g.charismaticbreathtakingclick.shop Open in urlscan Pro
2400:52e0:1e00::1077:1  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request index-de.html Show response g.charismaticbreathtakingclick.shop/wbpage2/rise-of-cultures-gaming/	14 KB 4 KB	145ms 56ms	Document text/html	2400:52e0:1e00::1077:1 BUNNYCDN
General Check archive.org Show headers Download Go to Full URL https://g.charismaticbreathtakingclick.shop/wbpage2/rise-of-cultures-gaming/index-de.html?td=merterpazar.com Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::1077:1 , Germany, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-DE1-1077 / Resource Hash 170612691c01467cc28838d8e29fb4417382ac22b80f8d3d54a5f13b2b59e2d1 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers cache-control no-cache cdn-cache MISS cdn-cachedat 06/24/2023 11:34:08 cdn-edgestorageid 756 cdn-proxyver 1.03 cdn-pullzone 1465736 cdn-requestcountrycode DE cdn-requestid a973bdd4fdda03b234776e7a980e24c4 cdn-requestpullcode 200 cdn-requestpullsuccess True cdn-status 200 cdn-uid 730b1034-beaf-4931-b901-ac48f6ebcb1b content-encoding br content-type text/html; charset=UTF-8 date Sat, 24 Jun 2023 11:34:08 GMT etag W/"36c4-5fe256ae04d9c" last-modified Thu, 15 Jun 2023 06:45:43 GMT server BunnyCDN-DE1-1077 vary Accept-Encoding
GET H2	200	logo.png g.charismaticbreathtakingclick.shop/wbpage2/rise-of-cultures-gaming/	27 KB 28 KB	29ms 29ms	Image image/png	2400:52e0:1e00::1077:1 BUNNYCDN
General Check archive.org Show headers Download Go to Show image Full URL https://g.charismaticbreathtakingclick.shop/wbpage2/rise-of-cultures-gaming/logo.png Requested by Host: g.charismaticbreathtakingclick.shop URL: https://g.charismaticbreathtakingclick.shop/wbpage2/rise-of-cultures-gaming/index-de.html?td=merterpazar.com Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::1077:1 , Germany, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-DE1-1077 / Resource Hash 92e679de6cad75077b9da1479f7667b535694788d643a255df1bd9a56e6dbeb2 Request headers accept-language de-DE,de;q=0.9 Referer https://g.charismaticbreathtakingclick.shop/wbpage2/rise-of-cultures-gaming/index-de.html?td=merterpazar.com User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Sat, 24 Jun 2023 11:34:08 GMT cdn-edgestorageid 1078 cdn-cachedat 06/21/2023 06:18:55 cdn-pullzone 1465736 content-length 28134 last-modified Thu, 15 Jun 2023 06:45:46 GMT server BunnyCDN-DE1-1077 cdn-proxyver 1.03 cdn-requestpullcode 200 etag "6de6-5fe256b081d09" content-type image/png cdn-cache HIT cdn-uid 730b1034-beaf-4931-b901-ac48f6ebcb1b cache-control public, max-age=31919000 cdn-requestid 47c18b7608d5c378a1acf81f88f13b34 accept-ranges bytes cdn-requestcountrycode DE cdn-status 200 cdn-requestpullsuccess True
GET H2	200	micro.tag.min.js Show response gauvaiho.net/pfe/current/	41 KB 15 KB	69ms 27ms	Script application/javascript	139.45.197.251 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://gauvaiho.net/pfe/current/micro.tag.min.js?z=4984707&sw=/sw-check-permissions-4eee0.js Requested by Host: g.charismaticbreathtakingclick.shop URL: https://g.charismaticbreathtakingclick.shop/wbpage2/rise-of-cultures-gaming/index-de.html?td=merterpazar.com Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash 85a81528116e71eb7d99d35565301839260c3763f4dc4cb878c5ada9b04d8d56 Request headers accept-language de-DE,de;q=0.9 Referer https://g.charismaticbreathtakingclick.shop/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers pragma no-cache date Sat, 24 Jun 2023 11:34:05 GMT content-encoding gzip last-modified Wed, 21 Jun 2023 14:37:56 GMT server nginx etag W/"64930b44-a41e" content-type application/javascript cache-control no-cache access-control-allow-credentials true
GET H2	200	bg.jpg g.charismaticbreathtakingclick.shop/wbpage2/rise-of-cultures-gaming/	162 KB 163 KB	29ms 29ms	Image image/jpeg	2400:52e0:1e00::1077:1 BUNNYCDN
General Check archive.org Show headers Download Go to Show image Full URL https://g.charismaticbreathtakingclick.shop/wbpage2/rise-of-cultures-gaming/bg.jpg Requested by Host: g.charismaticbreathtakingclick.shop URL: https://g.charismaticbreathtakingclick.shop/wbpage2/rise-of-cultures-gaming/index-de.html?td=merterpazar.com Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::1077:1 , Germany, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-DE1-1077 / Resource Hash 09d81be975e56a97d963b939a431ec98edeae59022ea69acae452a4eeabef702 Request headers accept-language de-DE,de;q=0.9 Referer https://g.charismaticbreathtakingclick.shop/wbpage2/rise-of-cultures-gaming/index-de.html?td=merterpazar.com User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Sat, 24 Jun 2023 11:34:08 GMT cdn-edgestorageid 1080 cdn-cachedat 06/24/2023 05:57:52 cdn-pullzone 1465736 content-length 165995 last-modified Thu, 15 Jun 2023 06:45:49 GMT server BunnyCDN-DE1-1077 cdn-proxyver 1.03 cdn-requestpullcode 200 etag "2886b-5fe256b343237" content-type image/jpeg cdn-cache HIT cdn-uid 730b1034-beaf-4931-b901-ac48f6ebcb1b cache-control public, max-age=31919000 cdn-requestid 51a80c1e8c95d9b5ab86cd27780015f0 accept-ranges bytes cdn-requestcountrycode DE cdn-status 200 cdn-requestpullsuccess True
GET H2	206	fca5cbbf28d9451266f92e452564b273c9b212c8.mp4 g.charismaticbreathtakingclick.shop/wbpage2/rise-of-cultures-gaming/	6 MB 0	101ms 100ms	Media video/mp4	2400:52e0:1e00::1077:1 BUNNYCDN
General Check archive.org Show headers Download Go to Full URL https://g.charismaticbreathtakingclick.shop/wbpage2/rise-of-cultures-gaming/fca5cbbf28d9451266f92e452564b273c9b212c8.mp4 Requested by Host: g.charismaticbreathtakingclick.shop URL: https://g.charismaticbreathtakingclick.shop/wbpage2/rise-of-cultures-gaming/index-de.html?td=merterpazar.com Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::1077:1 , Germany, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-DE1-1077 / Resource Hash Request headers Referer https://g.charismaticbreathtakingclick.shop/wbpage2/rise-of-cultures-gaming/index-de.html?td=merterpazar.com Accept-Encoding identity;q=1, *;q=0 accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Range bytes=0- Response headers date Sat, 24 Jun 2023 11:34:08 GMT cdn-edgestorageid 1053 Content-Range bytes 0-7043368/7043369 cdn-cachedat 06/24/2023 05:57:53 cdn-pullzone 1465736 Content-Length 7043369 last-modified Thu, 15 Jun 2023 06:46:20 GMT server BunnyCDN-DE1-1077 cdn-proxyver 1.03 cdn-requestpullcode 200 etag "6b7929-5fe256d0d400b" content-type video/mp4 cdn-cache HIT cdn-uid 730b1034-beaf-4931-b901-ac48f6ebcb1b cache-control public, max-age=31919000 cdn-requestid 4710bcdde5d69919bea7f4ce5645428c cdn-requestcountrycode DE cdn-status 200 cdn-requestpullsuccess True
GET H2	200	sw-check-permissions-4eee0.js g.charismaticbreathtakingclick.shop/	0 773 B	47ms 46ms	Other application/javascript	2400:52e0:1e00::1077:1 BUNNYCDN
General Check archive.org Show headers Download Go to Full URL https://g.charismaticbreathtakingclick.shop/sw-check-permissions-4eee0.js Requested by Host: gauvaiho.net URL: https://gauvaiho.net/pfe/current/micro.tag.min.js?z=4984707&sw=/sw-check-permissions-4eee0.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::1077:1 , Germany, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-DE1-1077 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://g.charismaticbreathtakingclick.shop/wbpage2/rise-of-cultures-gaming/index-de.html?td=merterpazar.com User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Sat, 24 Jun 2023 11:34:08 GMT content-encoding br cdn-edgestorageid 1053 cdn-cachedat 06/20/2023 12:35:02 cdn-pullzone 1465736 last-modified Wed, 04 May 2022 10:33:35 GMT server BunnyCDN-DE1-1077 cdn-proxyver 1.03 cdn-requestpullcode 200 etag W/"236-5de2d285fa983" vary Accept-Encoding, Accept-Encoding content-type application/javascript cdn-cache HIT cdn-uid 730b1034-beaf-4931-b901-ac48f6ebcb1b cache-control public, max-age=31919000 cdn-requestid 8fd2fa726ab63a1391bcf7cd23273583 cdn-requestcountrycode DE cdn-status 200 cdn-requestpullsuccess True
POST H2	200	zone gauvaiho.net/	0 265 B	20ms 19ms	Ping text/plain	139.45.197.251 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://gauvaiho.net/zone?&pub=0&zone_id=4984707&is_mobile=false&domain=g.charismaticbreathtakingclick.shop&var=&ymid=&var_3=&var_4=&dsig=&action=prerequest Requested by Host: gauvaiho.net URL: https://gauvaiho.net/pfe/current/micro.tag.min.js?z=4984707&sw=/sw-check-permissions-4eee0.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://g.charismaticbreathtakingclick.shop/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers x-trace-id a35dbc3a7dab91d63abdcdae6a73d365 date Sat, 24 Jun 2023 11:34:05 GMT strict-transport-security max-age=1 x-content-type-options nosniff server nginx access-control-allow-origin https://g.charismaticbreathtakingclick.shop access-control-allow-credentials true access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept content-length 0
GET H2	200	gid.js Show response my.rtmark.net/	65 B 558 B	64ms 22ms	Fetch application/json	139.45.195.8 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://my.rtmark.net/gid.js?pub=0&userId=&zoneId=4984707&checkDuplicate=true&ymid=&var= Requested by Host: gauvaiho.net URL: https://gauvaiho.net/pfe/current/micro.tag.min.js?z=4984707&sw=/sw-check-permissions-4eee0.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash e16e0e324ea02c492aa2d983f832c04af731996d13f70474267ef77b2d949ef3 Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://g.charismaticbreathtakingclick.shop/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Sat, 24 Jun 2023 11:34:08 GMT strict-transport-security max-age=1 x-content-type-options nosniff server nginx access-control-allow-methods POST, GET, OPTIONS, PUT, DELETE content-type application/json; charset=utf-8 access-control-allow-origin https://g.charismaticbreathtakingclick.shop access-control-expose-headers Authorization access-control-allow-credentials true timing-allow-origin *, * access-control-allow-headers Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token content-length 65
GET H2	200	zone Show response gauvaiho.net/	934 B 1 KB	54ms 25ms	Fetch application/json	139.45.197.251 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://gauvaiho.net/zone?&pub=0&zone_id=4984707&is_mobile=false&domain=g.charismaticbreathtakingclick.shop&var=&ymid=&var_3=&var_4=&dsig=&action=settings Requested by Host: gauvaiho.net URL: https://gauvaiho.net/pfe/current/micro.tag.min.js?z=4984707&sw=/sw-check-permissions-4eee0.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash 404d836911c4cce5359e57c0ea685261e7606e11d9f9bb8fb295137c9f7ff68a Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://g.charismaticbreathtakingclick.shop/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers x-trace-id 607131dafe0810e82ddbe1cf8479ebf2 date Sat, 24 Jun 2023 11:34:08 GMT strict-transport-security max-age=1 x-content-type-options nosniff server nginx content-type application/json; charset=utf-8 access-control-allow-origin https://g.charismaticbreathtakingclick.shop access-control-allow-credentials true access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept content-length 934

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| onbeforetoggle object| onscrollend object| s function| get_url_params function| get_url_param function| get_browser_locale function| get_browser_short_locale function| get_available_locale function| translate function| fetch_elements function| on_dom_load object| locales string| language function| go function| getParam object| zfgformats

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			my.rtmark.net/	1970-01-20 21:32:22	Name: ID Value: 179aabb824754e5e8b9087eb55289eb0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

g.charismaticbreathtakingclick.shop
gauvaiho.net
my.rtmark.net
139.45.195.8
139.45.197.251
2400:52e0:1e00::1077:1
09d81be975e56a97d963b939a431ec98edeae59022ea69acae452a4eeabef702
170612691c01467cc28838d8e29fb4417382ac22b80f8d3d54a5f13b2b59e2d1
404d836911c4cce5359e57c0ea685261e7606e11d9f9bb8fb295137c9f7ff68a
85a81528116e71eb7d99d35565301839260c3763f4dc4cb878c5ada9b04d8d56
92e679de6cad75077b9da1479f7667b535694788d643a255df1bd9a56e6dbeb2
e16e0e324ea02c492aa2d983f832c04af731996d13f70474267ef77b2d949ef3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855