urlscan.io logo urlscan.io
SecurityTrails logo

imgshield.amanstark.com Open in urlscan Pro
2606:4700:3031::ac43:d8be  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://imgshield.amanstark.com/
Effective URL: https://imgshield.amanstark.com/
Submission: On January 10 via api from NL — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 2 countries across 6 domains to perform 15 HTTP transactions. The main IP is 2606:4700:3031::ac43:d8be, located in United States and belongs to CLOUDFLARENET, US. The main domain is imgshield.amanstark.com.
TLS certificate: Issued by GTS CA 1P5 on January 10th 2024. Valid for: 3 months.
This is the only time imgshield.amanstark.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
1 7 2606:4700:303... 13335 (CLOUDFLAR...)
3 2606:4700::68... 13335 (CLOUDFLAR...)
2 2606:50c0:800... 54113 (FASTLY)
1 104.237.62.212 18450 (WEBNX)
1 104.26.8.44 13335 (CLOUDFLAR...)
2 2606:4700:303... 13335 (CLOUDFLAR...)
15 6
1    2606:4700:3036::6815:10e5 (United States)

ASN13335 (CLOUDFLARENET, US)
imgshield.amanstark.com
7    2606:4700:3031::ac43:d8be (United States)

ASN13335 (CLOUDFLARENET, US)
imgshield.amanstark.com
3    2606:4700::6810:5714 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
2    2606:50c0:8002::154 (United States)

ASN54113 (FASTLY, US)
raw.githubusercontent.com
1    104.237.62.212 (El Segundo, United States)

ASN18450 (WEBNX, US)
PTR: api.ipify.org
api.ipify.org
1    104.26.8.44 (None, )

ASN13335 (CLOUDFLARENET, US)
ipapi.co
2    2606:4700:3035::6815:10a0 (United States)

ASN13335 (CLOUDFLARENET, US)
xetron.xetron5.workers.dev
Apex Domain
Subdomains		 Transfer
8 amanstark.com
imgshield.amanstark.com
210 KB
3 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 438
5 KB
2 workers.dev
xetron.xetron5.workers.dev
345 B
2 githubusercontent.com
raw.githubusercontent.com — Cisco Umbrella Rank: 3460
1 KB
1 ipapi.co
ipapi.co — Cisco Umbrella Rank: 19600
899 B
1 ipify.org
api.ipify.org — Cisco Umbrella Rank: 2685
222 B
15 6
Domain Requested by
8 imgshield.amanstark.com 2 redirects imgshield.amanstark.com
3 cdn.jsdelivr.net imgshield.amanstark.com
cdn.jsdelivr.net
2 xetron.xetron5.workers.dev cdn.jsdelivr.net
2 raw.githubusercontent.com cdn.jsdelivr.net
1 ipapi.co cdn.jsdelivr.net
1 api.ipify.org cdn.jsdelivr.net
15 6

This site contains links to these domains. Also see Links.

Domain
to.amanstark.com
Subject Issuer Validity Valid
imgshield.amanstark.com
GTS CA 1P5		 2024-01-10 -
2024-04-09		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-02 -
2024-05-01		 a year crt.sh
*.github.io
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-21 -
2024-03-20		 a year crt.sh
*.ipify.org
Sectigo RSA Domain Validation Secure Server CA		 2023-02-07 -
2024-02-18		 a year crt.sh
xetron5.workers.dev
GTS CA 1P5		 2023-12-26 -
2024-03-25		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://imgshield.amanstark.com/
Frame ID: 9C50AE2C5BEB870576AFB7FD9B11EF27
Requests: 12 HTTP requests in this frame

Frame: https://imgshield.amanstark.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/c8377512/main.js
Frame ID: F91F663DCA0ABFD11B2BC48B922CAAC7
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Sensitive Image Shield Demo Page

Page URL History Show full URLs

  1. http://imgshield.amanstark.com/ HTTP 301
    https://imgshield.amanstark.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

15
Requests

93 %
HTTPS

71 %
IPv6

6
Domains

6
Subdomains

6
IPs

2
Countries

218 kB
Transfer

226 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://imgshield.amanstark.com/ HTTP 301
    https://imgshield.amanstark.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4
  • https://imgshield.amanstark.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://imgshield.amanstark.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/c8377512/main.js

15 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
imgshield.amanstark.com/
Redirect Chain
  • http://imgshield.amanstark.com/
  • https://imgshield.amanstark.com/
3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imgshield.amanstark.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:d8be , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ad71a8cd5ae8b83c6925f081545956e5788291604041f4a93a8fe070b9e737ac
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=0, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8434624b28723830-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Wed, 10 Jan 2024 10:54:47 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8ItcPT0tR1uGcA%2F6n%2B3yXzLTpXnW1QHHUUcoZqaN45HZAqjuZEyWqmlAkrA0JVEVtBiAeoeDzwCtqUy5wJA2Rept2qHI%2F7NAwaTS7Cayuvk2O1gcKapro%2F7HcJ7%2BmzX%2F8jyYKjzO5uzr7hiWSIO4PBC1wawJ2w%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-content-type-options
nosniff

Redirect headers

CF-RAY
8434624aac020c19-AMS
Cache-Control
max-age=3600
Connection
keep-alive
Date
Wed, 10 Jan 2024 10:54:47 GMT
Expires
Wed, 10 Jan 2024 11:54:47 GMT
Location
https://imgshield.amanstark.com/
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vypDzUE8OXYZs4EHgNzZ3Hdluqbi4ZNVIrQ0CySQ2NrqAiDvRr3KvNPLBSzRzzTnKTVWKFEhUiJzlPumY%2BDOU%2FXQyXsl5GiN7m6u9WIsvLEWzxHR6IxkLYi4AnFe9OwM0tCKFvVkl5xesJXnu%2B0MCqHJjHZsgg%3D%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
alt-svc
h3=":443"; ma=86400
style.min.css
imgshield.amanstark.com/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://imgshield.amanstark.com/style.min.css
Requested by
Host: imgshield.amanstark.com
URL: https://imgshield.amanstark.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:d8be , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b464eb37577c75b981230c488d5774ee8ede0bb8f625d9832838defb8a1d32b7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://imgshield.amanstark.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 10:54:47 GMT
content-encoding
br
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-cache-status
MISS
etag
W/"11af5ecc591441fea53595e31a6a4bcd"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SnXF14xDhF%2FcIExDZ5O2syjG7w75n46jkzA%2FZ62XGadPS9Ke4B83%2B%2FzPf2dDTBeCxaaIkLLESoMeD1%2FSVNBh2yZRBKcZmh8RFsltKyt9FEAZAXd%2BTK03CLEbboL8yvegLwDJUzMf8O6eGVy6P7x27lvoM3Lwqg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, must-revalidate
cf-ray
8434624bb96f3830-FRA
alt-svc
h3=":443"; ma=86400
mountain.jpg
imgshield.amanstark.com/ 		199 KB
200 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgshield.amanstark.com/mountain.jpg
Requested by
Host: imgshield.amanstark.com
URL: https://imgshield.amanstark.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:d8be , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
255ece8b14c6f00216ac43dcb681fae96a6353bc31bfac40bc6c74a3b99c124e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://imgshield.amanstark.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 10:54:47 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
203935
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
"080e12da3de517d3e10de369d4268ecb"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zY%2FRbL4RpbB8xQKbhilX9Pc3ZXc1uBc4q9NCQzVVRLR43y%2BqEmd8mkcsL2uewpAMVrIDhs8WKxi48wIF6I7OFDrLylY1HAe2%2Fij6lGecO%2F9rT08ofPbvBxAd2QCx3YK1APDhxD5gNf2AayDQVGVDm5jlbz%2BvuA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000, must-revalidate
accept-ranges
bytes
cf-ray
8434624bb9743830-FRA
script.min.js
imgshield.amanstark.com/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imgshield.amanstark.com/script.min.js
Requested by
Host: imgshield.amanstark.com
URL: https://imgshield.amanstark.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:d8be , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e7ba74f8cc164ea2e95b14461d171a59db9d7b319176f55ad25b5e50868d4b2
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://imgshield.amanstark.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 10:54:47 GMT
content-encoding
br
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-cache-status
MISS
etag
W/"d262efe4e4a04180d91b4d42686c80c7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wgl8BNnn84n8E4nZuzsd41nJzZOYbXmaFRHSvoXkxCC%2FlFo7ugJqgbCJY9krYtZuiyCXqq3yxLEJrcsv9FogQ%2FS9BPe%2FJxp8mSDvCxm0bnXzqKpGQPOKUWcb0tCLVNojRTgWjKDMoHITtpbZJorHjUMmHU71XQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, must-revalidate
cf-ray
8434624bb9783830-FRA
alt-svc
h3=":443"; ma=86400
blog.min.js
cdn.jsdelivr.net/gh/theamanstark/stealth@main/files/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/theamanstark/stealth@main/files/blog.min.js
Requested by
Host: imgshield.amanstark.com
URL: https://imgshield.amanstark.com/script.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7fad57729a2858d14b96520099f122603b8d8ed073b1f6a6da72f48b2951c90f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://imgshield.amanstark.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 10:54:48 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
39225
x-jsd-version
main
content-encoding
br
x-cache
HIT, MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-etou8220101-FRA, cache-lga21937-LGA
x-jsd-version-type
branch
server
cloudflare
etag
W/"1547-VYjgIuKDlzyGR8jgo8nlu0zbhuw"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qp8beMRzpOSgSm1Yf0KmonbBcMFgMURTfqUJdrylVvWLn07ur6Ot7Cr3q5ibCSGrGiNVW4WCWvVDhJ%2FvA9qXJ4Awm%2FpxE2T4SFxxRqf5gR2B9fH1etowItd2VKNA84lI6hQtdlkHtKod8UvQJ%2BQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
8434624fdd1503ac-FRA
main.js
imgshield.amanstark.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/c8377512/ Frame F91F
Redirect Chain
  • https://imgshield.amanstark.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://imgshield.amanstark.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/c8377512/main.js
7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imgshield.amanstark.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/c8377512/main.js
Requested by
Host: imgshield.amanstark.com
URL: https://imgshield.amanstark.com/
Protocol
H3
Server
2606:4700:3031::ac43:d8be , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0295ee4450c6e653dd16db83e2cee4e0d933b564f8b253a8e123cca1be1e3af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 10:54:47 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1eu28IeurxSV2F%2BYEKei7d8XJDIKVE7OUCq9zO%2BUXr7K5E8Sm7BRq6W3YvmaMlLQurMIS5QcLE%2FvF2X3m0tiVg6SY9hnCwEFTEt4yfK0ZpFvlRichP6eDGnbFRB%2F9HNJVhshEl2HFjj35MNuV2fCSoEOdsAbHQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
8434624cf9bd6fd5-CDG
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Wed, 10 Jan 2024 10:54:47 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eYTaYQXTFO4%2FVn7Rk2UayJWmZY62sUvWX2YZL71XBrnuRKjmLpkqH3BDln8jaz1iqVUQ%2BUCl90ZdaxeMQ5D%2FN5l%2ByQq501z3zyxhjiMzgcJqITiG0cAGwdbbK4v%2BILYejY%2BsSUp4E470RKErdmduICOemnGulw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
location
/cdn-cgi/challenge-platform/h/b/scripts/jsd/c8377512/main.js
cache-control
max-age=300, public
cf-ray
8434624cc9586fd5-CDG
alt-svc
h3=":443"; ma=86400
8434624b28723830
imgshield.amanstark.com/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame F91F 		0
569 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://imgshield.amanstark.com/cdn-cgi/challenge-platform/h/b/jsd/r/8434624b28723830
Requested by
Host: imgshield.amanstark.com
URL: https://imgshield.amanstark.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:d8be , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 10 Jan 2024 10:54:48 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uZDCcxqSooIEm7tcZgE2gYwH9HG5i9mHASCWf62DaETgAlkxufLmqUk5L3LqyHcvGMqjYtUsylvSdw46IxqGfvzonA899y0MO9wCuWHOXw%2Bc1yyESulXqfjIrsflveZl1%2F40anKC%2FouoBDs4ptvFXC02DMr9yQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
8434624e3bd36fd5-CDG
alt-svc
h3=":443"; ma=86400
links.min.json
raw.githubusercontent.com/theamanstark/stealth/main/files/ 		1 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://raw.githubusercontent.com/theamanstark/stealth/main/files/links.min.json
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/theamanstark/stealth@main/files/blog.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:50c0:8002::154 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
796d9d3e817be8798bdc5a562a2c6bdfbbc06cc35d99013f4772c767395476b5
Security Headers
Name Value
Content-Security-Policy default-src 'none'; style-src 'unsafe-inline'; sandbox
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://imgshield.amanstark.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-fastly-request-id
eb6eb87d798ccf191a1293c1a7a06d314ccc6dd1
content-security-policy
default-src 'none'; style-src 'unsafe-inline'; sandbox
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
date
Wed, 10 Jan 2024 10:54:48 GMT
content-encoding
gzip
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
cross-origin-resource-policy
cross-origin
content-length
519
x-xss-protection
1; mode=block
x-served-by
cache-ams21081-AMS
x-github-request-id
E5BA:388ABE:16B196B:17A46F7:659E7776
x-timer
S1704884089.528952,VS0,VE108
etag
W/"50de09d1555757196bab8cdaf967cb354ba8f1a4b22a23ecd649dd03509db6f6"
source-age
0
x-frame-options
deny
vary
Authorization,Accept-Encoding,Origin
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=300
accept-ranges
bytes
expires
Wed, 10 Jan 2024 10:59:48 GMT
main.min.js
cdn.jsdelivr.net/gh/theamanstark/stealth@main/files/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/theamanstark/stealth@main/files/main.min.js
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/theamanstark/stealth@main/files/blog.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6af71eb19bda3804d89c3ac3c5ebb009b4e3c2fa8861e00791ed2be0405bd0ea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://imgshield.amanstark.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 10:54:48 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
38707
x-jsd-version
main
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230085-FRA
x-jsd-version-type
branch
server
cloudflare
etag
W/"681-9oGm1FPpUgAmHagE1JtZiQPAGGM"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uLb%2BD1V1b6X1W1DbdgiVnEjII6dUBzVsb%2BnGn5yG%2B5sG6dDRNhXyhEjcWDUaCVVDrjVeLKF9TbPA2nJkbHMvqV5GGkmPYxWyVNAiQdKfMYeUzAztJ8n%2BmKDZh1WkYxXF%2FuvI70VXWxw5JNxfaMI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
843462508dfe03ac-FRA
all.min.json
raw.githubusercontent.com/theamanstark/stealth/main/scripts/ 		247 B
334 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://raw.githubusercontent.com/theamanstark/stealth/main/scripts/all.min.json
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/theamanstark/stealth@main/files/main.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:50c0:8002::154 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
72e9cec273d82e9b67ce08c253708ab3b7366272314891ec358ae6480b8901e9
Security Headers
Name Value
Content-Security-Policy default-src 'none'; style-src 'unsafe-inline'; sandbox
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://imgshield.amanstark.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-fastly-request-id
1639071c2b42c699b785ee0f6eec4c285de0a5ac
content-security-policy
default-src 'none'; style-src 'unsafe-inline'; sandbox
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
date
Wed, 10 Jan 2024 10:54:48 GMT
content-encoding
gzip
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
cross-origin-resource-policy
cross-origin
content-length
154
x-xss-protection
1; mode=block
x-served-by
cache-ams21081-AMS
x-github-request-id
CFC4:170FA:1234303:130A29E:659E7777
x-timer
S1704884089.529091,VS0,VE125
etag
W/"2f4af1a0226a8f9d4b3c07a26f4b328f6f559caaa3fd0b01149cccd54c44cbff"
source-age
0
x-frame-options
deny
vary
Authorization,Accept-Encoding,Origin
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=300
accept-ranges
bytes
expires
Wed, 10 Jan 2024 10:59:48 GMT
/
api.ipify.org/ 		22 B
222 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.ipify.org/?format=json
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/theamanstark/stealth@main/files/blog.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.237.62.212 El Segundo, United States, ASN18450 (WEBNX, US),
Reverse DNS
api.ipify.org
Software
nginx/1.25.2 /
Resource Hash
1378bd3c6c7a4a0e4f2dc4181675a06b7376118f718defa9896f39229d1b8ff5

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://imgshield.amanstark.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 10 Jan 2024 10:54:48 GMT
Server
nginx/1.25.2
Connection
keep-alive
Content-Length
22
Vary
Origin
Content-Type
application/json
console.min.js
cdn.jsdelivr.net/gh/theamanstark/stealth@main/scripts/ 		341 B
923 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/theamanstark/stealth@main/scripts/console.min.js
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/theamanstark/stealth@main/files/main.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
526a8583bbde076f377e7936b99a5ae97a21d19d4d7f577723766636bae21352
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://imgshield.amanstark.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 10:54:48 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
29371
x-jsd-version
main
content-encoding
br
x-cache
MISS, MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-etou8220063-FRA, cache-lga21938-LGA
x-jsd-version-type
branch
server
cloudflare
etag
W/"155-gC5EupvEmZrELWXJH8fTa/paL7s"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E5yrB8%2BGRS5DcDE5wRfCeCyMP2SoimRzpSBuu6m8oWhAUFuF6LF7KHGamp%2FRqUgk3SubWdNinRQxBmfE%2BhuJ4wuO7lmWg4QFxyauApjljC7Pk%2Fwo8R0%2FgHAKFdntEJUlYRELBX7V7HhFGn9DgcY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
843462523adc5d74-FRA
/
ipapi.co/95.211.95.249/json/ 		784 B
899 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ipapi.co/95.211.95.249/json/
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/theamanstark/stealth@main/files/blog.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.26.8.44 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff8a419c95073533fad638483b3c970cbe8c49d93daba6b670a9dfbe194e25e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://imgshield.amanstark.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 10:54:49 GMT
content-encoding
br
x-content-type-options
nosniff
referrer-policy
same-origin
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Host, origin
allow
GET, POST, OPTIONS, HEAD, OPTIONS
content-type
application/json
access-control-allow-origin
https://imgshield.amanstark.com
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SxO%2Bvrj%2F33tmFaMOn3wQ0vNE%2BqGQc5dOKZ%2Fu%2FnrgBIZp2acctO%2BeJ4N04CJUwkEY2SGeqhDTwFwdLeaaauJDotSw0sFiWpjY372E5rvWzZw5YBz2828C%2B4a%2B"}],"group":"cf-nel","max_age":604800}
x-frame-options
DENY
cf-ray
843462561f6e5d45-FRA
/
xetron.xetron5.workers.dev/ 		7 B
345 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://xetron.xetron5.workers.dev/
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/theamanstark/stealth@main/files/blog.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:10a0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c88a0b907419a70c27ab7c1f8e5fb54441a4d9c3567e4c928fa7b2091194aecf

Request headers

Referer
https://imgshield.amanstark.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 10 Jan 2024 10:54:50 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=scNL1OebgmrB5aMg7s4%2BNEnSjFw6SJsp%2BsHERZmB6bCeC0oQ3LgA4ruv6oRF3PPYbfhd78VvdKMYnMjX0fSMuxlcFf6NyELglZXxhG4Mfmz9H2ju0AcJDOKJFOvInAc2JwBIBqYBnOie7SA6OzgRqnuwMUM%2FfCvi0A%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET,HEAD,POST,OPTIONS
access-control-allow-origin
*
content-type
text/plain;charset=UTF-8
cf-ray
84346258f92518cf-FRA
access-control-allow-headers
Content-Type
content-length
7
alt-svc
h3=":443"; ma=86400
/
xetron.xetron5.workers.dev/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://xetron.xetron5.workers.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:10a0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://imgshield.amanstark.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
GET,HEAD,POST,OPTIONS
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cf-ray
84346258c8ff18cf-FRA
content-length
0
date
Wed, 10 Jan 2024 10:54:49 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BM4LzTQUHSNRj0V%2BFumfPyxqtylVV0XdHxhQapV4bPIR4OtvMc1XtWZt3%2B3c4Bv4K%2FUpgRoz1uUneqTTP8Y%2FXMNvUe7ctNpULkk6ojK8RW8oZ5AKOyBRVOiBvUOABHp0jNNkUsoHuOSfmw7%2BX6KsvBFOE51MWYP5%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| documentPictureInPicture function| _0x48cd function| imgguard function| mybubblybutton function| mainHandler function| _0xf624 function| n function| t boolean| myUniqueScriptBlog function| _0x127e function| loadScripts function| _0x623d

1 Cookies

Domain/Path Name / Value
.amanstark.com/ Name: cf_clearance
Value: GHahkBnihO3IZIg9Ex9QClv94qFEfidOpfp_JUwWAyA-1704884088-0-2-540d51b3.4932206c.d6e63355-0.2.1704884088

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff