www.nicdomains.com Open in urlscan Pro
34.196.175.210 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://admin.multistarworld.com/categoryhi.php?utm_source=df3e41d7&utm_content=0eb
Effective URL:
https://www.nicdomains.com/name/ReDefinitions.com
Submission: On February 11 via api (February 11th 2022, 8:40:40 pm UTC) from BE — Scanned from DE

Summary HTTP 32 Redirects Behaviour Indicators

Summary

This website contacted 11 IPs in 3 countries across 11 domains to perform 32 HTTP transactions. The main IP is 34.196.175.210, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is www.nicdomains.com. The Cisco Umbrella rank of the primary domain is 567498.
TLS certificate: Issued by R3 on December 24th 2021. Valid for: 3 months.

This is the only time www.nicdomains.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	103.242.119.65 103.242.119.65	133296 (WEBWERKS-...) (WEBWERKS-AS-IN Web Werks India Pvt. Ltd.)
1 1	52.20.84.62 52.20.84.62	14618 (AMAZON-AES) (AMAZON-AES)
1 5	192.124.249.108 192.124.249.108	30148 (SUCURI-SEC) (SUCURI-SEC)
3	34.196.175.210 34.196.175.210	14618 (AMAZON-AES) (AMAZON-AES)
2	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	52.222.188.102 52.222.188.102	16509 (AMAZON-02) (AMAZON-02)
2	104.22.24.135 104.22.24.135	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700:303... 2606:4700:3037::6815:4e07	() ()
1	2606:4700::68... 2606:4700::6810:125e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:810::200e	() ()
1	2a00:1450:400... 2a00:1450:4001:808::2008	() ()
32	11

1 103.242.119.65 (India)

ASN133296 (WEBWERKS-AS-IN Web Werks India Pvt. Ltd., IN)

admin.multistarworld.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.20.84.62 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-20-84-62.compute-1.amazonaws.com

redefinitions.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 192.124.249.108 (Menifee, United States) 1 redirects

ASN30148 (SUCURI-SEC, US)
PTR: cloudproxy10108.sucuri.net

www.squadhelp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.196.175.210 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-196-175-210.compute-1.amazonaws.com

www.nicdomains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 52.222.188.102 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-188-102.ham50.r.cloudfront.net

js.chargebee.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.22.24.135 (None, )

ASN13335 (CLOUDFLARENET, US)

www.shopperapproved.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3037::6815:4e07 (None, )

ASN- ()

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::200e (None, )

ASN- ()

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2008 (None, )

ASN- ()

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	chargebee.com js.chargebee.com — Cisco Umbrella Rank: 20479	129 KB
5	squadhelp.com 1 redirects www.squadhelp.com — Cisco Umbrella Rank: 184950	204 KB
3	fontawesome.com use.fontawesome.com	12 KB
3	nicdomains.com www.nicdomains.com — Cisco Umbrella Rank: 567498	523 KB
2	shopperapproved.com www.shopperapproved.com — Cisco Umbrella Rank: 16806	19 KB
2	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 610	35 KB
1	googletagmanager.com www.googletagmanager.com	87 KB
1	google-analytics.com www.google-analytics.com	20 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 197	7 KB
1	redefinitions.com 1 redirects redefinitions.com	221 B
1	multistarworld.com admin.multistarworld.com	5 KB
32	11

	Domain	Requested by
6	js.chargebee.com	www.nicdomains.com js.chargebee.com
5	www.squadhelp.com	1 redirects www.nicdomains.com
3	use.fontawesome.com	www.nicdomains.com use.fontawesome.com
3	www.nicdomains.com	admin.multistarworld.com www.nicdomains.com
2	www.shopperapproved.com	www.nicdomains.com
2	maxcdn.bootstrapcdn.com	www.nicdomains.com
1	www.googletagmanager.com	www.nicdomains.com
1	www.google-analytics.com	www.nicdomains.com www.google-analytics.com
1	cdnjs.cloudflare.com	www.nicdomains.com
1	redefinitions.com	1 redirects
1	admin.multistarworld.com
32	11

This site contains no links.

Subject Issuer	Validity	Valid
www.nicdomains.com R3	`2021-12-24` - `2022-03-24`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-01-29` - `2023-01-29`	a year	crt.sh
*.squadhelp.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-11-30` - `2022-11-26`	a year	crt.sh
js.chargebee.com Amazon	`2021-05-13` - `2022-06-11`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://www.nicdomains.com/name/ReDefinitions.com
Frame ID: 270C44189B134350EAF0C5B414B50DC7
Requests: 27 HTTP requests in this frame

Frame: https://js.chargebee.com/v2/master-58ef8875850f5e039021aa60eb4b6351.html
Frame ID: FF94D3215529DB7FF0B1F5FA397E5B8A
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

ReDefinitions.com is for sale

Page URL History Show full URLs

http://admin.multistarworld.com/categoryhi.php?utm_source=df3e41d7&utm_content=0eb Page URL
https://redefinitions.com/ HTTP 301
https://www.squadhelp.com/name/redefinitions?lp=d HTTP 302
https://www.nicdomains.com/name/ReDefinitions.com Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Chargebee (Payment processors) Expand

Overall confidence: 100%
Detected patterns

js\.chargebee\.com/v([\d.]+)

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Popper (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

/popper\.js/([0-9.]+)

Page Statistics

32
Requests

72 %
HTTPS

45 %
IPv6

11
Domains

11
Subdomains

11
IPs

3
Countries

1042 kB
Transfer

1790 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://admin.multistarworld.com/categoryhi.php?utm_source=df3e41d7&utm_content=0eb Page URL
https://redefinitions.com/ HTTP 301
https://www.squadhelp.com/name/redefinitions?lp=d HTTP 302
https://www.nicdomains.com/name/ReDefinitions.com Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

32 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK categoryhi.php Show response
admin.multistarworld.com/ 5 KB
5 KB 975ms
677ms Document
text/html 103.242.119.65
WEBWERKS-AS-IN We...

General

Check archive.org

Show headers Download Go to

Full URL: http://admin.multistarworld.com/categoryhi.php?utm_source=df3e41d7&utm_content=0eb
Protocol: HTTP/1.1
Server: 103.242.119.65 , India, ASN133296 (WEBWERKS-AS-IN Web Werks India Pvt. Ltd., IN),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: bf568a396b912a43f5b79a628c04070be87d1f7f475ab53c574aeb9cf2906912

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0,max-age=0
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Expires: Fri, 11 Feb 2022 20:10:29 GMT
Last-Modified: Fri, 11 Feb 2022 19:40:29 GMT
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Powered-By-Plesk: PleskWin
Date: Fri, 11 Feb 2022 20:40:28 GMT
Content-Length: 5071

GET
H/1.1

200
OK

Primary Request ReDefinitions.com Show response
www.nicdomains.com/name/
Redirect Chain

https://redefinitions.com/
https://www.squadhelp.com/name/redefinitions?lp=d
https://www.nicdomains.com/name/ReDefinitions.com

58 KB
14 KB

434ms
222ms

Document
text/html

34.196.175.210
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.nicdomains.com/name/ReDefinitions.com
Requested by: Host: admin.multistarworld.com
URL: http://admin.multistarworld.com/categoryhi.php?utm_source=df3e41d7&utm_content=0eb
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.196.175.210 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-196-175-210.compute-1.amazonaws.com
Software: openresty /
Resource Hash: 00a201149440c096bff04639e977d005f4e3f91ebc0f331dbcb673dca8ffae37

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://admin.multistarworld.com/

Response headers

Server: openresty
Date: Fri, 11 Feb 2022 20:40:39 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 13800
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=0
Expires: Fri, 11 Feb 2022 20:40:39 GMT
Backend-location: nicdomains

Redirect headers

server: nginx
date: Fri, 11 Feb 2022 20:40:42 GMT
content-type: text/html; charset=UTF-8
content-length: 0
location: https://www.nicdomains.com/name/ReDefinitions.com
x-sucuri-id: 19008
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
proxy-cache: EXPIRED
x-sucuri-cache: MISS

GET
H2 200 bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/ 141 KB
21 KB 63ms
42ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css

Requested by

Host: www.nicdomains.com
URL: https://www.nicdomains.com/name/ReDefinitions.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nicdomains.com/
Origin: https://www.nicdomains.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 20:40:39 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 617, 617
age: 2542
cdn-cachedat: 2021-06-08 14:12:50
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:04 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 91f5a0f88c7dc5fbf27ae577c3a55698
cf-ray: 6dc064c1be179280-FRA
cdn-requestcountrycode: US
cdn-requestpullsuccess: True

GET
H/1.1 200
OK 95325eeaea3e1fc71022f50390d516dc.css
www.nicdomains.com/var/ 325 KB
325 KB 98ms
98ms Stylesheet
text/css 34.196.175.210
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.nicdomains.com/var/95325eeaea3e1fc71022f50390d516dc.css
Requested by: Host: www.nicdomains.com
URL: https://www.nicdomains.com/name/ReDefinitions.com
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.196.175.210 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-196-175-210.compute-1.amazonaws.com
Software: openresty /
Resource Hash: 9a346b1ea9332c5e2be9ce8bc75e47e45753b33037401504e88d9505b8c64747

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nicdomains.com/name/ReDefinitions.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Fri, 11 Feb 2022 20:40:39 GMT
Last-Modified: Sat, 23 Oct 2021 15:53:07 GMT
Server: openresty
ETag: "61742fe3-51280"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/css
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,Content-Range
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length: 332416
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 1605272977-Webp.net-resizeimage.png
www.squadhelp.com/story_images/sm_images/ 12 KB
12 KB 18ms
17ms Image
image/png 192.124.249.108
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.squadhelp.com/story_images/sm_images/1605272977-Webp.net-resizeimage.png
Requested by: Host: www.nicdomains.com
URL: https://www.nicdomains.com/name/ReDefinitions.com
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.124.249.108 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS: cloudproxy10108.sucuri.net
Software: nginx /
Resource Hash: 33833b5495d12bbf11da3f19599beaad658a03051dd3b30c65ecc72c6a397231

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nicdomains.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 20:40:43 GMT
last-modified: Fri, 13 Nov 2020 13:09:37 GMT
server: nginx
etag: "5fae8591-2ff1"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
cache-control: max-age=315360000
x-sucuri-cache: HIT
x-sucuri-id: 19008
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 12273
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 chargebee.js Show response
js.chargebee.com/v2/ 149 KB
45 KB 78ms
24ms Script
application/x-javascript 52.222.188.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.chargebee.com/v2/chargebee.js

Requested by

Host: www.nicdomains.com
URL: https://www.nicdomains.com/name/ReDefinitions.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.188.102 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-188-102.ham50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

9cc3f35106b58879608b2eee4905c8a037005ba9c0b12bcd6ac2810e155f81e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nicdomains.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id: erz.SBmtYdT4WJAfCgyYRqKah1Vqq7Dm
content-encoding: gzip
vary: Accept-Encoding
last-modified: Tue, 01 Feb 2022 06:06:09 GMT
server: AmazonS3
age: 271
etag: W/"8edc7e256f9df0122ff6732064f4e7e4"
strict-transport-security: max-age=300; includeSubdomains; preload
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 4f5d7e3a87b60a05ec95a5a0e7f4b9d6.cloudfront.net (CloudFront)
cache-control: max-age=300,public
date: Fri, 11 Feb 2022 20:36:08 GMT
x-amz-cf-pop: HAM50-C2
x-amz-cf-id: dvVawvef9gBiWZoLvDf5IJY17gRYMlsCE_-eqwI_rJd1292GIHYMpw==

GET
H2 200 logo-image-19733-redefinitions.jpg
www.squadhelp.com/story_images/visual_images/ 114 KB
115 KB 34ms
32ms Image
image/jpeg 192.124.249.108
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.squadhelp.com/story_images/visual_images/logo-image-19733-redefinitions.jpg
Requested by: Host: www.nicdomains.com
URL: https://www.nicdomains.com/name/ReDefinitions.com
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.124.249.108 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS: cloudproxy10108.sucuri.net
Software: nginx /
Resource Hash: 0b70b6692aa5dc943b84d1a8ff01bc40e0b3aabc7ad25b769f935922a86c06b8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nicdomains.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 20:40:43 GMT
last-modified: Wed, 06 Jan 2021 18:47:20 GMT
server: nginx
etag: "5ff605b8-1c804"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
cache-control: max-age=315360000
x-sucuri-cache: HIT
x-sucuri-id: 19008
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 116740
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 white-header-details.gif
www.shopperapproved.com/newseals/15916/ 18 KB
18 KB 90ms
58ms Image
image/webp 104.22.24.135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.shopperapproved.com/newseals/15916/white-header-details.gif

Requested by

Host: www.nicdomains.com
URL: https://www.nicdomains.com/name/ReDefinitions.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.24.135 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa08ac216005d13156ee6700d016ffae098200aa8f7db0b89a18f77af467bd82

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' www.wix.com www.facebook.com *.myshopify.com t.hs-growth-metrics.com;
X-Frame-Options	sameorigin

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nicdomains.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self' www.wix.com www.facebook.com *.myshopify.com t.hs-growth-metrics.com;
cf-cache-status: HIT
age: 3291
cf-polished: origFmt=gif, origSize=88843
p3p: CP="DSP ALL CUR ADM DEV IVD IVA HIS OTP PSA PSD TAI TELi CONo OUR SAM OTR PUBi IND NAV COM CNT PUR UNI INT DEM"
content-disposition: inline; filename="white-header-details.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 18176
last-modified: Fri, 11 Feb 2022 19:45:49 GMT
server: cloudflare
x-frame-options: sameorigin
date: Fri, 11 Feb 2022 20:40:40 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6dc064c1cafa68f7-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 ffb2deb018.js Show response
use.fontawesome.com/ 9 KB
4 KB 276ms
255ms Script
text/javascript 2606:4700:3037::6815:4e07

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/ffb2deb018.js
Requested by: Host: www.nicdomains.com
URL: https://www.nicdomains.com/name/ReDefinitions.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:4e07 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 72cdcb3d2bfac5f204307322007371e250109bc73910d11be7bf628bc17773fe

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nicdomains.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 20:40:40 GMT
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: ZECX7C1NWMZJE127
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: UTMHmqrHjeZq/tBIw4HubB5roSGEAW0GSH/HU9mdjKu02xTEBzllXAHCZDj5t+NUsTQAB6zlto8=
last-modified: Thu, 01 Jul 2021 20:48:21 GMT
server: cloudflare
etag: W/"df7c620f9707f9feebbd5726d119d44d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wka5vnf4DvGhbWxUmi1kleTlnZCFAQftHX8dEPuqAhxwwlHg1wDJQl7xcvoaG7MuJItUPtI6hXTA5%2BVmGKsvn8d2qPPhHFXGKob4T8WYsR85ubiwPTjn2%2FRKuvchv9Qb1kzg2fmnFHjgnz9Wd5Kki9Xf"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=1800
cf-ray: 6dc064c1cc0290c1-FRA

GET
H/1.1 200
OK 2931f72298abbb4c402b05221f6689ea.js Show response
www.nicdomains.com/var/ 184 KB
184 KB 385ms
193ms Script
application/x-javascript 34.196.175.210
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.nicdomains.com/var/2931f72298abbb4c402b05221f6689ea.js
Requested by: Host: www.nicdomains.com
URL: https://www.nicdomains.com/name/ReDefinitions.com
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.196.175.210 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-196-175-210.compute-1.amazonaws.com
Software: openresty /
Resource Hash: 0ac990208797a75160d7874f34a980417ba0228db503fc52c1db6b109a9deb1a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nicdomains.com/name/ReDefinitions.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Fri, 11 Feb 2022 20:40:40 GMT
Last-Modified: Mon, 13 Dec 2021 14:25:28 GMT
Server: openresty
ETag: "61b757d8-2df0c"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,Content-Range
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length: 188172
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 popper.min.js Show response
cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/ 19 KB
7 KB 37ms
18ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js

Requested by

Host: www.nicdomains.com
URL: https://www.nicdomains.com/name/ReDefinitions.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nicdomains.com/
Origin: https://www.nicdomains.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 20:40:39 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1514766
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6157
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:15:37 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fa9-4af4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3A2FJktnJJ8zPyp1%2BO2BTP3ALFm1Fb0Alf%2F6AIeeZuFhaGZeLOsTC03NsHHfeMPfzSEEDmqWaQaTG0imh0eyLLC3UupPyLWLO0bu8ODLn8YCpNeqL34niDpBRDVTWYI1m5cUXqugvNLubRlMvLVj5X17"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6dc064c1bd645c8c-FRA
expires: Wed, 01 Feb 2023 20:40:39 GMT

GET
H2 200 bootstrap.min.js Show response
maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/ 48 KB
14 KB 56ms
40ms Script
application/javascript 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js

Requested by

Host: www.nicdomains.com
URL: https://www.nicdomains.com/name/ReDefinitions.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nicdomains.com/
Origin: https://www.nicdomains.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 20:40:39 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 617, 617, 617
age: 1501900
cdn-cachedat: 2021-06-08 14:29:21
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:04 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: bb05b656340a3326c9f4d58c371fb3ca
cf-ray: 6dc064c1be259280-FRA
cdn-requestcountrycode: US
cdn-requestpullsuccess: True

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 185ms
38ms Script
text/javascript 2a00:1450:4001:810::200e

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.nicdomains.com
URL: https://www.nicdomains.com/name/ReDefinitions.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e -, , ASN (),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nicdomains.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 3946
date: Fri, 11 Feb 2022 19:34:54 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Fri, 11 Feb 2022 21:34:54 GMT

GET
H2 200 gtm.js
www.googletagmanager.com/ 283 KB
87 KB 211ms
64ms Script
application/javascript 2a00:1450:4001:808::2008

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-M6CM29

Requested by

Host: www.nicdomains.com
URL: https://www.nicdomains.com/name/ReDefinitions.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 -, , ASN (),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nicdomains.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 20:40:40 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 88825
x-xss-protection: 0
last-modified: Fri, 11 Feb 2022 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 11 Feb 2022 20:40:40 GMT

GET
H2 200 0-d0d07a1ccb393c1835b4.js Show response
js.chargebee.com/v2/ 55 KB
17 KB 25ms
25ms Script
application/x-javascript 52.222.188.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.chargebee.com/v2/0-d0d07a1ccb393c1835b4.js

Requested by

Host: js.chargebee.com
URL: https://js.chargebee.com/v2/chargebee.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.188.102 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-188-102.ham50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

24debe1a54d5c3e03a19488a253b5019df02e8123774a2741ab89135cf99427e

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nicdomains.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id: 20w2SlxdJFoLpn7L1pVhJJ.nizdlR6mu
content-encoding: gzip
vary: Accept-Encoding
last-modified: Mon, 24 Jan 2022 11:09:21 GMT
server: AmazonS3
age: 31
etag: W/"c4630576340873667c3aab4a9a1de919"
strict-transport-security: max-age=300; includeSubdomains; preload
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 4f5d7e3a87b60a05ec95a5a0e7f4b9d6.cloudfront.net (CloudFront)
cache-control: max-age=300,public
date: Fri, 11 Feb 2022 20:40:40 GMT
x-amz-cf-pop: HAM50-C2
x-amz-cf-id: YSyp3AzurZup0flqC28VkNQejeLmTicWkd3t96N1RzZLp2sOfgUJhQ==

GET
H2 200 60-3993ccd28efa273fe99c.js Show response
js.chargebee.com/v2/ 16 KB
5 KB 25ms
25ms Script
application/x-javascript 52.222.188.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.chargebee.com/v2/60-3993ccd28efa273fe99c.js

Requested by

Host: js.chargebee.com
URL: https://js.chargebee.com/v2/chargebee.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.188.102 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-188-102.ham50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

dc7898fa6a43df915b8a9a65e1661b22556fd817fdfd6c5ad3e4f8f574291ea1

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nicdomains.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id: oboligw7emWKrb4qAfRCWc4eNQAK2Spe
content-encoding: gzip
vary: Accept-Encoding
last-modified: Tue, 01 Feb 2022 06:06:09 GMT
server: AmazonS3
age: 105
etag: W/"34efa740ed241c2bebdd75784df31e2c"
strict-transport-security: max-age=300; includeSubdomains; preload
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 4f5d7e3a87b60a05ec95a5a0e7f4b9d6.cloudfront.net (CloudFront)
cache-control: max-age=300,public
date: Fri, 11 Feb 2022 20:40:40 GMT
x-amz-cf-pop: HAM50-C2
x-amz-cf-id: NJtAFJNtVYPzmr_SNZJwZShMkju0UA72dYsdhho9Nyb1fBWtcQkLdg==

GET
H2 200 HKGroteskPro-Medium.woff2
www.squadhelp.com/resources/views/frontend/sellers/theme2/stylesheets/fonts/ 38 KB
39 KB 41ms
14ms Font
application/octet-stream 192.124.249.108
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.squadhelp.com/resources/views/frontend/sellers/theme2/stylesheets/fonts/HKGroteskPro-Medium.woff2
Requested by: Host: www.nicdomains.com
URL: https://www.nicdomains.com/var/95325eeaea3e1fc71022f50390d516dc.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.124.249.108 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS: cloudproxy10108.sucuri.net
Software: nginx /
Resource Hash: b4e244a11e64feea769fb9ca70981932aed7d829386245ff8198a0a6e16ea0f4

Request headers

Referer: https://www.nicdomains.com/
Origin: https://www.nicdomains.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 20:40:43 GMT
last-modified: Sun, 24 May 2020 13:31:50 GMT
server: nginx
etag: "5eca7746-9954"
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
cache-control: max-age=315360000
x-sucuri-cache: HIT
x-sucuri-id: 19008
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 39252
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 HKGroteskPro-Regular.woff2
www.squadhelp.com/resources/views/frontend/sellers/theme2/stylesheets/fonts/ 38 KB
38 KB 65ms
38ms Font
application/octet-stream 192.124.249.108
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.squadhelp.com/resources/views/frontend/sellers/theme2/stylesheets/fonts/HKGroteskPro-Regular.woff2
Requested by: Host: www.nicdomains.com
URL: https://www.nicdomains.com/var/95325eeaea3e1fc71022f50390d516dc.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.124.249.108 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS: cloudproxy10108.sucuri.net
Software: nginx /
Resource Hash: d5dd5c6b3e9350e861db9d3ab7e4474f01a016c785f1aa114eb997d65689567d

Request headers

Referer: https://www.nicdomains.com/
Origin: https://www.nicdomains.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 20:40:43 GMT
last-modified: Sun, 24 May 2020 13:31:50 GMT
server: nginx
etag: "5eca7746-96f4"
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
cache-control: max-age=315360000
x-sucuri-cache: HIT
x-sucuri-id: 19008
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 38644
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 certificate.js Show response
www.shopperapproved.com/seals/ 510 B
462 B 72ms
71ms Script
application/javascript 104.22.24.135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.shopperapproved.com/seals/certificate.js

Requested by

Host: www.nicdomains.com
URL: https://www.nicdomains.com/name/ReDefinitions.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.24.135 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c3e933b42bf491d9ce08fc15ab1f7108601c87eee1582a7f497d2ac94a86c1c1

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' www.wix.com www.facebook.com *.myshopify.com t.hs-growth-metrics.com;
X-Frame-Options	sameorigin

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nicdomains.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 20:40:40 GMT
content-encoding: br
cf-cache-status: HIT
age: 26315
cf-polished: origSize=627
p3p: CP="DSP ALL CUR ADM DEV IVD IVA HIS OTP PSA PSD TAI TELi CONo OUR SAM OTR PUBi IND NAV COM CNT PUR UNI INT DEM"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 02 Feb 2022 07:50:07 GMT
server: cloudflare
x-frame-options: sameorigin
etag: W/"273-5d7044430c3dc-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=14400
content-security-policy: frame-ancestors 'self' www.wix.com www.facebook.com *.myshopify.com t.hs-growth-metrics.com;
cf-ray: 6dc064c4497a68f7-FRA
cf-bgj: minify

GET
H3 200 ffb2deb018.css
use.fontawesome.com/ 1 KB
1 KB 50ms
27ms Stylesheet
text/css 2606:4700:3037::6815:4e07

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/ffb2deb018.css
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/ffb2deb018.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:4e07 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: b272db999014c607e1293a9bd9484a01b05d1aa01185bae5d936c3eb6f47da94

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nicdomains.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 20:40:40 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 863
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 53F0D7N78SFKT30F
x-amz-id-2: Bt07IYeTNVwDKLiIp11Ven7e2OQPz1oenKh9CxKUGzAT7JZQUCyQ4Q2tLgs6REi7EnVLEKisIEQ=
last-modified: Thu, 01 Jul 2021 20:48:21 GMT
server: cloudflare
etag: W/"8823b171b211ba59ca5bd1d4b8625e86"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q862rvi3CwrSYkUaz9Ah0RerqoFnotI2poiGfr5PDfDGOQFiIwgdZ%2BNJJ82N4wII4GzPqp4p%2F9lLryvHludJSzH%2FEVg72zK8cwcH0y4sJh9VG%2FJ32HZ4rKe1W8whAH7gCCCJApjDHEjeTeW0AmBWNLI%2B"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=1800
cf-ray: 6dc064c57a0d7196-LHR

GET
H2 200 animation.css
js.chargebee.com/v2/ 758 B
1 KB 22ms
22ms Stylesheet
text/css 52.222.188.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.chargebee.com/v2/animation.css

Requested by

Host: js.chargebee.com
URL: https://js.chargebee.com/v2/chargebee.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.188.102 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-188-102.ham50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

e3b7f54cf81a0ff1f16662abce7b1970ed6a8a8191da96cf05dcf6644d203df3

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nicdomains.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id: 7djUDpRYUIjzo2U.hrIyOfyOzjG2nLb0
via: 1.1 4f5d7e3a87b60a05ec95a5a0e7f4b9d6.cloudfront.net (CloudFront)
last-modified: Mon, 24 Jan 2022 11:09:22 GMT
server: AmazonS3
age: 213
etag: "f8a79fc47c28375628855b4c78ff6f85"
strict-transport-security: max-age=300; includeSubdomains; preload
x-cache: Hit from cloudfront
content-type: text/css
cache-control: max-age=300,public
date: Fri, 11 Feb 2022 20:37:08 GMT
x-amz-cf-pop: HAM50-C2
accept-ranges: bytes
content-length: 758
x-amz-cf-id: FP7YQWZ3ipdlOKmZyOj76kTlvOdQZuvQe43L6DGAoiZpFSbeCY9B0w==

GET
H2 200 master-58ef8875850f5e039021aa60eb4b6351.html Show response
js.chargebee.com/v2/ Frame FF94 203 B
642 B 23ms
22ms Document
text/html 52.222.188.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.chargebee.com/v2/master-58ef8875850f5e039021aa60eb4b6351.html

Requested by

Host: js.chargebee.com
URL: https://js.chargebee.com/v2/60-3993ccd28efa273fe99c.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.188.102 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-188-102.ham50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

b54efc3de02272da3a5c59618891d720becee47e16c6a5392606ed1098aaf701

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.nicdomains.com/

Response headers

content-type: text/html
content-length: 203
last-modified: Tue, 01 Feb 2022 06:06:09 GMT
x-amz-version-id: 4PpbGWoIamYWHPTU4ofzA1enIshVN2Co
accept-ranges: bytes
server: AmazonS3
strict-transport-security: max-age=300; includeSubdomains; preload
date: Fri, 11 Feb 2022 20:40:29 GMT
cache-control: max-age=300,public
etag: "2eb9f6d28fe8abf11a64237ebdaf3d94"
x-cache: Hit from cloudfront
via: 1.1 4f5d7e3a87b60a05ec95a5a0e7f4b9d6.cloudfront.net (CloudFront)
x-amz-cf-pop: HAM50-C2
x-amz-cf-id: WtWUBEChXXyMrvXao5sJMZDlILtK-WUJVpJuBocOfjr_A2jChCMsWw==
age: 12

GET record-show-page
www.nicdomains.com/ 0
0

GET _similar_names.php
www.nicdomains.com/resources/views/frontend/sellers/theme2/ 0
0

POST collect
www.google-analytics.com/j/ 0
0

GET
H2 200 master-a028250d6b5b7ceec6e8.js Show response
js.chargebee.com/v2/ Frame FF94 198 KB
59 KB 20ms
20ms Script
application/x-javascript 52.222.188.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.chargebee.com/v2/master-a028250d6b5b7ceec6e8.js

Requested by

Host: js.chargebee.com
URL: https://js.chargebee.com/v2/master-58ef8875850f5e039021aa60eb4b6351.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.188.102 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-188-102.ham50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

870daff6e23961e609d7184434c9f0ae33bd6ff387813510050ab7cb8ec19b83

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.chargebee.com/v2/master-58ef8875850f5e039021aa60eb4b6351.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id: iOTxywinkPkkmC5Tsz8cyAiWNzlBnVbM
content-encoding: gzip
vary: Accept-Encoding
last-modified: Tue, 01 Feb 2022 06:06:09 GMT
server: AmazonS3
age: 298
etag: W/"efe8d475518108529cca512f46ed65db"
strict-transport-security: max-age=300; includeSubdomains; preload
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 4f5d7e3a87b60a05ec95a5a0e7f4b9d6.cloudfront.net (CloudFront)
cache-control: max-age=300,public
date: Fri, 11 Feb 2022 20:35:43 GMT
x-amz-cf-pop: HAM50-C2
x-amz-cf-id: l00lMZcVyUoRBWxOdaN-mmJzTUfONnDF2e0Wyvvqa7qE7b9Aw_WJ4A==

GET
H3 200 font-awesome-css.min.css
use.fontawesome.com/releases/v4.7.0/css/ 30 KB
7 KB 26ms
26ms Stylesheet
text/css 2606:4700:3037::6815:4e07

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v4.7.0/css/font-awesome-css.min.css
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/ffb2deb018.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:4e07 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b9573e1023da775390e9284ec0eb1c606df9b468a28980055b4a6aa804f4350

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://use.fontawesome.com/ffb2deb018.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 20:40:40 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 9379062
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: F0PJX42H64DVEGVG
x-amz-id-2: YGAIlEZpQBjm3fE0LvQNboDKhML/FzebhJ1cumigsSrBWTYLtcDfsfN6lCmcMDSNqfbAR6hTz3c=
last-modified: Wed, 30 Jun 2021 15:26:48 GMT
server: cloudflare
etag: W/"36082410df2ef7f83932219089dc1443"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HgRxfmvab8DTQf3HTpcqur8tZBz9WL%2FJgjdqpGU2EM1NsRZgR9RxeEuJ1juqkwIkGMtccTi51QeWF4AfDkgEIS9aWRbDiPVThwcExkTMtWfcbF49g4y3xwVOz87WVLMJdOKkbuiZCTlUElkzns1HUWby"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31556926
cf-ray: 6dc064c5aa617196-LHR

GET fontawesome-webfont.woff2
use.fontawesome.com/releases/v4.7.0/fonts/ 0
0

GET 70-f4975cb8e764abb3ce44.js
js.chargebee.com/v2/ Frame FF94 0
0

GET 80-a5a32ee8506226c80789.js
js.chargebee.com/v2/ Frame FF94 0
0

GET pi-worker-58ef8875850f5e039021aa60eb4b6351.js
js.chargebee.com/v2/ Frame FF94 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.nicdomains.com
URL: https://www.nicdomains.com/record-show-page?action=record_show_page&mp_domain_id=835733&source=Seller

Domain: www.nicdomains.com
URL: https://www.nicdomains.com/resources/views/frontend/sellers/theme2/_similar_names.php?website=nicdomains.com&domain_name=ReDefinitions.com

Domain: www.google-analytics.com
URL: https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1134279389&t=pageview&_s=1&dl=https%3A%2F%2Fwww.nicdomains.com%2Fname%2FReDefinitions.com&dr=http%3A%2F%2Fadmin.multistarworld.com%2F&ul=en-us&de=UTF-8&dt=ReDefinitions.com%20is%20for%20sale&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=132384293&gjid=1599269942&cid=2141990030.1644612041&tid=UA-192452495-2&_gid=1389098811.1644612041&_r=1&_slc=1&z=1838209822

Domain: www.google-analytics.com
URL: https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1134279389&t=pageview&_s=1&dl=https%3A%2F%2Fwww.nicdomains.com%2Fname%2FReDefinitions.com&dr=http%3A%2F%2Fadmin.multistarworld.com%2F&ul=en-us&de=UTF-8&dt=ReDefinitions.com%20is%20for%20sale&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEDAAEABAAAAAC~&jid=1956791776&gjid=1294823506&cid=2141990030.1644612041&tid=UA-11585500-5&_gid=1389098811.1644612041&_r=1&_slc=1&cd1=c75ee33cdb4869d1bc15dce0619891257dc13728&z=1183965721

Domain: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v4.7.0/fonts/fontawesome-webfont.woff2

Domain: js.chargebee.com
URL: https://js.chargebee.com/v2/70-f4975cb8e764abb3ce44.js

Domain: js.chargebee.com
URL: https://js.chargebee.com/v2/80-a5a32ee8506226c80789.js

Domain: js.chargebee.com
URL: https://js.chargebee.com/v2/pi-worker-58ef8875850f5e039021aa60eb4b6351.js

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| structuredClone object| NREUM object| newrelic function| __nr_require

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			www.squadhelp.com/	1970-01-20 00:51:38	Name: PHPSESSID Value: t8p5d1jjjntlq5au04bt9p8lr3

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

admin.multistarworld.com
cdnjs.cloudflare.com
js.chargebee.com
maxcdn.bootstrapcdn.com
redefinitions.com
use.fontawesome.com
www.google-analytics.com
www.googletagmanager.com
www.nicdomains.com
www.shopperapproved.com
www.squadhelp.com
js.chargebee.com
use.fontawesome.com
www.google-analytics.com
www.nicdomains.com
103.242.119.65
104.22.24.135
192.124.249.108
2606:4700:3037::6815:4e07
2606:4700::6810:125e
2606:4700::6812:acf
2a00:1450:4001:808::2008
2a00:1450:4001:810::200e
34.196.175.210
52.20.84.62
52.222.188.102
00a201149440c096bff04639e977d005f4e3f91ebc0f331dbcb673dca8ffae37
0ac990208797a75160d7874f34a980417ba0228db503fc52c1db6b109a9deb1a
0b70b6692aa5dc943b84d1a8ff01bc40e0b3aabc7ad25b769f935922a86c06b8
24debe1a54d5c3e03a19488a253b5019df02e8123774a2741ab89135cf99427e
2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d
33833b5495d12bbf11da3f19599beaad658a03051dd3b30c65ecc72c6a397231
5b9573e1023da775390e9284ec0eb1c606df9b468a28980055b4a6aa804f4350
72cdcb3d2bfac5f204307322007371e250109bc73910d11be7bf628bc17773fe
870daff6e23961e609d7184434c9f0ae33bd6ff387813510050ab7cb8ec19b83
9a346b1ea9332c5e2be9ce8bc75e47e45753b33037401504e88d9505b8c64747
9cc3f35106b58879608b2eee4905c8a037005ba9c0b12bcd6ac2810e155f81e8
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66
aa08ac216005d13156ee6700d016ffae098200aa8f7db0b89a18f77af467bd82
b272db999014c607e1293a9bd9484a01b05d1aa01185bae5d936c3eb6f47da94
b4e244a11e64feea769fb9ca70981932aed7d829386245ff8198a0a6e16ea0f4
b54efc3de02272da3a5c59618891d720becee47e16c6a5392606ed1098aaf701
bf568a396b912a43f5b79a628c04070be87d1f7f475ab53c574aeb9cf2906912
c3e933b42bf491d9ce08fc15ab1f7108601c87eee1582a7f497d2ac94a86c1c1
d5dd5c6b3e9350e861db9d3ab7e4474f01a016c785f1aa114eb997d65689567d
dc7898fa6a43df915b8a9a65e1661b22556fd817fdfd6c5ad3e4f8f574291ea1
e3b7f54cf81a0ff1f16662abce7b1970ed6a8a8191da96cf05dcf6644d203df3
e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b

www.nicdomains.com Open in urlscan Pro 34.196.175.210 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

32 Requests

72 %HTTPS

45 %IPv6

11 Domains

11 Subdomains

11 IPs

3 Countries

1042 kBTransfer

1790 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

32 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

1 Cookies

Indicators

www.nicdomains.com Open in urlscan Pro
34.196.175.210 Public Scan

Screenshot
Live screenshot

Full Image

32
Requests

72 %
HTTPS

45 %
IPv6

11
Domains

11
Subdomains

11
IPs

3
Countries

1042 kB
Transfer

1790 kB
Size

1
Cookies

32 HTTP transactions
0 data transactions