www.shadowctrl.me Open in urlscan Pro
2606:4700:3033::ac43:d243 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://shadowctrl.me/
Effective URL:
https://www.shadowctrl.me/
Submission: On July 30 via api (July 30th 2024, 9:46:36 am UTC) from US — Scanned from DE

Summary HTTP 37 Redirects Behaviour Indicators

Summary

This website contacted 8 IPs in 4 countries across 8 domains to perform 37 HTTP transactions. The main IP is 2606:4700:3033::ac43:d243, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.shadowctrl.me.
TLS certificate: Issued by WE1 on July 27th 2024. Valid for: 3 months.

This is the only time www.shadowctrl.me was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	49.207.177.28 49.207.177.28	24309 (CABLELITE...) (CABLELITE-AS-AP Atria Convergence Technologies Pvt. Ltd. Broadband Internet Service Provider INDIA)
2 20	2606:4700:303... 2606:4700:3033::ac43:d243	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:4f49	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
4 11	2a02:6b8::1:119 2a02:6b8::1:119	13238 (YANDEX) (YANDEX)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
37	8

1 49.207.177.28 (Chennai, India) 1 redirects

ASN24309 (CABLELITE-AS-AP Atria Convergence Technologies Pvt. Ltd. Broadband Internet Service Provider INDIA, IN)
PTR: shadowctrl.me

shadowctrl.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2606:4700:3033::ac43:d243 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

www.shadowctrl.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:4f49 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a02:6b8::1:119 (Moscow, Russian Federation) 4 redirects

ASN13238 (YANDEX, RU)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	shadowctrl.me 3 redirects shadowctrl.me www.shadowctrl.me	1 MB
8	yandex.com 3 redirects mc.yandex.com — Cisco Umbrella Rank: 6787	3 KB
5	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 3123 www.google-analytics.com — Cisco Umbrella Rank: 104	21 KB
4	gstatic.com fonts.gstatic.com	54 KB
3	yandex.ru 1 redirects mc.yandex.ru — Cisco Umbrella Rank: 2503	72 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 112	102 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 110	1 KB
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 1223	7 KB
37	8

	Domain	Requested by
20	www.shadowctrl.me	2 redirects www.shadowctrl.me static.cloudflareinsights.com
8	mc.yandex.com	3 redirects mc.yandex.ru
4	fonts.gstatic.com	fonts.googleapis.com
3	www.google-analytics.com	www.shadowctrl.me www.google-analytics.com
3	mc.yandex.ru	1 redirects www.shadowctrl.me
2	region1.google-analytics.com	www.googletagmanager.com
1	www.googletagmanager.com	www.shadowctrl.me
1	fonts.googleapis.com	www.shadowctrl.me
1	static.cloudflareinsights.com	www.shadowctrl.me
1	shadowctrl.me	1 redirects
37	10

This site contains no links.

Subject Issuer	Validity	Valid
shadowctrl.me WE1	`2024-07-27` - `2024-10-25`	3 months	crt.sh
cloudflareinsights.com WE1	`2024-07-06` - `2024-10-04`	3 months	crt.sh
upload.video.google.com WR2	`2024-07-01` - `2024-09-23`	3 months	crt.sh
*.google-analytics.com WR2	`2024-07-01` - `2024-09-23`	3 months	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2024-05-23` - `2024-11-02`	5 months	crt.sh
*.gstatic.com WR2	`2024-07-01` - `2024-09-23`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://www.shadowctrl.me/
Frame ID: B0EF8675E89F29E990E3796BC65BB5B5
Requests: 32 HTTP requests in this frame

Frame: https://www.shadowctrl.me/cdn-cgi/challenge-platform/h/b/scripts/jsd/8c81cb09042c/main.js
Frame ID: ECACDF7A7ADFD17158A171BE7BEAD5AF
Requests: 4 HTTP requests in this frame

Frame: https://mc.yandex.com/metrika/metrika_match.html
Frame ID: 3133EB0AC0EAF6C5942B35BD4E34C288
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Shadowctrl | Home | Unleashing the power of 127.0.0.1

Page URL History Show full URLs

http://shadowctrl.me/ HTTP 307
https://shadowctrl.me/ HTTP 301
https://www.shadowctrl.me/ Page URL

Detected technologies

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

Page Statistics

37
Requests

89 %
HTTPS

89 %
IPv6

8
Domains

10
Subdomains

8
IPs

4
Countries

1537 kB
Transfer

2218 kB
Size

26
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://shadowctrl.me/ HTTP 307
https://shadowctrl.me/ HTTP 301
https://www.shadowctrl.me/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6

https://www.shadowctrl.me/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://www.shadowctrl.me/cdn-cgi/challenge-platform/h/b/scripts/jsd/8c81cb09042c/main.js

Request Chain 11

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10446.j1amdn4kU671z7ShRnytBfV0qSHWXhpiY7ODhoSCqNrZYNqzlAFzHSlq74baxy_x.QTzh1dK0ipxtzXBXO_FIMmSmC2A%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=10446.nLZfp4sZ7TwAf59vliD5Lb2yJOigkPj355OWqYNcsX3j6aLV3bxjvrDUti9RFLevM6_GSXluSIBxAxSAOC9jPm85WqqzFEhY8xaEQBpp9PcSwQQSx-KS7Cgsc4IFDWkUFUPzbMGRDKQ0CsLjQfuMV30kxAHmw3yzKK6yc9FdHvu27BEUJotdS10cwyyu1utsm5ZPjtJBQGOgjsltUr6pgVc2jWt7TNGSkHBOY7tkeJs%2C.iDXB-oFbC17VbapBuRvEr6ebx_c%2C HTTP 302
https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10446.QYSQ0JhO-NN9jYvyX99vEkyzdIG87I4kFRi99Q1ZlT7CHXUorkZ8tB5AtuoX87M_PQ0f7HcwTapkUcD0JP0Zz0ckb1g7FujmmpjpGo9kxcdf-ET_vn13pWAJUa4VQELASzxzardG8EqyI8n-W7c3cbnhNa3touaKCbxkQd1wqnz08LBSuwhwy22WBtKfOyAq8eTYuXj2YY1g6gFjkfsmBw%2C%2C.DHicm2sNqytYpX_nlPyb917OsCA%2C

Request Chain 14

https://www.shadowctrl.me/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://www.shadowctrl.me/cdn-cgi/challenge-platform/h/b/scripts/jsd/8c81cb09042c/main.js

Request Chain 32

https://mc.yandex.com/watch/94656015?wmode=7&page-url=https%3A%2F%2Fwww.shadowctrl.me%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6eeti2leh43xf0jxk8f3gy2jmj%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ade-DE%3Av%3A1400%3Acn%3A1%3Adp%3A0%3Als%3A770155052854%3Ahid%3A121165456%3Az%3A120%3Ai%3A20240730114629%3Aet%3A1722332790%3Ac%3A1%3Arn%3A769408621%3Arqn%3A1%3Au%3A1722332790562023619%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A17%2C39%2C514%2C3%2C584%2C0%2C%2C606%2C1%2C1772%2C1772%2C1%2C1771%3Aco%3A0%3Acpf%3A1%3Ans%3A1722332787308%3Agi%3AR0ExLjEuMTI0NjQyOTU1NS4xNzIyMzMyNzg5%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1722332791%3At%3AShadowctrl%20%7C%20Home%20%7C%20Unleashing%20the%20power%20of%20127.0.0.1&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rcm(1)cdl(na)eco(21037572)ti(1) HTTP 302
https://mc.yandex.com/watch/94656015/1?wmode=7&page-url=https%3A%2F%2Fwww.shadowctrl.me%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6eeti2leh43xf0jxk8f3gy2jmj%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ade-DE%3Av%3A1400%3Acn%3A1%3Adp%3A0%3Als%3A770155052854%3Ahid%3A121165456%3Az%3A120%3Ai%3A20240730114629%3Aet%3A1722332790%3Ac%3A1%3Arn%3A769408621%3Arqn%3A1%3Au%3A1722332790562023619%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A17%2C39%2C514%2C3%2C584%2C0%2C%2C606%2C1%2C1772%2C1772%2C1%2C1771%3Aco%3A0%3Acpf%3A1%3Ans%3A1722332787308%3Agi%3AR0ExLjEuMTI0NjQyOTU1NS4xNzIyMzMyNzg5%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1722332791%3At%3AShadowctrl%20%7C%20Home%20%7C%20Unleashing%20the%20power%20of%20127.0.0.1&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2821037572%29ti%281%29

37 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3

200

Primary Request / Show response
www.shadowctrl.me/
Redirect Chain

http://shadowctrl.me/
https://shadowctrl.me/
https://www.shadowctrl.me/

5 KB
2 KB

572ms
514ms

Document
text/html

2606:4700:3033::ac43:d243
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.shadowctrl.me/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:d243 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

9e37f5a849815154249890ec08dcaf5b1b04bc4921d99f868f97f73b42558fed

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=86400
cf-cache-status: DYNAMIC
cf-ray: 8ab46bf4ce099b46-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 30 Jul 2024 09:46:28 GMT
last-modified: Thu, 18 Jul 2024 14:19:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority: u=0,i
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RRNYN%2BKGLJN5jT%2Fnq1TBZiLg%2FkS7yq8actn7S%2BOkMcrChxco6lmYxJh%2FlapXj61RBeSh0m1POxlS7qmgme%2Fyk6LsiwdmSeN3%2B3e9XsjEFM%2BnqzJ0ZQWWZu7aYVoPdPsJAIZJbTaFLQbHrzwxz5WyPQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=2592000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-powered-by: Express

Redirect headers

Connection: keep-alive
Content-Length: 169
Content-Type: text/html
Date: Tue, 30 Jul 2024 09:46:27 GMT
Location: https://www.shadowctrl.me/
Server: nginx/1.26.0

GET
H3 200 index-52a2a239.css
www.shadowctrl.me/assets/ 3 KB
1 KB 490ms
489ms Stylesheet
text/css 2606:4700:3033::ac43:d243
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.shadowctrl.me/assets/index-52a2a239.css

Requested by

Host: www.shadowctrl.me
URL: https://www.shadowctrl.me/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:d243 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

52a2a239932d042b7668ae50d7582e85d4dc2c2c7ac05b8a300e52af204acac1

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.shadowctrl.me/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 09:46:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000; preload
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 18 Jul 2024 14:19:43 GMT
server: cloudflare
etag: W/"a69-190c63690d1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ST7LJi5v7Sfs%2FHE2ED6cQEVTtKxq8VAo5T24VvsjjJgTCvjaTZyhs3mI06vLvZng9OMm3r6DFmoeyiyvhQgLFPsSy82DHvScngKfBfLFx%2F10qJ5t1VEzbKC2tCkEDDLh7QhpucZ6L9yFWw45AGLIJg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
cache-control: public, max-age=86400
cf-ray: 8ab46bf82a979b46-FRA
priority: u=0,i=?0

GET
H3 200 rocket-loader.min.js Show response
www.shadowctrl.me/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 41ms
41ms Script
application/javascript 2606:4700:3033::ac43:d243
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.shadowctrl.me/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: www.shadowctrl.me
URL: https://www.shadowctrl.me/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:d243 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.shadowctrl.me/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 09:46:28 GMT
strict-transport-security: max-age=2592000; preload
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2024 16:35:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: gzip
etag: W/"669fdbbe-302c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4wVes3zmdQDHPtHpYavXLa32zCojXu9NEgeMqPJaGLdIWMXV8%2FwrLi4fOlveUAe4CNeE%2BX8%2F3Gv%2FnAAmRRKQsDaD72FdCuuO6nzXsGMxNYraxfIMZhAqRrPEcCdKnhqLcvBiI3%2FzkiohrmF5%2F5PzaQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 8ab46bf82a9e9b46-FRA
expires: Thu, 01 Aug 2024 09:46:28 GMT

GET
H2 200 vcd15cbe7772f49c399c6a5babf22c1241717689176015 Show response
static.cloudflareinsights.com/beacon.min.js/ 19 KB
7 KB 146ms
86ms Script
text/javascript 2606:4700::6810:4f49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Requested by: Host: www.shadowctrl.me
URL: https://www.shadowctrl.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:4f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f

Request headers

Referer: https://www.shadowctrl.me/
Origin: https://www.shadowctrl.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 09:46:28 GMT
content-encoding: gzip
last-modified: Thu, 06 Jun 2024 15:52:56 GMT
server: cloudflare
etag: W/"2024.6.1"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 8ab46bf88b19914c-FRA

GET
H2 200 css2
fonts.googleapis.com/ 8 KB
1 KB 81ms
28ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Oswald&family=Poppins&family=Source+Code+Pro&family=Libre+Barcode+128+Text&family=Fira+Code&display=swap

Requested by

Host: www.shadowctrl.me
URL: https://www.shadowctrl.me/assets/index-52a2a239.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

eec8493b53c3e56a00acee3fa3f85f1e88b447b2b644ea7f6a47d75fcfd45ac0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.shadowctrl.me/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 30 Jul 2024 09:46:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 30 Jul 2024 09:46:29 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 30 Jul 2024 09:46:29 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 306 KB
102 KB 91ms
42ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-6LSJFNRLP1

Requested by

Host: www.shadowctrl.me
URL: https://www.shadowctrl.me/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4e7be1305c3b9051e4f48847e51ec48e8cbcb85d81efaf3966011e62d13d8275

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.shadowctrl.me/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 09:46:29 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 103869
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 30 Jul 2024 09:46:29 GMT

GET
H3 200 index-47f365e3.js Show response
www.shadowctrl.me/assets/ 401 KB
128 KB 674ms
674ms Script
application/javascript 2606:4700:3033::ac43:d243
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.shadowctrl.me/assets/index-47f365e3.js

Requested by

Host: www.shadowctrl.me
URL: https://www.shadowctrl.me/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:d243 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

57d496bf6cc422d1a205260c3da0d33312e59a330700a18a844f25bf72b1652b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.shadowctrl.me/
Origin: https://www.shadowctrl.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 09:46:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000; preload
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 18 Jul 2024 14:19:43 GMT
server: cloudflare
etag: W/"64584-190c63690d5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5UY9%2BYdRH3Kr1yrCX2zyXPRM1jmZ8ghJDUN0ETLm3BDN0nYlAUM%2BSUgB8qTBzODvp6fSfFk45rzf%2B8oThrRhip1hGvCBwQfobUUvmgrh2VCro09bua6nEounpsdHm7phO2%2BAd5dlVBwESpbDximeUw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=86400
cf-ray: 8ab46bfbdfaa9b46-FRA
priority: u=1,i=?0

GET
H3

200

main.js Show response
www.shadowctrl.me/cdn-cgi/challenge-platform/h/b/scripts/jsd/8c81cb09042c/ Frame ECAC
Redirect Chain

https://www.shadowctrl.me/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://www.shadowctrl.me/cdn-cgi/challenge-platform/h/b/scripts/jsd/8c81cb09042c/main.js?

8 KB
4 KB

36ms
36ms

Script
application/javascript

2606:4700:3033::ac43:d243
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.shadowctrl.me/cdn-cgi/challenge-platform/h/b/scripts/jsd/8c81cb09042c/main.js?

Protocol

Server

2606:4700:3033::ac43:d243 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4816ae068130ce2952941b5887ccbd71f7fd096ccb9a5476c322757c5a3ccd5

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; preload
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 09:46:29 GMT
strict-transport-security: max-age=2592000; preload
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iCvNc2EOSH7enyzIYfEylQqboczQEsgBHunf9NSjfKLh2A5B9SnHXLI5ceXCMMUC0b3poSJhLKlLwQBEmWxs1Bp8TJBu%2Bsjn0CpuczC3ndsgce5F2NtESKf9B8wTFWTAE6QVwEsOZOobQvGcyvUQiA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
cf-ray: 8ab46bfc080f9b46-FRA
alt-svc: h3=":443"; ma=86400
priority: u=3,i=?0

Redirect headers

date: Tue, 30 Jul 2024 09:46:29 GMT
strict-transport-security: max-age=2592000; preload
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=t6m0jS1SaacR59KUjGXy62QWKaZXYcEIGcKFuFm%2F5v2p8vySkpWLEPe8VU%2BhbKIufgdmcOP9CwtcNgiApRHGfafVHtV%2FfX90G4AZ%2BrS5%2BpL2tXQ0yBjUK8Xqqxaw40no2%2FSwSWlWIZMeqlSRE8NbBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/8c81cb09042c/main.js?
access-control-allow-origin: *
cache-control: max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
cf-ray: 8ab46bfbdfac9b46-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i=?0

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 202 KB
71 KB 277ms
132ms Script
application/javascript 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: www.shadowctrl.me
URL: https://www.shadowctrl.me/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

184ff4719d5c387812c3b3d9ba9522c3cf597085ba2092079142903e994dc304

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.shadowctrl.me/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 09:46:29 GMT
strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Wed, 24 Jul 2024 12:44:58 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "66a0f74a-1166d"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
timing-allow-origin: *
content-length: 71277
expires: Tue, 30 Jul 2024 10:46:29 GMT

GET
H3 200 favicon.ico
www.shadowctrl.me/images/ 27 KB
25 KB 653ms
653ms Other
image/x-icon 2606:4700:3033::ac43:d243
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.shadowctrl.me/images/favicon.ico

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:d243 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

67cc4f7503ed27345a238fea307d436a84da083aa355b09d92708179d3396459

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.shadowctrl.me/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 09:46:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000; preload
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 18 Jul 2024 14:19:41 GMT
server: cloudflare
etag: W/"6a38-190c6368bad"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=58qNwim8j8yja84NSRfnKcbeNJHTKQChygzLtcb3W2lriJVrGtaN1tbAg0yHra7rBjzkWqiD3sGTWLl2dIXD2ww5C1Tlqu%2FKi71BxzMm5HgZS3b%2Fl2GgwpKQ4lRE5srOgLnIvLR30GZTFjULLL9gXw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/x-icon
cache-control: public, max-age=86400
cf-ray: 8ab46bfbdfad9b46-FRA
priority: u=1,i

POST
H3 200 8ab46bf4ce099b46 Show response
www.shadowctrl.me/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame ECAC 0
726 B 48ms
41ms XHR
text/plain 2606:4700:3033::ac43:d243
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.shadowctrl.me/cdn-cgi/challenge-platform/h/b/jsd/r/8ab46bf4ce099b46

Requested by

Host: www.shadowctrl.me
URL: https://www.shadowctrl.me/cdn-cgi/challenge-platform/scripts/jsd/main.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:d243 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; preload
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 30 Jul 2024 09:46:29 GMT
strict-transport-security: max-age=2592000; preload
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2Y19zJ4NqoP29oGyXGnVB3LiewulZXQWEanP2Ku8hfoEALN59twu4kLT4AV%2BXweTX2o7j02Qy3bpaaBNvE5ZQl8WixEAbD5QhAy9CF4EpVqU7XrlKQwlUZVs07YTnWiLgSoRJylfJhHWo1Obg0bprQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 8ab46bfce9429b46-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=1,i

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 108ms
34ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-6LSJFNRLP1&gtm=45je47t0v9123688507za200&_p=1722332789081&gcd=13l3l3l2l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=95250753&cid=1246429555.1722332789&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1722332789&sct=1&seg=0&dl=https%3A%2F%2Fwww.shadowctrl.me%2F&dt=Shadowctrl%20%7C%20Home%20%7C%20Unleashing%20the%20power%20of%20127.0.0.1&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1996
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6LSJFNRLP1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://www.shadowctrl.me/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Jul 2024 09:46:29 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.shadowctrl.me
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sync_cookie_image_finish
mc.yandex.ru/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10446.j1amdn4kU671z7ShRnytBfV0qSHWXhpiY7ODhoSCqNrZYNqzlAFzHSlq74baxy_x.QTzh1dK0ipxtzXBXO_FIMmSmC2A%2C
https://mc.yandex.com/sync_cookie_image_decide?token=10446.nLZfp4sZ7TwAf59vliD5Lb2yJOigkPj355OWqYNcsX3j6aLV3bxjvrDUti9RFLevM6_GSXluSIBxAxSAOC9jPm85WqqzFEhY8xaEQBpp9PcSwQQSx-KS7Cgsc4IFDWkUFUPzbMGRDK...
https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10446.QYSQ0JhO-NN9jYvyX99vEkyzdIG87I4kFRi99Q1ZlT7CHXUorkZ8tB5AtuoX87M_PQ0f7HcwTapkUcD0JP0Zz0ckb1g7FujmmpjpGo9kxcdf-...

43 B
583 B

254ms
243ms

Image
image/gif

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10446.QYSQ0JhO-NN9jYvyX99vEkyzdIG87I4kFRi99Q1ZlT7CHXUorkZ8tB5AtuoX87M_PQ0f7HcwTapkUcD0JP0Zz0ckb1g7FujmmpjpGo9kxcdf-ET_vn13pWAJUa4VQELASzxzardG8EqyI8n-W7c3cbnhNa3touaKCbxkQd1wqnz08LBSuwhwy22WBtKfOyAq8eTYuXj2YY1g6gFjkfsmBw%2C%2C.DHicm2sNqytYpX_nlPyb917OsCA%2C

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.shadowctrl.me/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 30 Jul 2024 09:46:30 GMT
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10446.QYSQ0JhO-NN9jYvyX99vEkyzdIG87I4kFRi99Q1ZlT7CHXUorkZ8tB5AtuoX87M_PQ0f7HcwTapkUcD0JP0Zz0ckb1g7FujmmpjpGo9kxcdf-ET_vn13pWAJUa4VQELASzxzardG8EqyI8n-W7c3cbnhNa3touaKCbxkQd1wqnz08LBSuwhwy22WBtKfOyAq8eTYuXj2YY1g6gFjkfsmBw%2C%2C.DHicm2sNqytYpX_nlPyb917OsCA%2C
date: Tue, 30 Jul 2024 09:46:30 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
571 B 517ms
515ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.shadowctrl.me/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 09:46:29 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 24 Jul 2024 12:44:58 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "66a0f74a-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Tue, 30 Jul 2024 10:46:29 GMT

GET
H2 200 metrika_match.html
mc.yandex.com/metrika/ Frame 3133 0
0 285ms
127ms Document
text/html 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/metrika/metrika_match.html

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.shadowctrl.me/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
access-control-allow-origin: *
cache-control: max-age=3600
content-encoding: br
content-length: 1046
content-type: text/html
date: Tue, 30 Jul 2024 09:46:30 GMT
etag: "66a0f74a-416"
expires: Tue, 30 Jul 2024 10:46:30 GMT
last-modified: Wed, 24 Jul 2024 12:44:58 GMT
strict-transport-security: max-age=31536000
timing-allow-origin: *

GET
H3

200

main.js Show response
www.shadowctrl.me/cdn-cgi/challenge-platform/h/b/scripts/jsd/8c81cb09042c/ Frame ECAC
Redirect Chain

https://www.shadowctrl.me/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://www.shadowctrl.me/cdn-cgi/challenge-platform/h/b/scripts/jsd/8c81cb09042c/main.js?

8 KB
0

8ms
8ms

Script
application/javascript

2606:4700:3033::ac43:d243
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.shadowctrl.me/cdn-cgi/challenge-platform/h/b/scripts/jsd/8c81cb09042c/main.js?

Protocol

Server

2606:4700:3033::ac43:d243 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4816ae068130ce2952941b5887ccbd71f7fd096ccb9a5476c322757c5a3ccd5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 09:46:29 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iCvNc2EOSH7enyzIYfEylQqboczQEsgBHunf9NSjfKLh2A5B9SnHXLI5ceXCMMUC0b3poSJhLKlLwQBEmWxs1Bp8TJBu%2Bsjn0CpuczC3ndsgce5F2NtESKf9B8wTFWTAE6QVwEsOZOobQvGcyvUQiA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
cf-ray: 8ab46bfc080f9b46-FRA
alt-svc: h3=":443"; ma=86400
priority: u=3,i=?0

Redirect headers

date: Tue, 30 Jul 2024 09:46:29 GMT
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=t6m0jS1SaacR59KUjGXy62QWKaZXYcEIGcKFuFm%2F5v2p8vySkpWLEPe8VU%2BhbKIufgdmcOP9CwtcNgiApRHGfafVHtV%2FfX90G4AZ%2BrS5%2BpL2tXQ0yBjUK8Xqqxaw40no2%2FSwSWlWIZMeqlSRE8NbBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/8c81cb09042c/main.js?
access-control-allow-origin: *
cache-control: max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
cf-ray: 8ab46bfbdfac9b46-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i=?0

GET
H3 200 thm-f88dd48c.svg
www.shadowctrl.me/assets/ 9 KB
3 KB 526ms
516ms Image
image/svg+xml 2606:4700:3033::ac43:d243
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.shadowctrl.me/assets/thm-f88dd48c.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:d243 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

f88dd48caf4b30e10026fd8a2b7b5382e3879a906edf52c000d4a6f3f64399be

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.shadowctrl.me/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 09:46:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000; preload
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 18 Jul 2024 14:19:43 GMT
server: cloudflare
etag: W/"2223-190c63690d1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YAB1cnqt0JPQpbb972Bx8Qq6tNOrjvuS5SX5Shi%2FczH%2Fkrqhu%2BZM%2B3P9V9HM8vBuo4VuEgQR0ZzmAl5Ea5AiM4xi7hcVggat9pmzt7hOL09kdf8448cZPXymud4sAU5bceZAeaQkO%2FAVflY6RGbByQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 8ab46c034a039b46-FRA
priority: u=3,i

GET
H3 200 Union-888efdb4.svg
www.shadowctrl.me/assets/ 265 B
732 B 538ms
527ms Image
image/svg+xml 2606:4700:3033::ac43:d243
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.shadowctrl.me/assets/Union-888efdb4.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:d243 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

888efdb44765f6ba8c61b2088ef66ecd0e4b9b21a1a1eab293da70a86ec86749

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.shadowctrl.me/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 09:46:30 GMT
strict-transport-security: max-age=2592000; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 18 Jul 2024 14:19:43 GMT
server: cloudflare
etag: W/"109-190c63690d1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=j9Wx%2FD24qTdqKLZzuZ1%2BQITKfbEqSFgx0wO5dK%2BiN472Q3slT7z2JXMCgs964tnXtB5UoZdxs5xtHj3GaZ3a2Y1mBKoIqWRmMfpAr8QQu6CeQDwy%2FiSXLEKj%2BMJ6Ny%2FjDTIcXQgtJXBKPkECHdHC2g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 8ab46c034a049b46-FRA
priority: u=3,i

GET
H3 200 anonymous.webp
www.shadowctrl.me/images/ 33 KB
33 KB 653ms
641ms Image
image/webp 2606:4700:3033::ac43:d243
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.shadowctrl.me/images/anonymous.webp

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:d243 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

fe692b702d25099c206f915ee9074469787f6ac12835a23f849aaeb24fb05d68

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.shadowctrl.me/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 09:46:30 GMT
strict-transport-security: max-age=2592000; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
content-length: 33380
last-modified: Thu, 18 Jul 2024 14:19:41 GMT
server: cloudflare
etag: W/"8264-190c6368ba9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nee9beSP1nCRWDOA6UXwPdUN9TG3y5mdl4kDNocsDDUEzVaIGrUt%2BBLtAriD96Ym7mlNLIunbJ9%2FAi%2FAKghCdiMT7%2BZ2ThRFotd%2FodXM5Qnu292BZ83bBEYyxyc%2F6Hpo%2BNRVhbMdeYsZ1Q%2B%2FqPFoZg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 8ab46c034a129b46-FRA
priority: u=3,i

GET
H3 200 hackatank.webp
www.shadowctrl.me/images/ 459 KB
459 KB 814ms
801ms Image
image/webp 2606:4700:3033::ac43:d243
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.shadowctrl.me/images/hackatank.webp

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:d243 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

76d6181fc162eddfbab52d3d41b7c610188e552e594837c0f5b29227d21a2ed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.shadowctrl.me/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 09:46:31 GMT
strict-transport-security: max-age=2592000; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
content-length: 469644
last-modified: Thu, 18 Jul 2024 14:19:41 GMT
server: cloudflare
etag: W/"72a8c-190c6368bb1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Otltz9URxv0qIvpqC5k31jEIZUl2kVM4hGEo9z8XEAX1qi7BudZzwn%2BlZD1u8TbRYLPtyunXiw7i5KyeNJmgWzv%2B5TEhKFs6v0BK%2FKeGZILULalSj%2BQ3XeLs0Xk6BVrfGBm%2B%2Bd6285ggP0UWuD7%2FQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 8ab46c034a159b46-FRA
priority: u=3,i

GET
H3 200 pepper.webp
www.shadowctrl.me/images/ 2 KB
2 KB 549ms
536ms Image
image/webp 2606:4700:3033::ac43:d243
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.shadowctrl.me/images/pepper.webp

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:d243 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

f9270b2cdebfa5680343077931e4b0cb2b34c1fa0ef7ddbb0b495a47cde17246

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.shadowctrl.me/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 09:46:30 GMT
strict-transport-security: max-age=2592000; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
content-length: 1942
last-modified: Thu, 18 Jul 2024 14:19:41 GMT
server: cloudflare
etag: W/"796-190c6368bb5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=34VgPPNUGaUtST7mvBFr0v6KtJhgVG7qtwBvgt646RSuO%2BoE5kIYti%2BC5x3T%2Fh9nYwhogK%2BOhGmkMrlEHnb%2BAuhBEdhD7QNoMSeIggdmTjsswtn4lqwAYF4uWK2rYfzYokKobEbTECAjppBw9CcFHg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 8ab46c034a169b46-FRA
priority: u=3,i

GET
H3 200 csi.webp
www.shadowctrl.me/images/ 52 KB
52 KB 813ms
800ms Image
image/webp 2606:4700:3033::ac43:d243
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.shadowctrl.me/images/csi.webp

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:d243 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

55458e796b56cd616e72a40da0a2ac6e20e2d393363a0cf904f7e5f1c46595bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.shadowctrl.me/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 09:46:31 GMT
strict-transport-security: max-age=2592000; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
content-length: 52992
last-modified: Thu, 18 Jul 2024 14:19:41 GMT
server: cloudflare
etag: W/"cf00-190c6368bad"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=u%2Fr0QnI%2FjRTdIxFR7P7PzmvgxgWsgSbrVhJcMuOus%2BQj5wfs%2Bb0Q4AYM7W8doSs%2BXZwH1S6uXmqcBvdUmHQs1JUNLVtwLnJZq8LXiR6gjDwnkVkTH42Q1rGpyaLL4k%2Bv32x6DYYLd2%2BVRx0DtWO%2BBw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 8ab46c034a179b46-FRA
priority: u=3,i

GET
H3 200 shadowctrl.webp
www.shadowctrl.me/images/ 556 KB
557 KB 828ms
811ms Image
image/webp 2606:4700:3033::ac43:d243
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.shadowctrl.me/images/shadowctrl.webp

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:d243 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

0ef30cef2982307696c5eeea45c8b99a16d5c20fe97aa1eba5d409d548976917

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.shadowctrl.me/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 09:46:31 GMT
strict-transport-security: max-age=2592000; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
content-length: 569602
last-modified: Thu, 18 Jul 2024 14:19:41 GMT
server: cloudflare
etag: W/"8b102-190c6368bb5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4%2B3ZKFjCq3kODjs8UtnwbH89z2ZKXtZUJ4VlesyX8ksMEbFoyZaNwEeNG98d3SUSym6Rq55LdUQ9CDDXNKxxfc0x5%2FN1f1WuCDJ%2F41EOFWdjlkTIPLWsQYx9FyLDTIWjwhkaGZ9wP5kcgy1ZAMW5mg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 8ab46c034a1a9b46-FRA
priority: u=3,i

GET
H2 200 fdNv9tubt3ZEnz1Gu3I4-zppwZ9CWZ16Z0w5QVrS6Q.woff2
fonts.gstatic.com/s/librebarcode128text/v28/ 12 KB
12 KB 136ms
62ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/librebarcode128text/v28/fdNv9tubt3ZEnz1Gu3I4-zppwZ9CWZ16Z0w5QVrS6Q.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Oswald&family=Poppins&family=Source+Code+Pro&family=Libre+Barcode+128+Text&family=Fira+Code&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1181d8814a9c65c4e2e6b81ca9e12e27470fcb59e641c8dc9bdbb5f492497c7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.shadowctrl.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 15:05:10 GMT
x-content-type-options: nosniff
age: 585680
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12352
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 20:16:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Jul 2025 15:05:10 GMT

GET
H2 200 HI_diYsKILxRpg3hIP6sJ7fM7PqPMcMnZFqUwX28DMyQtMlrTA.woff2
fonts.gstatic.com/s/sourcecodepro/v23/ 11 KB
11 KB 124ms
51ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcecodepro/v23/HI_diYsKILxRpg3hIP6sJ7fM7PqPMcMnZFqUwX28DMyQtMlrTA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Oswald&family=Poppins&family=Source+Code+Pro&family=Libre+Barcode+128+Text&family=Fira+Code&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

15057fef797f7f64d90cf20c4647e2697c3ec75b4094c3d3faa9bb3c1124f1e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.shadowctrl.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 11:45:28 GMT
x-content-type-options: nosniff
age: 597662
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11048
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:22:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Jul 2025 11:45:28 GMT

GET
H2 200 uU9eCBsR6Z2vfE9aq3bL0fxyUs4tcw4W_D1sJVD7Ng.woff2
fonts.gstatic.com/s/firacode/v22/ 23 KB
23 KB 98ms
26ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/firacode/v22/uU9eCBsR6Z2vfE9aq3bL0fxyUs4tcw4W_D1sJVD7Ng.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Oswald&family=Poppins&family=Source+Code+Pro&family=Libre+Barcode+128+Text&family=Fira+Code&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5246d691e3e54f6c2367c96f2d011cf4c10b9765b48a2e3af97335008b41b06e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.shadowctrl.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 15:00:06 GMT
x-content-type-options: nosniff
age: 585984
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23352
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:22:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Jul 2025 15:00:06 GMT

GET
H2 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v21/ 8 KB
8 KB 123ms
50ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Oswald&family=Poppins&family=Source+Code+Pro&family=Libre+Barcode+128+Text&family=Fira+Code&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.shadowctrl.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 15:19:22 GMT
x-content-type-options: nosniff
age: 584828
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7884
x-xss-protection: 0
last-modified: Fri, 22 Mar 2024 00:00:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Jul 2025 15:19:22 GMT

GET
H3 200 Mars.ttf
www.shadowctrl.me/fonts/mars/ 5 KB
4 KB 526ms
512ms Font
font/ttf 2606:4700:3033::ac43:d243
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.shadowctrl.me/fonts/mars/Mars.ttf

Requested by

Host: www.shadowctrl.me
URL: https://www.shadowctrl.me/assets/index-52a2a239.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:d243 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

5361eac31c6c752526a603f8c06c6676e6a37bf2886773a704309ce10bb4cde8

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.shadowctrl.me/assets/index-52a2a239.css
Origin: https://www.shadowctrl.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 09:46:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000; preload
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 18 Jul 2024 14:19:41 GMT
server: cloudflare
etag: W/"13b4-190c6368ba9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZNvt8hBMaquNXvTLtxOofHV1ID%2FW1tp60QdKfBBvMN50BKiFittaPTTpmrXso9J3biLdVdX3nvi4kC8lLtvHyABsfxhxlLIecUmRZwFJGjwL3n5sDKHdtl19aPluTGS0i1bw2Ch2mpPzsrMADLAxJg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/ttf
cache-control: public, max-age=86400
cf-ray: 8ab46c037a649b46-FRA
priority: u=0,i=?0

POST
H3 204 rum Show response
www.shadowctrl.me/cdn-cgi/ 0
143 B 59ms
39ms XHR
text/plain 2606:4700:3033::ac43:d243
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.shadowctrl.me/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:d243 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.shadowctrl.me/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type: application/json

Response headers

date: Tue, 30 Jul 2024 09:46:30 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://www.shadowctrl.me
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 8ab46c037a6b9b46-FRA

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 98ms
26ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.shadowctrl.me
URL: https://www.shadowctrl.me/assets/index-47f365e3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.shadowctrl.me/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 30 Jul 2024 08:29:07 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 4643
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Tue, 30 Jul 2024 10:29:07 GMT

POST
H3 200 8ab46bf4ce099b46 Show response
www.shadowctrl.me/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame ECAC 0
732 B 63ms
57ms XHR
text/plain 2606:4700:3033::ac43:d243
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.shadowctrl.me/cdn-cgi/challenge-platform/h/b/jsd/r/8ab46bf4ce099b46

Requested by

Host: www.shadowctrl.me
URL: https://www.shadowctrl.me/cdn-cgi/challenge-platform/scripts/jsd/main.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:d243 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; preload
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 30 Jul 2024 09:46:30 GMT
strict-transport-security: max-age=2592000; preload
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lrBjz5yH4VZpVIyJ2xWJvVuRgiSSikMzTRMqAdD2qusvRLFonKtbv7TevcETqJVkMxrTLo9kidtItiQkg%2FLk3%2FDNNUC8PnlsNkgfJwnkwu%2Fn3Lj7gRYT0gxx26NIdwtfaJoTnMAEwHLv%2F1qbkhl15w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 8ab46c046bc59b46-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=1,i

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
148 B 34ms
33ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1216678828&t=pageview&_s=1&dl=https%3A%2F%2Fwww.shadowctrl.me%2F&dp=%2F&ul=de-de&de=UTF-8&dt=Shadowctrl%20%7C%20Home%20%7C%20Unleashing%20the%20power%20of%20127.0.0.1&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IADAAEABAAAAACAAI~&jid=247373918&gjid=575754185&cid=1246429555.1722332789&tid=G-6LSJFNRLP1&_gid=1739826884.1722332790&_r=1&_slc=1&z=61562978

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.shadowctrl.me/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 30 Jul 2024 09:46:30 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.shadowctrl.me
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
194 B 25ms
24ms Image
image/gif 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=1216678828&t=pageview&_s=2&dl=https%3A%2F%2Fwww.shadowctrl.me%2F&dp=%2F&ul=de-de&de=UTF-8&dt=Shadowctrl%20%7C%20Home%20%7C%20Unleashing%20the%20power%20of%20127.0.0.1&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IADAAEABAAAAACAAI~&jid=&gjid=&cid=1246429555.1722332789&tid=G-6LSJFNRLP1&_gid=1739826884.1722332790&z=1747090536

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.shadowctrl.me/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jul 2024 14:59:16 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 67634
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

1 Show response
mc.yandex.com/watch/94656015/
Redirect Chain

https://mc.yandex.com/watch/94656015?wmode=7&page-url=https%3A%2F%2Fwww.shadowctrl.me%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6eeti2leh43xf0jxk8f3gy2jmj%3Afu%3A0%3Aen%3Autf-8%3Al...
https://mc.yandex.com/watch/94656015/1?wmode=7&page-url=https%3A%2F%2Fwww.shadowctrl.me%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6eeti2leh43xf0jxk8f3gy2jmj%3Afu%3A0%3Aen%3Autf-8%3...

499 B
701 B

68ms
67ms

Fetch
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/94656015/1?wmode=7&page-url=https%3A%2F%2Fwww.shadowctrl.me%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6eeti2leh43xf0jxk8f3gy2jmj%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ade-DE%3Av%3A1400%3Acn%3A1%3Adp%3A0%3Als%3A770155052854%3Ahid%3A121165456%3Az%3A120%3Ai%3A20240730114629%3Aet%3A1722332790%3Ac%3A1%3Arn%3A769408621%3Arqn%3A1%3Au%3A1722332790562023619%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A17%2C39%2C514%2C3%2C584%2C0%2C%2C606%2C1%2C1772%2C1772%2C1%2C1771%3Aco%3A0%3Acpf%3A1%3Ans%3A1722332787308%3Agi%3AR0ExLjEuMTI0NjQyOTU1NS4xNzIyMzMyNzg5%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1722332791%3At%3AShadowctrl%20%7C%20Home%20%7C%20Unleashing%20the%20power%20of%20127.0.0.1&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2821037572%29ti%281%29

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

e9902e8b1e6d7bf6df310e773757fdfeae3371a6ae7c97c76fdedcd85efc21d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.shadowctrl.me/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Jul 2024 09:46:30 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Tue, 30-Jul-2024 09:46:30 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.shadowctrl.me
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 499
x-xss-protection: 1; mode=block
expires: Tue, 30-Jul-2024 09:46:30 GMT

Redirect headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Tue, 30 Jul 2024 09:46:30 GMT
last-modified: Tue, 30-Jul-2024 09:46:30 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
access-control-allow-origin: https://www.shadowctrl.me
location: /watch/94656015/1?wmode=7&page-url=https%3A%2F%2Fwww.shadowctrl.me%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6eeti2leh43xf0jxk8f3gy2jmj%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ade-DE%3Av%3A1400%3Acn%3A1%3Adp%3A0%3Als%3A770155052854%3Ahid%3A121165456%3Az%3A120%3Ai%3A20240730114629%3Aet%3A1722332790%3Ac%3A1%3Arn%3A769408621%3Arqn%3A1%3Au%3A1722332790562023619%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A17%2C39%2C514%2C3%2C584%2C0%2C%2C606%2C1%2C1772%2C1772%2C1%2C1771%3Aco%3A0%3Acpf%3A1%3Ans%3A1722332787308%3Agi%3AR0ExLjEuMTI0NjQyOTU1NS4xNzIyMzMyNzg5%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1722332791%3At%3AShadowctrl%20%7C%20Home%20%7C%20Unleashing%20the%20power%20of%20127.0.0.1&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2821037572%29ti%281%29
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Tue, 30-Jul-2024 09:46:30 GMT

POST
H2 200 94656015
mc.yandex.com/webvisor/ 43 B
0 134ms
127ms Fetch
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/94656015?wv-part=1&wv-type=7&wmode=0&wv-hit=121165456&page-url=https%3A%2F%2Fwww.shadowctrl.me%2F&rn=577855403&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1722332793%3Aw%3A1600x1200%3Av%3A1400%3Az%3A120%3Ai%3A20240730114633%3Au%3A1722332790562023619%3Avf%3A6eeti2leh43xf0jxk8f3gy2jmj%3Ast%3A1722332793&t=gdpr(14)ti(1)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.shadowctrl.me/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Tue, 30 Jul 2024 09:46:33 GMT
last-modified: Tue, 30-Jul-2024 09:46:33 GMT
content-type: image/gif
access-control-allow-origin: https://www.shadowctrl.me
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Tue, 30-Jul-2024 09:46:33 GMT

POST
H2 200 94656015
mc.yandex.com/webvisor/ 43 B
0 67ms
65ms Fetch
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/94656015?wv-part=1&wv-type=7&wmode=0&wv-hit=121165456&page-url=https%3A%2F%2Fwww.shadowctrl.me%2F&rn=410744583&browser-info=we%3A1%3Aet%3A1722332793%3Aw%3A1600x1200%3Av%3A1400%3Az%3A120%3Ai%3A20240730114633%3Au%3A1722332790562023619%3Avf%3A6eeti2leh43xf0jxk8f3gy2jmj%3Ast%3A1722332793&t=gdpr(14)ti(1)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.shadowctrl.me/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Tue, 30 Jul 2024 09:46:33 GMT
last-modified: Tue, 30-Jul-2024 09:46:33 GMT
content-type: image/gif
access-control-allow-origin: https://www.shadowctrl.me
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Tue, 30-Jul-2024 09:46:33 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 28ms
28ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-6LSJFNRLP1&gtm=45je47t0v9123688507za200&_p=1722332789081&gcd=13l3l3l2l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=95250753&cid=1246429555.1722332789&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1722332789&sct=1&seg=0&dl=https%3A%2F%2Fwww.shadowctrl.me%2F&dt=Shadowctrl%20%7C%20Home%20%7C%20Unleashing%20the%20power%20of%20127.0.0.1&en=scroll&epn.percent_scrolled=90&_et=4&tfd=7005
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6LSJFNRLP1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://www.shadowctrl.me/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Jul 2024 09:46:34 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.shadowctrl.me
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

26 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.shadowctrl.me/	1970-01-21 08:01:32	Name: _ga_6LSJFNRLP1 Value: GS1.1.1722332789.1.0.1722332789.0.0.0
.yandex.ru/	1970-01-21 07:11:08	Name: yashr Value: 6492795711722332789
.shadowctrl.me/	1970-01-21 07:11:08	Name: _ym_uid Value: 1722332790562023619
.shadowctrl.me/	1970-01-21 07:11:08	Name: _ym_d Value: 1722332790
.mc.yandex.com/	1970-01-20 22:25:33	Name: sync_cookie_csrf Value: 492882767fake
.yandex.com/	1970-01-21 08:01:32	Name: i Value: z6F9fJkV5Xs0vzuxHO0U6p/E4SlOqs2hsIkNeBe4pjIjxnu0K3p0Cv5zb9vkBcqY3AnvE0lVnmaL7zdYlbMAojVEfFU=
.yandex.com/	1970-01-21 07:11:08	Name: yandexuid Value: 1599411981722332789
.yandex.com/	1970-01-21 07:11:08	Name: yashr Value: 1342183271722332789
.shadowctrl.me/	1970-01-20 22:26:44	Name: _ym_isad Value: 2
.mc.yandex.ru/	1970-01-20 22:25:33	Name: sync_cookie_csrf Value: 4037377554fake
.mc.yandex.com/	1970-01-20 22:26:59	Name: sync_cookie_ok Value: synced
.shadowctrl.me/	1970-01-21 08:01:32	Name: _ga Value: GA1.2.1246429555.1722332789
.shadowctrl.me/	1970-01-20 22:26:59	Name: _gid Value: GA1.2.1739826884.1722332790
.shadowctrl.me/	1970-01-20 22:25:32	Name: _gat Value: 1
.shadowctrl.me/	1970-01-21 07:11:08	Name: cf_clearance Value: TmMrAauQ086EFPKI_CuqC.81bqtVj2CURV3BiuGJZJ4-1722332790-1.0.1.1-aUUUZqGy5FuH0mOgU3EpskqOTxkDKxbJ1OBY8SV1mT6vT16FttqcOJ6qSKMfBbkIdLzV8qto7J4nS.CQZDUlHA
.yandex.ru/	1970-01-21 08:01:32	Name: yandexuid Value: 1599411981722332789
.yandex.ru/	1970-01-21 08:01:32	Name: yuidss Value: 1599411981722332789
.yandex.ru/	1970-01-21 08:01:32	Name: i Value: z6F9fJkV5Xs0vzuxHO0U6p/E4SlOqs2hsIkNeBe4pjIjxnu0K3p0Cv5zb9vkBcqY3AnvE0lVnmaL7zdYlbMAojVEfFU=
.yandex.ru/	1970-01-21 08:01:32	Name: yp Value: 1722419190.yu.7586180261722332789
.yandex.ru/	1970-01-21 07:11:08	Name: ymex Value: 1724924790.oyu.7586180261722332789
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 2220452511722332790
.yandex.com/	1970-01-21 07:11:08	Name: yuidss Value: 1599411981722332789
.yandex.com/	1970-01-21 07:11:08	Name: ymex Value: 1753868790.yrts.1722332790
.yandex.com/	1970-01-21 07:11:08	Name: receive-cookie-deprecation Value: 1
.yandex.com/	1970-01-21 08:01:32	Name: bh Value: KgI/MGD27KK1Bg==
.shadowctrl.me/	1970-01-20 22:25:34	Name: _ym_visorc Value: w

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=2592000; preload
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
mc.yandex.com
mc.yandex.ru
region1.google-analytics.com
shadowctrl.me
static.cloudflareinsights.com
www.google-analytics.com
www.googletagmanager.com
www.shadowctrl.me
2001:4860:4802:34::36
2606:4700:3033::ac43:d243
2606:4700::6810:4f49
2a00:1450:4001:829::2003
2a00:1450:4001:82a::200e
2a00:1450:4001:82b::2008
2a00:1450:4001:831::200a
2a02:6b8::1:119
49.207.177.28
0ef30cef2982307696c5eeea45c8b99a16d5c20fe97aa1eba5d409d548976917
1181d8814a9c65c4e2e6b81ca9e12e27470fcb59e641c8dc9bdbb5f492497c7e
15057fef797f7f64d90cf20c4647e2697c3ec75b4094c3d3faa9bb3c1124f1e8
184ff4719d5c387812c3b3d9ba9522c3cf597085ba2092079142903e994dc304
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
4e7be1305c3b9051e4f48847e51ec48e8cbcb85d81efaf3966011e62d13d8275
5246d691e3e54f6c2367c96f2d011cf4c10b9765b48a2e3af97335008b41b06e
52a2a239932d042b7668ae50d7582e85d4dc2c2c7ac05b8a300e52af204acac1
5361eac31c6c752526a603f8c06c6676e6a37bf2886773a704309ce10bb4cde8
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55458e796b56cd616e72a40da0a2ac6e20e2d393363a0cf904f7e5f1c46595bd
57d496bf6cc422d1a205260c3da0d33312e59a330700a18a844f25bf72b1652b
67cc4f7503ed27345a238fea307d436a84da083aa355b09d92708179d3396459
76d6181fc162eddfbab52d3d41b7c610188e552e594837c0f5b29227d21a2ed6
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
888efdb44765f6ba8c61b2088ef66ecd0e4b9b21a1a1eab293da70a86ec86749
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f
9e37f5a849815154249890ec08dcaf5b1b04bc4921d99f868f97f73b42558fed
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4816ae068130ce2952941b5887ccbd71f7fd096ccb9a5476c322757c5a3ccd5
e9902e8b1e6d7bf6df310e773757fdfeae3371a6ae7c97c76fdedcd85efc21d0
eec8493b53c3e56a00acee3fa3f85f1e88b447b2b644ea7f6a47d75fcfd45ac0
f88dd48caf4b30e10026fd8a2b7b5382e3879a906edf52c000d4a6f3f64399be
f9270b2cdebfa5680343077931e4b0cb2b34c1fa0ef7ddbb0b495a47cde17246
fe692b702d25099c206f915ee9074469787f6ac12835a23f849aaeb24fb05d68

www.shadowctrl.me Open in urlscan Pro 2606:4700:3033::ac43:d243 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

37 Requests

89 %HTTPS

89 %IPv6

8 Domains

10 Subdomains

8 IPs

4 Countries

1537 kBTransfer

2218 kBSize

26 Cookies

0 Outgoing links

Page URL History

Redirected requests

37 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.shadowctrl.me Open in urlscan Pro
2606:4700:3033::ac43:d243 Public Scan

Screenshot
Live screenshot

Full Image

37
Requests

89 %
HTTPS

89 %
IPv6

8
Domains

10
Subdomains

8
IPs

4
Countries

1537 kB
Transfer

2218 kB
Size

26
Cookies

37 HTTP transactions
0 data transactions