look.shadowfury.xyz Open in urlscan Pro
2606:4700::6812:131b Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://look.shadowfury.xyz/
Effective URL:
https://look.shadowfury.xyz/
Submission: On June 09 via manual (June 9th 2023, 9:04:57 am UTC) from UA — Scanned from DE

Summary HTTP 16 Redirects Links 15 Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 16 HTTP transactions. The main IP is 2606:4700::6812:131b, located in United States and belongs to CLOUDFLARENET, US. The main domain is look.shadowfury.xyz.
TLS certificate: Issued by R3 on May 25th 2023. Valid for: 3 months.

This is the only time look.shadowfury.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700::68... 2606:4700::6812:121b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 17	2606:4700::68... 2606:4700::6812:131b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
16	1

1 2606:4700::6812:121b (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

look.shadowfury.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2606:4700::6812:131b (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

look.shadowfury.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	shadowfury.xyz 2 redirects look.shadowfury.xyz	5 MB
16	1

	Domain	Requested by
18	look.shadowfury.xyz	2 redirects look.shadowfury.xyz
16	1

This site contains links to these domains. Also see Links.

Domain
twitter.com
etherscan.io
github.com

Subject Issuer	Validity	Valid
look.shadowfury.xyz R3	`2023-05-25` - `2023-08-23`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://look.shadowfury.xyz/
Frame ID: A8989F840713DE5AC38718ABF1B10488
Requests: 13 HTTP requests in this frame

Frame: https://look.shadowfury.xyz/cdn-cgi/challenge-platform/h/b/scripts/jsd/5da7637f/invisible.js
Frame ID: 6F240EDFC465DF578571F6A9081D36B1
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

WADS04 / Wallet Drainers

Page URL History Show full URLs

http://look.shadowfury.xyz/ HTTP 301
https://look.shadowfury.xyz/ Page URL

Page Statistics

16
Requests

94 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

5563 kB
Transfer

5583 kB
Size

1
Cookies

15 Outgoing links

These are links going to different origins than the main page.

URL: https://twitter.com/shadowfury_xyz
Title: @shadowfury_xyz

Search URL Search Domain Scan URL

URL: https://etherscan.io/address/0xbe984f5d3d6040d57ffc8d7700243e29da6750b7
Title: be984f

Search URL Search Domain Scan URL

URL: https://etherscan.io/tx/0x94c08991b8d18aacc381afab3cafcd2fb29400ac3c15a5989be559a7800952a3
Title: 94c089

Search URL Search Domain Scan URL

URL: https://etherscan.io/address/0xe5e67488628b689fe046ef24817aef3fbe9be033
Title: E5E674

Search URL Search Domain Scan URL

URL: https://etherscan.io/tx/0x0b2c82f412dbb41090ef61d77082aa1a4943fc73b2e4d4482f1ac760473cf0ea
Title: 0b2c82

Search URL Search Domain Scan URL

URL: https://etherscan.io/tx/0x7909c03629dc002d86f686252cef66e8322facb60cce56222a00e9368af598a2
Title: 7909c0

Search URL Search Domain Scan URL

URL: https://etherscan.io/tx/0xb22bafff29908031ca787318511a0ac020f97668c0994178252d59d2833ae343
Title: b22baf

Search URL Search Domain Scan URL

URL: https://etherscan.io/tx/0xbd0f24d0bb94445946172ba6318c59e05e4ae010c88c11004c11bc4895a59fb4
Title: bd0f24

Search URL Search Domain Scan URL

URL: https://github.com/Jon-Becker/heimdall-rs
Title: Heimdall

Search URL Search Domain Scan URL

URL: https://etherscan.io/tx/0x0ba3374d64dfd63ee3c5df4a1be72d93a68d649efca2f2e6f45799ad7c2f36a1
Title: transaction where the CloneX NFTs are stolen.

Search URL Search Domain Scan URL

URL: https://etherscan.io/address/0x84527b5949d479c879b8dd71cd8f79048cdf6fb8
Title: https://etherscan.io/address/0x84527b5949d479c879b8dd71cd8f79048cdf6fb8

Search URL Search Domain Scan URL

URL: https://etherscan.io/address/0x1524d8befc59c85b19858f9ba5f3955e8d0d0f14
Title: https://etherscan.io/address/0x1524d8befc59c85b19858f9ba5f3955e8d0d0f14

Search URL Search Domain Scan URL

URL: https://etherscan.io/address/0xf6905a8bed641d2a6e18a5b27fb317d290c01189
Title: https://etherscan.io/address/0xf6905a8bed641d2a6e18a5b27fb317d290c01189

Search URL Search Domain Scan URL

URL: https://etherscan.io/txs?a=0x058e678044717047c9e245b7285ed5b5bfa64ced
Title: https://etherscan.io/txs?a=0x058e678044717047c9e245b7285ed5b5bfa64ced

Search URL Search Domain Scan URL

URL: https://etherscan.io/address/0x5eee75727d804a2b13038928d36f8b188945a57a
Title: https://etherscan.io/address/0x5eee75727d804a2b13038928d36f8b188945a57a

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://look.shadowfury.xyz/ HTTP 301
https://look.shadowfury.xyz/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 12

https://look.shadowfury.xyz/cdn-cgi/challenge-platform/scripts/invisible.js HTTP 302
https://look.shadowfury.xyz/cdn-cgi/challenge-platform/h/b/scripts/jsd/5da7637f/invisible.js

16 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
look.shadowfury.xyz/
Redirect Chain

http://look.shadowfury.xyz/
https://look.shadowfury.xyz/

21 KB
9 KB

119ms
92ms

Document
text/html

2606:4700::6812:131b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://look.shadowfury.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:131b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

23b0beee2b2213cc8a2fa4624d1bbf51191a3d7ccf9ff8ed6aca01789bff74b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=0, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7d4835a9df809bfa-FRA
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Fri, 09 Jun 2023 09:04:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QEDOBhtlysHvKK38Fjh3ReUNNcTxkA%2BdRD%2F3h8EW5YHTDtlWe6qbBrnHeX1uchdryWbyW2qnuGBYkL9amVELTCz%2F8AdsAIk7Udqgsn%2FDymhDAKB6cJOHUXkdwBNWgAWCRVECG2shzyMFj55ng494Z4j4"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff

Redirect headers

CF-RAY: 7d4835a98faf1db0-FRA
Cache-Control: max-age=3600
Connection: keep-alive
Date: Fri, 09 Jun 2023 09:04:52 GMT
Expires: Fri, 09 Jun 2023 10:04:52 GMT
Location: https://look.shadowfury.xyz/
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400

GET
H2 200 style.css
look.shadowfury.xyz/css/ 8 KB
3 KB 95ms
94ms Stylesheet
text/css 2606:4700::6812:131b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://look.shadowfury.xyz/css/style.css

Requested by

Host: look.shadowfury.xyz
URL: https://look.shadowfury.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:131b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3048097062b9785424742dd436af3a26859db70804a34a88553e5c36b91a2179

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://look.shadowfury.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Fri, 09 Jun 2023 09:04:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"c3930caac835f28d2ed9891f6090b472"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ygPgKbnnuPvUYpMWqxw5olqG5rQKu3adyVtru7FRrQkzrFlGq%2FK8UdSjLc2%2BD5Up9iXQddr6l2BsfNoacGSCx0U9%2FREvPwg00Qilo6dyyYuKgWyYchiGACZZJwKooeQ4MHTzMlvrMwkQZdgPYg%2F8yN1r"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=14400
cf-ray: 7d4835aa78199bfa-FRA
expires: Fri, 09 Jun 2023 13:04:52 GMT

GET
H2 200 20221122-T104523-2e7PkgJo.png
look.shadowfury.xyz/ 991 KB
993 KB 121ms
120ms Image
image/png 2606:4700::6812:131b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://look.shadowfury.xyz/20221122-T104523-2e7PkgJo.png

Requested by

Host: look.shadowfury.xyz
URL: https://look.shadowfury.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:131b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dca77218a9fdba63aec821960fa6c0cf0d0c674d477ae1175be9499cbbd7f7b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://look.shadowfury.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Fri, 09 Jun 2023 09:04:52 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 1015202
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: "d12550f7c81528da5501677bd92f94e0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eFtdgUYsMv5obZL4QszJJbqsgXO4D%2Bkrxc3RI2Z1Nbx39WlI4qar414NYlPy7%2F8KPGxc%2Fkn39RU9UziqilXEtjzwa%2BsLUPi0rUUzaLZ%2Fx8zI2xP8Qo2wzhmy2dgXg2F6Vt3yXLhxl%2BV99xQ9vqzbyKKE"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7d4835aa781a9bfa-FRA
expires: Fri, 09 Jun 2023 13:04:52 GMT

GET
H2 200 20221122-T102532-37MCgAto.png
look.shadowfury.xyz/ 2 MB
2 MB 196ms
196ms Image
image/png 2606:4700::6812:131b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://look.shadowfury.xyz/20221122-T102532-37MCgAto.png

Requested by

Host: look.shadowfury.xyz
URL: https://look.shadowfury.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:131b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8e903fbe64924ed8facbb49c2a52712f60f51ebf5f750071e97a97f46a1fde57

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://look.shadowfury.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Fri, 09 Jun 2023 09:04:53 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 2011568
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: "bbaaebdff16ecc3572d40749afff6996"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8UXX1gHNvr1Yp0romxEkVrFap%2Fx%2FVO1ku2S22CAdRZctjF0TUhi0XuMXzV5Xq%2FEEyT4QTw%2FQkGWnEKUJ4GE0BQ%2FuIRfcPbgrRoigMU1EE1gfwkI5LL716kg3UpdGzguCcLo12Fazd3TXZFikLtNj1IvU"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7d4835aa781c9bfa-FRA
expires: Fri, 09 Jun 2023 13:04:53 GMT

GET
H2 200 20221122-T102713-b9GnnOOC.png
look.shadowfury.xyz/ 131 KB
131 KB 106ms
106ms Image
image/png 2606:4700::6812:131b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://look.shadowfury.xyz/20221122-T102713-b9GnnOOC.png

Requested by

Host: look.shadowfury.xyz
URL: https://look.shadowfury.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:131b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

928dfc8c2f5f9f150b0d6dcbcf3c6ae69ec72f47d3522fe1882fb4283f9930fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://look.shadowfury.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Fri, 09 Jun 2023 09:04:52 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 133853
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: "795b731fee40bf6a5dfe323ad029837e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6OcFZ%2FIvAE%2Blh%2FwDaSeikipA6KslLX7dD6MM1jTKJodGLxOWfhAszrSxxSUIMUhDGBYhoLWrVC3DlchALW4fs8iSfUf1YK3chhUxpBr0boQgEjJ6oDP7%2FHBAgdnfhS6HtNpWXhXY%2FLh0wAzcw3lZtTS9"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7d4835aa781d9bfa-FRA
expires: Fri, 09 Jun 2023 13:04:52 GMT

GET
H2 200 20221122-T103014-RRVtCRXD.png
look.shadowfury.xyz/ 285 KB
285 KB 109ms
109ms Image
image/png 2606:4700::6812:131b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://look.shadowfury.xyz/20221122-T103014-RRVtCRXD.png

Requested by

Host: look.shadowfury.xyz
URL: https://look.shadowfury.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:131b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2fd966ad5910a391a054b4b2c8307de4ecc6b0f73d54eed6af83f52a2337b432

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://look.shadowfury.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Fri, 09 Jun 2023 09:04:52 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 291490
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: "8dd90334c44efb289b4354e3618f3888"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mQLq%2B0xSC4oaf8YXOcB6RwY5CQ8OCFJ3YaQWBCNsc%2FBAX03iNXVjksnRH7XKyHXKTrByG01EDFdtIje1i0raSE93r%2BtEWtSncl0I4bEeutmgYK%2FII42MhsOtVcAYlO8nBKFKy2%2FEvcNnxE3esCHKCHeQ"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7d4835aa781e9bfa-FRA
expires: Fri, 09 Jun 2023 13:04:52 GMT

GET
H2 200 20221122-T103229-tGMrAEi1.png
look.shadowfury.xyz/ 87 KB
88 KB 102ms
102ms Image
image/png 2606:4700::6812:131b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://look.shadowfury.xyz/20221122-T103229-tGMrAEi1.png

Requested by

Host: look.shadowfury.xyz
URL: https://look.shadowfury.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:131b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1dc1f4ba24128a4a582a5e0deb15944697d6c9d805ba83122dcd14ccde1e4339

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://look.shadowfury.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Fri, 09 Jun 2023 09:04:52 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 89398
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: "e4c7dd76b2da4d47e70fd731d3bce5d2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gvlm3TKsre4meCB91zzLFtotbLEFczuNsBoo%2BE1S96DaNGlaHCe%2FSh3%2BtEdt3j4jqMqibb%2FclyOYszuMG7dAZc%2BuPh4waCsy%2Bu1QdwqPtmnT7Yg%2FiNLvWNauA4D%2Fay7cYM8mA8dhNbGrOiNDvnpBe5xr"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7d4835aa781f9bfa-FRA
expires: Fri, 09 Jun 2023 13:04:52 GMT

GET
H2 200 20221122-T103340-FQRglt8p.png
look.shadowfury.xyz/ 21 KB
21 KB 141ms
139ms Image
image/png 2606:4700::6812:131b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://look.shadowfury.xyz/20221122-T103340-FQRglt8p.png

Requested by

Host: look.shadowfury.xyz
URL: https://look.shadowfury.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:131b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb2ed009bab6d2f72333fbde6be6a8895f6376f6bd9cb94931cba055b4a7bf50

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://look.shadowfury.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Fri, 09 Jun 2023 09:04:52 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 21139
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: "d10861b812695a598a8934c4713934ed"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BycpjrxnD2PHvw%2FkO4L7PmeMlEDBHTv000Fdu1VdcypnkzEHcpiLgsz0k1MdmgQJx2l%2BZB8%2B6Zj9xtUP8YSmB2HX81ye%2FAm39teYmN7WxDmi3ApJXj75g1R3A8PGuDbHVbsYAWKnu2ep3s6lZHF%2FQGfS"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7d4835aa78249bfa-FRA
expires: Fri, 09 Jun 2023 13:04:52 GMT

GET
H2 200 20221122-T103430-8alvsgMy.png
look.shadowfury.xyz/ 365 KB
366 KB 93ms
91ms Image
image/png 2606:4700::6812:131b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://look.shadowfury.xyz/20221122-T103430-8alvsgMy.png

Requested by

Host: look.shadowfury.xyz
URL: https://look.shadowfury.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:131b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9a08f127fd197b112d61951bedc1d4f97d41f454c04d1f6b1f97b14f7c968a60

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://look.shadowfury.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Fri, 09 Jun 2023 09:04:52 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 373698
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: "d1e69017816e57f9fcf64ad1ca10ef97"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S%2FHEMXg12IGhnRZ66%2FzkrTSi2t9rN8r%2FThd9YjwPWcWzE4krT7JHRllOXi%2FsgVmIfDffhx6U8Qut08WOULt2ik6HtIckYmF9KagoH42y1YFyBruxdahNcugsW%2F4uzBC0UBXL%2B%2F53lSqgAIjNe6Y1c1kz"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7d4835aa78259bfa-FRA
expires: Fri, 09 Jun 2023 13:04:52 GMT

GET
H2 200 20221122-T110806-BNtkPhgV.png
look.shadowfury.xyz/ 783 KB
784 KB 118ms
116ms Image
image/png 2606:4700::6812:131b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://look.shadowfury.xyz/20221122-T110806-BNtkPhgV.png

Requested by

Host: look.shadowfury.xyz
URL: https://look.shadowfury.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:131b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

241f987eb35684e10a117a7c114da1e658475f234edd368808f5a1fbda98c5ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://look.shadowfury.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Fri, 09 Jun 2023 09:04:52 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 801809
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: "68a407bb6abf0725ad24a17a75c900db"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SifGW2AQALP1XJpDSk%2BC6E%2BahgIpQ0sbEDUy23JQ3PmqOjPUfMwMmxSqmKpL2XtBE3jKW7uEsQ8v%2BhOXnEtGvE7nqW3U8P%2Bh4S5kqWEL9vnrD0pKzgygl%2BzR%2FXp2YfXS4b%2BiFyv3J%2Bjp0zJENXoyzE%2BS"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7d4835aa78269bfa-FRA
expires: Fri, 09 Jun 2023 13:04:52 GMT

GET
H2 200 20221122-T110605-ba25Uf08.png
look.shadowfury.xyz/ 567 KB
568 KB 142ms
141ms Image
image/png 2606:4700::6812:131b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://look.shadowfury.xyz/20221122-T110605-ba25Uf08.png

Requested by

Host: look.shadowfury.xyz
URL: https://look.shadowfury.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:131b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0c259275cbdb541ae8e63a4c0b8faff50aaeb73d40640a47733b363038732bcb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://look.shadowfury.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Fri, 09 Jun 2023 09:04:53 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 580583
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: "bb19bf7eb2c129a4f00e149edfcb4d85"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CftLlb8yD3jmbrv0TmML%2F680G5MQQX9S69ymt7vEJ6QLhb8APN6S2IsSvaRoAy3tnSYeYxJC6ve00t85PRubYZ8GAZKGbIp43tSIRNLV1WNTOqEj3dIP1BGKWIxu80ux9WVcKzSY7KdJ8C8j0gmXylCi"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7d4835aa882a9bfa-FRA
expires: Fri, 09 Jun 2023 13:04:52 GMT

GET
H2 200 20221122-T105711-a0vCMdNf.png
look.shadowfury.xyz/ 332 KB
333 KB 785ms
784ms Image
image/png 2606:4700::6812:131b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://look.shadowfury.xyz/20221122-T105711-a0vCMdNf.png

Requested by

Host: look.shadowfury.xyz
URL: https://look.shadowfury.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:131b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b16251969c3d5de019a9c169dc16306822b361d3536a4b18fab17a45b48a2607

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://look.shadowfury.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Fri, 09 Jun 2023 09:04:53 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 340006
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: "46d6c05211642910975a489be44d6c38"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=InYB4dJGt6ODKYLjhYOVJ3orq0OKLHSetDk6D1xGADIGXBdpGK4uaYzgJRvpn%2FXftmyF9QSwIDtJEuNftbBUfXobz4KMZQI9u9nMybjSyktv9zJIgi0NjUYVsPfoDnYJ%2FCSIHTF9vwEF82yZ8lGfXpN6"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7d4835aa882b9bfa-FRA
expires: Fri, 09 Jun 2023 13:04:53 GMT

GET
H2 200 email-decode.min.js Show response
look.shadowfury.xyz/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
824 B 14ms
14ms Script
application/javascript 2606:4700::6812:131b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://look.shadowfury.xyz/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: look.shadowfury.xyz
URL: https://look.shadowfury.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:131b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://look.shadowfury.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Fri, 09 Jun 2023 09:04:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 30 May 2023 15:21:01 GMT
server: cloudflare
etag: W/"6476145d-4d7"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 7d4835aa781b9bfa-FRA
expires: Sun, 11 Jun 2023 09:04:52 GMT

GET
H3

200

invisible.js Show response
look.shadowfury.xyz/cdn-cgi/challenge-platform/h/b/scripts/jsd/5da7637f/ Frame 6F24
Redirect Chain

https://look.shadowfury.xyz/cdn-cgi/challenge-platform/scripts/invisible.js
https://look.shadowfury.xyz/cdn-cgi/challenge-platform/h/b/scripts/jsd/5da7637f/invisible.js

22 KB
11 KB

14ms
14ms

Script
application/javascript

2606:4700::6812:131b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://look.shadowfury.xyz/cdn-cgi/challenge-platform/h/b/scripts/jsd/5da7637f/invisible.js

Requested by

Host: look.shadowfury.xyz
URL: https://look.shadowfury.xyz/

Protocol

Server

2606:4700::6812:131b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c0de26cf7f017e5df1a5c16cbed92fc5563f1a94e96696eed7ae9731c7de550f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Fri, 09 Jun 2023 09:04:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
vary: accept-encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 7d4835abbd3b1d92-FRA
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Fri, 09 Jun 2023 09:04:53 GMT
content-encoding: gzip
server: cloudflare
vary: accept-encoding
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/5da7637f/invisible.js
access-control-allow-origin: *
cache-control: max-age=300, public
cf-ray: 7d4835ab6cd91d92-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 pica.js
look.shadowfury.xyz/cdn-cgi/challenge-platform/h/b/scripts/ Frame 6F24 6 KB
3 KB 18ms
17ms Other
application/javascript 2606:4700::6812:131b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://look.shadowfury.xyz/cdn-cgi/challenge-platform/h/b/scripts/pica.js

Requested by

Host: look.shadowfury.xyz
URL: https://look.shadowfury.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:131b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7198a1fe20af8a3a487bff4d6dac1ae9cf921370ce51d50cf2842b861213f69

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Fri, 09 Jun 2023 09:04:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
vary: accept-encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 7d4835abfd7f1d92-FRA
alt-svc: h3=":443"; ma=86400

POST
H3 200 7d4835a9df809bfa Show response
look.shadowfury.xyz/cdn-cgi/challenge-platform/h/b/cv/result/ Frame 6F24 2 B
314 B 27ms
26ms XHR
text/plain 2606:4700::6812:131b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://look.shadowfury.xyz/cdn-cgi/challenge-platform/h/b/cv/result/7d4835a9df809bfa
Requested by: Host: look.shadowfury.xyz
URL: https://look.shadowfury.xyz/cdn-cgi/challenge-platform/scripts/invisible.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:131b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 09 Jun 2023 09:04:53 GMT
content-encoding: gzip
server: cloudflare
cf-ray: 7d4835ad0ee41d92-FRA
alt-svc: h3=":443"; ma=86400
content-type: text/plain; charset=UTF-8

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless object| onbeforetoggle object| onscrollend

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.shadowfury.xyz/	1970-01-20 12:25:03	Name: __cf_bm Value: de.6JJn01Nf_dI3Xe3Tcx_IBwwsrS4sm1lB7C4kW4uc-1686301493-0-AXQq4l01sDKmyjLD+4MQFvV3K5aVsLii0wj6pbhp40lYYu47hSF1jf6YJt/7N2obVQ==

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

look.shadowfury.xyz
2606:4700::6812:121b
2606:4700::6812:131b
0c259275cbdb541ae8e63a4c0b8faff50aaeb73d40640a47733b363038732bcb
1dc1f4ba24128a4a582a5e0deb15944697d6c9d805ba83122dcd14ccde1e4339
23b0beee2b2213cc8a2fa4624d1bbf51191a3d7ccf9ff8ed6aca01789bff74b7
241f987eb35684e10a117a7c114da1e658475f234edd368808f5a1fbda98c5ce
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2fd966ad5910a391a054b4b2c8307de4ecc6b0f73d54eed6af83f52a2337b432
3048097062b9785424742dd436af3a26859db70804a34a88553e5c36b91a2179
8e903fbe64924ed8facbb49c2a52712f60f51ebf5f750071e97a97f46a1fde57
928dfc8c2f5f9f150b0d6dcbcf3c6ae69ec72f47d3522fe1882fb4283f9930fe
9a08f127fd197b112d61951bedc1d4f97d41f454c04d1f6b1f97b14f7c968a60
b16251969c3d5de019a9c169dc16306822b361d3536a4b18fab17a45b48a2607
c0de26cf7f017e5df1a5c16cbed92fc5563f1a94e96696eed7ae9731c7de550f
dca77218a9fdba63aec821960fa6c0cf0d0c674d477ae1175be9499cbbd7f7b6
f7198a1fe20af8a3a487bff4d6dac1ae9cf921370ce51d50cf2842b861213f69
fb2ed009bab6d2f72333fbde6be6a8895f6376f6bd9cb94931cba055b4a7bf50

look.shadowfury.xyz Open in urlscan Pro 2606:4700::6812:131b Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

16 Requests

94 %HTTPS

100 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

5563 kBTransfer

5583 kBSize

1 Cookies

15 Outgoing links

Page URL History

Redirected requests

16 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

1 Cookies

Security Headers

Indicators

look.shadowfury.xyz Open in urlscan Pro
2606:4700::6812:131b Public Scan

Screenshot
Live screenshot

Full Image

16
Requests

94 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

5563 kB
Transfer

5583 kB
Size

1
Cookies

16 HTTP transactions
0 data transactions