safeshadow.com Open in urlscan Pro
2606:4700:3033::6815:521d Public Scan

Go To Rescan
Add Verdict Report

URL:
https://safeshadow.com/
Submission: On July 12 via automatic, source certstream-suspicious (July 12th 2024, 9:12:28 pm UTC) — Scanned from DE

Summary HTTP 41 Redirects Behaviour Indicators

Summary

This website contacted 14 IPs in 2 countries across 12 domains to perform 41 HTTP transactions. The main IP is 2606:4700:3033::6815:521d, located in United States and belongs to CLOUDFLARENET, US. The main domain is safeshadow.com.
TLS certificate: Issued by WE1 on June 25th 2024. Valid for: 3 months.

This is the only time safeshadow.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
19	2606:4700:303... 2606:4700:3033::6815:521d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:806::200a	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
2	192.0.76.3 192.0.76.3	2635 (AUTOMATTIC) (AUTOMATTIC)
2	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
1	2600:9000:266... 2600:9000:266e:3800:5:bf05:acc0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a01:4f8:121:... 2a01:4f8:121:4384::2	24940 (HETZNER-AS) (HETZNER-AS)
1	91.208.158.75 91.208.158.75	34788 (NMM-AS D) (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68)
1	2a02:26f0:310... 2a02:26f0:3100::1735:2a33	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	91.234.30.212 91.234.30.212	34788 (NMM-AS D) (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68)
1	18.239.94.28 18.239.94.28	16509 (AMAZON-02) (AMAZON-02)
1	23.48.23.30 23.48.23.30	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a00:1450:400... 2a00:1450:4001:813::2001	15169 (GOOGLE) (GOOGLE)
41	14

19 2606:4700:3033::6815:521d (United States)

ASN13335 (CLOUDFLARENET, US)

safeshadow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

stats.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:266e:3800:5:bf05:acc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cf.bstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a01:4f8:121:4384::2 (Ehingen, Germany)

ASN24940 (HETZNER-AS, DE)

www.watson.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.208.158.75 (Germany)

ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE)

www.kreiszeitung.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3100::1735:2a33 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

heise.cloudimg.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 91.234.30.212 (Germany)

ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE)

www.fr.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.239.94.28 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-94-28.ams1.r.cloudfront.net

www.booking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.48.23.30 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-48-23-30.deploy.static.akamaitechnologies.com

images.bild.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	safeshadow.com safeshadow.com	479 KB
7	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 143 tpc.googlesyndication.com — Cisco Umbrella Rank: 180	215 KB
2	fr.de www.fr.de — Cisco Umbrella Rank: 240164	128 KB
2	watson.de www.watson.de — Cisco Umbrella Rank: 330019	174 KB
2	gstatic.com fonts.gstatic.com	80 KB
2	wp.com stats.wp.com — Cisco Umbrella Rank: 3237 pixel.wp.com — Cisco Umbrella Rank: 3179	3 KB
1	bild.de images.bild.de — Cisco Umbrella Rank: 54635	132 KB
1	booking.com www.booking.com — Cisco Umbrella Rank: 10426
1	cloudimg.io heise.cloudimg.io — Cisco Umbrella Rank: 115898	22 KB
1	kreiszeitung.de www.kreiszeitung.de — Cisco Umbrella Rank: 521700	64 KB
1	bstatic.com cf.bstatic.com — Cisco Umbrella Rank: 17356	3 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 74	3 KB
41	12

	Domain	Requested by
19	safeshadow.com	safeshadow.com
5	pagead2.googlesyndication.com	safeshadow.com pagead2.googlesyndication.com
2	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	www.fr.de	safeshadow.com
2	www.watson.de	safeshadow.com
2	fonts.gstatic.com	fonts.googleapis.com
1	images.bild.de	safeshadow.com
1	www.booking.com	cf.bstatic.com
1	heise.cloudimg.io	safeshadow.com
1	www.kreiszeitung.de	safeshadow.com
1	cf.bstatic.com	safeshadow.com
1	pixel.wp.com	safeshadow.com
1	stats.wp.com	safeshadow.com
1	fonts.googleapis.com	safeshadow.com
41	14

This site contains no links.

Subject Issuer	Validity	Valid
safeshadow.com WE1	`2024-06-25` - `2024-09-23`	3 months	crt.sh
upload.video.google.com WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
*.wp.com Sectigo ECC Domain Validation Secure Server CA	`2023-11-28` - `2024-12-28`	a year	crt.sh
*.gstatic.com WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
*.bstatic.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-11-29` - `2024-11-28`	a year	crt.sh
*.watson.de Thawte TLS RSA CA G1	`2023-09-12` - `2024-09-16`	a year	crt.sh
blickpunkt-nienburg.de R3	`2024-06-02` - `2024-08-31`	3 months	crt.sh
e2e6bae.cloudimg.io R3	`2024-05-30` - `2024-08-28`	3 months	crt.sh
fr.de R10	`2024-06-29` - `2024-09-27`	3 months	crt.sh
*.booking.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-05-01` - `2025-03-25`	a year	crt.sh
images.bild.de R3	`2024-05-20` - `2024-08-18`	3 months	crt.sh
tpc.googlesyndication.com WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh

This page contains 5 frames:

Primary Page: https://safeshadow.com/
Frame ID: B6E4D1D03F425E0E1A93F11D940B6828
Requests: 40 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/html/r20240709/r20110914/zrt_lookup_fy2021.html
Frame ID: 5508BFD57C693E4079C9364375755885
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-3059805454647315&output=html&adk=1812271804&adf=3025194257&abgtt=1&lmt=1720818743&plat=3%3A16%2C4%3A16%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fsafeshadow.com%2F&pra=5&wgl=1&easpi=0&aihb=0&asro=0&ailel=34~32~27~29~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~30&aiael=34~32~27~29~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~30&aifxl=32_7~27_8~29_18~30_19&aiixl=32_9~27_3~29_5~30_6&aslmct=0.7&asamct=0.7&aipaq=1&aisaib=1&itsi=-1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1720818743333&bpp=4&bdt=216&idt=298&shv=r20240709&mjsv=m202407090101&ptt=9&saldr=aa&abxe=1&eoidce=1&nras=1&correlator=7239888704002&frm=20&pv=2&ga_vid=1019811494.1720818744&ga_sid=1720818744&ga_hid=849762771&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31085138%2C95334509%2C95334527%2C95334578%2C95334830%2C95337027%2C31085181%2C95335246%2C31084186%2C95337093%2C31078663%2C31078668%2C31078670&oid=2&pvsid=3222746368403863&tmod=1646181553&uas=0&nvt=1&fsapi=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&nt=1&ifi=1&uci=a!1&fsb=1&dtd=338
Frame ID: 2BC7FD739403BC62801F4BF8B1EB3A1A
Requests: 1 HTTP requests in this frame

Frame: https://www.booking.com/flexiproduct.html?product=banner&w=120&h=600&lang=es&aid=2423740&target_aid=2423740&banner_id=125954&tmpl=affiliate_banner&fid=1720818743687&
Frame ID: 031CFE0F5DDFAE30B8B009CE7C14F658
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: FE5FDADF2FA947A78776812C0B416B69
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Safe Shadow

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

41
Requests

98 %
HTTPS

62 %
IPv6

12
Domains

14
Subdomains

14
IPs

2
Countries

1303 kB
Transfer

2990 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

41 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3 200 Primary Request / Show response
safeshadow.com/ 164 KB
27 KB 394ms
341ms Document
text/html 2606:4700:3033::6815:521d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://safeshadow.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::6815:521d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

713e74afd08c15988aa3384a36f8ab9237a29f160c3ae3d249bec0d2acb86a35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8a2407f65ed203cd-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 12 Jul 2024 21:12:23 GMT
last-modified: Fri, 12 Jul 2024 21:12:23 GMT
link: <https://safeshadow.com/wp-json/>; rel="https://api.w.org/"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tvdW2nq3KQzUP7o68YOAhGpZ%2FclUnxKOl8E7fjiNKD%2BOVOSGHgKcIQROejcroZgtFKnHEL9UDuvCqniM%2BehWevr%2B7vAsX900CfL5JgAWdyFSEnDnCoCFLRUUWOQbfRGXM4VpBMV2w%2BuWMDSbdw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 200 css
fonts.googleapis.com/ 68 KB
3 KB 43ms
18ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Muli%3A400%2C400i%2C600%2C600i%2C700%2C700i%2C800%2C800i%7COpen%20Sans%3A400%2C400i%2C600%2C600i%2C700%2C700i%2C800%2C800i%7CRoboto%3A400%2C400i%2C500%2C500i%2C700%2C700i&subset=latin%2Clatin-ext&display=swap

Requested by

Host: safeshadow.com
URL: https://safeshadow.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

80ad0db193413c7f4bd59e72460cd84878cc60d28d7d85700dbea223674ad7b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://safeshadow.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 12 Jul 2024 21:12:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 12 Jul 2024 21:12:23 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 12 Jul 2024 21:12:23 GMT

GET
H3 200 style.min.css
safeshadow.com/wp-includes/css/dist/block-library/ 111 KB
16 KB 48ms
46ms Stylesheet
text/css 2606:4700:3033::6815:521d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://safeshadow.com/wp-includes/css/dist/block-library/style.min.css?ver=6.5.2

Requested by

Host: safeshadow.com
URL: https://safeshadow.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::6815:521d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

98cecf88a23542fa047ce46eedb650b5c5128761ed4386c0977b847094ddfa20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://safeshadow.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 21:12:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Thu, 18 Apr 2024 05:31:37 GMT
server: cloudflare
etag: W/"6620b039-1bae5"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=y%2Fo7IwUHnbj85BJmH3teCHrdsWpM0ReQeOyqEa%2BQG1gjWF962XTG15fH9v8P3wEZGWpmDWaXkmRWDqZPTHxcGF1wh7YmEP66onDtg249rZiP5lZEu%2B6Kc0zVSL4%2BmdPK6iAuo509IWskftwN8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
cf-ray: 8a2407f8897f03cd-FRA
expires: Wed, 17 Jul 2024 11:32:56 GMT

GET
H3 200 mediaelementplayer-legacy.min.css
safeshadow.com/wp-includes/js/mediaelement/ 11 KB
3 KB 47ms
44ms Stylesheet
text/css 2606:4700:3033::6815:521d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://safeshadow.com/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.17

Requested by

Host: safeshadow.com
URL: https://safeshadow.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::6815:521d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://safeshadow.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 21:12:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Sun, 12 Sep 2021 09:44:57 GMT
server: cloudflare
etag: W/"613dcc19-2bf8"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NEAC23PL4FZwCA6TZgRmYBZaOMRSC3XeJX5gaDB5SFOnUQKqva24XlHF4DDaT%2BwUq4g72IcQ9NCxvPsCu%2B8URybZmHaAOkIwNUMPG7yAZdK2fDvrKTMENTww756g76TqSLOxO%2BVMpUiSD2%2FvCg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
cf-ray: 8a2407f8898203cd-FRA
expires: Sat, 20 Jul 2024 20:24:11 GMT

GET
H3 200 wp-mediaelement.min.css
safeshadow.com/wp-includes/js/mediaelement/ 4 KB
2 KB 47ms
45ms Stylesheet
text/css 2606:4700:3033::6815:521d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://safeshadow.com/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=6.5.2

Requested by

Host: safeshadow.com
URL: https://safeshadow.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::6815:521d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://safeshadow.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 21:12:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Fri, 04 Dec 2020 10:14:30 GMT
server: cloudflare
etag: W/"5fca0c06-105a"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0m2Jsvx%2F8o7yCU9OaTSrmrgAoImGoYNXSKJVc1COFJsl6oDAZeT10kriPTehlz7TMkEOJCsIZa3S0IWVuFi4QwDRZGb9k6MNQSc3mNDeC0nygQbABojTFLf7zbdPSSEHHaT3j4nmNv4Wa3727A%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
cf-ray: 8a2407f8898403cd-FRA
expires: Sun, 11 Aug 2024 17:30:11 GMT

GET
H3 200 style.css
safeshadow.com/wp-content/themes/everest-news-pro/ 2 KB
1 KB 99ms
97ms Stylesheet
text/css 2606:4700:3033::6815:521d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://safeshadow.com/wp-content/themes/everest-news-pro/style.css?ver=6.5.2

Requested by

Host: safeshadow.com
URL: https://safeshadow.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::6815:521d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1d243a2ec062d68981cc916eb24c9a8102fa5739e4fdc67a543f3c46df234756

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://safeshadow.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 21:12:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Wed, 27 Jan 2021 02:57:28 GMT
server: cloudflare
etag: W/"6010d698-600"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gE8QaCtvcMhwFWrhg7qceQALA5PkrzH3%2B3Xg1F20jmaBO59OjaMJXK9jvjap5OimCNNxfrF85Lnk%2FzlIyiviYLrMF7BtD3O7dIcvQN4O6ZfsXU%2F5Kde7fDqBgGYvvNZc%2FbnL2NQ9rOA4hIAf4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
cf-ray: 8a2407f8898603cd-FRA
expires: Fri, 09 Aug 2024 22:09:43 GMT

GET
H3 200 main.css
safeshadow.com/wp-content/themes/everest-news-pro/assets/dist/css/ 325 KB
52 KB 52ms
50ms Stylesheet
text/css 2606:4700:3033::6815:521d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://safeshadow.com/wp-content/themes/everest-news-pro/assets/dist/css/main.css?ver=6.5.2

Requested by

Host: safeshadow.com
URL: https://safeshadow.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::6815:521d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1682d42650a9e6fc16fb5002bae0f9f712d9f08fe0500846d5afa928fc654139

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://safeshadow.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 21:12:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Wed, 27 Jan 2021 02:57:28 GMT
server: cloudflare
etag: W/"6010d698-514a5"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=n0OVclKONVQj%2BnH39rBd8aYfQ2aB7aNeKZ23sm96XVD%2FX37iMme4UpP%2Fg2aItHJ%2BVb1yDmUAd5AV8TAihy75fnonz6cu93V5iaKiO%2F9GNl1cDf0RklG6fvEffNPXAPr62fKGSDXN9ocQQyUFUw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
cf-ray: 8a2407f8898703cd-FRA
expires: Wed, 31 Jul 2024 11:17:29 GMT

GET
H3 200 buttons.min.css
safeshadow.com/wp-includes/css/ 6 KB
2 KB 47ms
45ms Stylesheet
text/css 2606:4700:3033::6815:521d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://safeshadow.com/wp-includes/css/buttons.min.css?ver=6.5.2

Requested by

Host: safeshadow.com
URL: https://safeshadow.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::6815:521d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d5a5fea14a12ec9ee91f044a7ff810602662c97d3fad8728497ea4e8c5aef0eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://safeshadow.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 21:12:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Thu, 18 Apr 2024 05:31:37 GMT
server: cloudflare
etag: W/"6620b039-17ad"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mfCXtEUanLXplzL9coSBI6KGXI7aKDRSekVGI98slFL1Pvg%2BJqJwLHVsIq7QgxR3z%2BnqxOO%2BDOAw0eTrq0OGjV224XypNvux6UYiLtWh9mEqBO7cURpZMO4ZAWOd2oYATz%2Fm7nWn88CN4I%2BHYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
cf-ray: 8a2407f8898a03cd-FRA
expires: Sat, 03 Aug 2024 00:34:49 GMT

GET
H3 200 dashicons.min.css
safeshadow.com/wp-includes/css/ 58 KB
35 KB 60ms
59ms Stylesheet
text/css 2606:4700:3033::6815:521d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://safeshadow.com/wp-includes/css/dashicons.min.css?ver=6.5.2

Requested by

Host: safeshadow.com
URL: https://safeshadow.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::6815:521d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://safeshadow.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 21:12:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Sun, 12 Sep 2021 09:44:58 GMT
server: cloudflare
etag: W/"613dcc1a-e688"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=G10yjotiXXVkgaGpP1sq1rsDMclQpc%2BCBgdYbeTSKQBEFaZiyWQB6ss%2BtjrpBxODprTdEJX98PaInK7CgXMrrXhLkSUjSx1A6iMi%2FtulVV2sRxKN1%2BOcUROEryaTsIXw2B3QE05pj32B%2BrTOPA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
cf-ray: 8a2407f8898f03cd-FRA
expires: Wed, 17 Jul 2024 11:33:08 GMT

GET
H3 200 media-views.min.css
safeshadow.com/wp-includes/css/ 46 KB
9 KB 99ms
97ms Stylesheet
text/css 2606:4700:3033::6815:521d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://safeshadow.com/wp-includes/css/media-views.min.css?ver=6.5.2

Requested by

Host: safeshadow.com
URL: https://safeshadow.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::6815:521d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

108b3ac60e3c9a4365f30dbd8dbf48fa487b0a7c6f33e300af041faaa8ad06c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://safeshadow.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 21:12:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Thu, 18 Apr 2024 05:31:37 GMT
server: cloudflare
etag: W/"6620b039-b695"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qQUjKwh1%2FH5pATGxLdDKSx2BQK3BBU6GRzj4X2ZqrIaJXrXtiJECHKGEK8nIAs8kH8CWYW82XFQLku4wn4yAMkkxKdWDbqI86hEthaRN4oA2IIcEr52lbSZrkuPEfT2Bz540VR9SrLZMG%2BOZYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
cf-ray: 8a2407f8899003cd-FRA
expires: Sun, 11 Aug 2024 16:11:17 GMT

GET
H3 200 imgareaselect.css
safeshadow.com/wp-includes/js/imgareaselect/ 790 B
757 B 44ms
43ms Stylesheet
text/css 2606:4700:3033::6815:521d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://safeshadow.com/wp-includes/js/imgareaselect/imgareaselect.css?ver=0.9.8

Requested by

Host: safeshadow.com
URL: https://safeshadow.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::6815:521d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

55a36298517619f755ac3c59b3c37cde07d3c2ce66526bf42df296bda945838c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://safeshadow.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 21:12:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Fri, 04 Dec 2020 10:14:30 GMT
server: cloudflare
etag: W/"5fca0c06-316"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HwE%2BfiUnO%2BVM1i3R5jtXDBCfwX9ZVm25wzuMG6FkkOenldXNfe7EmO%2F4tjgY4tosPzYtDz8h6gbD2uK9w%2FU5rg1ylxBGttt2N5CQaUDcl4U%2Bf61L6fW1WNjHseobvv4mVrSINqvVT0In9F1t%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
cf-ray: 8a2407f8899403cd-FRA
expires: Fri, 02 Aug 2024 22:06:54 GMT

GET
H3 200 jquery.min.js Show response
safeshadow.com/wp-includes/js/jquery/ 86 KB
30 KB 47ms
46ms Script
application/javascript 2606:4700:3033::6815:521d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://safeshadow.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Requested by

Host: safeshadow.com
URL: https://safeshadow.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::6815:521d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://safeshadow.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 21:12:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Fri, 17 Nov 2023 12:29:53 GMT
server: cloudflare
etag: W/"65575cc1-15601"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mLOP0%2Fel2bRaha6Om8pEXLZW9TcB4zz6YMNMhHp%2BONcU0a9lI6%2B75bN8GGrHKSERwrmhpIeF5nD5imyEB8%2BxHHSg7R3QNbQaA3yW%2BT3ZzHALyn4Q1rhUydjg5381dIFCXmhlQ2Us9uvEaqNJzg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
cf-ray: 8a2407f92a3203cd-FRA
expires: Fri, 02 Aug 2024 20:24:07 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 159 KB
52 KB 74ms
56ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: safeshadow.com
URL: https://safeshadow.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d74fde73e6f0ac6012c0744df5ae237eb7126c538baa6eafe041329536e27bec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://safeshadow.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 21:12:23 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53377
x-xss-protection: 0
server: cafe
etag: 15552150000044146899
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Fri, 12 Jul 2024 21:12:23 GMT

GET
H3 200 wp-polyfill.min.js Show response
safeshadow.com/wp-includes/js/dist/vendor/ 38 KB
14 KB 64ms
63ms Script
application/javascript 2606:4700:3033::6815:521d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://safeshadow.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0

Requested by

Host: safeshadow.com
URL: https://safeshadow.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::6815:521d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

17b79ece7ef9d1454a90156690d33d64387b67a7a7548fc826012512e287a937

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://safeshadow.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 21:12:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Thu, 18 Apr 2024 05:31:37 GMT
server: cloudflare
etag: W/"6620b039-96be"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=J8gB605yv2rBDP7FGhvufTHRDdrcRZPeAyddhM62VFq2uyzbX3ocZjv2%2BnLSZsyDwW8Q%2BVZY15VvwKwDvLC4I5fwqkhpe%2FLm4dEf6%2BUow23KSlv5dKULzI65fZbifSdiDmQ0F0WPoyD59tYd5w%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
cf-ray: 8a2407f8a9a903cd-FRA
expires: Sun, 21 Jul 2024 05:39:57 GMT

GET
H3 200 hooks.min.js Show response
safeshadow.com/wp-includes/js/dist/ 4 KB
2 KB 44ms
42ms Script
application/javascript 2606:4700:3033::6815:521d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://safeshadow.com/wp-includes/js/dist/hooks.min.js?ver=2810c76e705dd1a53b18

Requested by

Host: safeshadow.com
URL: https://safeshadow.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::6815:521d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2cb546fbdda7995d374fffa4b2f6530bbcf57d014639ddf76de45df43d593045

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://safeshadow.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 21:12:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Thu, 18 Apr 2024 05:31:37 GMT
server: cloudflare
etag: W/"6620b039-10d3"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4zbwDI97B%2FndRiRrA85FDHn9k9dYM2cKK6UKmbom2STej9hJH%2FhTrPyEzeeWUanqihCewkx5qPtPPeKk7XZULu4ZHp%2FDgoSF1hMj39GiqVvTebmY3pa5AxYH8tteAduREw6ADMpTh3%2FVk1QSjg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
cf-ray: 8a2407f8a9ad03cd-FRA
expires: Wed, 17 Jul 2024 06:27:32 GMT

GET
H3 200 i18n.min.js Show response
safeshadow.com/wp-includes/js/dist/ 9 KB
4 KB 49ms
48ms Script
application/javascript 2606:4700:3033::6815:521d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://safeshadow.com/wp-includes/js/dist/i18n.min.js?ver=5e580eb46a90c2b997e6

Requested by

Host: safeshadow.com
URL: https://safeshadow.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::6815:521d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f313d12ea6124bd28fc4a6b7163d253bb83d5aeab5edce594880c5c3df475cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://safeshadow.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 21:12:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Thu, 18 Apr 2024 05:31:37 GMT
server: cloudflare
etag: W/"6620b039-23b5"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jT9Azo%2B2Q6lOWeBPemrYUGBOuLDdeWF9TXBT%2Fxpd%2BxRSNQlmJKzHKs%2B289F%2BfhyI5Xe5i9vzK4ZO6a4eJjAA4hxo5HPVlyTNY0I%2B13WtR5%2F42v9OnFxKykrdCjBYgLu184omiKtjVkl1MO1XJQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
cf-ray: 8a2407f8a9af03cd-FRA
expires: Sat, 03 Aug 2024 04:01:48 GMT

GET
H2 200 e-202428.js Show response
stats.wp.com/ 7 KB
3 KB 32ms
6ms Script
application/javascript 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.wp.com/e-202428.js
Requested by: Host: safeshadow.com
URL: https://safeshadow.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 5badd609a51ede5bab5b89534fc3011a4dd1ab487cc7081d7cf38479bcbab855

Request headers

Referer: https://safeshadow.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-minify-cache: hit
x-nc: HIT hhn
date: Fri, 12 Jul 2024 21:12:23 GMT
content-encoding: br
server: nginx
x-minify: t
etag: W/14421-1717166113530.9253
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
alt-svc: h3=":443"; ma=86400
expires: Sun, 29 Jun 2025 08:45:26 GMT

GET
H3 200 lazyload.min.js Show response
safeshadow.com/wp-content/plugins/wp-rocket/assets/js/lazyload/17.5/ 8 KB
3 KB 47ms
47ms Script
application/javascript 2606:4700:3033::6815:521d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://safeshadow.com/wp-content/plugins/wp-rocket/assets/js/lazyload/17.5/lazyload.min.js

Requested by

Host: safeshadow.com
URL: https://safeshadow.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::6815:521d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8ceb3992861ed1fda25855c2e500e76842ae0d788405e50e3a9f45df36499cf6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://safeshadow.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 21:12:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Thu, 18 Apr 2024 05:10:59 GMT
server: cloudflare
etag: W/"6620ab63-2063"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NTaevOizfsGNjM7OSpdPVoYsRkhcqHBKk4KFfh5ctQQrtT%2B%2BlHVOMNFybXdwhAhq70f%2BGhl6st%2BU6hvYEkEme3IoUzXvObtmqNpZLtpl4X6rHsSru5RCwioXw8ZPVgLdoNMtEHTkWrrPJ9QjaQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
cf-ray: 8a2407f92a3603cd-FRA
expires: Sun, 11 Aug 2024 17:30:12 GMT

GET
H3 200 8d94fb56eb9306536da88ddf3700245b.js Show response
safeshadow.com/wp-content/cache/min/1/ 758 KB
208 KB 55ms
54ms Script
application/javascript 2606:4700:3033::6815:521d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://safeshadow.com/wp-content/cache/min/1/8d94fb56eb9306536da88ddf3700245b.js

Requested by

Host: safeshadow.com
URL: https://safeshadow.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::6815:521d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3f7df939ab8c88f1ecb0b82698c3e7576b9b6c489624c4ac2c75ab5f3ed0bcac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://safeshadow.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 21:12:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 212832
x-xss-protection: 1; mode=block
last-modified: Tue, 09 Jul 2024 03:21:38 GMT
server: cloudflare
etag: "668cacc2-33f60"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TUHYb657dHB6N%2BHbgDY21M3pYErRfFO0RMnB18TGVtiDSBhVagH5dqXhpP7rj2P14E%2FzDlKnvMHvpF9M5bV54RLZuRWsh8Krx0QEQ6V57iKVcFPhuvB6em9hG5XilD1%2BU6E7p5JucJzIk%2BEbCA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 8a2407f92a3803cd-FRA
expires: Thu, 08 Aug 2024 03:22:12 GMT

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2bed97a07ba4c770aeb551861ab1407403455ec1de7d15eb2da8dc9c36a4711c

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 37 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 47 KB
48 KB 34ms
6ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Muli%3A400%2C400i%2C600%2C600i%2C700%2C700i%2C800%2C800i%7COpen%20Sans%3A400%2C400i%2C600%2C600i%2C700%2C700i%2C800%2C800i%7CRoboto%3A400%2C400i%2C500%2C500i%2C700%2C700i&subset=latin%2Clatin-ext&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://safeshadow.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 10:01:55 GMT
x-content-type-options: nosniff
age: 299428
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48236
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 09 Jul 2025 10:01:55 GMT

GET
H3 200 fa-solid-900.woff2
safeshadow.com/wp-content/themes/everest-news-pro/assets/dist/fonts/fontAwesome/ 58 KB
59 KB 43ms
42ms Font
font/woff2 2606:4700:3033::6815:521d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://safeshadow.com/wp-content/themes/everest-news-pro/assets/dist/fonts/fontAwesome/fa-solid-900.woff2

Requested by

Host: safeshadow.com
URL: https://safeshadow.com/wp-content/themes/everest-news-pro/assets/dist/css/main.css?ver=6.5.2

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::6815:521d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a83079124373d924ad1402fbc08d2e24d0043234d4c26565f1c368745f55f5d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://safeshadow.com/wp-content/themes/everest-news-pro/assets/dist/css/main.css?ver=6.5.2
Origin: https://safeshadow.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 21:12:23 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 59572
x-xss-protection: 1; mode=block
last-modified: Wed, 27 Jan 2021 02:57:28 GMT
server: cloudflare
etag: "6010d698-e8b4"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RWX6l0maWk8LvcHOjD5fE8CaDdkNhyonvd%2FdI9orhFnXZMPQIFM%2FDXf7cOkPLTp7mi6XSzunMn6%2Bz%2Bo2Cqq6RcRvrSCS0VIPydm9jk5uProzCzEz0czP2gR8TF%2BKV%2BiMRaZeOIa3ACO4iAw%2FOw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
vary: Accept-Encoding
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 8a2407f97aa503cd-FRA
expires: Sun, 21 Jul 2024 06:14:09 GMT

GET
H2 200 7Auwp_0qiz-afTLGLQ.woff2
fonts.gstatic.com/s/muli/v29/ 32 KB
32 KB 42ms
14ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/muli/v29/7Auwp_0qiz-afTLGLQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f68d37d474952b1fbe30def1b69e63e79c46a70263433285783b69ac0107b929

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://safeshadow.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 09:40:38 GMT
x-content-type-options: nosniff
age: 300705
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32796
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:41:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 09 Jul 2025 09:40:38 GMT

GET
H2 200 g.gif
pixel.wp.com/ 50 B
177 B 20ms
6ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/g.gif?v=ext&blog=118601662&post=0&tz=2&srv=safeshadow.com&j=1%3A13.6&host=safeshadow.com&ref=&fcp=0&rand=0.6671099473642383
Requested by: Host: safeshadow.com
URL: https://safeshadow.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

Referer: https://safeshadow.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 12 Jul 2024 21:12:23 GMT
cache-control: no-cache
server: nginx
alt-svc: h3=":443"; ma=86400
content-length: 50
content-type: image/gif

GET
H3 200 Safe-Shadow-Logo.png
safeshadow.com/wp-content/uploads/2020/12/ 6 KB
7 KB 47ms
45ms Image
image/png 2606:4700:3033::6815:521d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://safeshadow.com/wp-content/uploads/2020/12/Safe-Shadow-Logo.png

Requested by

Host: safeshadow.com
URL: https://safeshadow.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::6815:521d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

23c26457e9c68cc9521cf1ca70dd4f61a8b728589dbd0ec6d2ab4f2fefaa02eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://safeshadow.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 21:12:23 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 6440
x-xss-protection: 1; mode=block
last-modified: Sun, 06 Dec 2020 05:21:12 GMT
server: cloudflare
etag: "5fcc6a48-1928"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eMCEctg6SxJBfM7DTB7JLUtsCth7mv289no7qj%2FsHwFpuhdrI%2FUQgTio5Olny2OQrR4nN2C8AIaM40uiIWOBcnT0fdUz8awHxa34fjYQUVhzLwWgvMF%2B%2Fk7jhWrzOz1sGOo2zIai38zzKx959w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 8a2407f99ad003cd-FRA
expires: Sun, 21 Jul 2024 06:14:10 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407090101/ 424 KB
143 KB 68ms
67ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3059805454647315&plah=safeshadow.com&aplac=true&bust=31085181

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

482d11cc597bb4d0f805f6ecd2040ed00fb07cac1aed846df07aacb3dcc39917

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://safeshadow.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 21:12:23 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 146685
x-xss-protection: 0
server: cafe
etag: 13235596716642871486
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 12 Jul 2024 21:12:23 GMT

GET
H2 200 flexiproduct.js Show response
cf.bstatic.com/static/affiliate_base/js/ 6 KB
3 KB 39ms
7ms Script
application/javascript 2600:9000:266e:3800:5:bf05:acc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cf.bstatic.com/static/affiliate_base/js/flexiproduct.js?v=1720818743500

Requested by

Host: safeshadow.com
URL: https://safeshadow.com/wp-content/cache/min/1/8d94fb56eb9306536da88ddf3700245b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:266e:3800:5:bf05:acc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

6f2c2164df92670e1f44b40c516e974340a0a4834b5a2b2156faf3f1c6fc0e90

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://safeshadow.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 03 Jul 2024 02:11:43 GMT
content-encoding: br
via: 1.1 a530f843a2269d63579bc4238b63fbac.cloudfront.net (CloudFront)
nel: {"report_to":"default","max_age":600}
x-amz-cf-pop: FRA56-P8
age: 846040
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
last-modified: Mon, 13 Jun 2022 03:41:28 GMT
server: nginx
etag: W/"62a6b1e8-1849"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
timing-allow-origin: *
x-amz-cf-id: JjMPRBRhj98jnxQi-ERCiUEYTshTjv_IExw0gVANsu7xlVP9F0sx9A==
expires: Fri, 02 Aug 2024 02:11:43 GMT

GET
H2 200 7101895758513492
www.watson.de/imgdb/d64c/Qx,A,37,100,1959,1219,983,438,184,184/ 39 KB
40 KB 55ms
21ms Image
image/webp 2a01:4f8:121:4384::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.watson.de/imgdb/d64c/Qx,A,37,100,1959,1219,983,438,184,184/7101895758513492
Requested by: Host: safeshadow.com
URL: https://safeshadow.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4f8:121:4384::2 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: /
Resource Hash: 4896d3e8148df38ca3bf5d24599c35016ba597a1d4a7b5f2c4cd1a052719002d

Request headers

Referer: https://safeshadow.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 11:12:47 GMT
via: 1.1 de-hzn1-fre4-neu (Varnish/7.2)
x-backend: 127.0.0.1
age: 35975
x-cache: HIT
x-url: /imgdb/d64c/Qx,A,37,100,1959,1219,983,438,184,184/7101895758513492
x-host: www.watson.de
x-region: de
alt-svc: h3=":443";ma=900;
content-length: 40366
x-varnish-host: de-hzn1-fre4-neu
content-type: image/webp
x-varnish: 272202337 261920444
cache-control: public, max-age=86400
accept-ranges: bytes
x-cache-hits: 2038

GET
H2 200 28472079-junge-frau-haelt-sich-in-der-bahn-an-einer-stange-fest-0fe.jpg
www.kreiszeitung.de/assets/images/28/472/ 63 KB
64 KB 103ms
46ms Image
image/jpeg 91.208.158.75
02742 Friedersdor...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.kreiszeitung.de/assets/images/28/472/28472079-junge-frau-haelt-sich-in-der-bahn-an-einer-stange-fest-0fe.jpg
Requested by: Host: safeshadow.com
URL: https://safeshadow.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 91.208.158.75 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
Software: nginx, idlb4 /
Resource Hash: 779e152af656c490eb76025e9d6250f8f0fcf8cb81a97ed8d7534151da1a95f7

Request headers

Referer: https://safeshadow.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

expires: Sun, 11 Aug 2024 10:36:50 GMT
date: Fri, 12 Jul 2024 21:12:23 GMT
via: 1.1 varnish-v4
last-modified: Fri, 12 Jul 2024 10:36:47 GMT
server: nginx, idlb4
age: 38133
x-cache: HIT
content-type: image/jpeg
x-varnish: 602783222 141739565
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 64910
mime-version: 1.0
x-cache-hits: 265

GET
H2 200 shared_image__1_-1c371916911f4c72.jpg
heise.cloudimg.io/width/696/q50.png-lossy-50.webp-lossy-50.foil1/_www-heise-de_/imgs/18/4/6/3/2/9/4/8/ 21 KB
22 KB 173ms
61ms Image
image/webp 2a02:26f0:3100::1735:2a33
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heise.cloudimg.io/width/696/q50.png-lossy-50.webp-lossy-50.foil1/_www-heise-de_/imgs/18/4/6/3/2/9/4/8/shared_image__1_-1c371916911f4c72.jpg

Requested by

Host: safeshadow.com
URL: https://safeshadow.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3100::1735:2a33 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Scaleflex HTTP Loadbalancer / cloudimage.io

Resource Hash

5cb30f2931ee9d5420e0305b1ac517232e963396c1336b5d386e0ed115af06cd

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' data: blob:
X-Xss-Protection	1

Request headers

Referer: https://safeshadow.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' data: blob:
date: Fri, 12 Jul 2024 21:12:23 GMT
x-powered-by: cloudimage.io
x-transition-hexa: hh1:21__hh2:be__hh:eu-ov-300zscal3fl3xcom_tint:2_tint1:0_tint2:1_tdwndns:0_tdwntfb:0_tdwntot:0_tdwn:0_tcre:0_trsz:0_tpop:0_tsve:0_ttst:0_tfin:2
content-length: 21490
x-xss-protection: 1
x-resource-length: 21490
server: Scaleflex HTTP Loadbalancer
x-cloudimg-traceid: C083_240712163344_c76b4_YAlM#300z
etag: "a30a9bbbbae058d39ca085cb96e397e3"
x-resource-status: cached_resized
access-control-allow-methods: POST, GET, OPTIONS
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=2575227, s-maxage=31536000
x-resource-version: 20240712_163344_a7be4ffbda18e72cd6d1638ff0570625
timing-allow-origin: *
akamai-request-bc: [a=23.53.42.47,b=1331941870,c=g,n=DE_HE_FRANKFURT,o=20940],[c=c,n=DE_HE_FRANKFURT,o=20940]

GET
H2 200 35063614-us-praesident-donald-trump-gespraech-kanzlerin-merkel-arbeitssitzung-nato-gipfel-2019-2TDHQldkYvBG.jpg
www.fr.de/assets/images/35/63/ 65 KB
66 KB 107ms
46ms Image
image/jpeg 91.234.30.212
02742 Friedersdor...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.fr.de/assets/images/35/63/35063614-us-praesident-donald-trump-gespraech-kanzlerin-merkel-arbeitssitzung-nato-gipfel-2019-2TDHQldkYvBG.jpg
Requested by: Host: safeshadow.com
URL: https://safeshadow.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 91.234.30.212 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
Software: nginx, idlb4 /
Resource Hash: f53992f53db49e69101e6a3c1eba5328141477920863c3a879298570675607bb

Request headers

Referer: https://safeshadow.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

expires: Sun, 11 Aug 2024 07:59:52 GMT
date: Fri, 12 Jul 2024 21:12:23 GMT
via: 1.1 varnish-v4
last-modified: Fri, 12 Jul 2024 07:59:47 GMT
server: nginx, idlb4
age: 47550
x-cache: HIT
content-type: image/jpeg
x-varnish: 607926377 1014730366
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 66946
mime-version: 1.0
x-cache-hits: 2417

GET
DATA 200
OK truncated
/ 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d2437ddf45aa84303d14cc4569941c1ae58e8accca92216349c1332794015c6f

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3 200 zrt_lookup_fy2021.html
pagead2.googlesyndication.com/pagead/html/r20240709/r20110914/ Frame 5508 0
0 22ms
7ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/html/r20240709/r20110914/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3059805454647315&plah=safeshadow.com&aplac=true&bust=31085181

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://safeshadow.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

age: 8956
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4142
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 12 Jul 2024 18:43:07 GMT
etag: 2738592464165616
expires: Fri, 26 Jul 2024 18:43:07 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 403 ads
pagead2.googlesyndication.com/pagead/ Frame 2BC7 0
0 29ms
28ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-3059805454647315&output=html&adk=1812271804&adf=3025194257&abgtt=1&lmt=1720818743&plat=3%3A16%2C4%3A16%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fsafeshadow.com%2F&pra=5&wgl=1&easpi=0&aihb=0&asro=0&ailel=34~32~27~29~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~30&aiael=34~32~27~29~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~30&aifxl=32_7~27_8~29_18~30_19&aiixl=32_9~27_3~29_5~30_6&aslmct=0.7&asamct=0.7&aipaq=1&aisaib=1&itsi=-1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1720818743333&bpp=4&bdt=216&idt=298&shv=r20240709&mjsv=m202407090101&ptt=9&saldr=aa&abxe=1&eoidce=1&nras=1&correlator=7239888704002&frm=20&pv=2&ga_vid=1019811494.1720818744&ga_sid=1720818744&ga_hid=849762771&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31085138%2C95334509%2C95334527%2C95334578%2C95334830%2C95337027%2C31085181%2C95335246%2C31084186%2C95337093%2C31078663%2C31078668%2C31078670&oid=2&pvsid=3222746368403863&tmod=1646181553&uas=0&nvt=1&fsapi=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&nt=1&ifi=1&uci=a!1&fsb=1&dtd=338

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://safeshadow.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 12 Jul 2024 21:12:23 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 flexiproduct.html
www.booking.com/ Frame 031C 0
0 260ms
183ms Document
text/html 18.239.94.28
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.booking.com/flexiproduct.html?product=banner&w=120&h=600&lang=es&aid=2423740&target_aid=2423740&banner_id=125954&tmpl=affiliate_banner&fid=1720818743687&

Requested by

Host: cf.bstatic.com
URL: https://cf.bstatic.com/static/affiliate_base/js/flexiproduct.js?v=1720818743500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.239.94.28 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-239-94-28.ams1.r.cloudfront.net

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://safeshadow.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

cache-control: private
content-encoding: br
content-length: 1143
content-type: text/html; charset=UTF-8
date: Fri, 12 Jul 2024 21:12:23 GMT
nel: {"max_age":604800,"report_to":"default"}
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"group":"default","max_age":604800}
server: nginx
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: User-Agent, Accept-Encoding
via: 1.1 6553b2bbd8fca4153c739e94065a1184.cloudfront.net (CloudFront)
x-amz-cf-id: Ejim-KXENgp2GwiE561cuKOG_-BtvEWrj_hJmPVntWrD8tO-QUnExA==
x-amz-cf-pop: AMS1-P3
x-cache: Miss from cloudfront
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 b8aac654a4fc74127a2072c5abe0a199,2e4f99f0
images.bild.de/66900060028bf47c5210c753/ 132 KB
132 KB 107ms
24ms Image
image/webp 23.48.23.30
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.bild.de/66900060028bf47c5210c753/b8aac654a4fc74127a2072c5abe0a199,2e4f99f0?w=992
Requested by: Host: safeshadow.com
URL: https://safeshadow.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.48.23.30 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-48-23-30.deploy.static.akamaitechnologies.com
Software: Skipper /
Resource Hash: 64158f2398fc7cbdf308dc1d92a911fe8d44c91a62884d09a43b9ff3b10028ca

Request headers

Referer: https://safeshadow.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-fetcher-etag: "0403dd5406d5f15c9a0ad4b1ef2687a9"
x-fetcher-last-modified: Thu, 11 Jul 2024 18:22:39 GMT
date: Fri, 12 Jul 2024 21:12:23 GMT
server: Skipper
etag: "-284136126"
content-type: image/webp
cache-control: must-revalidate, public
content-length: 134990
expires: Tue, 08 Jul 2025 13:35:58 GMT

GET
H2 200 35061854-russische-soldaten-nahe-der-front-im-ukraine-krieg-OwBG.jpg
www.fr.de/assets/images/35/61/ 62 KB
62 KB 31ms
30ms Image
image/jpeg 91.234.30.212
02742 Friedersdor...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.fr.de/assets/images/35/61/35061854-russische-soldaten-nahe-der-front-im-ukraine-krieg-OwBG.jpg
Requested by: Host: safeshadow.com
URL: https://safeshadow.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 91.234.30.212 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
Software: nginx, idlb4 /
Resource Hash: 849f5dadeeb94a2e03916edc9de6344ae37c82da2475f4a7be757306c9b3d4bb

Request headers

Referer: https://safeshadow.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

expires: Sat, 10 Aug 2024 17:01:50 GMT
date: Fri, 12 Jul 2024 21:12:23 GMT
via: 1.1 varnish-v4
last-modified: Thu, 11 Jul 2024 17:01:43 GMT
server: nginx, idlb4
age: 101432
x-cache: HIT
content-type: image/jpeg
x-varnish: 607926409 592779672
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 63574
mime-version: 1.0
x-cache-hits: 14348

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 17 KB
13 KB 71ms
56ms XHR
application/json 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240709&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2295bad4076df1d7f5910418b3b1ad8c4a478d50cee17840057aa84e6a633454

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://safeshadow.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 21:12:24 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12779
x-xss-protection: 0

GET
H3 200 Safe-Shadow-Favicon.png
safeshadow.com/wp-content/uploads/2020/12/ 3 KB
3 KB 56ms
55ms Other
image/png 2606:4700:3033::6815:521d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://safeshadow.com/wp-content/uploads/2020/12/Safe-Shadow-Favicon.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::6815:521d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7c530b0df2c18f7300310f317520648b81dcea305d74507802dad33351d37d54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://safeshadow.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 21:12:24 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 2594
x-xss-protection: 1; mode=block
last-modified: Sun, 06 Dec 2020 05:21:10 GMT
server: cloudflare
etag: "5fcc6a46-a22"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=84UjY9mYugjfcWJaw0cqKWQh09huQoNa1TT1TtYKGh3C%2B9vKr58BwPiv6pKi5tAhPANBWXNYLTAbxz%2FP84MTXMaMYp3%2FdaLfE1oyJ4WzWYLMJyBxfz5yfmmsoaGR%2FBP7NJ4pGcMxZpzQ86JCpA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 8a2407fe685b03cd-FRA
expires: Sun, 11 Aug 2024 00:48:04 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 55ms
27ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://safeshadow.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 21:12:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 12 Jul 2024 21:12:24 GMT

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame FE5F 0
0 26ms
7ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://safeshadow.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 29397
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 12 Jul 2024 13:02:27 GMT
expires: Sat, 12 Jul 2025 13:02:27 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET sodar
pagead2.googlesyndication.com/pagead/ 0
0

GET
H2 200 1690361815893549
www.watson.de/imgdb/7203/Qx,A,0,69,2000,1125,774,142,332,262/ 134 KB
135 KB 21ms
21ms Image
image/webp 2a01:4f8:121:4384::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.watson.de/imgdb/7203/Qx,A,0,69,2000,1125,774,142,332,262/1690361815893549
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4f8:121:4384::2 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: /
Resource Hash: be65ca9ba89e2bc369b3daada8d34d7412311385453a15137a405005cc5bd93e

Request headers

Referer: https://safeshadow.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 16:07:24 GMT
via: 1.1 de-hzn1-fre4-neu (Varnish/7.2)
x-backend: 127.0.0.1
age: 18300
x-cache: HIT
x-url: /imgdb/7203/Qx,A,0,69,2000,1125,774,142,332,262/1690361815893549
x-host: www.watson.de
x-region: de
alt-svc: h3=":443";ma=900;
content-length: 137412
x-varnish-host: de-hzn1-fre4-neu
content-type: image/webp
x-varnish: 270166675 268141467
cache-control: public, max-age=86400
accept-ranges: bytes
x-cache-hits: 66

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240709&jk=3222746368403863&bg=!hYalhsnNAAZjPzuvQz87ADQBe5WfONvS6Gvm9T09HG41xLEy8TwKITMlqmqYCKDXx8MyqQVEBXdMXvYvZkVgSSixjQk0AgAAAKtSAAAABGgBB34ANk0A74gXezw4XBoM93D0ff5kELYeViFhm7hi-7uFQrJgTNiSbS4nHXQ9txFj3pyEvzzwTAYgjZkCtQUO1MG4lY6Ynpbw4NARWhGp0Rv1O9IwzgvwfERyeudAwMWTWAczf3fDjBcygDZlRHXWBFNJYWw77InWu8a0NFFdvhNmASXowG0DB7o3JNRB3JMNVbfvvEiDKlLY06wz34prrZiOPQgQpoxj_a24ypIi4ddQvn676KcYpdZwas6eeCJAmHCqa2Qe6Bs1HQsxLgncsPJcPzs3hHKIgv_cYHKqv_fbz4aEaPQ_QtQmEQBobBnrnF_aPcBlo60Eld1oz0cNIESc6EYjSS_3X_hNBRvn2cmkYsoU6pxtz7CD6RKkD5AIfTjrVa5IVTLABLnMOL-HJoPil3M4V_Oaty6LKafAPyuONgMwfpwsrJCtyIwVN2f61utKgTvAVASnCcEp1mQ5-UNDbD7GULP07RZOTNdwPiwluWGvW13x26kEoP2WK60PrZAi5XJHP_n3LpHoXyhGq--E8IC2c0DjDSluneq9VcX-E6Fl8C9wgDMlZ7d2PUw-HX0X3OoJHZpJhGMVnFk2Vmf8xszCE90WckyJJUKmNiyJqbkGKXmRcjQ-eoZ17WpdeqVoFzF1S2Oz7kU58M_wqJ1OblAfznK7y0DksMWe-QG63MV5LdEK8_uv6rWVf_P288i0qaMGryc0oe4ymJdbRIeRTT6of1wGKX4iaVA1DxCDcDEOVQw5ZihT9aCg3xO2Y6-XAyok_gGMHT8M8KJoiJRSdCYiTVVv3KAmDDHHkp31VrJW7kGzKptwioQlGh5xmo7z6Lwp-oicia2smNyX9VT99EW_7cj3iwS_GXMcLjfM52l_pjBvB1AliGhljbbSmvI9bH48PaObEBXlYHxAmMcG7gLJtCKMwBy_73vOvo1UogVnfTY-Odvrsc6YF9BaQmi3TF9-lTk-GGWKBDKHUNiIejqDu3nn14fI7aOm5q5e8g

Verdicts & Comments Add Verdict or Comment

105 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.booking.com/	1970-01-21 07:36:18	Name: bkng Value: 11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLblgO%2Fz4BDP5vVyHPvqhF%2Bx4LpxOXxX4swp0f3EUmwwAN5%2FP9mDVbMA5YOmHyz92JKhT07TWErFWXi57Mw3uQE%2FMpozvwFHd%2FdvzdnZOwI6sGc0NhtidFxgwwFt6GGgJqvhmx%2B54rdSb6wXUlfHAkJf41Hy6bEL8oC

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cf.bstatic.com
fonts.googleapis.com
fonts.gstatic.com
heise.cloudimg.io
images.bild.de
pagead2.googlesyndication.com
pixel.wp.com
safeshadow.com
stats.wp.com
tpc.googlesyndication.com
www.booking.com
www.fr.de
www.kreiszeitung.de
www.watson.de
pagead2.googlesyndication.com
18.239.94.28
192.0.76.3
23.48.23.30
2600:9000:266e:3800:5:bf05:acc0:93a1
2606:4700:3033::6815:521d
2a00:1450:4001:806::200a
2a00:1450:4001:80e::2003
2a00:1450:4001:813::2001
2a00:1450:4001:82b::2002
2a01:4f8:121:4384::2
2a02:26f0:3100::1735:2a33
91.208.158.75
91.234.30.212
108b3ac60e3c9a4365f30dbd8dbf48fa487b0a7c6f33e300af041faaa8ad06c2
1682d42650a9e6fc16fb5002bae0f9f712d9f08fe0500846d5afa928fc654139
17b79ece7ef9d1454a90156690d33d64387b67a7a7548fc826012512e287a937
1d243a2ec062d68981cc916eb24c9a8102fa5739e4fdc67a543f3c46df234756
2295bad4076df1d7f5910418b3b1ad8c4a478d50cee17840057aa84e6a633454
23c26457e9c68cc9521cf1ca70dd4f61a8b728589dbd0ec6d2ab4f2fefaa02eb
2bed97a07ba4c770aeb551861ab1407403455ec1de7d15eb2da8dc9c36a4711c
2cb546fbdda7995d374fffa4b2f6530bbcf57d014639ddf76de45df43d593045
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
3f7df939ab8c88f1ecb0b82698c3e7576b9b6c489624c4ac2c75ab5f3ed0bcac
482d11cc597bb4d0f805f6ecd2040ed00fb07cac1aed846df07aacb3dcc39917
4896d3e8148df38ca3bf5d24599c35016ba597a1d4a7b5f2c4cd1a052719002d
55a36298517619f755ac3c59b3c37cde07d3c2ce66526bf42df296bda945838c
5badd609a51ede5bab5b89534fc3011a4dd1ab487cc7081d7cf38479bcbab855
5cb30f2931ee9d5420e0305b1ac517232e963396c1336b5d386e0ed115af06cd
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
64158f2398fc7cbdf308dc1d92a911fe8d44c91a62884d09a43b9ff3b10028ca
6f2c2164df92670e1f44b40c516e974340a0a4834b5a2b2156faf3f1c6fc0e90
713e74afd08c15988aa3384a36f8ab9237a29f160c3ae3d249bec0d2acb86a35
779e152af656c490eb76025e9d6250f8f0fcf8cb81a97ed8d7534151da1a95f7
7c530b0df2c18f7300310f317520648b81dcea305d74507802dad33351d37d54
80ad0db193413c7f4bd59e72460cd84878cc60d28d7d85700dbea223674ad7b3
849f5dadeeb94a2e03916edc9de6344ae37c82da2475f4a7be757306c9b3d4bb
8ceb3992861ed1fda25855c2e500e76842ae0d788405e50e3a9f45df36499cf6
98cecf88a23542fa047ce46eedb650b5c5128761ed4386c0977b847094ddfa20
a83079124373d924ad1402fbc08d2e24d0043234d4c26565f1c368745f55f5d9
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
be65ca9ba89e2bc369b3daada8d34d7412311385453a15137a405005cc5bd93e
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
d2437ddf45aa84303d14cc4569941c1ae58e8accca92216349c1332794015c6f
d5a5fea14a12ec9ee91f044a7ff810602662c97d3fad8728497ea4e8c5aef0eb
d74fde73e6f0ac6012c0744df5ae237eb7126c538baa6eafe041329536e27bec
f313d12ea6124bd28fc4a6b7163d253bb83d5aeab5edce594880c5c3df475cbc
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f53992f53db49e69101e6a3c1eba5328141477920863c3a879298570675607bb
f68d37d474952b1fbe30def1b69e63e79c46a70263433285783b69ac0107b929

safeshadow.com Open in urlscan Pro 2606:4700:3033::6815:521d Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

41 Requests

98 %HTTPS

62 %IPv6

12 Domains

14 Subdomains

14 IPs

2 Countries

1303 kBTransfer

2990 kBSize

1 Cookies

0 Outgoing links

Redirected requests

41 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

safeshadow.com Open in urlscan Pro
2606:4700:3033::6815:521d Public Scan

Screenshot
Live screenshot

Full Image

41
Requests

98 %
HTTPS

62 %
IPv6

12
Domains

14
Subdomains

14
IPs

2
Countries

1303 kB
Transfer

2990 kB
Size

1
Cookies

41 HTTP transactions
3 data transactions