8
date
Tue, 17 Dec 2024 12:25:25 GMT
expires
Tue, 11 Jan 1994 10:00:00 GMT
pragma
no-cache
server
cloudflare
strict-transport-security
max-age=1
timing-allow-origin
* *
x-content-type-options
nosniff
favicon.ico
redwingshere.xyz/ 		0
154 B 		Other
General
Check archive.org
Download Go to
Full URL
https://redwingshere.xyz/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.13.225.41 , Germany, ASN58087 (FlorianKolb Florian Kolb, DE),
Reverse DNS
41.225.13.45.in-addr.arpa
Software
nginx /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Length
0
Date
Tue, 17 Dec 2024 12:25:25 GMT
Content-Type
text/html; charset=UTF-8
Server
nginx
Connection
keep-alive
img.gif
my.rtmark.net/ 		43 B
939 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://my.rtmark.net/img.gif?f=merge&userId=0081355daa7a469de12fb706b2f1f7b1&z=7482447&p_rid=2bedf806-1519-4395-89e5-7f88e710f9b1&p_src=sf
Requested by
Host: meherdewogoud.com
URL: https://meherdewogoud.com/4/7482447?var=8286_%7BhostId%7D&ymid=15f6vmhd00082
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://meherdewogoud.com/

Response headers

access-control-expose-headers
Authorization
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wFILPMKRJu7eHdCdmKK4Y9mnAJJOyW6BPMSH3G0cu9O8KqqduqKZId60Pz5cTn6%2B38TkWVxjR2mHCWoDEbLSzbKpZfSUi2tNVs%2FXV7x31lhrEemdsADnTJTvp1Zl78LC"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=54421&min_rtt=51197&rtt_var=14171&sent=8&recv=10&lost=0&retrans=0&sent_bytes=3934&recv_bytes=2276&delivery_rate=78911&cwnd=252&unsent_bytes=0&cid=13876d69a4e8c5a8&ts=251&x=0"
date
Tue, 17 Dec 2024 12:25:26 GMT
content-type
image/gif
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
strict-transport-security
max-age=1
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
timing-allow-origin
*, *
access-control-allow-credentials
true
cf-ray
8f36e5563f930544-OTP
access-control-allow-origin
*
content-length
43
server
cloudflare
sftouch
meherdewogoud.com/ 		43 B
175 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://meherdewogoud.com/sftouch?userId=0081355daa7a469de12fb706b2f1f7b1&z=7482447&p_rid=2bedf806-1519-4395-89e5-7f88e710f9b1&p_src=sf&branchId=0&rb=KPVoNlrk1UXytxORRoQs4Sbpsx68F52rvQ1vQV87lZ7F9VyVnURYx2M8mretzJQuBC8sr4y1qmC7KR3kYE1hhx_whl-6YvMxXdVyyrcpYE0HVH5tjNJ4QtOjR6HMC2O89fdwes6mLz7YBNgQ6cbPecEAKHeAj3s5XvlrL9DFaOhEhcaGiyxTg252tcvsE-CYU5FyK-dmahU2I1RV-MbUsa0qFRIB75jj8C4CrjRH2EC47zY2I12N8o9qu7GJ5ZM3H0OONivll0PxfR0cMqF9Iwm9fDftRxBR3slDFoUuDPQV5AXe4EtD6oMiavuB9T9IHEkmdAN-EzU5kTTph20KkQ==&w_img=1
Requested by
Host: meherdewogoud.com
URL: https://meherdewogoud.com/4/7482447?var=8286_%7BhostId%7D&ymid=15f6vmhd00082
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.23.222 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://meherdewogoud.com/4/7482447?var=8286_%7BhostId%7D&ymid=15f6vmhd00082

Response headers

access-control-max-age
86400
cf-cache-status
DYNAMIC
access-control-allow-methods
GET, POST, OPTIONS
x-content-type-options
nosniff
expires
Tue, 11 Jan 1994 10:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Tue, 17 Dec 2024 12:25:26 GMT
content-type
image/gif
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
strict-transport-security
max-age=1
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*, *
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
pragma
no-cache
access-control-allow-credentials
true
x-trace-id
33597d64b111175d141771df770169c8
cf-ray
8f36e551cca7e4b4-OTP
access-control-allow-origin
*
content-length
43
server
cloudflare
add
meherdewogoud.com/log/ 		12 B
97 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://meherdewogoud.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=2bedf806-1519-4395-89e5-7f88e710f9b1
Requested by
Host: meherdewogoud.com
URL: https://meherdewogoud.com/4/7482447?var=8286_%7BhostId%7D&ymid=15f6vmhd00082
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.23.222 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe85cceb474303eb80a5ca9a60b16d92208a8e0b38647647654b0c42447b51f7
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://meherdewogoud.com/4/7482447?var=8286_%7BhostId%7D&ymid=15f6vmhd00082

Response headers

strict-transport-security
max-age=1
timing-allow-origin
*
cf-cache-status
DYNAMIC
access-control-allow-credentials
true
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
x-content-type-options
nosniff
cf-ray
8f36e5525d8ee4b4-OTP
access-control-allow-origin
https://meherdewogoud.com
alt-svc
h3=":443"; ma=86400
content-length
12
date
Tue, 17 Dec 2024 12:25:26 GMT
content-type
application/json; charset=utf-8
server
cloudflare
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
add
meherdewogoud.com/async_log/ 		0
179 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://meherdewogoud.com/async_log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=2bedf806-1519-4395-89e5-7f88e710f9b1
Requested by
Host: meherdewogoud.com
URL: https://meherdewogoud.com/4/7482447?var=8286_%7BhostId%7D&ymid=15f6vmhd00082
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.23.222 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://meherdewogoud.com/4/7482447?var=8286_%7BhostId%7D&ymid=15f6vmhd00082

Response headers

strict-transport-security
max-age=1
timing-allow-origin
*
cf-cache-status
DYNAMIC
access-control-allow-credentials
true
x-content-type-options
nosniff
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
cf-ray
8f36e5525d90e4b4-OTP
access-control-allow-origin
https://meherdewogoud.com
alt-svc
h3=":443"; ma=86400
content-length
0
date
Tue, 17 Dec 2024 12:25:26 GMT
server
cloudflare
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
img.gif
my.rtmark.net/ 		43 B
487 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://my.rtmark.net/img.gif?f=merge&userId=0081355daa7a469de12fb706b2f1f7b1&z=7482447&p_rid=2bedf806-1519-4395-89e5-7f88e710f9b1&p_src=sf
Requested by
Host: meherdewogoud.com
URL: https://meherdewogoud.com/4/7482447?var=8286_%7BhostId%7D&ymid=15f6vmhd00082
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://meherdewogoud.com/

Response headers

access-control-expose-headers
Authorization
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=S8H%2FZ%2FOpJIykyv2wCTYZIqQ16YGErLPsJ0vopCwsD6zsQn0sgGrIdHX1FSXOUaIb0sHznk3ljy1K68WhKbii3F4fWbMObXzffNn2SVN5Kx7VZEDbWQ9mBAF%2FQjBUXqUP"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=56231&min_rtt=51197&rtt_var=5465&sent=13&recv=17&lost=0&retrans=0&sent_bytes=4939&recv_bytes=2489&delivery_rate=78911&cwnd=257&unsent_bytes=0&cid=13876d69a4e8c5a8&ts=426&x=0"
date
Tue, 17 Dec 2024 12:25:26 GMT
content-type
image/gif
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
strict-transport-security
max-age=1
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
timing-allow-origin
*, *
access-control-allow-credentials
true
cf-ray
8f36e55758630544-OTP
access-control-allow-origin
https://meherdewogoud.com
content-length
43
server
cloudflare
Primary Request ai-stocks
go.etoro.com/de/
Redirect Chain
  • https://meherdewogoud.com/?z=7482447&syncedCookie=true&rhd=false
  • https://camp.purchase-shop.com/3967415d-e788-42c8-80dd-646c236ac447?zoneid=7482447&bannerid=8989624&browser=chrome&os=linux&device=desktop&region=he&isp=s.c.%20gvm%20sistem%202003%20s.r.l.&useragen...
  • https://camp.purchase-shop.com/3967415d-e788-42c8-80dd-646c236ac447/2?zoneid=7482447&bannerid=8989624&browser=chrome&os=linux&device=desktop&region=he&isp=s.c.%20gvm%20sistem%202003%20s.r.l.&userag...
  • https://med.etoro.com/B20866_A94116_TClick_Swcdslm8q76r8hcc6j0vmgbre.aspx
  • https://go.etoro.com/de/ai-stocks?utm_medium=Networks&utm_source=94116&utm_content=20866&utm_serial=wcdslm8q76r8hcc6j0vmgbre&utm_campaign=wcdslm8q76r8hcc6j0vmgbre&utm_term=
148 KB
0 		Document
General
Check archive.org
Download Go to
Full URL
https://go.etoro.com/de/ai-stocks?utm_medium=Networks&utm_source=94116&utm_content=20866&utm_serial=wcdslm8q76r8hcc6j0vmgbre&utm_campaign=wcdslm8q76r8hcc6j0vmgbre&utm_term=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.102.20.147 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-102-20-147.deploy.static.akamaitechnologies.com
Software
/ Express
Resource Hash

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://meherdewogoud.com
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cache-control
max-age=0, no-cache, no-store
content-encoding
gzip
content-length
35077
content-type
text/html; charset=utf-8
date
Tue, 17 Dec 2024 12:25:29 GMT
etag
W/"3681e-Zl2fZNg8PKhCC0x75gsXgAEKIQE"
expires
Tue, 17 Dec 2024 12:25:29 GMT
pragma
no-cache
request-context
appId=cid-v1:35936646-66d4-4f8d-a033-e97456c4c9a7
vary
Accept-Encoding
x-powered-by
Express

Redirect headers

Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
0
Date
Tue, 17 Dec 2024 12:25:29 GMT
Expires
Tue, 17 Dec 2024 12:25:29 GMT
Location
https://go.etoro.com/de/ai-stocks?utm_medium=Networks&utm_source=94116&utm_content=20866&utm_serial=wcdslm8q76r8hcc6j0vmgbre&utm_campaign=wcdslm8q76r8hcc6j0vmgbre&utm_term=
Pragma
no-cache
Request-Context
appId=cid-v1:b8570f0d-4fc0-4802-ba0c-4a0bac7882b8
X-Robots-Tag
noindex
favicon.ico
meherdewogoud.com/ 		0
132 B 		Other
General
Check archive.org
Download Go to
Full URL
https://meherdewogoud.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.23.222 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://meherdewogoud.com/afu.php?zoneid=7482447&var=7482447&rid=XXz4jyvWNyEJSqRKY8d18w%3D%3D&rhd=false&ab2r=0&sf=1&is_mobile=false

Response headers

cache-control
public, max-age=315360000
cf-cache-status
HIT
pragma
public
age
1402533
cf-ray
8f36e558b822e4b4-OTP
expires
Fri, 15 Dec 2034 12:25:27 GMT
alt-svc
h3=":443"; ma=86400
date
Tue, 17 Dec 2024 12:25:27 GMT
vary
Accept-Encoding
server
cloudflare
styles.c727bee910d14b83.css
marketing.etorostatic.com/landingpages/ 		0
0
image-mobile1.png
etoro-cdn.etorostatic.com/studio/content/lp/cache_1/etoro-lps/ai-stocks/v1/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
marketing.etorostatic.com
URL
https://marketing.etorostatic.com/landingpages/styles.c727bee910d14b83.css
Domain
etoro-cdn.etorostatic.com
URL
https://etoro-cdn.etorostatic.com/studio/content/lp/cache_1/etoro-lps/ai-stocks/v1/image-mobile1.png

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Domain/Path Name / Value
redwingshere.xyz/ Name: mobitck
Value: 1
my.rtmark.net/ Name: ID
Value: 0081355daa7a469de12fb706b2f1f7b1
meherdewogoud.com/ Name: OAID
Value: 00813503cddc4002e10569282817223e
meherdewogoud.com/ Name: oaidts
Value: 1734438327
.camp.purchase-shop.com/ Name: 3967415d-e788-42c8-80dd-646c236ac447-v4
Value: UBICq3hEGfvDXdYSxa4Pj5tSTmMHbYM_m7IYzz-XBWY
.camp.purchase-shop.com/ Name: cc-v4
Value: PlPVptE9%2Bm7VnjNlFTt0%2BcxF4wxJlFtxN20Bvyn%2FE2sCEjT6Fj7yT8Fxn2oEbZp7V%2BOkoPfcjo5W52dBTpc7B%2FPMaXk72Yc8LiubLVIESDTKPpgy46Wgmz8ZzXe%2B5BVG3XO6MLInT4MPuCpthfXviA%3D%3D
.etoro.com/ Name: AffiliateWizAffiliateID
Value: AffiliateID=94116&ClickBannerID=20866&SubAffiliateID=wcdslm8q76r8hcc6j0vmgbre&Custom=&ClickDateTime=2024-12-17T12%3A25%3A28.9873927Z&UserUniqueIdentifier=b724f996-2e7e-40e4-b457-d26c52c0bbc9
.etoro.com/ Name: AffAttr
Value: eyJBZmZpbGlhdGVJZCI6OTQxMTYsIkJhbm5lcklkIjoyMDg2NiwiQ2FtcGFpZ24iOiJ3Y2RzbG04cTc2cjhoY2M2ajB2bWdicmUiLCJDbGlja1RpbWUiOiIyMDI0LTEyLTE3VDEyOjI1OjI4Ljk4NzQwNjJaIiwiVXNlclVuaXF1ZUlkZW50aWZpZXIiOiJiNzI0Zjk5Ni0yZTdlLTQwZTQtYjQ1Ny1kMjZjNTJjMGJiYzkifQ

2 Console Messages

Source Level URL
Text
rendering warning URL: https://meherdewogoud.com/4/7482447?var=8286_%7BhostId%7D&ymid=15f6vmhd00082
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A0B09303D4300000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering warning URL: https://meherdewogoud.com/afu.php?zoneid=7482447&var=7482447&rid=XXz4jyvWNyEJSqRKY8d18w%3D%3D&rhd=false&ab2r=0&sf=1&is_mobile=false
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A0D09203D4300000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.