mb.shadow369.xyz Open in urlscan Pro
69.197.135.202  Public Scan

2 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

25 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response mb.shadow369.xyz/	16 KB 5 KB	892ms 535ms	Document text/html	69.197.135.202 WII
General Check archive.org Show headers Download Go to Full URL https://mb.shadow369.xyz/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 69.197.135.202 , United States, ASN32097 (WII, US), Reverse DNS Software openresty / Express Resource Hash 1c8ae75954e1add44c16d893519a123b9d667cf3acac6595bcec47748ef019bb Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers Cache-Control public, max-age=0 Connection keep-alive Content-Encoding gzip Content-Type text/html; charset=UTF-8 Date Tue, 28 May 2024 09:12:39 GMT ETag W/"4111-181e7ff0106" Last-Modified Sun, 10 Jul 2022 12:04:17 GMT Server openresty Transfer-Encoding chunked X-Powered-By Express X-Served-By mb.shadow369.xyz
GET H2	200	bootstrap.min.css cdn.jsdelivr.net/npm/bootstrap@5.0.0-beta3/dist/css/	151 KB 25 KB	35ms 10ms	Stylesheet text/css	2a04:4e42:400::485 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/bootstrap@5.0.0-beta3/dist/css/bootstrap.min.css Requested by Host: mb.shadow369.xyz URL: https://mb.shadow369.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 0d4f6240127cf5d1cfda2caeb0283efb4c9c879e43031f102fa3fc09853ae1b2 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://mb.shadow369.xyz/ Origin https://mb.shadow369.xyz Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=31536000; includeSubDomains; preload date Tue, 28 May 2024 09:12:39 GMT x-content-type-options nosniff content-encoding br age 1067088 x-jsd-version 5.0.0-beta3 x-cache HIT cross-origin-resource-policy cross-origin alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 content-length 25310 x-served-by cache-fra-etou8220063-FRA x-jsd-version-type version etag W/"25cfb-UcVSpq1X1XvRNJScPVMSiB9RqJM" vary Accept-Encoding content-type text/css; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=31536000, s-maxage=31536000, immutable accept-ranges bytes timing-allow-origin *
GET H3	200	all.min.css cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/	58 KB 11 KB	35ms 18ms	Stylesheet text/css	104.17.24.14 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/all.min.css Requested by Host: mb.shadow369.xyz URL: https://mb.shadow369.xyz/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://mb.shadow369.xyz/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 28 May 2024 09:12:39 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15780000 age 311856 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 10462 last-modified Mon, 13 Sep 2021 19:10:03 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "613fa20b-28de" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wKHcp4AVB4cPAyfjhyaRJVuVYjRj%2Fj86JnaETi6epKfytwzH9TAj9mSLWwuScc2cLupHaOV%2B80nM9xXPFRYjwUo0xPISKSnSkyHzgg6FOQEojnISa9cnaMRgGpacQ3fb%2BzYz7kFK"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes timing-allow-origin * cf-ray 88ad1fcd8daa30cc-FRA expires Sun, 18 May 2025 09:12:39 GMT
GET H3	200	fontawesome.min.css cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/	57 KB 11 KB	39ms 22ms	Stylesheet text/css	104.17.24.14 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/fontawesome.min.css Requested by Host: mb.shadow369.xyz URL: https://mb.shadow369.xyz/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0588d1661498d804543dc1537f9784877a962b9f0ef3c4ccee765eb7f2543611 Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://mb.shadow369.xyz/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 28 May 2024 09:12:39 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15780000 age 311401 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 10266 last-modified Mon, 13 Sep 2021 19:10:03 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "613fa20b-281a" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Z6Rnmkt3qP%2FQeoW9m1xOlqy7mekbSgWx8kCOinjSvnbFZ4lS2juD4ziQtP5wrfX0e0b29qu3bH%2BhK3%2FsBo%2Fm9cGN3lt%2BdmjOBT94eA68bNyZne9DLboFWD4tB75ug9qx3oi%2BP6XP"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes timing-allow-origin * cf-ray 88ad1fcd8da830cc-FRA expires Sun, 18 May 2025 09:12:39 GMT
GET H2	200	css2 fonts.googleapis.com/	789 B 802 B	42ms 17ms	Stylesheet text/css	2a00:1450:4001:813::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Poppins:wght@600&display=swap Requested by Host: mb.shadow369.xyz URL: https://mb.shadow369.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash b8588b441cd046cc43fcf1541b059fb8f5d84506adf68d5f8109eb6e37263422 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://mb.shadow369.xyz/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=31536000 date Tue, 28 May 2024 09:12:39 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Tue, 28 May 2024 08:44:36 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Tue, 28 May 2024 09:12:39 GMT
GET H2	200	721c73bcd2e49f3a621991089838b503 db.onlinewebfonts.com/c/	1 KB 694 B	471ms 152ms	Stylesheet text/css	15.204.22.185 OVH
General Check archive.org Show headers Download Go to Full URL https://db.onlinewebfonts.com/c/721c73bcd2e49f3a621991089838b503?family=Euclid+Circular+B+Medium Requested by Host: mb.shadow369.xyz URL: https://mb.shadow369.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 15.204.22.185 Hillsboro, United States, ASN16276 (OVH, FR), Reverse DNS ip185.ip-15-204-22.us Software nginx / Resource Hash b30914dfa472e7dd244a8f88a2e9fb8fb1ff6a67a66010c01d7ff94cc40926c1 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://mb.shadow369.xyz/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 28 May 2024 09:08:59 GMT content-encoding gzip server nginx vary Accept-Encoding, Accept-Encoding access-control-allow-methods GET,POST,OPTIONS content-type text/css;charset=UTF-8 access-control-allow-origin * nginx-cache HIT cache-control public,max-age=86400,must-revalidate access-control-allow-headers X-Requested-With
GET H3	200	adsbygoogle.js Show response pagead2.googlesyndication.com/pagead/js/	147 KB 50 KB	67ms 51ms	Script text/javascript	142.250.74.194 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9153248141395764 Requested by Host: mb.shadow369.xyz URL: https://mb.shadow369.xyz/ Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s02-in-f2.1e100.net Software cafe / Resource Hash 7e5ff94c6bc8686917159bf85b1a7768c29f3bfb5f13a096b8576b15809d225b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://mb.shadow369.xyz/ Origin https://mb.shadow369.xyz Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 28 May 2024 09:12:39 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 51220 x-xss-protection 0 server cafe etag 3125811780954321683 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=3600, stale-while-revalidate=3600 timing-allow-origin * link <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin expires Tue, 28 May 2024 09:12:39 GMT
GET H/1.1	200 OK	logo.gif mb.shadow369.xyz/	572 KB 572 KB	641ms 640ms	Image image/gif	69.197.135.202 WII
General Check archive.org Show headers Download Go to Show image Full URL https://mb.shadow369.xyz/logo.gif Requested by Host: mb.shadow369.xyz URL: https://mb.shadow369.xyz/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 69.197.135.202 , United States, ASN32097 (WII, US), Reverse DNS Software openresty / Express Resource Hash 499f364ef8e58443091adb89fd6919e44de3704b8971e32cd2ce02aa3804386b Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://mb.shadow369.xyz/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Tue, 28 May 2024 09:12:39 GMT Last-Modified Sun, 09 Jan 2022 08:43:26 GMT Server openresty X-Powered-By Express ETag W/"8f07c-17e3e01b77a" Content-Type image/gif Cache-Control public, max-age=0 Connection keep-alive Accept-Ranges bytes Content-Length 585852 X-Served-By mb.shadow369.xyz
GET H2	200	bootstrap.bundle.min.js Show response cdn.jsdelivr.net/npm/bootstrap@5.0.0-beta3/dist/js/	79 KB 24 KB	29ms 7ms	Script application/javascript	2a04:4e42:400::485 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/bootstrap@5.0.0-beta3/dist/js/bootstrap.bundle.min.js Requested by Host: mb.shadow369.xyz URL: https://mb.shadow369.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 05304a8f26373142efa126a87977201cbc22d408c573f151ee2907933e9099f7 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://mb.shadow369.xyz/ Origin https://mb.shadow369.xyz Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=31536000; includeSubDomains; preload date Tue, 28 May 2024 09:12:39 GMT x-content-type-options nosniff content-encoding br age 1729897 x-jsd-version 5.0.0-beta3 x-cache HIT cross-origin-resource-policy cross-origin alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 content-length 23824 x-served-by cache-fra-etou8220063-FRA x-jsd-version-type version etag W/"13a2b-LayF+MVECCdqC/PP+pHf1O96P1E" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=31536000, s-maxage=31536000, immutable accept-ranges bytes timing-allow-origin *
GET H2	200	jquery.min.js Show response ajax.googleapis.com/ajax/libs/jquery/3.5.1/	87 KB 31 KB	38ms 9ms	Script text/javascript	2a00:1450:4001:812::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js Requested by Host: mb.shadow369.xyz URL: https://mb.shadow369.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://mb.shadow369.xyz/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 27 May 2024 12:37:38 GMT content-encoding gzip x-content-type-options nosniff age 74101 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 31021 x-xss-protection 0 last-modified Fri, 08 May 2020 07:05:03 GMT server sffe cross-origin-opener-policy same-origin; report-to="hosted-libraries-pushers" vary Accept-Encoding report-to {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Tue, 27 May 2025 12:37:38 GMT
GET H3	200	show_ads_impl_with_ama_fy2021.js Show response pagead2.googlesyndication.com/pagead/managed/js/adsense/m202405230101/	424 KB 143 KB	83ms 65ms	Script text/javascript	142.250.74.194 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202405230101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9153248141395764&plah=mb.shadow369.xyz&aplac=true Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9153248141395764 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s02-in-f2.1e100.net Software cafe / Resource Hash 5b267da9d91348ba45cda6621cab872249342ad07d5b6b0d20bb4c00aed53d2f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://mb.shadow369.xyz/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 28 May 2024 09:12:39 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 146506 x-xss-protection 0 server cafe etag 8777691608422525776 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=3600, stale-while-revalidate=3600 timing-allow-origin * expires Tue, 28 May 2024 09:12:39 GMT
GET H3	200	fa-brands-400.woff2 cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/webfonts/	75 KB 76 KB	50ms 38ms	Font application/octet-stream	104.17.24.14 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/webfonts/fa-brands-400.woff2 Requested by Host: cdnjs.cloudflare.com URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/all.min.css Protocol H3 Security QUIC, , AES_128_GCM Server 104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8ea8791754915a898a3100e63e32978a6d1763be6df8e73a39d3a90d691cdeef Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/all.min.css Origin https://mb.shadow369.xyz Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 28 May 2024 09:12:39 GMT strict-transport-security max-age=15780000 x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 896360 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 76736 last-modified Mon, 13 Sep 2021 19:10:03 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "613fa20b-12bc0" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RYAfu75i0rUbxnX%2Febi6jkchK9%2BmLIdRYMChRKFX2h0IcnVtR10vw%2BJv9fsH9XoQE7khJgxiLW%2B8SMcSW%2FztU6DP9KyIqDBeyZHdYyT7RGXR5hjG1bA4vem5%2F57eUIjNGPZxdAnk"}],"group":"cf-nel","max_age":604800} content-type application/octet-stream; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes timing-allow-origin * cf-ray 88ad1fce3fbc3a61-FRA expires Sun, 18 May 2025 09:12:39 GMT
GET H3	200	fa-solid-900.woff2 cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/webfonts/	76 KB 77 KB	30ms 18ms	Font application/octet-stream	104.17.24.14 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/webfonts/fa-solid-900.woff2 Requested by Host: cdnjs.cloudflare.com URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/all.min.css Protocol H3 Security QUIC, , AES_128_GCM Server 104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537 Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/all.min.css Origin https://mb.shadow369.xyz Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 28 May 2024 09:12:39 GMT strict-transport-security max-age=15780000 x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 3648432 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 78268 last-modified Mon, 13 Sep 2021 19:10:03 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "613fa20b-131bc" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VXLjuMsnKrenwOqDdb%2BRmQKqsHImkm7UzjAkRlgxTUKvj9d%2BwXSB2NQfvSecLoNfmVe1c3xu4tYHxwBVPe7kKeNsquZJD68RmbSVwlGyUzYSp38fc57mn9ypHdcjs0Mqw2FOxqb2"}],"group":"cf-nel","max_age":604800} content-type application/octet-stream; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes timing-allow-origin * cf-ray 88ad1fce3fb83a61-FRA expires Sun, 18 May 2025 09:12:39 GMT
GET H3	200	zrt_lookup_fy2021.html pagead2.googlesyndication.com/pagead/html/r20240522/r20110914/ Frame 9B28	0 0	36ms 9ms	Document text/html	142.250.74.194 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/html/r20240522/r20110914/zrt_lookup_fy2021.html Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202405230101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9153248141395764&plah=mb.shadow369.xyz&aplac=true Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s02-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://mb.shadow369.xyz/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers age 28243 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=1209600 content-encoding br content-length 4164 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Tue, 28 May 2024 01:21:56 GMT etag 11731753506229902092 expires Tue, 11 Jun 2024 01:21:56 GMT p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/	0 20 B	41ms 41ms	Image image/gif	142.250.74.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=NAV&cls=navbar&ign=false&pw=1600&ph=1200&x=0&y=0 Requested by Host: mb.shadow369.xyz URL: https://mb.shadow369.xyz/ Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s02-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://mb.shadow369.xyz/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Tue, 28 May 2024 09:12:39 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	ads pagead2.googlesyndication.com/pagead/ Frame 992D	0 0	49ms 48ms	Document text/html	142.250.74.194 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-9153248141395764&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1657454657&plat=2%3A16777216%2C8%3A4194304%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x945_l%7C500x945_r&format=0x0&url=https%3A%2F%2Fmb.shadow369.xyz%2F&pra=5&wgl=1&easpi=0&aihb=0&asro=0&aslmct=0.7&asamct=0.7&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNS4wLjY0MjIuMTEyIixudWxsLDAsbnVsbCwiNjQiLFtbIkdvb2dsZSBDaHJvbWUiLCIxMjUuMC42NDIyLjExMiJdLFsiQ2hyb21pdW0iLCIxMjUuMC42NDIyLjExMiJdLFsiTm90LkEvQnJhbmQiLCIyNC4wLjAuMCJdXSwwXQ..&dt=1716887559367&bpp=4&bdt=103&idt=166&shv=r20240522&mjsv=m202405230101&ptt=9&saldr=aa&abxe=1&eoidce=1&nras=1&correlator=2617239857797&frm=20&pv=2&ga_vid=1613686327.1716887560&ga_sid=1716887560&ga_hid=115861128&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31083868%2C31083905%2C44795922%2C95330001%2C95331983%2C95331712%2C21065725%2C31078668&oid=2&pvsid=3181335364400173&tmod=644973075&uas=0&nvt=1&fsapi=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&nt=1&ifi=1&uci=a!1&fsb=1&dtd=204 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202405230101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9153248141395764&plah=mb.shadow369.xyz&aplac=true Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s02-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://mb.shadow369.xyz/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-encoding br content-length 46 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Tue, 28 May 2024 09:12:39 GMT p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H2	200	721c73bcd2e49f3a621991089838b503.woff2 db.onlinewebfonts.com/t/	24 KB 25 KB	594ms 297ms	Font application/x-font-woff	15.204.22.185 OVH
General Check archive.org Show headers Download Go to Full URL https://db.onlinewebfonts.com/t/721c73bcd2e49f3a621991089838b503.woff2 Requested by Host: db.onlinewebfonts.com URL: https://db.onlinewebfonts.com/c/721c73bcd2e49f3a621991089838b503?family=Euclid+Circular+B+Medium Protocol H2 Security TLS 1.3, , AES_128_GCM Server 15.204.22.185 Hillsboro, United States, ASN16276 (OVH, FR), Reverse DNS ip185.ip-15-204-22.us Software nginx / Resource Hash 7d394f7c939668fab194304db5586f1a57ab21bef6e337176c6f763f5ad67267 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://db.onlinewebfonts.com/c/721c73bcd2e49f3a621991089838b503?family=Euclid+Circular+B+Medium Origin https://mb.shadow369.xyz Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 28 May 2024 09:09:00 GMT server nginx access-control-allow-methods GET,POST,OPTIONS content-type application/x-font-woff access-control-allow-origin * nginx-cache HIT cache-control public,max-age=86400,must-revalidate access-control-allow-headers X-Requested-With content-length 24996
GET H/1.1	200 OK	info Show response mb.shadow369.xyz/api/	179 B 442 B	637ms 396ms	XHR application/json	69.197.135.202 WII
General Check archive.org Show headers Download Go to Full URL https://mb.shadow369.xyz/api/info Requested by Host: ajax.googleapis.com URL: https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 69.197.135.202 , United States, ASN32097 (WII, US), Reverse DNS Software openresty / Express Resource Hash 061a35976a509a1ad0b3a5c4ccf11ead981ee5acdb9a41c3dc1d9eb7f2466d67 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Accept */* Referer https://mb.shadow369.xyz/ X-Requested-With XMLHttpRequest sec-ch-ua-platform "Win32" Response headers Date Tue, 28 May 2024 09:12:40 GMT Server openresty X-Powered-By Express ETag W/"b3-roUuZPFZuUbRpfjVdLAXXawUI30" Content-Type application/json; charset=utf-8 Connection keep-alive Content-Length 179 X-Served-By mb.shadow369.xyz
GET H/1.1	200 OK	commands Show response mb.shadow369.xyz/api/	3 KB 3 KB	638ms 396ms	XHR application/json	69.197.135.202 WII
General Check archive.org Show headers Download Go to Full URL https://mb.shadow369.xyz/api/commands Requested by Host: ajax.googleapis.com URL: https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 69.197.135.202 , United States, ASN32097 (WII, US), Reverse DNS Software openresty / Express Resource Hash d3b525989285a6c57eb6001be32bf388620d999fe7c81cd061f03a68256be68b Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Accept */* Referer https://mb.shadow369.xyz/ X-Requested-With XMLHttpRequest sec-ch-ua-platform "Win32" Response headers Date Tue, 28 May 2024 09:12:40 GMT Server openresty X-Powered-By Express ETag W/"a02-9tSfBF5+3X202lzlhGuvImFmsRU" Content-Type application/json; charset=utf-8 Connection keep-alive Content-Length 2562 X-Served-By mb.shadow369.xyz
GET H2	200	721c73bcd2e49f3a621991089838b503.woff db.onlinewebfonts.com/t/	35 KB 35 KB	160ms 160ms	Font application/x-font-woff	15.204.22.185 OVH
General Check archive.org Show headers Download Go to Full URL https://db.onlinewebfonts.com/t/721c73bcd2e49f3a621991089838b503.woff Requested by Host: db.onlinewebfonts.com URL: https://db.onlinewebfonts.com/c/721c73bcd2e49f3a621991089838b503?family=Euclid+Circular+B+Medium Protocol H2 Security TLS 1.3, , AES_128_GCM Server 15.204.22.185 Hillsboro, United States, ASN16276 (OVH, FR), Reverse DNS ip185.ip-15-204-22.us Software nginx / Resource Hash 4a5338262068b7848eb041280200afa9acb923e1cf2ad927506b64632ab1f78b Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://db.onlinewebfonts.com/c/721c73bcd2e49f3a621991089838b503?family=Euclid+Circular+B+Medium Origin https://mb.shadow369.xyz Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 28 May 2024 09:09:00 GMT server nginx access-control-allow-methods GET,POST,OPTIONS content-type application/x-font-woff access-control-allow-origin * nginx-cache HIT cache-control public,max-age=86400,must-revalidate access-control-allow-headers X-Requested-With content-length 35836
GET H3	200	sodar Show response pagead2.googlesyndication.com/getconfig/	17 KB 13 KB	60ms 60ms	XHR application/json	142.250.74.194 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240522&st=env Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202405230101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9153248141395764&plah=mb.shadow369.xyz&aplac=true Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s02-in-f2.1e100.net Software cafe / Resource Hash 920ec08438c0e9f4801b21599f90b25dc3a6562d5a60dbad6af9df7190a67f5e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://mb.shadow369.xyz/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 28 May 2024 09:12:40 GMT content-encoding br x-content-type-options nosniff server cafe content-type application/json; charset=UTF-8 access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 12798 x-xss-protection 0
GET H/1.1	200 OK	logo.gif mb.shadow369.xyz/	572 KB 294 B	390ms 390ms	Other image/gif	69.197.135.202 WII
General Check archive.org Show headers Download Go to Full URL https://mb.shadow369.xyz/logo.gif Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 69.197.135.202 , United States, ASN32097 (WII, US), Reverse DNS Software openresty / Express Resource Hash 499f364ef8e58443091adb89fd6919e44de3704b8971e32cd2ce02aa3804386b Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://mb.shadow369.xyz/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Tue, 28 May 2024 09:12:40 GMT Last-Modified Sun, 09 Jan 2022 08:43:26 GMT Server openresty X-Powered-By Express ETag W/"8f07c-17e3e01b77a" Content-Type image/gif Cache-Control public, max-age=0 Accept-Ranges bytes Content-Length 585852 X-Served-By mb.shadow369.xyz
GET H2	200	sodar2.js Show response tpc.googlesyndication.com/sodar/	17 KB 7 KB	41ms 18ms	Script text/javascript	2a00:1450:4001:830::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202405230101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9153248141395764&plah=mb.shadow369.xyz&aplac=true Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://mb.shadow369.xyz/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 28 May 2024 09:12:40 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 6386 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" etag "1637097310169751" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Tue, 28 May 2024 09:12:40 GMT
GET H2	200	runner.html tpc.googlesyndication.com/sodar/sodar2/225/ Frame A510	0 0	30ms 8ms	Document text/html	2a00:1450:4001:830::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://mb.shadow369.xyz/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers accept-ranges bytes age 396 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding gzip content-length 5046 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Tue, 28 May 2024 09:06:04 GMT expires Wed, 28 May 2025 09:06:04 GMT last-modified Mon, 21 Jun 2021 20:47:05 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET		sodar pagead2.googlesyndication.com/pagead/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

pagead2.googlesyndication.com

URL

https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240522&jk=3181335364400173&bg=!8POl87zNAAbUqhG89Ko7ADQBe5WfOJiQx7UT3UIF6OlekIxZDsxpYwoLPz-ugSglTG8bBOzfnBG47r2OAj0l_aDW8WTMAgAAADJSAAAAAWgBB34ANokW8_4mvhe7fxhukUImgVqayH0_sAiOVgThpt0kTvWFm-68GemiHiOCbfpS23lautpf88JrApkCmakxKqwpwhaRVdNQt8FBPrFfzYIL4GpVRvCsjTn0rV6WEhU5_fVEvZTdSWR7XPzHDcWOWWe2QEtk3VinRztO3XJGYP4JQ7q3OmahzpKk9QpAgJZkiheXqrEj_49LAKGZ64h3oXk9fAzaztPwJMvDwe2sGsKIGN2AFSE0e0DDdQ90TT9OQNNoE4_XjwpdwLuaO1qBQ6SwnModabYOLf4y_UzauOjY3R2ILTTEzw4lmEYqbwcC2UBY4oASgGLRbHwanopjHcJG1LAB7gBFgO3ZDoKGgPLdx_85knmCVbkUjvhmqcAadsdOnA_GboN8w25a_WiWT0_1TWeZFN3_eYYlNgJjoVfbhKYK5aMX1CkM_m8qhsAdat9Zt8iLEtFZ3T1jr4Czh96mCVvXuWT-J0zq3SX0v2Z0wBQMkXfuz98S45aW5GbyI-LBorEW1zqxUDAMUUUw-rDO4R61KK6W0yp4VQvS8ypffX-HEmav4xC84Lvs4-JsVyQmxI9-ge2WOFtnmnAFmKnKL3hBA4DU4-B-8Fl-gvLUx6Zis1GWxCyzdNlQ-E_6qdHZNtVJu9GuiHlkXKKmz-CWGEsxscUyCm1MHKQf4Qy9hnAcE6HuQ-TB3GePtk8MTibCwBOQRx8JMHo-hp5Ji6tRo0BuV6_Tusq25qA710TjgpSzh98HrhREoWBVMS637LGspCQtSMj9lZs9kcD0nWEkLvvlC8a99Gqk8wcWwCqYCYxd6QFi1PqVEhxkHPNV4e5ySlRKmolIU5CV_sYRZt4J-MhuzanNX_gTResj7u9dRRrtjoHw0_zkW81FxvWWheM0K3Gw4BNcsJ-nDefWDcU9ESOjmTvGDCNr7dr83-67fPFNo2_eo_SmkQ2pZC2qzd067xDQ

33 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_tag_data boolean| google_plmetrics object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint function| google_sa_impl object| google_image_requests number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages number| uidEvent object| bootstrap function| $ function| jQuery object| GoogleGcLKhOms

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
db.onlinewebfonts.com
fonts.googleapis.com
mb.shadow369.xyz
pagead2.googlesyndication.com
tpc.googlesyndication.com
pagead2.googlesyndication.com
104.17.24.14
142.250.74.194
15.204.22.185
2a00:1450:4001:812::200a
2a00:1450:4001:813::200a
2a00:1450:4001:830::2001
2a04:4e42:400::485
69.197.135.202
05304a8f26373142efa126a87977201cbc22d408c573f151ee2907933e9099f7
0588d1661498d804543dc1537f9784877a962b9f0ef3c4ccee765eb7f2543611
061a35976a509a1ad0b3a5c4ccf11ead981ee5acdb9a41c3dc1d9eb7f2466d67
0d4f6240127cf5d1cfda2caeb0283efb4c9c879e43031f102fa3fc09853ae1b2
1c8ae75954e1add44c16d893519a123b9d667cf3acac6595bcec47748ef019bb
499f364ef8e58443091adb89fd6919e44de3704b8971e32cd2ce02aa3804386b
4a5338262068b7848eb041280200afa9acb923e1cf2ad927506b64632ab1f78b
5b267da9d91348ba45cda6621cab872249342ad07d5b6b0d20bb4c00aed53d2f
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
7d394f7c939668fab194304db5586f1a57ab21bef6e337176c6f763f5ad67267
7e5ff94c6bc8686917159bf85b1a7768c29f3bfb5f13a096b8576b15809d225b
8ea8791754915a898a3100e63e32978a6d1763be6df8e73a39d3a90d691cdeef
920ec08438c0e9f4801b21599f90b25dc3a6562d5a60dbad6af9df7190a67f5e
9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537
99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e
b30914dfa472e7dd244a8f88a2e9fb8fb1ff6a67a66010c01d7ff94cc40926c1
b8588b441cd046cc43fcf1541b059fb8f5d84506adf68d5f8109eb6e37263422
d3b525989285a6c57eb6001be32bf388620d999fe7c81cd061f03a68256be68b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d