urlscan.io logo urlscan.io
SecurityTrails logo

www.theshadesoftrades.com Open in urlscan Pro
76.76.21.164  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://theshadesoftrades.com/
Effective URL: https://www.theshadesoftrades.com/
Submission: On June 23 via api from BE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 5 countries across 8 domains to perform 26 HTTP transactions. The main IP is 76.76.21.164, located in Walnut, United States and belongs to AMAZON-02, US. The main domain is www.theshadesoftrades.com.
TLS certificate: Issued by R3 on May 24th 2024. Valid for: 3 months.
This is the only time www.theshadesoftrades.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 76.76.21.21 16509 (AMAZON-02)
11 76.76.21.164 16509 (AMAZON-02)
2 104.17.24.14 13335 (CLOUDFLAR...)
1 199.36.158.100 54113 (FASTLY)
1 188.114.96.3 13335 (CLOUDFLAR...)
1 3.109.79.132 16509 (AMAZON-02)
1 15.206.229.162 16509 (AMAZON-02)
2 18.64.119.10 16509 (AMAZON-02)
1 18.64.119.69 16509 (AMAZON-02)
1 2a04:4e42::729 54113 (FASTLY)
3 35.154.8.133 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
26 13
1    76.76.21.21 (Walnut, United States)

ASN16509 (AMAZON-02, US)
theshadesoftrades.com
11    76.76.21.164 (Walnut, United States)

ASN16509 (AMAZON-02, US)
www.theshadesoftrades.com
2    104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    199.36.158.100 (United States)

ASN54113 (FASTLY, US)
w.behold.so
1    188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
randomuser.me
1    3.109.79.132 (Mumbai, India)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-109-79-132.ap-south-1.compute.amazonaws.com
checkout.razorpay.com
1    15.206.229.162 (Mumbai, India)

ASN16509 (AMAZON-02, US)
PTR: ec2-15-206-229-162.ap-south-1.compute.amazonaws.com
api.razorpay.com
2    18.64.119.10 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-64-119-10.txl50.r.cloudfront.net
cdn.razorpay.com
1    18.64.119.69 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-64-119-69.txl50.r.cloudfront.net
razorpay.com
1    2a04:4e42::729 (United States)

ASN54113 (FASTLY, US)
browser.sentry-cdn.com
3    35.154.8.133 (Mumbai, India)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-154-8-133.ap-south-1.compute.amazonaws.com
lumberjack.razorpay.com
1    2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:81d::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
12 theshadesoftrades.com
theshadesoftrades.com
www.theshadesoftrades.com
465 KB
8 razorpay.com
checkout.razorpay.com — Cisco Umbrella Rank: 148375
api.razorpay.com — Cisco Umbrella Rank: 144263
cdn.razorpay.com — Cisco Umbrella Rank: 257280
razorpay.com — Cisco Umbrella Rank: 89279
lumberjack.razorpay.com — Cisco Umbrella Rank: 135399
43 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 268
138 KB
1 gstatic.com
fonts.gstatic.com
33 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 83
895 B
1 sentry-cdn.com
browser.sentry-cdn.com — Cisco Umbrella Rank: 6381
22 KB
1 randomuser.me
randomuser.me — Cisco Umbrella Rank: 292469
5 KB
1 behold.so
w.behold.so — Cisco Umbrella Rank: 385940
4 KB
26 8
Domain Requested by
11 www.theshadesoftrades.com www.theshadesoftrades.com
3 lumberjack.razorpay.com browser.sentry-cdn.com
2 cdn.razorpay.com checkout.razorpay.com
2 cdnjs.cloudflare.com www.theshadesoftrades.com
cdnjs.cloudflare.com
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com client
1 browser.sentry-cdn.com checkout.razorpay.com
1 razorpay.com checkout.razorpay.com
1 api.razorpay.com checkout.razorpay.com
1 checkout.razorpay.com www.theshadesoftrades.com
1 randomuser.me www.theshadesoftrades.com
1 w.behold.so www.theshadesoftrades.com
1 theshadesoftrades.com 1 redirects
26 13

This site contains links to these domains. Also see Links.

Domain
razorpay.com
www.instagram.com
twitter.com
www.threads.net
www.youtube.com
varunbhabhra.com
Subject Issuer Validity Valid
www.theshadesoftrades.com
R3		 2024-05-24 -
2024-08-22		 3 months crt.sh
cdnjs.cloudflare.com
E1		 2024-06-02 -
2024-08-31		 3 months crt.sh
betafyyourself.com
GTS CA 1D4		 2024-05-05 -
2024-08-03		 3 months crt.sh
randomuser.me
GTS CA 1P5		 2024-04-30 -
2024-07-29		 3 months crt.sh
*.razorpay.com
Amazon RSA 2048 M02		 2023-12-12 -
2025-01-09		 a year crt.sh
razorpay.com
Amazon RSA 2048 M03		 2023-12-08 -
2025-01-05		 a year crt.sh
*.sentry-cdn.com
GlobalSign Atlas R3 DV TLS CA 2024 Q2		 2024-06-04 -
2025-07-06		 a year crt.sh
upload.video.google.com
WR2		 2024-06-03 -
2024-08-26		 3 months crt.sh
*.gstatic.com
WR2		 2024-06-03 -
2024-08-26		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://www.theshadesoftrades.com/
Frame ID: 33EAB4FE0CD484DC42EC08CB21C834E6
Requests: 37 HTTP requests in this frame

Frame: https://razorpay.com/payment-button/pl_OE3nnX6AhA20EW/view
Frame ID: 6F1AF10BD56C27C7B38DF4012BB54D50
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

The Shades of Trades - Take Control of Your Financial Future.

Page URL History Show full URLs

  1. https://theshadesoftrades.com/ HTTP 308
    https://www.theshadesoftrades.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <script[^>]*src="[^"]*browser\.sentry\-cdn\.com/([0-9.]+)/bundle(?:\.tracing)?(?:\.min)?\.js
  • browser\.sentry\-cdn\.com/([0-9.]+)/bundle(?:\.tracing)?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Page Statistics

26
Requests

100 %
HTTPS

23 %
IPv6

8
Domains

13
Subdomains

13
IPs

5
Countries

711 kB
Transfer

1199 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://theshadesoftrades.com/ HTTP 308
    https://www.theshadesoftrades.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

26 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.theshadesoftrades.com/
Redirect Chain
  • https://theshadesoftrades.com/
  • https://www.theshadesoftrades.com/
3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.theshadesoftrades.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.164 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
78ae14bcf3eea9c7f548aee5c00faedf58cc91b9de5108168b57d97334e1829e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
age
118341
cache-control
public, max-age=0, must-revalidate
content-disposition
inline
content-encoding
br
content-type
text/html; charset=utf-8
date
Sun, 23 Jun 2024 09:59:45 GMT
etag
W/"d17d8654b4c6abdc1a470b6f4a789347"
server
Vercel
strict-transport-security
max-age=63072000
x-vercel-cache
HIT
x-vercel-id
fra1::v9dvq-1719136785115-92a9290c68ae

Redirect headers

cache-control
public, max-age=0, must-revalidate
content-type
text/html
date
Sun, 23 Jun 2024 09:59:45 GMT
location
https://www.theshadesoftrades.com/
refresh
0;url=https://www.theshadesoftrades.com/
server
Vercel
strict-transport-security
max-age=63072000
x-vercel-id
fra1::k42f9-1719136785030-6d0451c6949f
all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta3/css/ 		82 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta3/css/all.min.css
Requested by
Host: www.theshadesoftrades.com
URL: https://www.theshadesoftrades.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a361e7885c36bacb3fd9cb068da207c3b9329962cac022d06e28923939f575e8
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Origin
https://www.theshadesoftrades.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 23 Jun 2024 09:59:45 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
240896
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
14850
last-modified
Mon, 22 Nov 2021 21:02:51 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"619c057b-3a02"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3L0MLYqQbSm62%2FwhNDBoQrEErwHkl1Qg3G16R4tZ3V5M6Exld1ppmzpJYMmiXP%2FPRzLb6%2F%2BYMEWeeicPAXXLaEHos3e%2FXIq4FDZ8HypjWX9ANByM8%2Bp%2BteK4VYh3LibSP%2B6nHwfs"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8983a08b48b53764-FRA
expires
Fri, 13 Jun 2025 09:59:45 GMT
index-CG0_foZc.js
www.theshadesoftrades.com/assets/ 		323 KB
100 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.theshadesoftrades.com/assets/index-CG0_foZc.js
Requested by
Host: www.theshadesoftrades.com
URL: https://www.theshadesoftrades.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.164 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
615548cda3847092ab1b57bd087c7c93d1322c2e10703dfecd24132c2bcdbf7f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.theshadesoftrades.com/
Origin
https://www.theshadesoftrades.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 23 Jun 2024 09:59:45 GMT
content-encoding
br
strict-transport-security
max-age=63072000
server
Vercel
x-vercel-id
fra1::v9dvq-1719136785146-bf0833b3b394
age
139089
etag
W/"0a88d64d757f9de680ad787a980ed26f"
x-vercel-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
content-disposition
inline; filename="index-CG0_foZc.js"
index-DLcQ7ik1.css
www.theshadesoftrades.com/assets/ 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.theshadesoftrades.com/assets/index-DLcQ7ik1.css
Requested by
Host: www.theshadesoftrades.com
URL: https://www.theshadesoftrades.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.164 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
79401b4de29d7df042ebef9ef09ac9846b33380989cab72214b5c19e70beb392
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.theshadesoftrades.com/
Origin
https://www.theshadesoftrades.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 23 Jun 2024 09:59:45 GMT
content-encoding
br
strict-transport-security
max-age=63072000
server
Vercel
x-vercel-id
fra1::vfrct-1719136785146-a63e2e7f4ce7
age
139089
etag
W/"9ba03944f962ab4b1f973c2ae9584259"
x-vercel-cache
HIT
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
content-disposition
inline; filename="index-DLcQ7ik1.css"
widget.js
w.behold.so/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://w.behold.so/widget.js
Requested by
Host: www.theshadesoftrades.com
URL: https://www.theshadesoftrades.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.36.158.100 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
68fa77f29b298d99791c59cfadb83cd254d80e6b9f2a4ec4fed20a18c7ac177a
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.theshadesoftrades.com/
Origin
https://www.theshadesoftrades.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31556926
content-encoding
br
date
Sun, 23 Jun 2024 09:59:45 GMT
x-cache
HIT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
3956
x-served-by
cache-fra-eddf8230034-FRA
last-modified
Thu, 06 Jun 2024 02:02:26 GMT
x-timer
S1719136785.270982,VS0,VE0
etag
"b983144a90d2c9c56940c02b70a5dc01bbfa1e6b805958235d4901b6e7c30218-br"
vary
x-fh-requested-host, accept-encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-cache-hits
874
logo-B61nkHaK.svg
www.theshadesoftrades.com/assets/ 		106 KB
77 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theshadesoftrades.com/assets/logo-B61nkHaK.svg
Requested by
Host: www.theshadesoftrades.com
URL: https://www.theshadesoftrades.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.164 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
4f3d142c2d0cde9db5e19939a61473b77a60ee484340f4b9e36993726912911a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.theshadesoftrades.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 23 Jun 2024 09:59:45 GMT
content-encoding
br
strict-transport-security
max-age=63072000
server
Vercel
x-vercel-id
fra1::tlg8m-1719136785227-45caf2d61709
age
139089
etag
W/"641786eebe014a6f8429ca4002195deb"
x-vercel-cache
HIT
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
content-disposition
inline; filename="logo-B61nkHaK.svg"
truncated
/ 		779 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
eda29dfa86187c208dd4d4de00e39c130aa28e0eccb6341b9612cb81f38fc7d6

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d85bed4a43aa7f580641cec639cfa83557295fe1edd5bfdfef75b355dd72f09a

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
hero_left-BtJtVAG6.webp
www.theshadesoftrades.com/assets/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theshadesoftrades.com/assets/hero_left-BtJtVAG6.webp
Requested by
Host: www.theshadesoftrades.com
URL: https://www.theshadesoftrades.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.164 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
3931e95fe871f7f286116e8c9c5f081e5384c7b68c1db1905a0c3c4953e961b0
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.theshadesoftrades.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 23 Jun 2024 09:59:45 GMT
strict-transport-security
max-age=63072000
server
Vercel
x-vercel-id
fra1::j6vlc-1719136785229-f39ef6b27515
age
72514
etag
"219d4a14888c9cbc1c8d9f25d54aeeb9"
x-vercel-cache
HIT
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
content-disposition
inline; filename="hero_left-BtJtVAG6.webp"
accept-ranges
bytes
content-length
25138
hero_right-_XyNANzm.webp
www.theshadesoftrades.com/assets/ 		49 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theshadesoftrades.com/assets/hero_right-_XyNANzm.webp
Requested by
Host: www.theshadesoftrades.com
URL: https://www.theshadesoftrades.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.164 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
5a0c7acc8c8f9df2cd166046a832994ed5ade9da446e7c714d8cb1231b7d309f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.theshadesoftrades.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 23 Jun 2024 09:59:45 GMT
strict-transport-security
max-age=63072000
server
Vercel
x-vercel-id
fra1::jbvll-1719136785229-d07a136cd9e2
age
72514
etag
"c7441f84cdb816e320dd8231d9114656"
x-vercel-cache
HIT
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
content-disposition
inline; filename="hero_right-_XyNANzm.webp"
accept-ranges
bytes
content-length
49698
truncated
/ 		984 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9473ba3ab25573aa9edeccaf6246a9b868d324109355cfc3934a942f49553c98

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
50.jpg
randomuser.me/api/portraits/men/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://randomuser.me/api/portraits/men/50.jpg
Requested by
Host: www.theshadesoftrades.com
URL: https://www.theshadesoftrades.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
be4658359fb23eeb54e8ebb844e803cf21a96c039734e554f90e1f725078e2b5

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.theshadesoftrades.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 23 Jun 2024 09:59:45 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
185968
alt-svc
h3=":443"; ma=86400
content-length
4881
last-modified
Tue, 05 Jul 2022 00:27:53 GMT
server
cloudflare
etag
"62c38589-1311"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6o4X0UyDuHj%2FDZJ03tg73Vfk0YfYOB43%2FmbpEOhxx%2FdAQ0lKaE31oVlnHwEf7o6b8y3FXkYMtqK6muBL2A1mQ1sy4JwXe7GbzBuKDBg69XSRnUApEG6eO6VKVTSMHrtb"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
8983a08c0eb8692e-FRA
expires
Thu, 11 Jul 2024 18:21:55 GMT
truncated
/ 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6b804f4a899dc0fda1642cdc80b3b934b3f84eb8234cda68944d3500975bf220

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5cf32407904aa94b0fbaaf97f12dd9bb86d459fa028223b1d5e349fdc048d2a7

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		941 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fa224b9be4e09c8962a1bd4ff4b09d1fd7f88172830a117519a88e9cea84ab51

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
12b65c3472c0c5a8a100e8972acda87b22e1d75c6819601fac6598d61b8fd691

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
about_mobile-BBgLkWt0.webp
www.theshadesoftrades.com/assets/ 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theshadesoftrades.com/assets/about_mobile-BBgLkWt0.webp
Requested by
Host: www.theshadesoftrades.com
URL: https://www.theshadesoftrades.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.164 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
7469e821e53b377b5e8a937d74751f183c3f2f749ba34ba69edd7f0c9b7971f5
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.theshadesoftrades.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 23 Jun 2024 09:59:45 GMT
strict-transport-security
max-age=63072000
server
Vercel
x-vercel-id
fra1::hdkn8-1719136785232-b2a6bf7a27fc
age
72514
etag
"0b974189fcc60f5a73be4b25f255dc0c"
x-vercel-cache
HIT
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
content-disposition
inline; filename="about_mobile-BBgLkWt0.webp"
accept-ranges
bytes
content-length
44544
about-BjuiytdC.webp
www.theshadesoftrades.com/assets/ 		78 KB
78 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theshadesoftrades.com/assets/about-BjuiytdC.webp
Requested by
Host: www.theshadesoftrades.com
URL: https://www.theshadesoftrades.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.164 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
c6464fc1284b6606b0d46e8699ff614abb10e1872505a23931cfe206533bde24
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.theshadesoftrades.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 23 Jun 2024 09:59:45 GMT
strict-transport-security
max-age=63072000
server
Vercel
x-vercel-id
fra1::qcrst-1719136785232-b9a83d26d613
age
72514
etag
"9a977937a37690d0bfaf3dc855f8c80b"
x-vercel-cache
HIT
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
content-disposition
inline; filename="about-BjuiytdC.webp"
accept-ranges
bytes
content-length
79392
truncated
/ 		342 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1434f241cae76fb40e39b7a21e893d3147a491c17a4d59e7391b4c2dfec901bb

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6da167ae3f00118b56af78160bc842bb2bddf2191b43514e7b4325dd5b96538b

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		335 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
906cc9413d534aabdfe1fa0936f72804174aa6a0035b490823549778fa7c9b74

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
716d5a2df39aaf461577b4cfa4d2a40ca2d56ee08946c87505948998893448c4

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5f7e801204bde380ae21d043e67fe64f4e3166e52322bf789c0841de4059cf0d

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
pattern_three-ClhZeQdm.webp
www.theshadesoftrades.com/assets/ 		58 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theshadesoftrades.com/assets/pattern_three-ClhZeQdm.webp
Requested by
Host: www.theshadesoftrades.com
URL: https://www.theshadesoftrades.com/assets/index-DLcQ7ik1.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.164 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
a659cf52166202696a605669e9366eb22a82bd401d03917e31fac0be52348fe8
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.theshadesoftrades.com/assets/index-DLcQ7ik1.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 23 Jun 2024 09:59:45 GMT
strict-transport-security
max-age=63072000
server
Vercel
x-vercel-id
fra1::hctc8-1719136785243-b2fecd0c802f
age
84206
etag
"e2ca735c32b68d4591809128c6aec172"
x-vercel-cache
HIT
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
content-disposition
inline; filename="pattern_three-ClhZeQdm.webp"
accept-ranges
bytes
content-length
58994
fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta3/webfonts/ 		122 KB
123 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta3/webfonts/fa-solid-900.woff2
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta3/css/all.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
94e1bbc1c2a41ebc73fa5253fd563256c0035b4d69181e48f9aef9e474a11251
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta3/css/all.min.css
Origin
https://www.theshadesoftrades.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 23 Jun 2024 09:59:45 GMT
strict-transport-security
max-age=15780000
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
235754
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
125064
last-modified
Mon, 22 Nov 2021 21:02:51 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"619c057b-1e888"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Vn14WEXdvlwq69je6p0tSSEnHwhUi1t97SAAaXOWE9Nwvyz2Dnxab8Ll377gUa%2FV3YCQzjX%2BQ9aTCrGTOV%2BlEcl%2FylEPZ6fJF1fO1tgD14ey28j%2Bh0kuXBUzb%2BQ9vqkTeunGOgpO"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8983a08c09c23764-FRA
expires
Fri, 13 Jun 2025 09:59:45 GMT
payment-button.js
checkout.razorpay.com/v1/ 		62 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://checkout.razorpay.com/v1/payment-button.js
Requested by
Host: www.theshadesoftrades.com
URL: https://www.theshadesoftrades.com/assets/index-CG0_foZc.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.109.79.132 Mumbai, India, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-109-79-132.ap-south-1.compute.amazonaws.com
Software
/
Resource Hash
c0316a377276adf26209a86c06112f3819fb12574506944bccb4d008738ac69f
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.theshadesoftrades.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sun, 23 Jun 2024 09:59:45 GMT
content-encoding
gzip
via
1.1 b22d6e064495a6b34ec890223a5dcb34.cloudfront.net (CloudFront)
strict-transport-security
max-age=315360000; includeSubDomains
x-amz-version-id
ShGIXip1xaI8s9f8DzddHWHOIa.b_Yd.
age
56579
x-amz-cf-pop
PNQ50-P1
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
x-cache
Hit from cloudfront
Connection
keep-alive
last-modified
Fri, 21 Jun 2024 18:06:39 GMT
etag
W/"69d3e04b855cc9eee264a72227a536d0"
vary
Accept-Encoding
Content-Type
application/javascript
x-amz-cf-id
ys2WRTcL_D6mnO2PA7Gaz26F1XAEgsGxwFzckXDa9ZoDi6Y9yjtVog==
button_preferences
api.razorpay.com/v1/payment_buttons/pl_OE3nnX6AhA20EW/ 		209 B
741 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.razorpay.com/v1/payment_buttons/pl_OE3nnX6AhA20EW/button_preferences
Requested by
Host: checkout.razorpay.com
URL: https://checkout.razorpay.com/v1/payment-button.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.206.229.162 Mumbai, India, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-206-229-162.ap-south-1.compute.amazonaws.com
Software
/
Resource Hash
2a14864fc038ae9cc110cff9b56da06e9d274cedfb49e43070689f424afdc1ed
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept
application/json, text/plain, */*
Referer
https://www.theshadesoftrades.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
Date
Sun, 23 Jun 2024 09:59:46 GMT
strict-transport-security
max-age=315360000; includeSubDomains
via
rws
Transfer-Encoding
chunked
uber-trace-id
b8689856f90de682ef6420a91a5a20e5:db2ed7d057fa5b62:0000000000000000:1
Content-Type
application/json
access-control-allow-origin
*
cache-control
max-age=0, must-revalidate, no-store, nocache, private
x-frame-options
SAMEORIGIN
Connection
keep-alive
x-pam
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
color.js
cdn.razorpay.com/static/assets/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.razorpay.com/static/assets/color.js
Requested by
Host: checkout.razorpay.com
URL: https://checkout.razorpay.com/v1/payment-button.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.64.119.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-64-119-10.txl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f5b1483c43112bf1b9bef92ec04c2bbaf34f0cbfb0c704698cc97e8949a69c2d

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.theshadesoftrades.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
gnfaQ322yoigvYRVGccRTwRwL0spb5I5
content-encoding
gzip
via
1.1 4842376441adfff51e41110458fe337a.cloudfront.net (CloudFront)
date
Sat, 22 Jun 2024 18:06:49 GMT
last-modified
Fri, 21 Jun 2024 18:06:29 GMT
server
AmazonS3
x-amz-cf-pop
TXL50-P4
age
57178
x-amz-server-side-encryption
AES256
etag
W/"99160e3b095515859a71ae71d5f87d67"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
qCWk5BqYzjrxUK3ooiISbOPj_XiNo55Wv424D9J5Q-atxbhJeapdDQ==
view
razorpay.com/payment-button/pl_OE3nnX6AhA20EW/ Frame 6F1A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://razorpay.com/payment-button/pl_OE3nnX6AhA20EW/view
Requested by
Host: checkout.razorpay.com
URL: https://checkout.razorpay.com/v1/payment-button.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.64.119.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-64-119-69.txl50.r.cloudfront.net
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.theshadesoftrades.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

cache-control
no-cache, private
content-type
text/html; charset=UTF-8
date
Sun, 23 Jun 2024 09:59:46 GMT
strict-transport-security
max-age=315360000; includeSubDomains
uber-trace-id
547204a1d7815cbe248ee91ce153310e:3c10164e4e24ed38:0000000000000000:1
via
rws, 1.1 4842376441adfff51e41110458fe337a.cloudfront.net (CloudFront)
x-amz-cf-id
8_nrsFXjab_FcbNFNDLdSAL8jaPhlMBQcX6YxlidvB0soSuvKSVYVg==
x-amz-cf-pop
TXL50-P4
x-cache
Miss from cloudfront
x-pam
0
x-xss-protection
0
bundle.min.js
browser.sentry-cdn.com/6.16.1/ 		72 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://browser.sentry-cdn.com/6.16.1/bundle.min.js
Requested by
Host: checkout.razorpay.com
URL: https://checkout.razorpay.com/v1/payment-button.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
24069ecc5a293e32a26a464ff9be028b4b9dfbcb61648b350b9572b07fb5cbfd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.theshadesoftrades.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 23 Jun 2024 09:59:46 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Fri, 10 Dec 2021 14:14:25 GMT
server
Fastly
age
4117107
etag
"109380f023e58f6e181747372be2f7ea"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
22692
expires
Tue, 03 Sep 2024 13:00:46 GMT
bundle.js
cdn.razorpay.com/static/analytics/ 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.razorpay.com/static/analytics/bundle.js
Requested by
Host: checkout.razorpay.com
URL: https://checkout.razorpay.com/v1/payment-button.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.64.119.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-64-119-10.txl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
795a21d6ea38a67b1ec875ebe2ec75507686a9b891daa4157ba941c179eada97

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.theshadesoftrades.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
leFPdiPSbN.iLhT3jnmaMHYWsdKz6y40
content-encoding
gzip
via
1.1 4842376441adfff51e41110458fe337a.cloudfront.net (CloudFront)
date
Sat, 22 Jun 2024 18:06:49 GMT
last-modified
Fri, 21 Jun 2024 18:06:27 GMT
server
AmazonS3
x-amz-cf-pop
TXL50-P4
age
57178
x-amz-server-side-encryption
AES256
etag
W/"45a2df1d6d0dd9eadeb1a7ac661889ca"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
N8QJ_w7z-l7kYx5TcRpB2-d8zCd2zAfmDIaZpx0eltADajMkbmcjfQ==
track
lumberjack.razorpay.com/v1/ 		0
255 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lumberjack.razorpay.com/v1/track
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.16.1/bundle.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.154.8.133 Mumbai, India, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-154-8-133.ap-south-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.theshadesoftrades.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
Date
Sun, 23 Jun 2024 09:59:46 GMT
strict-transport-security
max-age=315360000; includeSubDomains
Connection
keep-alive
x-razorpay-request-id
cprv44hd18mtoj9qnigg
Content-Length
0
vary
Origin
track
lumberjack.razorpay.com/v1/ 		0
255 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lumberjack.razorpay.com/v1/track
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.16.1/bundle.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.154.8.133 Mumbai, India, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-154-8-133.ap-south-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.theshadesoftrades.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
Date
Sun, 23 Jun 2024 09:59:46 GMT
strict-transport-security
max-age=315360000; includeSubDomains
Connection
keep-alive
x-razorpay-request-id
cprv44k1j3hqqeiqkds0
Content-Length
0
vary
Origin
css2
fonts.googleapis.com/ 		2 KB
895 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Muli:wght@700;800&display=swap
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8798deeae0f02e4ca236fd518ec360d1424fc290778b47be1cbaecddc0643d8f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.theshadesoftrades.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Sun, 23 Jun 2024 09:59:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 23 Jun 2024 09:59:46 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 23 Jun 2024 09:59:46 GMT
track
lumberjack.razorpay.com/v1/ 		0
255 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lumberjack.razorpay.com/v1/track
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.16.1/bundle.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.154.8.133 Mumbai, India, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-154-8-133.ap-south-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.theshadesoftrades.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
Date
Sun, 23 Jun 2024 09:59:46 GMT
strict-transport-security
max-age=315360000; includeSubDomains
Connection
keep-alive
x-razorpay-request-id
cprv44hd18mqrcs7iic0
Content-Length
0
vary
Origin
7Auwp_0qiz-afTLGLQ.woff2
fonts.gstatic.com/s/muli/v29/ 		32 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/muli/v29/7Auwp_0qiz-afTLGLQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Muli:wght@700;800&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f68d37d474952b1fbe30def1b69e63e79c46a70263433285783b69ac0107b929
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fonts.googleapis.com/
Origin
https://www.theshadesoftrades.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 15:02:00 GMT
x-content-type-options
nosniff
age
413866
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32796
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 22:41:22 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 18 Jun 2025 15:02:00 GMT
faviLogo-DRN6H0nt.webp
www.theshadesoftrades.com/assets/ 		26 KB
27 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.theshadesoftrades.com/assets/faviLogo-DRN6H0nt.webp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.164 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
80f032b61383ecc2c51d1396409eaba577b68199e25d1e7aefeacee91d147c71
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.theshadesoftrades.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 23 Jun 2024 09:59:46 GMT
strict-transport-security
max-age=63072000
server
Vercel
x-vercel-id
fra1::tlg8m-1719136786947-3b43c841a09c
age
104422
etag
"68e5f85c3801e562fe44f765c77c5f2b"
x-vercel-cache
HIT
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
content-disposition
inline; filename="faviLogo-DRN6H0nt.webp"
accept-ranges
bytes
content-length
26992
vite.svg
www.theshadesoftrades.com/ 		3 KB
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.theshadesoftrades.com/vite.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.164 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
78ae14bcf3eea9c7f548aee5c00faedf58cc91b9de5108168b57d97334e1829e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.theshadesoftrades.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 23 Jun 2024 09:59:46 GMT
content-encoding
br
strict-transport-security
max-age=63072000
server
Vercel
x-vercel-id
fra1::jbvll-1719136786963-2c8bad514515
age
139091
etag
W/"d17d8654b4c6abdc1a470b6f4a789347"
x-vercel-cache
HIT
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
content-disposition
inline; filename="index.html"

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 undefined| event object| fence object| sharedStorage string| __reactRouterVersion object| currencyLib object| RZP object| Sentry object| __SENTRY__ object| colorLib object| core object| __core-js_shared__ object| timing object| analytics object| lytics object| rzpQ

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=63072000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.razorpay.com
browser.sentry-cdn.com
cdn.razorpay.com
cdnjs.cloudflare.com
checkout.razorpay.com
fonts.googleapis.com
fonts.gstatic.com
lumberjack.razorpay.com
randomuser.me
razorpay.com
theshadesoftrades.com
w.behold.so
www.theshadesoftrades.com
104.17.24.14
15.206.229.162
18.64.119.10
18.64.119.69
188.114.96.3
199.36.158.100
2a00:1450:4001:81d::2003
2a00:1450:4001:830::200a
2a04:4e42::729
3.109.79.132
35.154.8.133
76.76.21.164
76.76.21.21
12b65c3472c0c5a8a100e8972acda87b22e1d75c6819601fac6598d61b8fd691
1434f241cae76fb40e39b7a21e893d3147a491c17a4d59e7391b4c2dfec901bb
24069ecc5a293e32a26a464ff9be028b4b9dfbcb61648b350b9572b07fb5cbfd
2a14864fc038ae9cc110cff9b56da06e9d274cedfb49e43070689f424afdc1ed
3931e95fe871f7f286116e8c9c5f081e5384c7b68c1db1905a0c3c4953e961b0
4f3d142c2d0cde9db5e19939a61473b77a60ee484340f4b9e36993726912911a
5a0c7acc8c8f9df2cd166046a832994ed5ade9da446e7c714d8cb1231b7d309f
5cf32407904aa94b0fbaaf97f12dd9bb86d459fa028223b1d5e349fdc048d2a7
5f7e801204bde380ae21d043e67fe64f4e3166e52322bf789c0841de4059cf0d
615548cda3847092ab1b57bd087c7c93d1322c2e10703dfecd24132c2bcdbf7f
68fa77f29b298d99791c59cfadb83cd254d80e6b9f2a4ec4fed20a18c7ac177a
6b804f4a899dc0fda1642cdc80b3b934b3f84eb8234cda68944d3500975bf220
6da167ae3f00118b56af78160bc842bb2bddf2191b43514e7b4325dd5b96538b
716d5a2df39aaf461577b4cfa4d2a40ca2d56ee08946c87505948998893448c4
7469e821e53b377b5e8a937d74751f183c3f2f749ba34ba69edd7f0c9b7971f5
78ae14bcf3eea9c7f548aee5c00faedf58cc91b9de5108168b57d97334e1829e
79401b4de29d7df042ebef9ef09ac9846b33380989cab72214b5c19e70beb392
795a21d6ea38a67b1ec875ebe2ec75507686a9b891daa4157ba941c179eada97
80f032b61383ecc2c51d1396409eaba577b68199e25d1e7aefeacee91d147c71
8798deeae0f02e4ca236fd518ec360d1424fc290778b47be1cbaecddc0643d8f
906cc9413d534aabdfe1fa0936f72804174aa6a0035b490823549778fa7c9b74
9473ba3ab25573aa9edeccaf6246a9b868d324109355cfc3934a942f49553c98
94e1bbc1c2a41ebc73fa5253fd563256c0035b4d69181e48f9aef9e474a11251
a361e7885c36bacb3fd9cb068da207c3b9329962cac022d06e28923939f575e8
a659cf52166202696a605669e9366eb22a82bd401d03917e31fac0be52348fe8
be4658359fb23eeb54e8ebb844e803cf21a96c039734e554f90e1f725078e2b5
c0316a377276adf26209a86c06112f3819fb12574506944bccb4d008738ac69f
c6464fc1284b6606b0d46e8699ff614abb10e1872505a23931cfe206533bde24
d85bed4a43aa7f580641cec639cfa83557295fe1edd5bfdfef75b355dd72f09a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eda29dfa86187c208dd4d4de00e39c130aa28e0eccb6341b9612cb81f38fc7d6
f5b1483c43112bf1b9bef92ec04c2bbaf34f0cbfb0c704698cc97e8949a69c2d
f68d37d474952b1fbe30def1b69e63e79c46a70263433285783b69ac0107b929
fa224b9be4e09c8962a1bd4ff4b09d1fd7f88172830a117519a88e9cea84ab51