urlscan.io logo urlscan.io
SecurityTrails logo

shenxia666.asia Open in urlscan Pro
2606:4700:3032::6815:2c1b  Public Scan

Go To Rescan Add Verdict Report
URL: http://shenxia666.asia/
Submission Tags: phishingrod
Submission: On March 23 via api from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 2 countries across 5 domains to perform 20 HTTP transactions. The main IP is 2606:4700:3032::6815:2c1b, located in United States and belongs to CLOUDFLARENET, US. The main domain is shenxia666.asia.
This is the only time shenxia666.asia was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

8    2606:4700:3032::6815:2c1b (United States)

ASN13335 (CLOUDFLARENET, US)
shenxia666.asia
6    2a00:1450:4001:81d::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
3    2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
Apex Domain
Subdomains		 Transfer
9 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 143
tpc.googlesyndication.com — Cisco Umbrella Rank: 204
228 KB
8 shenxia666.asia
shenxia666.asia
1 MB
1 google.com
www.google.com — Cisco Umbrella Rank: 5
1 KB
1 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 66
534 B
0 freecdn.pw Failed
www.freecdn.pw Failed
20 5
Domain Requested by
8 shenxia666.asia shenxia666.asia
6 pagead2.googlesyndication.com shenxia666.asia
pagead2.googlesyndication.com
tpc.googlesyndication.com
3 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
1 www.google.com tpc.googlesyndication.com
1 googleads.g.doubleclick.net pagead2.googlesyndication.com
0 www.freecdn.pw Failed shenxia666.asia
20 6

This site contains links to these domains. Also see Links.

Domain
shenxia.lanzout.com
886vps.top
www.freecdn.pw
open.shenxia666.asia
Subject Issuer Validity Valid
*.g.doubleclick.net
GTS CA 1C3		 2024-02-26 -
2024-05-20		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2024-02-26 -
2024-05-20		 3 months crt.sh
www.google.com
GTS CA 1C3		 2024-02-26 -
2024-05-20		 3 months crt.sh

This page contains 4 frames:

Primary Page: http://shenxia666.asia/
Frame ID: D34738ECD87AD36B92E2184E68A33659
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7573483697865543&output=html&adk=1812271804&adf=3025194257&lmt=1711172478&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=http%3A%2F%2Fshenxia666.asia%2F&pra=5&wgl=1&easpi=0&asro=0&dt=1711172478069&bpp=3&bdt=242&idt=165&shv=r20240320&mjsv=m202403200101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4068876006136&frm=20&pv=2&ga_vid=310203019.1711172478&ga_sid=1711172478&ga_hid=193300309&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31082022%2C31082033%2C44795921%2C31082130%2C95321957%2C31081792&oid=2&pvsid=4117880075654309&tmod=424767741&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=182
Frame ID: 017DC1AEBD6D7E06A7525E589E6DF9B9
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 243D937759F5AA805597EC3CDB81925C
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 1F1985885333126C8CFB556295D7DA3F
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

神侠-高仿与葫芦侠!

Detected technologies

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Page Statistics

20
Requests

55 %
HTTPS

100 %
IPv6

5
Domains

6
Subdomains

6
IPs

2
Countries

1473 kB
Transfer

1988 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6
  • http://www.freecdn.pw/images/zzlogo.png HTTP 301
  • https://www.freecdn.pw/images/zzlogo.png

20 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
shenxia666.asia/ 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://shenxia666.asia/
Protocol
HTTP/1.1
Server
2606:4700:3032::6815:2c1b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2a32de749e84f267a2cdf0847b33bbf0776a834b90159360dd99c6b70baa8ae4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

CF-Cache-Status
DYNAMIC
CF-RAY
868c1770b8d140cb-SIN
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Sat, 23 Mar 2024 05:41:17 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FYS5CoL4bkL3A2KcQb0AlNzXWpALx2nr%2BV1R3FiKBhcMV51SN2ETsx9PjrDCMj0yj4diU6SHsNv1G9dhoJE2L3dP2gUjupvjGEb0se0xTOXBoIRKxkItahDEjz2TjSE1vShk15xD1sh8eXMJnD0%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
X-Cache
MISS from kangle web server
alt-svc
h3=":443"; ma=86400
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		144 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7573483697865543
Requested by
Host: shenxia666.asia
URL: http://shenxia666.asia/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ac411660b6ffe3789d3775f8e330cfc008ab021c44ff313775f6c6ab3d4812b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://shenxia666.asia/
Origin
http://shenxia666.asia
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 23 Mar 2024 05:41:17 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50903
x-xss-protection
0
server
cafe
etag
17143846368732235435
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Sat, 23 Mar 2024 05:41:17 GMT
icon.png
shenxia666.asia/app1/ 		45 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://shenxia666.asia/app1/icon.png
Requested by
Host: shenxia666.asia
URL: http://shenxia666.asia/
Protocol
HTTP/1.1
Server
2606:4700:3032::6815:2c1b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f566294986cec1d0b7bddad08e20f379bf2c6698e1d26db0222d2177a289474a

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://shenxia666.asia/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Sat, 23 Mar 2024 05:41:18 GMT
Content-Encoding
gzip
CF-Cache-Status
MISS
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
X-Cache
HIT from kangle web server
Connection
keep-alive
alt-svc
h3=":443"; ma=86400
Content-Length
45852
Last-Modified
Sat, 26 Aug 2023 05:52:54 GMT
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3M5bMOifHYbjurplIothzpUqPx%2BbW6J2Rn%2BWdQ3aefgR7%2F8PWA2kIh5tzcHnKQotcCq%2FHrlGkxoAM43r8Kmtie5VUolJBnh0mmQAEAR5ThhzWi3JxuaaxGUv%2B7bKb%2FbivTsS738SDiCPiYRNcqk%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/png
Cache-Control
max-age=14400
Accept-Ranges
bytes
CF-RAY
868c17731b3b40cb-SIN
1.png
shenxia666.asia/app1/ 		418 KB
397 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://shenxia666.asia/app1/1.png
Requested by
Host: shenxia666.asia
URL: http://shenxia666.asia/
Protocol
HTTP/1.1
Server
2606:4700:3032::6815:2c1b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b4fbe336c7231973aa00e49d1dac36bc881441194dd88ae71b907c72b35da569

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://shenxia666.asia/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Sat, 23 Mar 2024 05:41:19 GMT
Content-Encoding
gzip
CF-Cache-Status
MISS
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
X-Cache
HIT from kangle web server
Connection
keep-alive
alt-svc
h3=":443"; ma=86400
Content-Length
405839
Last-Modified
Sun, 01 Oct 2023 02:10:46 GMT
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MRzlVcPiueGqR4jfDwYo9bhd1McWhX0fm5upCclTdjf85L%2BnQo%2BeN0Qu1evlYcNDtQHlslHVq0llzKtAjau%2F76DYt06D5my%2BVkL01m7J1UvsG3zGL1WXJSr7P3I9Wp9oxoqhWUOrqccVe5zb9Yg%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/png
Cache-Control
max-age=14400
Accept-Ranges
bytes
CF-RAY
868c17729d829ba6-FRA
2.png
shenxia666.asia/app1/ 		249 KB
224 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://shenxia666.asia/app1/2.png
Requested by
Host: shenxia666.asia
URL: http://shenxia666.asia/
Protocol
HTTP/1.1
Server
2606:4700:3032::6815:2c1b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
32c8f365921f9a14d6a81b5010c493d1195ba0ea56fe7e922fb0e7f037454ddb

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://shenxia666.asia/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Sat, 23 Mar 2024 05:41:19 GMT
Content-Encoding
gzip
CF-Cache-Status
MISS
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
X-Cache
HIT from kangle web server
Connection
keep-alive
alt-svc
h3=":443"; ma=86400
Content-Length
228770
Last-Modified
Sun, 01 Oct 2023 02:10:48 GMT
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=I4of%2FKc8TezewrXI0Bx7rAxSzjawz9QpbHNrdeY4f0w8Al2k7U1Ze0q6fBanjwOigsO29U4pgZHajDc9CtMlujT2PuIg1Cq%2F%2F%2FrWkWHGvoG4yttUtpVBP673RRYaBDALwUEg%2FLanT7%2FTcy9gMjA%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/png
Cache-Control
max-age=14400
Accept-Ranges
bytes
CF-RAY
868c1772bb24902e-FRA
3.png
shenxia666.asia/app1/ 		141 KB
121 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://shenxia666.asia/app1/3.png
Requested by
Host: shenxia666.asia
URL: http://shenxia666.asia/
Protocol
HTTP/1.1
Server
2606:4700:3032::6815:2c1b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
13c4743e2d6c943872a7490911929f36fce02630fec4efa016dbc7782830685d

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://shenxia666.asia/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Sat, 23 Mar 2024 05:41:18 GMT
Content-Encoding
gzip
CF-Cache-Status
MISS
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
X-Cache
HIT from kangle web server
Connection
keep-alive
alt-svc
h3=":443"; ma=86400
Content-Length
122728
Last-Modified
Sun, 01 Oct 2023 02:10:52 GMT
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LqeFriBWqU2PS9HUHO0okbwFutxgJfcD9oT%2BAeXg8kCHbcoqJ5RtTVtv7XoXDmDHzKpOUdqwN3IpsHHvqfXjd6V39Qhol%2BgHAvzWqFB9dkSkBqWAOBiHYebWf1pK%2F1y%2FQqefT79q%2Bw15Fn4auWc%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/png
Cache-Control
max-age=14400
Accept-Ranges
bytes
CF-RAY
868c1772db590485-CDG
4.png
shenxia666.asia/app1/ 		145 KB
123 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://shenxia666.asia/app1/4.png
Requested by
Host: shenxia666.asia
URL: http://shenxia666.asia/
Protocol
HTTP/1.1
Server
2606:4700:3032::6815:2c1b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5915ac85f380523ea5a8d64eb2c501b4f64048b379c4da997e75ecc2f54d1c0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://shenxia666.asia/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Sat, 23 Mar 2024 05:41:18 GMT
Content-Encoding
gzip
CF-Cache-Status
MISS
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
X-Cache
HIT from kangle web server
Connection
keep-alive
alt-svc
h3=":443"; ma=86400
Content-Length
125302
Last-Modified
Sun, 01 Oct 2023 02:11:08 GMT
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=I%2FiVbpPrZaTnoEquJ9%2BklYbyJitP%2BBS%2FYXqEZdAGthz0G4kqAyqetb%2Brc2sxUDJyWpCit%2B%2FMo3s2SsBdVETc7aJTClNEUW4r%2BshJmkyEY2iOp%2BM0Lwrjz6avAW3cM9jWc7V7Nz6rkuRDyLRP%2BqU%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/png
Cache-Control
max-age=14400
Accept-Ranges
bytes
CF-RAY
868c17743e5b6bd0-SIN
zzlogo.png
www.freecdn.pw/images/
Redirect Chain
  • http://www.freecdn.pw/images/zzlogo.png
  • https://www.freecdn.pw/images/zzlogo.png
0
0
email-decode.min.js
shenxia666.asia/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://shenxia666.asia/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: shenxia666.asia
URL: http://shenxia666.asia/
Protocol
HTTP/1.1
Server
2606:4700:3032::6815:2c1b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://shenxia666.asia/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Sat, 23 Mar 2024 05:41:18 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Thu, 21 Mar 2024 10:35:23 GMT
Server
cloudflare
ETag
W/"65fc0d6b-4d7"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Wlc8sNQGUAIZrI11EkLRCTAPBdFFqIGKQ7YVYaD8xoesABtR3qiThB%2FVcaDydWdszSO7gc2GYQN4w%2FAQQKuBRtvnk4ZxmudhCbPNUcIMBdLi1cmvhptzjGwkRPWbzEBG2CbybpPVyLguFAdxNeo%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
X-Frame-Options
DENY
Cache-Control
max-age=172800, public
CF-RAY
868c1777df2c40cb-SIN
Expires
Mon, 25 Mar 2024 05:41:18 GMT
%E8%83%8C%E6%99%AF.png
shenxia666.asia/app1/ 		346 KB
328 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://shenxia666.asia/app1/%E8%83%8C%E6%99%AF.png
Requested by
Host: shenxia666.asia
URL: http://shenxia666.asia/
Protocol
HTTP/1.1
Server
2606:4700:3032::6815:2c1b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5e1d17f727e27301635ff8a7ed504382f8660cbc7f7d45720399389e6a9e383

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://shenxia666.asia/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Sat, 23 Mar 2024 05:41:19 GMT
Content-Encoding
gzip
CF-Cache-Status
MISS
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
X-Cache
HIT from kangle web server
Connection
keep-alive
alt-svc
h3=":443"; ma=86400
Content-Length
335347
Last-Modified
Wed, 04 Oct 2023 01:03:40 GMT
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PFtMctTMunXV7%2F4MtnpVRBtvls5yqibcscMm7eoZMwitPGt1Xrt10iSo74h7sx2n1hcOvGvyDTlzL1AHndPRLtbH6lXzR8Ib4R7JoM%2Ba4DXmp2AZmLEnDl%2BGQGJXkMUVuA28DqnZlVMX4XSydbU%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/png
Cache-Control
max-age=14400
Accept-Ranges
bytes
CF-RAY
868c1772ac9b1c85-FRA
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403200101/ 		406 KB
138 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403200101/show_ads_impl_fy2021.js?bust=31082130
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7573483697865543
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
56b8c15e486f8e1c8a4d7f7c3e4ed09371f1821555c2fbbac1f0dcf5997ce6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://shenxia666.asia/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 23 Mar 2024 05:41:18 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
141303
x-xss-protection
0
server
cafe
etag
17599086740243409590
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sat, 23 Mar 2024 05:41:18 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 017D 		603 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7573483697865543&output=html&adk=1812271804&adf=3025194257&lmt=1711172478&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=http%3A%2F%2Fshenxia666.asia%2F&pra=5&wgl=1&easpi=0&asro=0&dt=1711172478069&bpp=3&bdt=242&idt=165&shv=r20240320&mjsv=m202403200101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4068876006136&frm=20&pv=2&ga_vid=310203019.1711172478&ga_sid=1711172478&ga_hid=193300309&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31082022%2C31082033%2C44795921%2C31082130%2C95321957%2C31081792&oid=2&pvsid=4117880075654309&tmod=424767741&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=182
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403200101/show_ads_impl_fy2021.js?bust=31082130
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://shenxia666.asia/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 23 Mar 2024 05:41:18 GMT
expires
Sat, 23 Mar 2024 05:41:18 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240320&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403200101/show_ads_impl_fy2021.js?bust=31082130
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e854e59dd10a9e14f9c33fa65cd3e7aa83b90c6e4f9ee546e39604c532e447b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://shenxia666.asia/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 23 Mar 2024 05:41:19 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12445
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403200101/show_ads_impl_fy2021.js?bust=31082130
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://shenxia666.asia/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 23 Mar 2024 05:41:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 23 Mar 2024 05:41:20 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 243D 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://shenxia666.asia/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
74467
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 22 Mar 2024 09:00:13 GMT
expires
Sat, 22 Mar 2025 09:00:13 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 1F19 		829 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
20c8916f708922884f1a2e64b978e20964e20f580b18c7d0f115266f86235857
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-_NnVbv0B2IuO20M_kvqJxw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://shenxia666.asia/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-_NnVbv0B2IuO20M_kvqJxw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 23 Mar 2024 05:41:20 GMT
expires
Sat, 23 Mar 2024 05:41:20 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
ClgGLJT-anMFFp_jPcSPgTpNjWBfoBtPLqdYJvwYrrQ.js
pagead2.googlesyndication.com/bg/ Frame 243D 		40 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/ClgGLJT-anMFFp_jPcSPgTpNjWBfoBtPLqdYJvwYrrQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0a58062c94fe6a7305169fe33dc48f813a4d8d605fa01b4f2ea75826fc18aeb4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 19:13:52 GMT
content-encoding
br
x-content-type-options
nosniff
age
37648
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15865
x-xss-protection
0
last-modified
Thu, 14 Mar 2024 15:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 22 Mar 2025 19:13:52 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 1F19 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240320&jk=4117880075654309&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 243D 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?-vw9PA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 23 Mar 2024 05:41:20 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240320&jk=4117880075654309&bg=!zs2lzYLNAAZaswqNerM7ADQBe5WfOPiBTsmfXd_nFyr99V9P6LavODWIdr2GV_PJ2Du-ofr5ZyymdESzii2uHnI5N220AgAAADVSAAAAC2gBB34ANYrlcxu-GkG6QrUmdt9JRifxjxQ2Xt5YM2kMzmL3qKgk6EKBPJy_NL8MubCVlCbh2PiRll9jmQJmt16jEHpjzA6Dk4LBBRXSp3YLgnahnVrLGhoJqrhc8slElfUdmHja5FkgG3aHeFreD0rAahXX3G79WpRiQaVX7yxrG6gBG2jb3mKUOskFP4I5-p0n99EK7ulaze8euaVRzTjJ0NJAPAdary8Q2w6_t8ko_xS_qLihpNCNbQlzEtgAwWFgGwtA-OSHuHm3MnSLrF5cT7rW1ZNCN4d7TGZZ-cSimgFCQiaWVf3AZcSq1TgSuJfViu6ZI_BUOt76kIP01Kxn-907KD_DXs-dh0xrWUU2d8zdXdaiC3e6HiOjJynsYvbivXRN0OcPqznj92ruXej80Cy1vgg7jfdJGKpKxV8MhsYePasHNeoKei1SHXLclHd5QVOZgEZ5LTeFSjd9yt67DAdFtwuk1irFjY-wtGl430dpany0yHyCLL0KgJZ-5lIAgVee8ohwIQTFmJE5mdI-PhWftvHlmNHXbBJ05aBkdArttJZw1WQVdUo1F2zfQiNnX9s4IURAMgl9Q3Kqm2-tnxrEvwVCfgGXzKsMTMvZehBYiTA0azJyOxzgDszK94q7Ur9mrX7fYcJ91Xf4Vw2zk1xGootQ9GcSeQIwnepVMhB9uFGPzTP7ZmiGeYNp1ZETcPdMrZVt9JsltY9eTm0tV6bPtIJ4jproe7bhrFMTvR39OONX85trL-ePERZAeeUwaFPNjMJCgs1mDuB-_QLOPPl0dC4DhbofHt5nb6704MpPMAtb4ejNt-bdxYFWXLOjk9ZjIAMBZ7joCZMgM-U-eHa1hdGCqcpwziIGDSBW9Brm3Cywu5pU1yG1BWU9jRZ3zYE
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://shenxia666.asia/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.freecdn.pw
URL
https://www.freecdn.pw/images/zzlogo.png

Verdicts & Comments Add Verdict or Comment

26 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter function| google_sa_impl number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| GoogleGcLKhOms object| google_image_requests

1 Cookies

Domain/Path Name / Value
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission

2 Console Messages

Source Level URL
Text
other warning URL: http://shenxia666.asia/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
network error URL: https://www.freecdn.pw/images/zzlogo.png
Message:
Failed to load resource: net::ERR_CONNECTION_REFUSED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

googleads.g.doubleclick.net
pagead2.googlesyndication.com
shenxia666.asia
tpc.googlesyndication.com
www.freecdn.pw
www.google.com
www.freecdn.pw
2606:4700:3032::6815:2c1b
2a00:1450:4001:80f::2002
2a00:1450:4001:81d::2002
2a00:1450:4001:829::2001
2a00:1450:4001:82a::2004
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
0a58062c94fe6a7305169fe33dc48f813a4d8d605fa01b4f2ea75826fc18aeb4
13c4743e2d6c943872a7490911929f36fce02630fec4efa016dbc7782830685d
20c8916f708922884f1a2e64b978e20964e20f580b18c7d0f115266f86235857
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2a32de749e84f267a2cdf0847b33bbf0776a834b90159360dd99c6b70baa8ae4
32c8f365921f9a14d6a81b5010c493d1195ba0ea56fe7e922fb0e7f037454ddb
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56b8c15e486f8e1c8a4d7f7c3e4ed09371f1821555c2fbbac1f0dcf5997ce6f2
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
a5915ac85f380523ea5a8d64eb2c501b4f64048b379c4da997e75ecc2f54d1c0
a5e1d17f727e27301635ff8a7ed504382f8660cbc7f7d45720399389e6a9e383
ac411660b6ffe3789d3775f8e330cfc008ab021c44ff313775f6c6ab3d4812b1
b4fbe336c7231973aa00e49d1dac36bc881441194dd88ae71b907c72b35da569
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e854e59dd10a9e14f9c33fa65cd3e7aa83b90c6e4f9ee546e39604c532e447b2
f566294986cec1d0b7bddad08e20f379bf2c6698e1d26db0222d2177a289474a