www4www.login.proxy-creator-shadow-browser-1.duckdns.org Open in urlscan Pro
104.243.38.18 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www4www.login.proxy-creator-shadow-browser-1.duckdns.org/
Submission: On October 10 via automatic, source certstream-suspicious (October 10th 2024, 7:04:21 pm UTC) — Scanned from CA

Summary HTTP 47 Redirects Behaviour Indicators

Summary

This website contacted 12 IPs in 1 countries across 12 domains to perform 47 HTTP transactions. The main IP is 104.243.38.18, located in Piscataway, United States and belongs to RELIABLESITE, US. The main domain is www4www.login.proxy-creator-shadow-browser-1.duckdns.org.
TLS certificate: Issued by E6 on October 10th 2024. Valid for: 3 months.

This is the only time www4www.login.proxy-creator-shadow-browser-1.duckdns.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 30	104.243.38.18 104.243.38.18	23470 (RELIABLESITE) (RELIABLESITE)
3	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2607:f8b0:400... 2607:f8b0:400d:c0c::5f	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:400d:c0d::61	15169 (GOOGLE) (GOOGLE)
1	172.240.253.132 172.240.253.132	7979 (SERVERS-COM) (SERVERS-COM)
1	172.240.108.76 172.240.108.76	7979 (SERVERS-COM) (SERVERS-COM)
1	18.207.54.8 18.207.54.8	14618 (AMAZON-AES) (AMAZON-AES)
3	2607:f8b0:400... 2607:f8b0:400d:c0b::5e	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:bb1f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:400d:c0b::65	15169 (GOOGLE) (GOOGLE)
2	192.243.61.225 192.243.61.225	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
47	12

30 104.243.38.18 (Piscataway, United States) 1 redirects

ASN23470 (RELIABLESITE, US)

www4www.login.proxy-creator-shadow-browser-1.duckdns.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:400d:c0c::5f (Morganton, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:400d:c0d::61 (Morganton, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.240.253.132 (United States)

ASN7979 (SERVERS-COM, US)

pl23231560.cpmrevenuegate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.240.108.76 (United States)

ASN7979 (SERVERS-COM, US)

recordedthereby.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.207.54.8 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-207-54-8.compute-1.amazonaws.com

proftrafficcounter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:400d:c0b::5e (Morganton, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:bb1f (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:400d:c0b::65 (Morganton, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.243.61.225 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

schedulerationally.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
unseenreport.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
30	duckdns.org 1 redirects www4www.login.proxy-creator-shadow-browser-1.duckdns.org	155 KB
3	gstatic.com fonts.gstatic.com	26 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 30	3 KB
3	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 220	166 KB
1	unseenreport.com unseenreport.com — Cisco Umbrella Rank: 19784	512 B
1	schedulerationally.com schedulerationally.com — Cisco Umbrella Rank: 319328	1 KB
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 34
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 311	113 KB
1	proftrafficcounter.com proftrafficcounter.com — Cisco Umbrella Rank: 15190	331 B
1	recordedthereby.com recordedthereby.com — Cisco Umbrella Rank: 16467	84 KB
1	cpmrevenuegate.com pl23231560.cpmrevenuegate.com — Cisco Umbrella Rank: 321266	16 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	107 KB
47	12

	Domain	Requested by
30	www4www.login.proxy-creator-shadow-browser-1.duckdns.org	1 redirects www4www.login.proxy-creator-shadow-browser-1.duckdns.org
3	fonts.gstatic.com	fonts.googleapis.com
3	fonts.googleapis.com	www4www.login.proxy-creator-shadow-browser-1.duckdns.org
3	cdnjs.cloudflare.com	www4www.login.proxy-creator-shadow-browser-1.duckdns.org cdnjs.cloudflare.com
1	unseenreport.com
1	schedulerationally.com	pl23231560.cpmrevenuegate.com
1	www.google-analytics.com	www.googletagmanager.com
1	cdn.jsdelivr.net	www4www.login.proxy-creator-shadow-browser-1.duckdns.org
1	proftrafficcounter.com	pl23231560.cpmrevenuegate.com
1	recordedthereby.com	pl23231560.cpmrevenuegate.com
1	pl23231560.cpmrevenuegate.com	www4www.login.proxy-creator-shadow-browser-1.duckdns.org
1	www.googletagmanager.com	www4www.login.proxy-creator-shadow-browser-1.duckdns.org
47	12

This site contains no links.

Subject Issuer	Validity	Valid
www4www.login.proxy-creator-shadow-browser-1.duckdns.org E6	`2024-10-10` - `2025-01-08`	3 months	crt.sh
cdnjs.cloudflare.com WE1	`2024-09-28` - `2024-12-27`	3 months	crt.sh
upload.video.google.com WR2	`2024-09-24` - `2024-12-17`	3 months	crt.sh
*.google-analytics.com WR2	`2024-09-24` - `2024-12-17`	3 months	crt.sh
cpmrevenuegate.com R11	`2024-08-21` - `2024-11-19`	3 months	crt.sh
recordedthereby.com R11	`2024-09-06` - `2024-12-05`	3 months	crt.sh
proftrafficcounter.com Amazon RSA 2048 M02	`2023-11-21` - `2024-12-19`	a year	crt.sh
*.gstatic.com WR2	`2024-09-24` - `2024-12-17`	3 months	crt.sh
*.jsdelivr.net Sectigo RSA Domain Validation Secure Server CA	`2024-05-04` - `2025-05-04`	a year	crt.sh
schedulerationally.com R10	`2024-08-12` - `2024-11-10`	3 months	crt.sh
*.unseenreport.com R10	`2024-09-19` - `2024-12-18`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://www4www.login.proxy-creator-shadow-browser-1.duckdns.org/
Frame ID: 6FD83778DCF485A6912D4525362038A0
Requests: 35 HTTP requests in this frame

Frame: https://www4www.login.proxy-creator-shadow-browser-1.duckdns.org/home/
Frame ID: BBCF18C259DBCA92BFCBC0149642A6C1
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Shadow

Detected technologies

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

47
Requests

98 %
HTTPS

55 %
IPv6

12
Domains

12
Subdomains

12
IPs

1
Countries

672 kB
Transfer

1802 kB
Size

11
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 32

https://www4www.login.proxy-creator-shadow-browser-1.duckdns.org/home HTTP 301
https://www4www.login.proxy-creator-shadow-browser-1.duckdns.org/home/

47 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www4www.login.proxy-creator-shadow-browser-1.duckdns.org/ 16 KB
5 KB 400ms
108ms Document
text/html 104.243.38.18
RELIABLESITE

General

Check archive.org

Show headers Download Go to

Full URL: https://www4www.login.proxy-creator-shadow-browser-1.duckdns.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.243.38.18 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: Caddy / Express
Resource Hash: 4998b970426ebc9c9ac25fe1cfa7109bef28406d599418a4500f6edec40d6d4a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000
cache-control: public, max-age=604800
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin
date: Thu, 10 Oct 2024 19:04:16 GMT
etag: W/"4027-192629b9a6f"
last-modified: Sun, 06 Oct 2024 16:13:37 GMT
server: Caddy
vary: Accept-Encoding
x-powered-by: Express

GET
H2 200 autoblank.js Show response
www4www.login.proxy-creator-shadow-browser-1.duckdns.org/assets/ 1 KB
646 B 107ms
100ms Script
application/javascript 104.243.38.18
RELIABLESITE

General

Check archive.org

Show headers Download Go to

Full URL: https://www4www.login.proxy-creator-shadow-browser-1.duckdns.org/assets/autoblank.js
Requested by: Host: www4www.login.proxy-creator-shadow-browser-1.duckdns.org
URL: https://www4www.login.proxy-creator-shadow-browser-1.duckdns.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.243.38.18 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: Caddy / Express
Resource Hash: 592f42353c19929b6c97368870782efb6e076541be8d523152ffdc1e0ac04100

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www4www.login.proxy-creator-shadow-browser-1.duckdns.org
Referer: https://www4www.login.proxy-creator-shadow-browser-1.duckdns.org/

Response headers

x-powered-by: Express
cache-control: public, max-age=604800
content-encoding: gzip
cross-origin-opener-policy: same-origin
etag: W/"552-1924f22eef7"
alt-svc: h3=":443"; ma=2592000
content-length: 595
date: Thu, 10 Oct 2024 19:04:16 GMT
content-type: application/javascript; charset=utf-8
last-modified: Wed, 02 Oct 2024 21:29:02 GMT
server: Caddy
vary: Accept-Encoding

GET
H2 200 index.css
www4www.login.proxy-creator-shadow-browser-1.duckdns.org/css/ 9 KB
2 KB 109ms
103ms Stylesheet
text/css 104.243.38.18
RELIABLESITE

General

Check archive.org

Show headers Download Go to

Full URL: https://www4www.login.proxy-creator-shadow-browser-1.duckdns.org/css/index.css
Requested by: Host: www4www.login.proxy-creator-shadow-browser-1.duckdns.org
URL: https://www4www.login.proxy-creator-shadow-browser-1.duckdns.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.243.38.18 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: Caddy / Express
Resource Hash: 2dd2afa01c8971ab98f6c86dc67d38fb3325d448918f87656f9b5994ed1bcd49

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www4www.login.proxy-creator-shadow-browser-1.duckdns.org/

Response headers

x-powered-by: Express
cache-control: public, max-age=604800
content-encoding: gzip
cross-origin-opener-policy: same-origin
etag: W/"2238-1924f22eef7"
alt-svc: h3=":443"; ma=2592000
content-length: 1947
date: Thu, 10 Oct 2024 19:04:16 GMT
content-type: text/css; charset=utf-8
last-modified: Wed, 02 Oct 2024 21:29:02 GMT
server: Caddy
vary: Accept-Encoding

GET
H2 200 themes.css
www4www.login.proxy-creator-shadow-browser-1.duckdns.org/css/ 3 KB
869 B 103ms
97ms Stylesheet
text/css 104.243.38.18
RELIABLESITE

General

Check archive.org

Show headers Download Go to

Full URL: https://www4www.login.proxy-creator-shadow-browser-1.duckdns.org/css/themes.css
Requested by: Host: www4www.login.proxy-creator-shadow-browser-1.duckdns.org
URL: https://www4www.login.proxy-creator-shadow-browser-1.duckdns.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.243.38.18 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: Caddy / Express
Resource Hash: e96e0c1955d24d497d061dc5c6c6ba6c0f7d444c4dd9924a0b922fe521ed1907

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www4www.login.proxy-creator-shadow-browser-1.duckdns.org/

Response headers

x-powered-by: Express
cache-control: public, max-age=604800
content-encoding: gzip
cross-origin-opener-policy: same-origin
etag: W/"d01-1924f22eef7"
alt-svc: h3=":443"; ma=2592000
content-length: 777
date: Thu, 10 Oct 2024 19:04:16 GMT
content-type: text/css; charset=utf-8
last-modified: Wed, 02 Oct 2024 21:29:02 GMT
server: Caddy
vary: Accept-Encoding

GET
H3 200 all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.3.0/css/ 100 KB
19 KB 198ms
74ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.3.0/css/all.min.css

Requested by

Host: www4www.login.proxy-creator-shadow-browser-1.duckdns.org
URL: https://www4www.login.proxy-creator-shadow-browser-1.duckdns.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff8510712984ac3ccf08c022b8e8963d556c34ddacdd963f36c99735c8f42057

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www4www.login.proxy-creator-shadow-browser-1.duckdns.org/

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "63e2af34-494d"
age: 71419
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4AF1%2BGaP3eOO2E2W20n%2BdxD4PdZoZ20Cfol1EM%2BhzTzwKBpymru3Al2bAsKlQnjEwZDpHvOs09CaopSU8XxwAFuuoLsF8VVSpnzV%2BlOWt1ad7vKE6YbUC9%2FcnA%2BeBLt%2F7i6MAsI5EluOAX8vvGBNoj6B"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Tue, 30 Sep 2025 19:04:16 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 10 Oct 2024 19:04:16 GMT
content-type: text/css; charset=utf-8
last-modified: Tue, 07 Feb 2023 20:06:12 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8d08e00deee2c457-EWR
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18765
server: cloudflare

GET
H2 200 css2
fonts.googleapis.com/ 16 KB
2 KB 275ms
122ms Stylesheet
text/css 2607:f8b0:400d:c0c::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&family=Open+Sans:wght@400;700&display=swap

Requested by

Host: www4www.login.proxy-creator-shadow-browser-1.duckdns.org
URL: https://www4www.login.proxy-creator-shadow-browser-1.duckdns.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c0c::5f Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c0c1c0d782ce0b322153a4ac98f57390eaa2d682f3d2f4a72b81a23bb82f20ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www4www.login.proxy-creator-shadow-browser-1.duckdns.org/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Thu, 10 Oct 2024 19:04:16 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 10 Oct 2024 19:04:16 GMT
content-type: text/css; charset=utf-8
last-modified: Thu, 10 Oct 2024 18:59:00 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 css2
fonts.googleapis.com/ 781 B
795 B 274ms
121ms Stylesheet
text/css 2607:f8b0:400d:c0c::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Poppins&display=swap

Requested by

Host: www4www.login.proxy-creator-shadow-browser-1.duckdns.org
URL: https://www4www.login.proxy-creator-shadow-browser-1.duckdns.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c0c::5f Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

171ad06d195b0098c704a465fef9e726222a369c1dc39873a7a57ab6e0d74c9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www4www.login.proxy-creator-shadow-browser-1.duckdns.org/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Thu, 10 Oct 2024 19:04:16 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 10 Oct 2024 19:04:16 GMT
content-type: text/css; charset=utf-8
last-modified: Thu, 10 Oct 2024 17:17:18 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 settings.js Show response
www4www.login.proxy-creator-shadow-browser-1.duckdns.org/assets/ 4 KB
1014 B 99ms
95ms Script
application/javascript 104.243.38.18
RELIABLESITE

General

Check archive.org

Show headers Download Go to

Full URL: https://www4www.login.proxy-creator-shadow-browser-1.duckdns.org/assets/settings.js
Requested by: Host: www4www.login.proxy-creator-shadow-browser-1.duckdns.org
URL: https://www4www.login.proxy-creator-shadow-browser-1.duckdns.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.243.38.18 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: Caddy / Express
Resource Hash: a908b0065b309d29779567a7c62803b2eeea6651198d873085691ea6f892dfec

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www4www.login.proxy-creator-shadow-browser-1.duckdns.org
Referer: https://www4www.login.proxy-creator-shadow-browser-1.duckdns.org/

Response headers

x-powered-by: Express
cache-control: public, max-age=604800
content-encoding: gzip
cross-origin-opener-policy: same-origin
etag: W/"f7a-1924f7a5e21"
alt-svc: h3=":443"; ma=2592000
content-length: 913
date: Thu, 10 Oct 2024 19:04:16 GMT
content-type: application/javascript; charset=utf-8
last-modified: Wed, 02 Oct 2024 23:04:32 GMT
server: Caddy
vary: Accept-Encoding

GET
H2 200 debugger.js Show response
www4www.login.proxy-creator-shadow-browser-1.duckdns.org/assets/ 1 KB
520 B 102ms
97ms Script
application/javascript 104.243.38.18
RELIABLESITE

General

Check archive.org

Show headers Download Go to

Full URL: https://www4www.login.proxy-creator-shadow-browser-1.duckdns.org/assets/debugger.js
Requested by: Host: www4www.login.proxy-creator-shadow-browser-1.duckdns.org
URL: https://www4www.login.proxy-creator-shadow-browser-1.duckdns.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.243.38.18 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: Caddy / Express
Resource Hash: 0b11eecfa382b1f2092d94e727a0145c9f6c2866e04419eef89e9bc381c7a787

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www4www.login.proxy-creator-shadow-browser-1.duckdns.org/

Response headers

x-powered-by: Express
cache-control: public, max-age=604800
content-encoding: gzip
cross-origin-opener-policy: same-origin
etag: W/"464-1925e01e70b"
alt-svc: h3=":443"; ma=2592000
content-length: 446
date: Thu, 10 Oct 2024 19:04:16 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sat, 05 Oct 2024 18:47:15 GMT
server: Caddy
vary: Accept-Encoding

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 319 KB
107 KB 278ms
105ms Script
application/javascript 2607:f8b0:400d:c0d::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-NCTSG4T1B6

Requested by

Host: www4www.login.proxy-creator-shadow-browser-1.duckdns.org
URL: https://www4www.login.proxy-creator-shadow-browser-1.duckdns.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c0d::61 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c7f3420199010ecf53e629a907b972ba9499054f8196531b00844a4973fa6644

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www4www.login.proxy-creator-shadow-browser-1.duckdns.org/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Thu, 10 Oct 2024 19:04:16 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 10 Oct 2024 19:04:16 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 108358
x-xss-protection: 0
server: Google Tag Manager

GET
H/1.1 200
OK 4328e5906625dfebca3d9c34182fd950.js Show response
pl23231560.cpmrevenuegate.com/43/28/e5/ 43 KB
16 KB 416ms
67ms Script
application/javascript 172.240.253.132
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL

https://pl23231560.cpmrevenuegate.com/43/28/e5/4328e5906625dfebca3d9c34182fd950.js

Requested by

Host: www4www.login.proxy-creator-shadow-browser-1.duckdns.org
URL: https://www4www.login.proxy-creator-shadow-browser-1.duckdns.org/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

172.240.253.132 , United States, ASN7979 (SERVERS-COM, US),

Reverse DNS

Software

nginx/1.21.6 /

Resource Hash

fcf39178626e0e2a84d0a659b1198100921375be3c6663da44c937ea550f5bb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubdomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www4www.login.proxy-creator-shadow-browser-1.duckdns.org/

Response headers

Transfer-Encoding: chunked
Strict-Transport-Security: max-age=0; includeSubdomains
X-Request-ID: e660293206e02ebb9aed137195e7be02
Cache-Control: no-cache, max-age=0, private, no-cache
Content-Encoding: gzip
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Pragma: no-cache
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Access-Control-Allow-Origin: *
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Date: Thu, 10 Oct 2024 19:04:16 GMT
Content-Type: application/javascript
Host: pl23231560.cpmrevenuegate.com
Server: nginx/1.21.6

GET
H2 200 billigerhost.ico
www4www.login.proxy-creator-shadow-browser-1.duckdns.org/icons/ 4 KB
559 B 103ms
100ms Image
image/vnd.microsoft.icon 104.243.38.18
RELIABLESITE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www4www.login.proxy-creator-shadow-browser-1.duckdns.org/icons/billigerhost.ico
Requested by: Host: www4www.login.proxy-creator-shadow-browser-1.duckdns.org
URL: https://www4www.login.proxy-creator-shadow-browser-1.duckdns.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.243.38.18 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: Caddy / Express
Resource Hash: d1fc2605cc6e6f4bae9b04bfbdcd24814ecbf701ffd348639f1b15edd53b5bcc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www4www.login.proxy-creator-shadow-browser-1.duckdns.org/

Response headers

x-powered-by: Express
cache-control: public, max-age=604800
content-encoding: gzip
cross-origin-opener-policy: same-origin
etag: W/"10be-191c2e4c57b"
alt-svc: h3=":443"; ma=2592000
content-length: 467
date: Thu, 10 Oct 2024 19:04:16 GMT
content-type: image/vnd.microsoft.icon
last-modified: Thu, 05 Sep 2024 15:54:18 GMT
server: Caddy
vary: Accept-Encoding

GET
H2 200 index.js Show response
www4www.login.proxy-creator-shadow-browser-1.duckdns.org/baremux/ 9 KB
4 KB 135ms
132ms Script
application/javascript 104.243.38.18
RELIABLESITE

General

Check archive.org

Show headers Download Go to

Full URL: https://www4www.login.proxy-creator-shadow-browser-1.duckdns.org/baremux/index.js
Requested by: Host: www4www.login.proxy-creator-shadow-browser-1.duckdns.org
URL: https://www4www.login.proxy-creator-shadow-browser-1.duckdns.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.243.38.18 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: Caddy / Express
Resource Hash: 94513f8597d6eb4cb392ca510e3341ae4bfd9091c3aec8ec44baa8f5c02690a1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www4www.login.proxy-creator-shadow-browser-1.duckdns.org/

Response headers

x-powered-by: Express
cache-control: public, max-age=0
content-encoding: gzip
cross-origin-opener-policy: same-origin
etag: W/"250d-191de41b8f0"
alt-svc: h3=":443"; ma=2592000
content-length: 3496
date: Thu, 10 Oct 2024 19:04:16 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 10 Sep 2024 23:25:34 GMT
server: Caddy
vary: Accept-Encoding

GET
H2 200 search.js Show response
www4www.login.proxy-creator-shadow-browser-1.duckdns.org/assets/ 1004 B
485 B 108ms
107ms Script
application/javascript 104.243.38.18
RELIABLESITE

General

Check archive.org

Show headers Download Go to

Full URL: https://www4www.login.proxy-creator-shadow-browser-1.duckdns.org/assets/search.js
Requested by: Host: www4www.login.proxy-creator-shadow-browser-1.duckdns.org
URL: https://www4www.login.proxy-creator-shadow-browser-1.duckdns.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.243.38.18 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: Caddy / Express
Resource Hash: 217bef43e1ece84e8dc9eb6f2e6629b6d24d8738c663f47f33edc697b9a097a5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www4www.login.proxy-creator-shadow-browser-1.duckdns.org/

Response headers

x-powered-by: Express
cache-control: public, max-age=604800
content-encoding: gzip
cross-origin-opener-policy: same-origin
etag: W/"3ec-191c2e4c56b"
alt-svc: h3=":443"; ma=2592000
content-length: 434
date: Thu, 10 Oct 2024 19:04:16 GMT
content-type: application/javascript; charset=utf-8
last-modified: Thu, 05 Sep 2024 15:54:18 GMT
server: Caddy
vary: Accept-Encoding

GET
H2 200 themes.js Show response
www4www.login.proxy-creator-shadow-browser-1.duckdns.org/assets/ 3 KB
1 KB 103ms
101ms Script
application/javascript 104.243.38.18
RELIABLESITE

General

Check archive.org

Show headers Download Go to

Full URL: https://www4www.login.proxy-creator-shadow-browser-1.duckdns.org/assets/themes.js
Requested by: Host: www4www.login.proxy-creator-shadow-browser-1.duckdns.org
URL: https://www4www.login.proxy-creator-shadow-browser-1.duckdns.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.243.38.18 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: Caddy / Express
Resource Hash: 418f41d8b1dd51e903c38b6ee3c2e9a492b69624a8394b61e85d01f27a6a4a4c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www4www.login.proxy-creator-shadow-browser-1.duckdns.org
Referer: https://www4www.login.proxy-creator-shadow-browser-1.duckdns.org/

Response headers

x-powered-by: Express
cache-control: public, max-age=604800
content-encoding: gzip
cross-origin-opener-policy: same-origin
etag: W/"c5a-1924ffb1912"
alt-svc: h3=":443"; ma=2592000
content-length: 1059
date: Thu, 10 Oct 2024 19:04:16 GMT
content-type: application/javascript; charset=utf-8
last-modified: Thu, 03 Oct 2024 01:25:09 GMT
server: Caddy
vary: Accept-Encoding

GET
H2 200 options.js Show response
www4www.login.proxy-creator-shadow-browser-1.duckdns.org/assets/ 4 KB
1 KB 77ms
76ms Script
application/javascript 104.243.38.18
RELIABLESITE

General

Check archive.org

Show headers Download Go to

Full URL: https://www4www.login.proxy-creator-shadow-browser-1.duckdns.org/assets/options.js
Requested by: Host: www4www.login.proxy-creator-shadow-browser-1.duckdns.org
URL: https://www4www.login.proxy-creator-shadow-browser-1.duckdns.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.243.38.18 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: Caddy / Express
Resource Hash: 8a0e9d567945114256ca421982a2c94e6a4dbf3a3b149736641422df850708fe

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www4www.login.proxy-creator-shadow-browser-1.duckdns.org/

Response headers

x-powered-by: Express
cache-control: public, max-age=604800
content-encoding: gzip
cross-origin-opener-policy: same-origin
etag: W/"e7f-1924f22eef7"
alt-svc: h3=":443"; ma=2592000
content-length: 1013
date: Thu, 10 Oct 2024 19:04:16 GMT
content-type: application/javascript; charset=utf-8
last-modified: Wed, 02 Oct 2024 21:29:02 GMT
server: Caddy
vary: Accept-Encoding

GET
H3 200 uv.bundle.js Show response
www4www.login.proxy-creator-shadow-browser-1.duckdns.org/uv/ 363 KB
108 KB 81ms
80ms Script
application/javascript 104.243.38.18
RELIABLESITE

General

Check archive.org

Show headers Download Go to

Full URL: https://www4www.login.proxy-creator-shadow-browser-1.duckdns.org/uv/uv.bundle.js
Requested by: Host: www4www.login.proxy-creator-shadow-browser-1.duckdns.org
URL: https://www4www.login.proxy-creator-shadow-browser-1.duckdns.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.243.38.18 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: Caddy / Express
Resource Hash: 5f77ba17e1b887ba2a794f518b5ecbfa24b952a609bf706ef6c447b2f9989ea0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www4www.login.proxy-creator-shadow-browser-1.duckdns.org/

Response headers

cache-control: public, max-age=0
content-encoding: gzip
cross-origin-opener-policy: same-origin
etag: W/"5adee-191de41b9fc"
date: Thu, 10 Oct 2024 19:04:16 GMT
last-modified: Tue, 10 Sep 2024 23:25:35 GMT
x-powered-by: Express
server: Caddy
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding

GET
H3 200 uv.config.js Show response
www4www.login.proxy-creator-shadow-browser-1.duckdns.org/uv/ 1 KB
734 B 92ms
91ms Script
application/javascript 104.243.38.18
RELIABLESITE

General

Check archive.org

Show headers Download Go to

Full URL: https://www4www.login.proxy-creator-shadow-browser-1.duckdns.org/uv/uv.config.js
Requested by: Host: www4www.login.proxy-creator-shadow-browser-1.duckdns.org
URL: https://www4www.login.proxy-creator-shadow-browser-1.duckdns.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.243.38.18 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: Caddy / Express
Resource Hash: f9cac78b53371a00bf0f45f8986493a1047a853dec56e935e4fa9b3b46619b32

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www4www.login.proxy-creator-shadow-browser-1.duckdns.org/

Response headers

vary: Accept-Encoding
cache-control: public, max-age=604800
content-encoding: gzip
cross-origin-opener-policy: same-origin
etag: W/"497-192629b9a6f"
content-length: 538
date: Thu, 10 Oct 2024 19:04:16 GMT
last-modified: Sun, 06 Oct 2024 16:13:37 GMT
content-type: application/javascript; charset=utf-8
server: Caddy
x-powered-by: Express

GET
H3 200 uv.sw.js Show response
www4www.login.proxy-creator-shadow-browser-1.duckdns.org/uv/ 7 KB
3 KB 109ms
108ms Script
application/javascript 104.243.38.18
RELIABLESITE

General

Check archive.org

Show headers Download Go to

Full URL: https://www4www.login.proxy-creator-shadow-browser-1.duckdns.org/uv/uv.sw.js
Requested by: Host: www4www.login.proxy-creator-shadow-browser-1.duckdns.org
URL: https://www4www.login.proxy-creator-shadow-browser-1.duckdns.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.243.38.18 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: Caddy / Express
Resource Hash: 96a1e1b5e1e8ea1be3b9bed6aac3b40c799330cfd83ec0e955674998c44583f4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www4www.login.proxy-creator-shadow-browser-1.duckdns.org/

Response headers

server: Caddy
cache-control: public, max-age=0
content-encoding: gzip
cross-origin-opener-policy: same-origin
etag: W/"1c9f-191de41ba44"
content-length: 2926
date: Thu, 10 Oct 2024 19:04:16 GMT
last-modified: Tue, 10 Sep 2024 23:25:35 GMT
vary: Accept-Encoding
x-powered-by: Express
content-type: application/javascript; charset=utf-8

GET
H2 200 tabs.js Show response
www4www.login.proxy-creator-shadow-browser-1.duckdns.org/assets/ 9 KB
3 KB 103ms
101ms Script
application/javascript 104.243.38.18
RELIABLESITE

General

Check archive.org

Show headers Download Go to

Full URL: https://www4www.login.proxy-creator-shadow-browser-1.duckdns.org/assets/tabs.js
Requested by: Host: www4www.login.proxy-creator-shadow-browser-1.duckdns.org
URL: https://www4www.login.proxy-creator-shadow-browser-1.duckdns.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.243.38.18 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: Caddy / Express
Resource Hash: bf1643047e07f254f89e906268de4ff28369d6c1d149336469d381145b422a47

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www4www.login.proxy-creator-shadow-browser-1.duckdns.org
Referer: https://www4www.login.proxy-creator-shadow-browser-1.duckdns.org/

Response headers

x-powered-by: Express
cache-control: public, max-age=604800
content-encoding: gzip
cross-origin-opener-policy: same-origin
etag: W/"2564-192629b9a6f"
alt-svc: h3=":443"; ma=2592000
content-length: 2941
date: Thu, 10 Oct 2024 19:04:16 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sun, 06 Oct 2024 16:13:37 GMT
server: Caddy
vary: Accept-Encoding

GET
H2 200 bookmarks.js Show response
www4www.login.proxy-creator-shadow-browser-1.duckdns.org/assets/ 4 KB
1 KB 100ms
99ms Script
application/javascript 104.243.38.18
RELIABLESITE

General

Check archive.org

Show headers Download Go to

Full URL: https://www4www.login.proxy-creator-shadow-browser-1.duckdns.org/assets/bookmarks.js
Requested by: Host: www4www.login.proxy-creator-shadow-browser-1.duckdns.org
URL: https://www4www.login.proxy-creator-shadow-browser-1.duckdns.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.243.38.18 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: Caddy / Express
Resource Hash: dfe35da66330fb764e73b30bbc07ca708365958dddfd718e1d55c27a88fbb786

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www4www.login.proxy-creator-shadow-browser-1.duckdns.org
Referer: https://www4www.login.proxy-creator-shadow-browser-1.duckdns.org/

Response headers

x-powered-by: Express
cache-control: public, max-age=604800
content-encoding: gzip
cross-origin-opener-policy: same-origin
etag: W/"f49-1924f22eef7"
alt-svc: h3=":443"; ma=2592000
content-length: 1249
date: Thu, 10 Oct 2024 19:04:16 GMT
content-type: application/javascript; charset=utf-8
last-modified: Wed, 02 Oct 2024 21:29:02 GMT
server: Caddy
vary: Accept-Encoding

GET
H2 200 settings_manager.js Show response
www4www.login.proxy-creator-shadow-browser-1.duckdns.org/assets/ 4 KB
847 B 80ms
77ms Script
application/javascript 104.243.38.18
RELIABLESITE

General

Check archive.org

Show headers Download Go to

Full URL: https://www4www.login.proxy-creator-shadow-browser-1.duckdns.org/assets/settings_manager.js
Requested by: Host: www4www.login.proxy-creator-shadow-browser-1.duckdns.org
URL: https://www4www.login.proxy-creator-shadow-browser-1.duckdns.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.243.38.18 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: Caddy / Express
Resource Hash: 3884d7805bd6fc8523a112764549b9041fae50651b2db59ad664e351342218f9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www4www.login.proxy-creator-shadow-browser-1.duckdns.org
Referer: https://www4www.login.proxy-creator-shadow-browser-1.duckdns.org/assets/settings.js

Response headers

x-powered-by: Express
cache-control: public, max-age=604800
content-encoding: gzip
cross-origin-opener-policy: same-origin
etag: W/"ed7-1924f7a5e21"
alt-svc: h3=":443"; ma=2592000
content-length: 796
date: Thu, 10 Oct 2024 19:04:16 GMT
content-type: application/javascript; charset=utf-8
last-modified: Wed, 02 Oct 2024 23:04:32 GMT
server: Caddy
vary: Accept-Encoding

GET
H/1.1 200
OK sfp.js Show response
recordedthereby.com/ 83 KB
84 KB 293ms
69ms Script
application/javascript 172.240.108.76
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL

https://recordedthereby.com/sfp.js

Requested by

Host: pl23231560.cpmrevenuegate.com
URL: https://pl23231560.cpmrevenuegate.com/43/28/e5/4328e5906625dfebca3d9c34182fd950.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

172.240.108.76 , United States, ASN7979 (SERVERS-COM, US),

Reverse DNS

Software

nginx/1.21.6 /

Resource Hash

4acac8b8ff23671d365150818f3c39bbbfa08b1a1842d73de5933e0fea26454b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubdomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www4www.login.proxy-creator-shadow-browser-1.duckdns.org/

Response headers

Strict-Transport-Security: max-age=0; includeSubdomains
X-Request-ID: 22e41c46016b45e8d3c0406f29c6d2ef
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Access-Control-Allow-Origin: *
Content-Length: 85378
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Date: Thu, 10 Oct 2024 19:04:16 GMT
Content-Type: application/javascript; charset=utf-8
Host: recordedthereby.com
Server: nginx/1.21.6

GET
H2 200 stats Show response
proftrafficcounter.com/ 40 B
331 B 379ms
124ms XHR
text/html 18.207.54.8
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://proftrafficcounter.com/stats
Requested by: Host: pl23231560.cpmrevenuegate.com
URL: https://pl23231560.cpmrevenuegate.com/43/28/e5/4328e5906625dfebca3d9c34182fd950.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.207.54.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-207-54-8.compute-1.amazonaws.com
Software: fasthttp /
Resource Hash: 0f350e21e88fe355a49adc6fd081b059376388f449b0e8fa4571b7a82b5d9e07

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www4www.login.proxy-creator-shadow-browser-1.duckdns.org/

Response headers

access-control-allow-origin: https://www4www.login.proxy-creator-shadow-browser-1.duckdns.org
content-length: 40
date: Thu, 10 Oct 2024 19:04:16 GMT
content-type: text/html; charset=UTF-8
vary: Origin
server: fasthttp
access-control-allow-credentials: true

GET
H2 200 search.js Show response
www4www.login.proxy-creator-shadow-browser-1.duckdns.org/assets/ 1004 B
0 0ms
0ms Script
application/javascript 104.243.38.18
RELIABLESITE

General

Check archive.org

Show headers Download Go to

Full URL: https://www4www.login.proxy-creator-shadow-browser-1.duckdns.org/assets/search.js
Requested by: Host: www4www.login.proxy-creator-shadow-browser-1.duckdns.org
URL: https://www4www.login.proxy-creator-shadow-browser-1.duckdns.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.243.38.18 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: Caddy / Express
Resource Hash: 217bef43e1ece84e8dc9eb6f2e6629b6d24d8738c663f47f33edc697b9a097a5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www4www.login.proxy-creator-shadow-browser-1.duckdns.org/

Response headers

x-powered-by: Express
cache-control: public, max-age=604800
content-encoding: gzip
cross-origin-opener-policy: same-origin
etag: W/"3ec-191c2e4c56b"
alt-svc: h3=":443"; ma=2592000
content-length: 434
date: Thu, 10 Oct 2024 19:04:16 GMT
content-type: application/javascript; charset=utf-8
last-modified: Thu, 05 Sep 2024 15:54:18 GMT
server: Caddy
vary: Accept-Encoding

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v32/ 18 KB
18 KB 177ms
53ms Font
font/woff2 2607:f8b0:400d:c0b::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&family=Open+Sans:wght@400;700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c0b::5e Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www4www.login.proxy-creator-shadow-browser-1.duckdns.org
Referer: https://fonts.googleapis.com/

Response headers

age: 176439
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 08 Oct 2025 18:03:37 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 08 Oct 2024 18:03:37 GMT
last-modified: Thu, 01 Aug 2024 20:41:24 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18536
x-xss-protection: 0
server: sffe

GET
H3 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v21/ 8 KB
8 KB 196ms
73ms Font
font/woff2 2607:f8b0:400d:c0b::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c0b::5e Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www4www.login.proxy-creator-shadow-browser-1.duckdns.org
Referer: https://fonts.googleapis.com/

Response headers

age: 202184
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 08 Oct 2025 10:54:32 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 08 Oct 2024 10:54:32 GMT
last-modified: Fri, 22 Mar 2024 00:00:38 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 7884
x-xss-protection: 0
server: sffe

GET
H2 200 eruda Show response
cdn.jsdelivr.net/npm/ 461 KB
113 KB 232ms
84ms Script
application/javascript 2606:4700::6812:bb1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/eruda

Requested by

Host: www4www.login.proxy-creator-shadow-browser-1.duckdns.org
URL: https://www4www.login.proxy-creator-shadow-browser-1.duckdns.org/uv/uv.config.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bb1f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa466dbb08f0f0e54c8fd280efbb3d794de8eaabfd9262aeab93e3bb9eb73931

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www4www.login.proxy-creator-shadow-browser-1.duckdns.org/

Response headers

access-control-expose-headers: *
content-encoding: br
cf-cache-status: HIT
etag: W/"73232-tE1sAtmvsgiuRzFjI0zgV9j2Um8"
age: 24165
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Fbpu67GMzB8FJTq67HFuWgrnQJn8NfGZHnjOgOrMSq9px0dTJaBO8r%2BM9xJGPnDnNA8gg2%2Fcdap7yoIkMsRiRAFXOh%2B8Pn%2FU6wIH0Rz15Nzbwcu20e1UhTn4%2FcJB8R8PkRPqBJOY6Ae6JsKnCHs%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-jsd-version-type: version
alt-svc: h3=":443"; ma=86400
x-cache: HIT, HIT
date: Thu, 10 Oct 2024 19:04:16 GMT
content-type: application/javascript; charset=utf-8
x-served-by: cache-fra-eddf8230066-FRA, cache-lga21983-LGA
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8d08e011caa9434f-EWR
accept-ranges: bytes
access-control-allow-origin: *
content-length: 115135
server: cloudflare
x-jsd-version: 3.4.0

GET
H3 200 uv.config.js Show response
www4www.login.proxy-creator-shadow-browser-1.duckdns.org/uv/ 1 KB
0 0ms
0ms Script
application/javascript 104.243.38.18
RELIABLESITE

General

Check archive.org

Show headers Download Go to

Full URL: https://www4www.login.proxy-creator-shadow-browser-1.duckdns.org/uv/uv.config.js
Requested by: Host: www4www.login.proxy-creator-shadow-browser-1.duckdns.org
URL: https://www4www.login.proxy-creator-shadow-browser-1.duckdns.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.243.38.18 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: Caddy / Express
Resource Hash: f9cac78b53371a00bf0f45f8986493a1047a853dec56e935e4fa9b3b46619b32

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www4www.login.proxy-creator-shadow-browser-1.duckdns.org/

Response headers

vary: Accept-Encoding
cache-control: public, max-age=604800
content-encoding: gzip
cross-origin-opener-policy: same-origin
etag: W/"497-192629b9a6f"
content-length: 538
date: Thu, 10 Oct 2024 19:04:16 GMT
last-modified: Sun, 06 Oct 2024 16:13:37 GMT
content-type: application/javascript; charset=utf-8
server: Caddy
x-powered-by: Express

GET
H3 200 history-helper.js Show response
www4www.login.proxy-creator-shadow-browser-1.duckdns.org/assets/ 3 KB
929 B 112ms
111ms Script
application/javascript 104.243.38.18
RELIABLESITE

General

Check archive.org

Show headers Download Go to

Full URL: https://www4www.login.proxy-creator-shadow-browser-1.duckdns.org/assets/history-helper.js
Requested by: Host: www4www.login.proxy-creator-shadow-browser-1.duckdns.org
URL: https://www4www.login.proxy-creator-shadow-browser-1.duckdns.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.243.38.18 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: Caddy / Express
Resource Hash: e040b8afc4804606f7058c386d537499420cd8ad824cc6fe195c1cd3b85de7ba

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www4www.login.proxy-creator-shadow-browser-1.duckdns.org
Referer: https://www4www.login.proxy-creator-shadow-browser-1.duckdns.org/assets/tabs.js

Response headers

cache-control: public, max-age=604800
content-encoding: gzip
cross-origin-opener-policy: same-origin
etag: W/"df7-1924f22eef7"
content-length: 733
date: Thu, 10 Oct 2024 19:04:16 GMT
content-type: application/javascript; charset=utf-8
x-powered-by: Express
server: Caddy
last-modified: Wed, 02 Oct 2024 21:29:02 GMT
vary: Accept-Encoding

GET worker.js
www4www.login.proxy-creator-shadow-browser-1.duckdns.org/baremux/ Frame 0
0

GET
H3 200 home.html Show response
www4www.login.proxy-creator-shadow-browser-1.duckdns.org/pages/ Frame BBCF 47 B
198 B 75ms
74ms Document
text/html 104.243.38.18
RELIABLESITE

General

Check archive.org

Show headers Download Go to

Full URL: https://www4www.login.proxy-creator-shadow-browser-1.duckdns.org/pages/home.html
Requested by: Host: www4www.login.proxy-creator-shadow-browser-1.duckdns.org
URL: https://www4www.login.proxy-creator-shadow-browser-1.duckdns.org/assets/tabs.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.243.38.18 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: Caddy / Express
Resource Hash: 8a346698d1fe701441863c329bf5132a5536faeaa68ccd7751931726ad04b329

Request headers

Referer: https://www4www.login.proxy-creator-shadow-browser-1.duckdns.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
cache-control: public, max-age=604800
content-length: 47
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin
date: Thu, 10 Oct 2024 19:04:16 GMT
etag: W/"2f-1924f22eefb"
last-modified: Wed, 02 Oct 2024 21:29:02 GMT
server: Caddy
x-powered-by: Express

GET
H3 200 home.png
www4www.login.proxy-creator-shadow-browser-1.duckdns.org/icons/pages/ 13 KB
13 KB 79ms
79ms Image
image/png 104.243.38.18
RELIABLESITE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www4www.login.proxy-creator-shadow-browser-1.duckdns.org/icons/pages/home.png
Requested by: Host: www4www.login.proxy-creator-shadow-browser-1.duckdns.org
URL: https://www4www.login.proxy-creator-shadow-browser-1.duckdns.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.243.38.18 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: Caddy / Express
Resource Hash: 33c90221403fec4c268cf866ea954a740331d68ef1255c628a386093225ee109

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www4www.login.proxy-creator-shadow-browser-1.duckdns.org/

Response headers

cache-control: public, max-age=604800
cross-origin-opener-policy: same-origin
etag: W/"32de-191c2e4c57b"
accept-ranges: bytes
content-length: 13022
date: Thu, 10 Oct 2024 19:04:16 GMT
last-modified: Thu, 05 Sep 2024 15:54:18 GMT
x-powered-by: Express
server: Caddy
content-type: image/png

GET
H3

200

/ Show response
www4www.login.proxy-creator-shadow-browser-1.duckdns.org/home/ Frame BBCF
Redirect Chain

https://www4www.login.proxy-creator-shadow-browser-1.duckdns.org/home
https://www4www.login.proxy-creator-shadow-browser-1.duckdns.org/home/

7 KB
3 KB

88ms
87ms

Document
text/html

104.243.38.18
RELIABLESITE

General

Check archive.org

Show headers Download Go to

Full URL: https://www4www.login.proxy-creator-shadow-browser-1.duckdns.org/home/
Requested by: Host: www4www.login.proxy-creator-shadow-browser-1.duckdns.org
URL: https://www4www.login.proxy-creator-shadow-browser-1.duckdns.org/pages/home.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.243.38.18 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: Caddy / Express
Resource Hash: 8e7b3314e1e54a6a1462765797b9e85a7a564caa4f506892092291623352059a

Request headers

Referer: https://www4www.login.proxy-creator-shadow-browser-1.duckdns.org/pages/home.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cache-control: public, max-age=604800
content-encoding: gzip
content-length: 2801
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin
date: Thu, 10 Oct 2024 19:04:17 GMT
etag: W/"1bbb-192644505e6"
last-modified: Sun, 06 Oct 2024 23:58:18 GMT
server: Caddy
vary: Accept-Encoding
x-powered-by: Express

Redirect headers

content-length: 154
content-security-policy: default-src 'none'
content-type: text/html; charset=UTF-8
cross-origin-opener-policy: same-origin
date: Thu, 10 Oct 2024 19:04:17 GMT
location: /home/
server: Caddy
x-content-type-options: nosniff
x-powered-by: Express

POST
H2 204 collect
www.google-analytics.com/g/ 0
0 266ms
84ms Fetch
text/plain 2607:f8b0:400d:c0b::65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-NCTSG4T1B6&gtm=45je4a90v9138172222za200&_p=1728587056442&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101671035~101686685&cid=1363551313.1728587057&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1728587057&sct=1&seg=0&dl=https%3A%2F%2Fwww4www.login.proxy-creator-shadow-browser-1.duckdns.org%2F&dt=Shadow&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1298
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NCTSG4T1B6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:400d:c0b::65 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www4www.login.proxy-creator-shadow-browser-1.duckdns.org/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www4www.login.proxy-creator-shadow-browser-1.duckdns.org
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 10 Oct 2024 19:04:17 GMT
content-type: text/plain
server: Golfe2

GET
H/1.1 200
OK sbar.json Show response
schedulerationally.com/ 0
1 KB 477ms
241ms XHR
text/plain 192.243.61.225
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://schedulerationally.com/sbar.json?key=4328e5906625dfebca3d9c34182fd950&uuid=4878e5c7-7a02-4080-bdb8-f72b29c0ef47%3A1%3A1

Requested by

Host: pl23231560.cpmrevenuegate.com
URL: https://pl23231560.cpmrevenuegate.com/43/28/e5/4328e5906625dfebca3d9c34182fd950.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

192.243.61.225 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),

Reverse DNS

Software

nginx/1.21.6 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubdomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www4www.login.proxy-creator-shadow-browser-1.duckdns.org/

Response headers

Strict-Transport-Security: max-age=0; includeSubdomains
X-Request-ID: 31a093be9fc9e499db7895e6f2c8e5dd
Cache-Control: no-cache, max-age=0, private, no-cache
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Pragma: no-cache
Connection: keep-alive
Access-Control-Allow-Credentials: true
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Custom-Referer: https://www4www.login.proxy-creator-shadow-browser-1.duckdns.org
Access-Control-Allow-Origin: https://www4www.login.proxy-creator-shadow-browser-1.duckdns.org
Content-Length: 0
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Date: Thu, 10 Oct 2024 19:04:17 GMT
Host: schedulerationally.com
Server: nginx/1.21.6

GET
H3 200 home.css
www4www.login.proxy-creator-shadow-browser-1.duckdns.org/css/ Frame BBCF 4 KB
1 KB 90ms
88ms Stylesheet
text/css 104.243.38.18
RELIABLESITE

General

Check archive.org

Show headers Download Go to

Full URL: https://www4www.login.proxy-creator-shadow-browser-1.duckdns.org/css/home.css
Requested by: Host: www4www.login.proxy-creator-shadow-browser-1.duckdns.org
URL: https://www4www.login.proxy-creator-shadow-browser-1.duckdns.org/home/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.243.38.18 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: Caddy / Express
Resource Hash: 1cbe689be6eae92d81ef435b8761f041d88f185b1da0cf06a1fecb6e2b74e92b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www4www.login.proxy-creator-shadow-browser-1.duckdns.org/home/

Response headers

content-type: text/css; charset=utf-8
cache-control: public, max-age=604800
cross-origin-opener-policy: same-origin
content-encoding: gzip
etag: W/"1190-1924ffb1912"
content-length: 1240
date: Thu, 10 Oct 2024 19:04:17 GMT
last-modified: Thu, 03 Oct 2024 01:25:09 GMT
x-powered-by: Express
vary: Accept-Encoding
server: Caddy

GET
H2 200 themes.css
www4www.login.proxy-creator-shadow-browser-1.duckdns.org/css/ Frame BBCF 3 KB
0 2ms
2ms Stylesheet
text/css 104.243.38.18
RELIABLESITE

General

Check archive.org

Show headers Download Go to

Full URL: https://www4www.login.proxy-creator-shadow-browser-1.duckdns.org/css/themes.css
Requested by: Host: www4www.login.proxy-creator-shadow-browser-1.duckdns.org
URL: https://www4www.login.proxy-creator-shadow-browser-1.duckdns.org/home/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.243.38.18 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: Caddy / Express
Resource Hash: e96e0c1955d24d497d061dc5c6c6ba6c0f7d444c4dd9924a0b922fe521ed1907

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www4www.login.proxy-creator-shadow-browser-1.duckdns.org/home/

Response headers

x-powered-by: Express
cache-control: public, max-age=604800
content-encoding: gzip
cross-origin-opener-policy: same-origin
etag: W/"d01-1924f22eef7"
alt-svc: h3=":443"; ma=2592000
content-length: 777
date: Thu, 10 Oct 2024 19:04:16 GMT
content-type: text/css; charset=utf-8
last-modified: Wed, 02 Oct 2024 21:29:02 GMT
server: Caddy
vary: Accept-Encoding

GET
H3 200 all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.3.0/css/ Frame BBCF 100 KB
0 2ms
2ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.3.0/css/all.min.css

Requested by

Host: www4www.login.proxy-creator-shadow-browser-1.duckdns.org
URL: https://www4www.login.proxy-creator-shadow-browser-1.duckdns.org/home/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff8510712984ac3ccf08c022b8e8963d556c34ddacdd963f36c99735c8f42057

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www4www.login.proxy-creator-shadow-browser-1.duckdns.org/

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "63e2af34-494d"
age: 71419
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4AF1%2BGaP3eOO2E2W20n%2BdxD4PdZoZ20Cfol1EM%2BhzTzwKBpymru3Al2bAsKlQnjEwZDpHvOs09CaopSU8XxwAFuuoLsF8VVSpnzV%2BlOWt1ad7vKE6YbUC9%2FcnA%2BeBLt%2F7i6MAsI5EluOAX8vvGBNoj6B"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Tue, 30 Sep 2025 19:04:16 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 10 Oct 2024 19:04:16 GMT
content-type: text/css; charset=utf-8
last-modified: Tue, 07 Feb 2023 20:06:12 GMT
vary: Accept-Encoding
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8d08e00deee2c457-EWR
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18765
server: cloudflare

GET
H2 200 css2
fonts.googleapis.com/ Frame BBCF 781 B
482 B 63ms
59ms Stylesheet
text/css 2607:f8b0:400d:c0c::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Poppins:wght@400&display=swap

Requested by

Host: www4www.login.proxy-creator-shadow-browser-1.duckdns.org
URL: https://www4www.login.proxy-creator-shadow-browser-1.duckdns.org/home/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c0c::5f Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

171ad06d195b0098c704a465fef9e726222a369c1dc39873a7a57ab6e0d74c9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www4www.login.proxy-creator-shadow-browser-1.duckdns.org/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Thu, 10 Oct 2024 19:04:17 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 10 Oct 2024 19:04:17 GMT
content-type: text/css; charset=utf-8
last-modified: Thu, 10 Oct 2024 17:55:07 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H3 200 script.js Show response
www4www.login.proxy-creator-shadow-browser-1.duckdns.org/home/ Frame BBCF 162 B
342 B 118ms
118ms Script
application/javascript 104.243.38.18
RELIABLESITE

General

Check archive.org

Show headers Download Go to

Full URL: https://www4www.login.proxy-creator-shadow-browser-1.duckdns.org/home/script.js
Requested by: Host: www4www.login.proxy-creator-shadow-browser-1.duckdns.org
URL: https://www4www.login.proxy-creator-shadow-browser-1.duckdns.org/home/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.243.38.18 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: Caddy / Express
Resource Hash: 67372224de15e0d8c23ad20f51688b0cafb7ee0f4f4bbc39c181f1752a0c9807

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www4www.login.proxy-creator-shadow-browser-1.duckdns.org/home/

Response headers

cache-control: public, max-age=604800
cross-origin-opener-policy: same-origin
etag: W/"a2-1924f22eef7"
accept-ranges: bytes
content-length: 162
date: Thu, 10 Oct 2024 19:04:17 GMT
last-modified: Wed, 02 Oct 2024 21:29:02 GMT
x-powered-by: Express
server: Caddy
content-type: application/javascript; charset=utf-8

GET
H2 200 themes.js Show response
www4www.login.proxy-creator-shadow-browser-1.duckdns.org/assets/ Frame BBCF 3 KB
0 2ms
2ms Script
application/javascript 104.243.38.18
RELIABLESITE

General

Check archive.org

Show headers Download Go to

Full URL: https://www4www.login.proxy-creator-shadow-browser-1.duckdns.org/assets/themes.js
Requested by: Host: www4www.login.proxy-creator-shadow-browser-1.duckdns.org
URL: https://www4www.login.proxy-creator-shadow-browser-1.duckdns.org/home/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.243.38.18 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: Caddy / Express
Resource Hash: 418f41d8b1dd51e903c38b6ee3c2e9a492b69624a8394b61e85d01f27a6a4a4c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www4www.login.proxy-creator-shadow-browser-1.duckdns.org
Referer: https://www4www.login.proxy-creator-shadow-browser-1.duckdns.org/home/

Response headers

x-powered-by: Express
cache-control: public, max-age=604800
content-encoding: gzip
cross-origin-opener-policy: same-origin
etag: W/"c5a-1924ffb1912"
alt-svc: h3=":443"; ma=2592000
content-length: 1059
date: Thu, 10 Oct 2024 19:04:16 GMT
content-type: application/javascript; charset=utf-8
last-modified: Thu, 03 Oct 2024 01:25:09 GMT
server: Caddy
vary: Accept-Encoding

GET
H2 200 settings_manager.js Show response
www4www.login.proxy-creator-shadow-browser-1.duckdns.org/assets/ Frame BBCF 4 KB
0 0ms
0ms Script
application/javascript 104.243.38.18
RELIABLESITE

General

Check archive.org

Show headers Download Go to

Full URL: https://www4www.login.proxy-creator-shadow-browser-1.duckdns.org/assets/settings_manager.js
Requested by: Host: www4www.login.proxy-creator-shadow-browser-1.duckdns.org
URL: https://www4www.login.proxy-creator-shadow-browser-1.duckdns.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.243.38.18 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: Caddy / Express
Resource Hash: 3884d7805bd6fc8523a112764549b9041fae50651b2db59ad664e351342218f9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www4www.login.proxy-creator-shadow-browser-1.duckdns.org
Referer: https://www4www.login.proxy-creator-shadow-browser-1.duckdns.org/assets/themes.js

Response headers

x-powered-by: Express
cache-control: public, max-age=604800
content-encoding: gzip
cross-origin-opener-policy: same-origin
etag: W/"ed7-1924f7a5e21"
alt-svc: h3=":443"; ma=2592000
content-length: 796
date: Thu, 10 Oct 2024 19:04:16 GMT
content-type: application/javascript; charset=utf-8
last-modified: Wed, 02 Oct 2024 23:04:32 GMT
server: Caddy
vary: Accept-Encoding

GET
H3 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v21/ Frame BBCF 8 KB
0 196ms
73ms Font
font/woff2 2607:f8b0:400d:c0b::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c0b::5e Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www4www.login.proxy-creator-shadow-browser-1.duckdns.org
Referer: https://fonts.googleapis.com/

Response headers

age: 202184
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 08 Oct 2025 10:54:32 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 08 Oct 2024 10:54:32 GMT
last-modified: Fri, 22 Mar 2024 00:00:38 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 7884
x-xss-protection: 0
server: sffe

GET
H3 200 fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.3.0/webfonts/ Frame BBCF 146 KB
147 KB 181ms
57ms Font
application/octet-stream 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.3.0/webfonts/fa-solid-900.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.3.0/css/all.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e2c5cf547e2e8d74a17d05c5ad9f1f593ca526452e228124294fa983b908ff82

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www4www.login.proxy-creator-shadow-browser-1.duckdns.org
Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.3.0/css/all.min.css

Response headers

cf-cdnjs-via: cfworker/kv
cf-cache-status: HIT
etag: "63e2af35-24994"
age: 69523
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Led%2FbN8LxzKoILdUyUg9o1kJ7wye1XMFOZqTYTxA6Su0uZ1FjznfxlAFUm92rp23%2Bv9so1wIs2CddT6k7ITgzMVlhRdRprz3XC83zYr2u%2FsaxSYhm1ahyfLdOtT9TGKAam9vvlrUp9OKvHEGql%2FVOldZ"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Tue, 30 Sep 2025 19:04:17 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 10 Oct 2024 19:04:17 GMT
content-type: application/octet-stream; charset=utf-8
last-modified: Tue, 07 Feb 2023 20:06:13 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8d08e0152c781770-EWR
accept-ranges: bytes
access-control-allow-origin: *
content-length: 149908
server: cloudflare

GET
H3 200 favicon.ico
www4www.login.proxy-creator-shadow-browser-1.duckdns.org/ 15 KB
3 KB 105ms
104ms Other
image/vnd.microsoft.icon 104.243.38.18
RELIABLESITE

General

Check archive.org

Show headers Download Go to

Full URL: https://www4www.login.proxy-creator-shadow-browser-1.duckdns.org/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.243.38.18 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: Caddy / Express
Resource Hash: 17121520efdb21823ea10bdc2115a34f772f78c0bea04cfdff41d615c520616e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www4www.login.proxy-creator-shadow-browser-1.duckdns.org/

Response headers

cache-control: public, max-age=604800
cross-origin-opener-policy: same-origin
content-encoding: gzip
etag: W/"3c2e-191c2e4c57b"
content-length: 2990
date: Thu, 10 Oct 2024 19:04:17 GMT
last-modified: Thu, 05 Sep 2024 15:54:18 GMT
content-type: image/vnd.microsoft.icon
x-powered-by: Express
server: Caddy
vary: Accept-Encoding

GET
H/1.1 200
OK pxf.gif
unseenreport.com/ 1 B
512 B 346ms
133ms Image
image/gif 192.243.61.225
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://unseenreport.com/pxf.gif?uuid=4878e5c7-7a02-4080-bdb8-f72b29c0ef47&eb=23aa4919bfa3f0b75f8cb343d1c80215&te=70eb290350d3acee3c9ac5d432629ce0&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F129.0.0.0%20Safari%2F537.36&dev=r&res=14.31&b_frame=0&pk=4328e5906625dfebca3d9c34182fd950&bl=en-CA&sr=1200x1600&sz=1200x1600&hjs=12

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

192.243.61.225 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),

Reverse DNS

Software

nginx/1.21.6 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubdomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www4www.login.proxy-creator-shadow-browser-1.duckdns.org/

Response headers

Strict-Transport-Security: max-age=0; includeSubdomains
X-Request-ID: da3a5d9ffc86a3fa50814e98339690c8
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Access-Control-Allow-Origin: *
Content-Length: 1
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Date: Thu, 10 Oct 2024 19:04:18 GMT
Content-Type: image/gif
Host: unseenreport.com
Server: nginx/1.21.6

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www4www.login.proxy-creator-shadow-browser-1.duckdns.org
URL: https://www4www.login.proxy-creator-shadow-browser-1.duckdns.org/baremux/worker.js

Verdicts & Comments Add Verdict or Comment

39 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
proftrafficcounter.com/	1970-01-21 09:45:47	Name: uid_id2 Value: 4878e5c7-7a02-4080-bdb8-f72b29c0ef47:1:1
www4www.login.proxy-creator-shadow-browser-1.duckdns.org/	1970-01-21 00:19:51	Name: dom3ic8zudi28v8lr6fgphwffqoz0j6c Value: 4878e5c7-7a02-4080-bdb8-f72b29c0ef47%3A1%3A1
.proxy-creator-shadow-browser-1.duckdns.org/	1970-01-21 09:45:47	Name: _ga Value: GA1.1.1363551313.1728587057
.proxy-creator-shadow-browser-1.duckdns.org/	1970-01-21 09:45:47	Name: _ga_NCTSG4T1B6 Value: GS1.1.1728587057.1.0.1728587057.0.0.0
www4www.login.proxy-creator-shadow-browser-1.duckdns.org/	1970-01-21 00:09:50	Name: sb_page_4328e5906625dfebca3d9c34182fd950 Value: 1
www4www.login.proxy-creator-shadow-browser-1.duckdns.org/	1970-01-21 00:09:50	Name: sb_main_4328e5906625dfebca3d9c34182fd950 Value: 1
www4www.login.proxy-creator-shadow-browser-1.duckdns.org/	1970-01-21 00:09:50	Name: sb_count_4328e5906625dfebca3d9c34182fd950 Value: 1
www4www.login.proxy-creator-shadow-browser-1.duckdns.org/	1969-12-31 23:59:59	Name: sb_onpage_4328e5906625dfebca3d9c34182fd950 Value: 1
schedulerationally.com/	1970-01-21 00:11:13	Name: u_pl Value: 23131061
schedulerationally.com/	1970-01-21 00:19:51	Name: uid_id2 Value: 4878e5c7-7a02-4080-bdb8-f72b29c0ef47:1:1
www4www.login.proxy-creator-shadow-browser-1.duckdns.org/	1970-01-21 00:09:47	Name: pbpr0tpuw4isk85t8yg3jb2lj5vqf Value: schedulerationally.com

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
pl23231560.cpmrevenuegate.com
proftrafficcounter.com
recordedthereby.com
schedulerationally.com
unseenreport.com
www.google-analytics.com
www.googletagmanager.com
www4www.login.proxy-creator-shadow-browser-1.duckdns.org
www4www.login.proxy-creator-shadow-browser-1.duckdns.org
104.243.38.18
172.240.108.76
172.240.253.132
18.207.54.8
192.243.61.225
2606:4700::6811:190e
2606:4700::6812:bb1f
2607:f8b0:400d:c0b::5e
2607:f8b0:400d:c0b::65
2607:f8b0:400d:c0c::5f
2607:f8b0:400d:c0d::61
0b11eecfa382b1f2092d94e727a0145c9f6c2866e04419eef89e9bc381c7a787
0f350e21e88fe355a49adc6fd081b059376388f449b0e8fa4571b7a82b5d9e07
17121520efdb21823ea10bdc2115a34f772f78c0bea04cfdff41d615c520616e
171ad06d195b0098c704a465fef9e726222a369c1dc39873a7a57ab6e0d74c9d
1cbe689be6eae92d81ef435b8761f041d88f185b1da0cf06a1fecb6e2b74e92b
217bef43e1ece84e8dc9eb6f2e6629b6d24d8738c663f47f33edc697b9a097a5
2dd2afa01c8971ab98f6c86dc67d38fb3325d448918f87656f9b5994ed1bcd49
33c90221403fec4c268cf866ea954a740331d68ef1255c628a386093225ee109
3884d7805bd6fc8523a112764549b9041fae50651b2db59ad664e351342218f9
418f41d8b1dd51e903c38b6ee3c2e9a492b69624a8394b61e85d01f27a6a4a4c
4998b970426ebc9c9ac25fe1cfa7109bef28406d599418a4500f6edec40d6d4a
4acac8b8ff23671d365150818f3c39bbbfa08b1a1842d73de5933e0fea26454b
592f42353c19929b6c97368870782efb6e076541be8d523152ffdc1e0ac04100
5f77ba17e1b887ba2a794f518b5ecbfa24b952a609bf706ef6c447b2f9989ea0
67372224de15e0d8c23ad20f51688b0cafb7ee0f4f4bbc39c181f1752a0c9807
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
8a0e9d567945114256ca421982a2c94e6a4dbf3a3b149736641422df850708fe
8a346698d1fe701441863c329bf5132a5536faeaa68ccd7751931726ad04b329
8e7b3314e1e54a6a1462765797b9e85a7a564caa4f506892092291623352059a
94513f8597d6eb4cb392ca510e3341ae4bfd9091c3aec8ec44baa8f5c02690a1
96a1e1b5e1e8ea1be3b9bed6aac3b40c799330cfd83ec0e955674998c44583f4
a908b0065b309d29779567a7c62803b2eeea6651198d873085691ea6f892dfec
aa466dbb08f0f0e54c8fd280efbb3d794de8eaabfd9262aeab93e3bb9eb73931
bf1643047e07f254f89e906268de4ff28369d6c1d149336469d381145b422a47
c0c1c0d782ce0b322153a4ac98f57390eaa2d682f3d2f4a72b81a23bb82f20ae
c7f3420199010ecf53e629a907b972ba9499054f8196531b00844a4973fa6644
d1fc2605cc6e6f4bae9b04bfbdcd24814ecbf701ffd348639f1b15edd53b5bcc
dfe35da66330fb764e73b30bbc07ca708365958dddfd718e1d55c27a88fbb786
e040b8afc4804606f7058c386d537499420cd8ad824cc6fe195c1cd3b85de7ba
e2c5cf547e2e8d74a17d05c5ad9f1f593ca526452e228124294fa983b908ff82
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e96e0c1955d24d497d061dc5c6c6ba6c0f7d444c4dd9924a0b922fe521ed1907
f9cac78b53371a00bf0f45f8986493a1047a853dec56e935e4fa9b3b46619b32
fcf39178626e0e2a84d0a659b1198100921375be3c6663da44c937ea550f5bb7
ff8510712984ac3ccf08c022b8e8963d556c34ddacdd963f36c99735c8f42057

www4www.login.proxy-creator-shadow-browser-1.duckdns.org Open in urlscan Pro 104.243.38.18 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

47 Requests

98 %HTTPS

55 %IPv6

12 Domains

12 Subdomains

12 IPs

1 Countries

672 kBTransfer

1802 kBSize

11 Cookies

0 Outgoing links

Redirected requests

47 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www4www.login.proxy-creator-shadow-browser-1.duckdns.org Open in urlscan Pro
104.243.38.18 Public Scan

Screenshot
Live screenshot

Full Image

47
Requests

98 %
HTTPS

55 %
IPv6

12
Domains

12
Subdomains

12
IPs

1
Countries

672 kB
Transfer

1802 kB
Size

11
Cookies

47 HTTP transactions
0 data transactions