urlscan.io logo urlscan.io
SecurityTrails logo

reditest.pages.dev Open in urlscan Pro
188.114.96.3  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.cdtech.sbs/wp/eg/
Effective URL: https://reditest.pages.dev/files/?email=null
Submission: On July 15 via api from US — Scanned from FI
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 5 countries across 9 domains to perform 35 HTTP transactions. The main IP is 188.114.96.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is reditest.pages.dev.
TLS certificate: Issued by WE1 on July 2nd 2024. Valid for: 3 months.
This is the only time reditest.pages.dev was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Email (Online)

Domain & IP information

IP Address AS Autonomous System
3 21 65.109.83.50 24940 (HETZNER-AS)
1 142.250.186.106 15169 (GOOGLE)
2 142.250.185.227 15169 (GOOGLE)
2 188.114.96.3 13335 (CLOUDFLAR...)
1 169.150.247.36 60068 (CDN77 _)
2 104.17.24.14 13335 (CLOUDFLAR...)
1 151.101.130.137 54113 (FASTLY)
1 104.18.11.207 13335 (CLOUDFLAR...)
1 172.217.18.10 15169 (GOOGLE)
1 104.18.10.207 13335 (CLOUDFLAR...)
1 151.101.65.229 54113 (FASTLY)
35 12
21    65.109.83.50 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: turbocharge.rebootns.com
www.cdtech.sbs
cdtech.sbs
1    142.250.186.106 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f10.1e100.net
fonts.googleapis.com
2    142.250.185.227 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f3.1e100.net
fonts.gstatic.com
2    188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
reditest.pages.dev
1    169.150.247.36 (Frankfurt am Main, Germany)

ASN60068 (CDN77 _, GB)
PTR: 169-150-247-36.bunnyinfra.net
www.ratufa.io
2    104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    151.101.130.137 (San Francisco, United States)

ASN54113 (FASTLY, US)
code.jquery.com
1    104.18.11.207 (None, )

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
1    172.217.18.10 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f10.1e100.net
ajax.googleapis.com
1    104.18.10.207 (None, )

ASN13335 (CLOUDFLARENET, US)
stackpath.bootstrapcdn.com
1    151.101.65.229 (San Francisco, United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
Apex Domain
Subdomains		 Transfer
21 cdtech.sbs
www.cdtech.sbs
cdtech.sbs
284 KB
2 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1832
stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 4508
31 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 336
13 KB
2 gstatic.com
fonts.gstatic.com
33 KB
2 pages.dev
reditest.pages.dev Failed
8 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 110
ajax.googleapis.com — Cisco Umbrella Rank: 641
31 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 410
1 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 1211
24 KB
1 ratufa.io
www.ratufa.io
n1.ratufa.io Failed
93 KB
35 9
Domain Requested by
18 cdtech.sbs cdtech.sbs
3 www.cdtech.sbs 3 redirects
2 cdnjs.cloudflare.com reditest.pages.dev
2 fonts.gstatic.com fonts.googleapis.com
2 reditest.pages.dev cdtech.sbs
1 cdn.jsdelivr.net reditest.pages.dev
1 stackpath.bootstrapcdn.com reditest.pages.dev
1 ajax.googleapis.com reditest.pages.dev
1 maxcdn.bootstrapcdn.com reditest.pages.dev
1 code.jquery.com reditest.pages.dev
1 www.ratufa.io reditest.pages.dev
1 fonts.googleapis.com cdtech.sbs
0 n1.ratufa.io Failed www.ratufa.io
35 13

This site contains no links.

Subject Issuer Validity Valid
www.prosecco8cento.sbs.cdtech.sbs
R3		 2024-05-17 -
2024-08-15		 3 months crt.sh
upload.video.google.com
WR2		 2024-06-24 -
2024-09-16		 3 months crt.sh
*.gstatic.com
WR2		 2024-06-24 -
2024-09-16		 3 months crt.sh
reditest.pages.dev
WE1		 2024-07-02 -
2024-09-30		 3 months crt.sh
www.ratufa.io
R10		 2024-07-01 -
2024-09-29		 3 months crt.sh
cdnjs.cloudflare.com
E1		 2024-06-02 -
2024-08-31		 3 months crt.sh
*.jquery.com
Sectigo ECC Domain Validation Secure Server CA		 2024-06-25 -
2025-06-25		 a year crt.sh
bootstrapcdn.com
GTS CA 1P5		 2024-05-25 -
2024-08-23		 3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-09-27 -
2024-10-28		 a year crt.sh

This page contains 1 frames:

Primary Page: https://reditest.pages.dev/files/?email=null
Frame ID: CA530E6D6895EB0837BE07679002EF0E
Requests: 37 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Login

Page URL History Show full URLs

  1. http://www.cdtech.sbs/wp/eg/ HTTP 307
    https://www.cdtech.sbs/wp/eg/ HTTP 301
    https://cdtech.sbs/wp/eg/ HTTP 307
    http://www.cdtech.sbs/wp/eg/ HTTP 301
    https://www.cdtech.sbs/wp/eg/ HTTP 301
    https://cdtech.sbs/wp/eg/ Page URL
  2. https://reditest.pages.dev/files/?email=null Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • <script [^>]*src="[^"]*/popper\.js/([0-9.]+)
  • /popper\.js/([0-9.]+)
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

35
Requests

89 %
HTTPS

0 %
IPv6

9
Domains

13
Subdomains

12
IPs

5
Countries

518 kB
Transfer

1579 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.cdtech.sbs/wp/eg/ HTTP 307
    https://www.cdtech.sbs/wp/eg/ HTTP 301
    https://cdtech.sbs/wp/eg/ HTTP 307
    http://www.cdtech.sbs/wp/eg/ HTTP 301
    https://www.cdtech.sbs/wp/eg/ HTTP 301
    https://cdtech.sbs/wp/eg/ Page URL
  2. https://reditest.pages.dev/files/?email=null Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://www.cdtech.sbs/wp/eg/ HTTP 307
  • https://www.cdtech.sbs/wp/eg/ HTTP 301
  • https://cdtech.sbs/wp/eg/ HTTP 307
  • http://www.cdtech.sbs/wp/eg/ HTTP 301
  • https://www.cdtech.sbs/wp/eg/ HTTP 301
  • https://cdtech.sbs/wp/eg/

35 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
cdtech.sbs/wp/eg/
Redirect Chain
  • http://www.cdtech.sbs/wp/eg/
  • https://www.cdtech.sbs/wp/eg/
  • https://cdtech.sbs/wp/eg/
  • http://www.cdtech.sbs/wp/eg/
  • https://www.cdtech.sbs/wp/eg/
  • https://cdtech.sbs/wp/eg/
25 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdtech.sbs/wp/eg/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.109.83.50 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
turbocharge.rebootns.com
Software
/ PHP/8.1.29
Resource Hash
6845e3b55ca718e3050e973e67ca536261cfa915908c7169d9461b157d77677c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 15 Jul 2024 18:25:32 GMT
link
<https://cdtech.sbs/wp/wp-json/>; rel="https://api.w.org/" <https://cdtech.sbs/wp/wp-json/wp/v2/pages/22>; rel="alternate"; type="application/json" <https://cdtech.sbs/wp/?p=22>; rel=shortlink
vary
Accept-Encoding
x-powered-by
PHP/8.1.29

Redirect headers

alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
0
content-type
text/html; charset=UTF-8
date
Mon, 15 Jul 2024 18:25:29 GMT
location
https://cdtech.sbs/wp/eg/
x-powered-by
PHP/8.1.29
x-redirect-by
WordPress
style.min.css
cdtech.sbs/wp/wp-includes/css/dist/block-library/ 		111 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdtech.sbs/wp/wp-includes/css/dist/block-library/style.min.css?ver=6.5.5
Requested by
Host: cdtech.sbs
URL: https://cdtech.sbs/wp/eg/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.109.83.50 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
turbocharge.rebootns.com
Software
/
Resource Hash
98cecf88a23542fa047ce46eedb650b5c5128761ed4386c0977b847094ddfa20

Request headers

Referer
https://cdtech.sbs/wp/eg/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 15 Jul 2024 18:25:32 GMT
content-encoding
br
last-modified
Tue, 27 Feb 2024 19:18:24 GMT
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
14071
expires
Mon, 22 Jul 2024 18:25:32 GMT
all.min.css
cdtech.sbs/wp/wp-content/themes/medicine-shop/assets/css/ 		56 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdtech.sbs/wp/wp-content/themes/medicine-shop/assets/css/all.min.css?ver=6.5.5
Requested by
Host: cdtech.sbs
URL: https://cdtech.sbs/wp/eg/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.109.83.50 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
turbocharge.rebootns.com
Software
/
Resource Hash
d1377b77ffcd41206747fcd8a7322729a090fc27dab48728932f923f6aa6e94e

Request headers

Referer
https://cdtech.sbs/wp/eg/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 15 Jul 2024 18:25:32 GMT
content-encoding
br
last-modified
Wed, 10 Jul 2024 06:52:45 GMT
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
11876
expires
Mon, 22 Jul 2024 18:25:32 GMT
bootstrap.min.css
cdtech.sbs/wp/wp-content/themes/medicine-shop/assets/css/ 		227 KB
28 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdtech.sbs/wp/wp-content/themes/medicine-shop/assets/css/bootstrap.min.css?ver=6.5.5
Requested by
Host: cdtech.sbs
URL: https://cdtech.sbs/wp/eg/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.109.83.50 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
turbocharge.rebootns.com
Software
/
Resource Hash
26db49828d6701fcfce37a96da6ec3f0ed481abae49c8c9969a575b064413cad

Request headers

Referer
https://cdtech.sbs/wp/eg/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 15 Jul 2024 18:25:32 GMT
content-encoding
br
last-modified
Wed, 10 Jul 2024 06:52:45 GMT
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
28280
expires
Mon, 22 Jul 2024 18:25:32 GMT
font-awesome.min.css
cdtech.sbs/wp/wp-content/themes/medicine-shop/assets/css/fonts/font-awesome/css/ 		28 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdtech.sbs/wp/wp-content/themes/medicine-shop/assets/css/fonts/font-awesome/css/font-awesome.min.css?ver=6.5.5
Requested by
Host: cdtech.sbs
URL: https://cdtech.sbs/wp/eg/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.109.83.50 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
turbocharge.rebootns.com
Software
/
Resource Hash
ed0f05101d480726c58bcd4956a1e7b02f12b538d02058f1b0ebfdabe8a7ef42

Request headers

Referer
https://cdtech.sbs/wp/eg/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 15 Jul 2024 18:25:32 GMT
content-encoding
br
last-modified
Wed, 10 Jul 2024 06:52:45 GMT
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
6285
expires
Mon, 22 Jul 2024 18:25:32 GMT
editor-style.css
cdtech.sbs/wp/wp-content/themes/medicine-shop/assets/css/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdtech.sbs/wp/wp-content/themes/medicine-shop/assets/css/editor-style.css?ver=6.5.5
Requested by
Host: cdtech.sbs
URL: https://cdtech.sbs/wp/eg/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.109.83.50 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
turbocharge.rebootns.com
Software
/
Resource Hash
cbb98571344066fc106fcdf4842b360be8f871545b1101533e9df90edb337f9d

Request headers

Referer
https://cdtech.sbs/wp/eg/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 15 Jul 2024 18:25:32 GMT
content-encoding
br
last-modified
Wed, 10 Jul 2024 06:52:45 GMT
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
1248
expires
Mon, 22 Jul 2024 18:25:32 GMT
main.css
cdtech.sbs/wp/wp-content/themes/medicine-shop/assets/css/ 		82 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdtech.sbs/wp/wp-content/themes/medicine-shop/assets/css/main.css?ver=6.5.5
Requested by
Host: cdtech.sbs
URL: https://cdtech.sbs/wp/eg/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.109.83.50 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
turbocharge.rebootns.com
Software
/
Resource Hash
cb5ebbe3af570ca0c61ff1ed6531bccb0ad5bc7bcbe80e05e1e2de47d72c734d

Request headers

Referer
https://cdtech.sbs/wp/eg/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 15 Jul 2024 18:25:32 GMT
content-encoding
br
last-modified
Wed, 10 Jul 2024 06:52:45 GMT
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
13616
expires
Mon, 22 Jul 2024 18:25:32 GMT
woo.css
cdtech.sbs/wp/wp-content/themes/medicine-shop/assets/css/ 		21 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdtech.sbs/wp/wp-content/themes/medicine-shop/assets/css/woo.css?ver=6.5.5
Requested by
Host: cdtech.sbs
URL: https://cdtech.sbs/wp/eg/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.109.83.50 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
turbocharge.rebootns.com
Software
/
Resource Hash
23541534121fff865879e14b9b0197f3f38e20fafab1fd4076aa19785de8b7a8

Request headers

Referer
https://cdtech.sbs/wp/eg/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 15 Jul 2024 18:25:32 GMT
content-encoding
br
last-modified
Wed, 10 Jul 2024 06:52:45 GMT
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
3967
expires
Mon, 22 Jul 2024 18:25:32 GMT
style.css
cdtech.sbs/wp/wp-content/themes/medicine-shop/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdtech.sbs/wp/wp-content/themes/medicine-shop/style.css?ver=6.5.5
Requested by
Host: cdtech.sbs
URL: https://cdtech.sbs/wp/eg/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.109.83.50 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
turbocharge.rebootns.com
Software
/
Resource Hash
e8253d5e0b488ea4e82bb658c670cb28266064abaa951a23becbc0e0d7425d1c

Request headers

Referer
https://cdtech.sbs/wp/eg/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 15 Jul 2024 18:25:32 GMT
content-encoding
br
last-modified
Wed, 10 Jul 2024 06:52:45 GMT
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
1094
expires
Mon, 22 Jul 2024 18:25:32 GMT
css
fonts.googleapis.com/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Jura%3Awght%40300..700%7CAnton
Requested by
Host: cdtech.sbs
URL: https://cdtech.sbs/wp/eg/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f10.1e100.net
Software
ESF /
Resource Hash
d708270d61fa1dfec437b58e2e55fcec2f413c7777d91c6d6e81a9e87c9a9ba9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://cdtech.sbs/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 15 Jul 2024 18:25:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 15 Jul 2024 18:25:33 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 15 Jul 2024 18:25:33 GMT
jquery.min.js
cdtech.sbs/wp/wp-includes/js/jquery/ 		86 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdtech.sbs/wp/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by
Host: cdtech.sbs
URL: https://cdtech.sbs/wp/eg/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.109.83.50 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
turbocharge.rebootns.com
Software
/
Resource Hash
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

Referer
https://cdtech.sbs/wp/eg/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 15 Jul 2024 18:25:32 GMT
content-encoding
br
last-modified
Mon, 28 Aug 2023 20:44:24 GMT
accept-ranges
bytes
content-length
29744
vary
Accept-Encoding
content-type
text/javascript
jquery-migrate.min.js
cdtech.sbs/wp/wp-includes/js/jquery/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdtech.sbs/wp/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by
Host: cdtech.sbs
URL: https://cdtech.sbs/wp/eg/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.109.83.50 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
turbocharge.rebootns.com
Software
/
Resource Hash
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

Referer
https://cdtech.sbs/wp/eg/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 15 Jul 2024 18:25:32 GMT
content-encoding
br
last-modified
Fri, 09 Jun 2023 09:19:24 GMT
accept-ranges
bytes
content-length
4678
vary
Accept-Encoding
content-type
text/javascript
custom-header.png
cdtech.sbs/wp/wp-content/themes/medicine-shop/assets/images/ 		68 KB
68 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdtech.sbs/wp/wp-content/themes/medicine-shop/assets/images/custom-header.png
Requested by
Host: cdtech.sbs
URL: https://cdtech.sbs/wp/eg/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.109.83.50 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
turbocharge.rebootns.com
Software
/
Resource Hash

Request headers

Referer
https://cdtech.sbs/wp/eg/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-type
image/png
date
Mon, 15 Jul 2024 18:25:33 GMT
cache-control
public, max-age=604800
last-modified
Wed, 10 Jul 2024 06:52:45 GMT
accept-ranges
bytes
content-length
69501
expires
Mon, 22 Jul 2024 18:25:33 GMT
front-flex.min.css
cdtech.sbs/wp/wp-content/plugins/siteorigin-panels/css/ 		2 KB
515 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdtech.sbs/wp/wp-content/plugins/siteorigin-panels/css/front-flex.min.css?ver=2.29.18
Requested by
Host: cdtech.sbs
URL: https://cdtech.sbs/wp/eg/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.109.83.50 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
turbocharge.rebootns.com
Software
/
Resource Hash

Request headers

Referer
https://cdtech.sbs/wp/eg/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 15 Jul 2024 18:25:33 GMT
content-encoding
br
last-modified
Tue, 09 Jul 2024 22:26:46 GMT
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
460
expires
Mon, 22 Jul 2024 18:25:33 GMT
bootstrap.bundle.min.js
cdtech.sbs/wp/wp-content/themes/medicine-shop/assets/js/ 		79 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdtech.sbs/wp/wp-content/themes/medicine-shop/assets/js/bootstrap.bundle.min.js?ver=6.5.5
Requested by
Host: cdtech.sbs
URL: https://cdtech.sbs/wp/eg/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.109.83.50 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
turbocharge.rebootns.com
Software
/
Resource Hash

Request headers

Referer
https://cdtech.sbs/wp/eg/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 15 Jul 2024 18:25:33 GMT
content-encoding
br
last-modified
Wed, 10 Jul 2024 06:52:45 GMT
accept-ranges
bytes
content-length
22888
vary
Accept-Encoding
content-type
text/javascript
theme.js
cdtech.sbs/wp/wp-content/themes/medicine-shop/assets/js/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdtech.sbs/wp/wp-content/themes/medicine-shop/assets/js/theme.js?ver=6.5.5
Requested by
Host: cdtech.sbs
URL: https://cdtech.sbs/wp/eg/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.109.83.50 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
turbocharge.rebootns.com
Software
/
Resource Hash

Request headers

Referer
https://cdtech.sbs/wp/eg/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 15 Jul 2024 18:25:33 GMT
content-encoding
br
last-modified
Wed, 10 Jul 2024 06:52:45 GMT
accept-ranges
bytes
content-length
1255
vary
Accept-Encoding
content-type
text/javascript
jquery.superfish.js
cdtech.sbs/wp/wp-content/themes/medicine-shop/assets/js/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdtech.sbs/wp/wp-content/themes/medicine-shop/assets/js/jquery.superfish.js?ver=2.1.2
Requested by
Host: cdtech.sbs
URL: https://cdtech.sbs/wp/eg/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.109.83.50 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
turbocharge.rebootns.com
Software
/
Resource Hash

Request headers

Referer
https://cdtech.sbs/wp/eg/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 15 Jul 2024 18:25:33 GMT
content-encoding
br
last-modified
Wed, 10 Jul 2024 06:52:45 GMT
accept-ranges
bytes
content-length
2181
vary
Accept-Encoding
content-type
text/javascript
d1b31fb5-2602-4873-b36e-a087c0d0e6bf
https://cdtech.sbs/ 		1 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://cdtech.sbs/d1b31fb5-2602-4873-b36e-a087c0d0e6bf
Requested by
Host: cdtech.sbs
URL: https://cdtech.sbs/wp/eg/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5b9f9afe7621ec465573f58064f5bef3a229e5e19362351168fd211f6a28bb5c

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length
1185
Content-Type
text/javascript
/
reditest.pages.dev/files/ 		0
0
search.png
cdtech.sbs/wp/wp-content/themes/medicine-shop/assets/images/ 		333 B
363 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdtech.sbs/wp/wp-content/themes/medicine-shop/assets/images/search.png
Requested by
Host: cdtech.sbs
URL: https://cdtech.sbs/wp/wp-content/themes/medicine-shop/assets/css/main.css?ver=6.5.5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.109.83.50 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
turbocharge.rebootns.com
Software
/
Resource Hash

Request headers

Referer
https://cdtech.sbs/wp/wp-content/themes/medicine-shop/assets/css/main.css?ver=6.5.5
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-type
image/png
date
Mon, 15 Jul 2024 18:25:33 GMT
cache-control
public, max-age=604800
last-modified
Wed, 10 Jul 2024 06:52:45 GMT
accept-ranges
bytes
content-length
333
expires
Mon, 22 Jul 2024 18:25:33 GMT
z7NOdRfiaC4Vd8hhoPzfb5vBTP1d7ZumR_g.woff2
fonts.gstatic.com/s/jura/v31/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/jura/v31/z7NOdRfiaC4Vd8hhoPzfb5vBTP1d7ZumR_g.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Jura%3Awght%40300..700%7CAnton
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f3.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://cdtech.sbs
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 09:37:08 GMT
x-content-type-options
nosniff
age
550106
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14116
x-xss-protection
0
last-modified
Thu, 24 Aug 2023 17:22:14 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 09 Jul 2025 09:37:08 GMT
1Ptgg87LROyAm3Kz-C8.woff2
fonts.gstatic.com/s/anton/v25/ 		18 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/anton/v25/1Ptgg87LROyAm3Kz-C8.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Jura%3Awght%40300..700%7CAnton
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f3.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://cdtech.sbs
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 09:36:16 GMT
x-content-type-options
nosniff
age
550158
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18796
x-xss-protection
0
last-modified
Thu, 24 Aug 2023 20:21:17 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 09 Jul 2025 09:36:16 GMT
fontawesome-webfont.woff2
cdtech.sbs/wp/wp-content/themes/medicine-shop/assets/css/fonts/font-awesome/fonts/ 		70 KB
70 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdtech.sbs/wp/wp-content/themes/medicine-shop/assets/css/fonts/font-awesome/fonts/fontawesome-webfont.woff2?v=4.6.3
Requested by
Host: cdtech.sbs
URL: https://cdtech.sbs/wp/wp-content/themes/medicine-shop/assets/css/fonts/font-awesome/css/font-awesome.min.css?ver=6.5.5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.109.83.50 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
turbocharge.rebootns.com
Software
/
Resource Hash

Request headers

Referer
https://cdtech.sbs/wp/wp-content/themes/medicine-shop/assets/css/fonts/font-awesome/css/font-awesome.min.css?ver=6.5.5
Origin
https://cdtech.sbs
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-type
font/woff2
date
Mon, 15 Jul 2024 18:25:34 GMT
cache-control
public, max-age=604800
last-modified
Wed, 10 Jul 2024 06:52:45 GMT
accept-ranges
bytes
content-length
71896
expires
Mon, 22 Jul 2024 18:25:34 GMT
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
04d05978fdb111358073ab0524e5c1fafc0826615c206987618416b8bd8a4747

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		5 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e4222715b556e7d99622c83e620d2f8e090047e56adb07923047f95828d561f2

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		155 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7808605ddd1f0eaa454aa444293d2f0260943e51e53838fca46506e6a69fe521

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
Primary Request /
reditest.pages.dev/files/ 		15 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://reditest.pages.dev/files/?email=null
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c2a1eda8a126e1f385c0e0fd0fc3454e59753bd92da7ed006a6bb66185b17bf
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://cdtech.sbs/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=0, must-revalidate
cf-ray
8a3bcbdeae9c7a6d-DME
content-encoding
br
content-type
text/html; charset=utf-8
date
Mon, 15 Jul 2024 18:25:39 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=u19hzlq2fFlQdtKnw%2BANCEVT1%2Fmmf%2BppTgyOWT1NW6vIJCq%2FDmvZmyfQ0OxIOBiK7%2BJnfhW39Y8Bpia%2BlBCVCotMA8y%2BmHUksKiIMzSZXjF9SlBAHzdrfC%2FHhi8yC60UU12zls8%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-content-type-options
nosniff
ld.js
www.ratufa.io/c/ 		317 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ratufa.io/c/ld.js?f=i1bszc89&n=n1.ratufa.io
Requested by
Host: reditest.pages.dev
URL: https://reditest.pages.dev/files/?email=null
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
169.150.247.36 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
169-150-247-36.bunnyinfra.net
Software
BunnyCDN-DE1-1079 /
Resource Hash
8872c52f10899fd3865d158264a006531179a7bfb336e1e377f39b030c98064f

Request headers

Referer
https://reditest.pages.dev/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 15 Jul 2024 18:25:40 GMT
content-encoding
br
cdn-edgestorageid
1082
cdn-cachedat
07/07/2023 05:28:30
cdn-pullzone
629559
last-modified
Tue, 04 Jul 2023 05:45:32 GMT
server
BunnyCDN-DE1-1079
cdn-proxyver
1.03
cdn-requestpullcode
200
etag
W/"64a3b1fc-4f4f0"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
507f3e34-5b47-4e12-bf30-2d45201e3d78
cache-control
public, max-age=2592000
cdn-requestid
ef163bf212081b7bb6550895f617e407
cdn-requestcountrycode
FI
cdn-status
200
cdn-requestpullsuccess
True
font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 		30 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: reditest.pages.dev
URL: https://reditest.pages.dev/files/?email=null
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://reditest.pages.dev/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 15 Jul 2024 18:25:41 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
421163
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
5631
last-modified
Mon, 04 May 2020 16:10:07 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e5f-7918"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8sXojjmLMkfzQDVEXdaEyfXmBEEfjnhDmIR6kqs%2BekmvLEvgKMO01EM4bjqB0e3zfQNHbuJK%2Br0Pxc%2F8TmM9i%2F2q4ju5DEl%2BQ6Ovy3uFD1wkrXlShyGDGf%2FhkHdCK1pYuC1X0SD7"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8a3bcbeaa8358d7f-HEL
expires
Sat, 05 Jul 2025 18:25:41 GMT
jquery-3.2.1.slim.min.js
code.jquery.com/ 		68 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.2.1.slim.min.js
Requested by
Host: reditest.pages.dev
URL: https://reditest.pages.dev/files/?email=null
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
9365920887b11b33a3dc4ba28a0f93951f200341263e3b9cefd384798e4be398

Request headers

Referer
https://reditest.pages.dev/
Origin
https://reditest.pages.dev
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 15 Jul 2024 18:25:41 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
359590
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
content-length
23856
x-served-by
cache-lga21963-LGA, cache-hel1410027-HEL
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1721067942.538565,VS0,VE0
etag
W/"28feccc0-10fdd"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
38, 20813
popper.min.js
cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js
Requested by
Host: reditest.pages.dev
URL: https://reditest.pages.dev/files/?email=null
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://reditest.pages.dev/
Origin
https://reditest.pages.dev
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 15 Jul 2024 18:25:40 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
420453
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
6157
last-modified
Mon, 04 May 2020 16:15:37 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03fa9-4af4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QlaRNXfezzmD5Pz5gTVOE6M9r95RxhMBcaZj%2BN%2FhXXBT%2BXerDTG18JzxhmZQwskrJZ4oGUI9YhC2zu3GtShbqeQdsig%2FsOAM5j79Ic1HE2%2BIyuPll9%2FdmjDg8rUOQibQ3o1f1adD"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8a3bcbe6eb068d7e-HEL
expires
Sat, 05 Jul 2025 18:25:40 GMT
bootstrap.min.js
maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/ 		48 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js
Requested by
Host: reditest.pages.dev
URL: https://reditest.pages.dev/files/?email=null
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://reditest.pages.dev/
Origin
https://reditest.pages.dev
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 15 Jul 2024 18:25:41 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
1048
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
102679
cdn-cachedat
03/18/2024 12:46:36
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:04 GMT
cdn-proxyver
1.04
cdn-requestpullcode
200
server
cloudflare
etag
W/"14d449eb8876fa55e1ef3c2cc52b0c17"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
c5279e9c102dcf7d60194cee37fd35f0
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
8a3bcbe9a81f3767-HEL
cdn-requestpullsuccess
True
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/2.2.4/ 		84 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js
Requested by
Host: reditest.pages.dev
URL: https://reditest.pages.dev/files/?email=null
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.10 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f10.1e100.net
Software
sffe /
Resource Hash
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reditest.pages.dev/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 15 Jul 2024 12:29:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
21356
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30028
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 15 Jul 2025 12:29:44 GMT
bootstrap.min.js
stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/ 		50 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js
Requested by
Host: reditest.pages.dev
URL: https://reditest.pages.dev/files/?email=null
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://reditest.pages.dev/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 15 Jul 2024 18:25:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
723
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
6473930
cdn-cachedat
11/15/2021 23:30:00
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:06 GMT
cdn-proxyver
1.0
cdn-requestpullcode
200
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
a35b0179a28ed953258d0fb41376a09c
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
8a3bcbe59a378d6c-HEL
cdn-requestpullsuccess
True
jquery.session.min.js
cdn.jsdelivr.net/npm/jquery.session@1.0.0/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/jquery.session@1.0.0/jquery.session.min.js
Requested by
Host: reditest.pages.dev
URL: https://reditest.pages.dev/files/?email=null
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.229 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
76ad6584ac5bdd459939dc7532fae7c2bdd8e22d773ff16d2306f42a1ffc569c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://reditest.pages.dev/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 15 Jul 2024 18:25:41 GMT
x-content-type-options
nosniff
content-encoding
br
age
1019473
x-jsd-version
1.0.0
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
840
x-served-by
cache-fra-eddf8230025-FRA, cache-hel1410025-HEL
x-jsd-version-type
version
etag
W/"91d-mUGbC+S4VCL/hIcOVNvYpS3G2rE"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
token
n1.ratufa.io/v1.0/form/i1bszc89/ 		0
0
token
n1.ratufa.io/v1.0/form/i1bszc89/ 		0
0
favicon.ico
reditest.pages.dev/ 		15 KB
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://reditest.pages.dev/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c2a1eda8a126e1f385c0e0fd0fc3454e59753bd92da7ed006a6bb66185b17bf
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://reditest.pages.dev/files/?email=null
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 15 Jul 2024 18:25:42 GMT
content-encoding
br
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Q%2B44q7aMgfRjRtAcQ4pkkioexYim3BDia5BBy9fHXkz1mA%2FrogX96zDui1bFxLT2ErrOQOKHPLNCJah%2F2wt6cEE1Tm1LT6xsWFUe4LCc9zFZ8DSohh9qBGdmENQC6i4F9NOgmwc%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
cf-ray
8a3bcbf07c587a6d-DME
alt-svc
h3=":443"; ma=86400

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
reditest.pages.dev
URL
https://reditest.pages.dev/files/?email=null
Domain
n1.ratufa.io
URL
https://n1.ratufa.io/v1.0/form/i1bszc89/token
Domain
n1.ratufa.io
URL
https://n1.ratufa.io/v1.0/form/i1bszc89/token

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Email (Online)

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| sim_factory function| filterCSS function| filterXSS object| Base64 object| RatufaContainer function| $ function| jQuery function| Popper object| bootstrap object| form function| handleSubmit

1 Cookies

Domain/Path Name / Value
reditest.pages.dev/ Name: __session:0.7510790966335259:
Value: https:

4 Console Messages

Source Level URL
Text
intervention info URL: https://cdtech.sbs/wp/eg/
Message:
Slow network is detected. See https://www.chromestatus.com/feature/5636954674692096 for more details. Fallback font will be used while loading: https://fonts.gstatic.com/s/jura/v31/z7NOdRfiaC4Vd8hhoPzfb5vBTP1d7ZumR_g.woff2
intervention info URL: https://cdtech.sbs/wp/eg/
Message:
Slow network is detected. See https://www.chromestatus.com/feature/5636954674692096 for more details. Fallback font will be used while loading: https://fonts.gstatic.com/s/anton/v25/1Ptgg87LROyAm3Kz-C8.woff2
intervention info URL: https://cdtech.sbs/wp/eg/
Message:
Slow network is detected. See https://www.chromestatus.com/feature/5636954674692096 for more details. Fallback font will be used while loading: https://cdtech.sbs/wp/wp-content/themes/medicine-shop/assets/css/fonts/font-awesome/fonts/fontawesome-webfont.woff2?v=4.6.3
recommendation verbose URL: https://reditest.pages.dev/files/?email=null#null
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
cdtech.sbs
code.jquery.com
fonts.googleapis.com
fonts.gstatic.com
maxcdn.bootstrapcdn.com
n1.ratufa.io
reditest.pages.dev
stackpath.bootstrapcdn.com
www.cdtech.sbs
www.ratufa.io
n1.ratufa.io
reditest.pages.dev
104.17.24.14
104.18.10.207
104.18.11.207
142.250.185.227
142.250.186.106
151.101.130.137
151.101.65.229
169.150.247.36
172.217.18.10
188.114.96.3
65.109.83.50
04d05978fdb111358073ab0524e5c1fafc0826615c206987618416b8bd8a4747
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
23541534121fff865879e14b9b0197f3f38e20fafab1fd4076aa19785de8b7a8
26db49828d6701fcfce37a96da6ec3f0ed481abae49c8c9969a575b064413cad
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4
5b9f9afe7621ec465573f58064f5bef3a229e5e19362351168fd211f6a28bb5c
6845e3b55ca718e3050e973e67ca536261cfa915908c7169d9461b157d77677c
6c2a1eda8a126e1f385c0e0fd0fc3454e59753bd92da7ed006a6bb66185b17bf
76ad6584ac5bdd459939dc7532fae7c2bdd8e22d773ff16d2306f42a1ffc569c
7808605ddd1f0eaa454aa444293d2f0260943e51e53838fca46506e6a69fe521
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
8872c52f10899fd3865d158264a006531179a7bfb336e1e377f39b030c98064f
9365920887b11b33a3dc4ba28a0f93951f200341263e3b9cefd384798e4be398
98cecf88a23542fa047ce46eedb650b5c5128761ed4386c0977b847094ddfa20
a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66
cb5ebbe3af570ca0c61ff1ed6531bccb0ad5bc7bcbe80e05e1e2de47d72c734d
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
cbb98571344066fc106fcdf4842b360be8f871545b1101533e9df90edb337f9d
d1377b77ffcd41206747fcd8a7322729a090fc27dab48728932f923f6aa6e94e
d708270d61fa1dfec437b58e2e55fcec2f413c7777d91c6d6e81a9e87c9a9ba9
e4222715b556e7d99622c83e620d2f8e090047e56adb07923047f95828d561f2
e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b
e8253d5e0b488ea4e82bb658c670cb28266064abaa951a23becbc0e0d7425d1c
ed0f05101d480726c58bcd4956a1e7b02f12b538d02058f1b0ebfdabe8a7ef42