shadowsplay.io Open in urlscan Pro
2606:4700:3037::6815:4dbc Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://shadowsplay.io/
Effective URL:
https://shadowsplay.io/
Submission: On November 24 via api (November 24th 2024, 3:44:48 pm UTC) from US — Scanned from US

Summary HTTP 93 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 15 IPs in 1 countries across 10 domains to perform 93 HTTP transactions. The main IP is 2606:4700:3037::6815:4dbc, located in United States and belongs to CLOUDFLARENET, US. The main domain is shadowsplay.io.
TLS certificate: Issued by WE1 on October 6th 2024. Valid for: 3 months.

This is the only time shadowsplay.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
64	2606:4700:303... 2606:4700:3037::6815:4dbc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:5049	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	23.57.90.111 23.57.90.111	20940 (AKAMAI-AS...) (AKAMAI-ASN1 Akamai International B.V.)
2	2607:f8b0:400... 2607:f8b0:4006:821::2008	15169 (GOOGLE) (GOOGLE)
1 1	2607:f8b0:400... 2607:f8b0:4006:822::200e	15169 (GOOGLE) (GOOGLE)
1 9	2001:4860:480... 2001:4860:4802:34::178	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c17::9c	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:809::2002	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:81c::2004	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:817::2002	15169 (GOOGLE) (GOOGLE)
1	13.225.63.7 13.225.63.7	16509 (AMAZON-02) (AMAZON-02)
4	34.232.5.129 34.232.5.129	14618 (AMAZON-AES) (AMAZON-AES)
3	3.33.182.45 3.33.182.45	16509 (AMAZON-02) (AMAZON-02)
1	13.32.164.19 13.32.164.19	16509 (AMAZON-02) (AMAZON-02)
93	15

64 2606:4700:3037::6815:4dbc (United States)

ASN13335 (CLOUDFLARENET, US)

shadowsplay.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5049 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.57.90.111 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
PTR: a23-57-90-111.deploy.static.akamaitechnologies.com

sdk.mercadopago.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:821::2008 (United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:822::200e (United States) 1 redirects

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2001:4860:4802:34::178 (United States) 1 redirects

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c17::9c (Washington, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:809::2002 (United States)

ASN15169 (GOOGLE, US)

td.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:81c::2004 (United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:817::2002 (United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.63.7 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-63-7.ewr53.r.cloudfront.net

www.mercadopago.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.232.5.129 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-232-5-129.compute-1.amazonaws.com

api.mercadopago.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.33.182.45 (United States)

ASN16509 (AMAZON-02, US)
PTR: a35f64fceb718ad27.awsglobalaccelerator.com

www.mercadolibre.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.164.19 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-164-19.ord58.r.cloudfront.net

www.mercadolivre.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
64	shadowsplay.io shadowsplay.io	574 KB
9	google-analytics.com 1 redirects www.google-analytics.com — Cisco Umbrella Rank: 36	720 B
6	mercadopago.com sdk.mercadopago.com — Cisco Umbrella Rank: 96083 www.mercadopago.com — Cisco Umbrella Rank: 81579 api.mercadopago.com — Cisco Umbrella Rank: 34242	54 KB
4	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 135 td.doubleclick.net — Cisco Umbrella Rank: 182 googleads.g.doubleclick.net — Cisco Umbrella Rank: 43	3 KB
3	mercadolibre.com www.mercadolibre.com — Cisco Umbrella Rank: 42703	2 KB
3	google.com 1 redirects analytics.google.com — Cisco Umbrella Rank: 142 www.google.com — Cisco Umbrella Rank: 3	1 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	135 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 225	119 KB
1	mercadolivre.com www.mercadolivre.com — Cisco Umbrella Rank: 134073	2 KB
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 617	7 KB
93	10

	Domain	Requested by
64	shadowsplay.io	shadowsplay.io static.cloudflareinsights.com
9	www.google-analytics.com	1 redirects www.googletagmanager.com
4	api.mercadopago.com	www.mercadopago.com
3	www.mercadolibre.com	shadowsplay.io
2	www.google.com	www.googletagmanager.com
2	td.doubleclick.net	www.googletagmanager.com
2	www.googletagmanager.com	shadowsplay.io www.googletagmanager.com
2	cdnjs.cloudflare.com	shadowsplay.io cdnjs.cloudflare.com
1	www.mercadolivre.com
1	www.mercadopago.com	shadowsplay.io
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	analytics.google.com	1 redirects
1	sdk.mercadopago.com	shadowsplay.io
1	static.cloudflareinsights.com	shadowsplay.io
93	15

This site contains links to these domains. Also see Links.

Domain
www.elitepvpers.com

Subject Issuer	Validity	Valid
shadowsplay.io WE1	`2024-10-06` - `2025-01-04`	3 months	crt.sh
cdnjs.cloudflare.com WE1	`2024-09-28` - `2024-12-27`	3 months	crt.sh
cloudflareinsights.com WE1	`2024-11-01` - `2025-01-30`	3 months	crt.sh
sdk.mercadopago.com DigiCert TLS RSA SHA256 2020 CA1	`2024-08-27` - `2025-08-29`	a year	crt.sh
*.google-analytics.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.doubleclick.net WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.google.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.mercadopago.com Amazon RSA 2048 M02	`2024-11-06` - `2025-12-06`	a year	crt.sh
api.mercadopago.com DigiCert TLS RSA SHA256 2020 CA1	`2024-08-14` - `2025-08-13`	a year	crt.sh
*.mercadolibre.com Amazon RSA 2048 M03	`2024-11-06` - `2025-12-06`	a year	crt.sh
*.mercadolivre.com Amazon RSA 2048 M02	`2024-11-06` - `2025-12-06`	a year	crt.sh

This page contains 5 frames:

Primary Page: https://shadowsplay.io/
Frame ID: 334B88055C7CC6FA908E87D041BD6E6C
Requests: 88 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/ga/rul?tid=G-NHJWPZSXZE&gacid=868585010.1732463082&gtm=45je4bk0v893434592za200&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101925629~102067555~102067808~102077855~102081485&z=115568992
Frame ID: D536487AD3D1AD3FD5AF4BB40FE55809
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/939968352?random=1732463082133&cv=11&fst=1732463082133&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45je4bk0v893434592za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Fshadowsplay.io%2F&hn=www.googleadservices.com&frm=0&tiba=SHADOWS%20PLAY&npa=0&pscdl=noapi&auid=1080239552.1732463082&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config
Frame ID: 75D7C530B0A70DF9B2D954867885B661
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/4bj0/sw_iframe.html?origin=https%3A%2F%2Fshadowsplay.io
Frame ID: 720EAC77785769EF559DC3E509E6E24D
Requests: 1 HTTP requests in this frame

Frame: https://www.mercadolibre.com/jms/lgz/background?dps=armor.35aee38028d4eebb8a029d7922e9a68372fd6dead23da5c64074b73955afff2f9dfb0bacb7e7eae6457690115b8a0aa5fb92ad5067ba0fb4e8b612d78cb614fb2f2b4b76d658227fa335d59205cb4d602b106184504a60e16cbc195d2b998e7f.ffc9ffdc673ee8f823de328f4eaa292d
Frame ID: 63667B4538C3320B22C31FD36101A9C9
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

SHADOWS PLAY

Page URL History Show full URLs

http://shadowsplay.io/ HTTP 307
https://shadowsplay.io/ Page URL

Detected technologies

WooCommerce (Ecommerce) Expand

Overall confidence: 100%
Detected patterns

/woocommerce(?:\.min)?\.js(?:\?ver=([0-9.]+))?

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

93
Requests

98 %
HTTPS

67 %
IPv6

10
Domains

15
Subdomains

15
IPs

1
Countries

896 kB
Transfer

2161 kB
Size

29
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.elitepvpers.com/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://shadowsplay.io/ HTTP 307
https://shadowsplay.io/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 60

https://analytics.google.com/g/collect?v=2&tid=G-NHJWPZSXZE&gtm=45je4bk0v893434592za200&_p=1732463081959&_gaz=1&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=868585010.1732463082&ecid=1268148112&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&ec_mode=a&_s=1&sid=1732463082&sct=1&seg=0&dl=https%3A%2F%2Fshadowsplay.io%2F&dt=SHADOWS%20PLAY&en=page_view&_fv=2&_nsi=1&_ss=2&_c=1&_ee=1&tfd=968 HTTP 302
https://www.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=868585010.1732463082&dbk=182181151895896233&dma=0&en=page_view&gtm=45je4bk0v893434592za200&npa=0&tid=G-NHJWPZSXZE&dl=https%3A%2F%2Fshadowsplay.io%3F

Request Chain 72

https://www.google-analytics.com/g/collect?v=2&tid=G-X7S2GV5L2R&gtm=45je4bk0v893434592za200&_p=1732463081959&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=868585010.1732463082&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1732463082&sct=1&seg=0&dl=https%3A%2F%2Fshadowsplay.io%2F&dt=SHADOWS%20PLAY&en=page_view&_fv=2&_ss=2&_c=1&_ee=1&tfd=1052 HTTP 302
https://www.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=868585010.1732463082&dbk=4169980818137057531&dma=0&en=page_view&gtm=45je4bk0v893434592za200&npa=0&tid=G-X7S2GV5L2R&dl=https%3A%2F%2Fshadowsplay.io%3F

93 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
shadowsplay.io/
Redirect Chain

http://shadowsplay.io/
https://shadowsplay.io/

162 KB
31 KB

233ms
40ms

Document
text/html

2606:4700:3037::6815:4dbc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://shadowsplay.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::6815:4dbc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/8.2.15

Resource Hash

d953188738e41eba5ca1d108f0ca75a35fc0c8e4cdd302f7dd09079fa04038d2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

age: 11885
alt-svc: h3=":443"; ma=86400
cache-control: s-maxage=31536000, max-age=60
cf-cache-status: HIT
cf-ray: 8e7a85925f7b7d08-EWR
content-encoding: zstd
content-security-policy: upgrade-insecure-requests
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: same-origin
cross-origin-resource-policy: same-origin
date: Sun, 24 Nov 2024 15:44:41 GMT
last-modified: Sun, 24 Nov 2024 12:26:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
panel: hpanel
platform: hostinger
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nmToBW60G6tcv4UhrWLNMYocukoWvsaEWDwpZLIK9omzyuSMga6RNPnv8kbwStrrL2WDaBPQmUUBWX1Ea5W9TgpL8WQrpWVAO121aGcY6o9mNdYX7mE0YhuzOwuP9NuQ%2B%2BBwNyxMvu5%2BaBEshg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfCacheStatus;desc="HIT" cfL4;desc="?proto=TCP&rtt=8723&sent=5&recv=6&lost=0&retrans=0&sent_bytes=3994&recv_bytes=2348&delivery_rate=470371&cwnd=252&unsent_bytes=0&cid=1257719241aedf22&ts=53&x=0"
vary: Accept-Encoding
x-powered-by: PHP/8.2.15
x-turbo-charged-by: LiteSpeed
x-wp-cf-super-cache-active: 1
x-wp-cf-super-cache-cache-control: s-maxage=31536000, max-age=60
x-wp-spc-disk-cache: HIT

Redirect headers

Location: https://shadowsplay.io/
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 200 style-index.css
shadowsplay.io/wp-content/plugins/woo-wallet/build/partial-payment/ 1 KB
859 B 45ms
32ms Stylesheet
text/css 2606:4700:3037::6815:4dbc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://shadowsplay.io/wp-content/plugins/woo-wallet/build/partial-payment/style-index.css?ver=1.5.7

Requested by

Host: shadowsplay.io
URL: https://shadowsplay.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::6815:4dbc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb806b6c1f0f05c942f93ec77fb8d3675ab9dd56f2d9f2a2806065aa6c056a20

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://shadowsplay.io/

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"486-66d5739f-f74dfccca89d0a02;br"
age: 299448
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KpMmAHwovOMCrXP%2BG5pteHVZ%2F%2Bm7%2F0yzoTtUiYX8GxVXElKrb%2BWmADeXlQle4X8FgX2Fxal8jT2%2BLptYjvqQUxFp1DRZ8%2FJ8yCVnvu94gquL%2FCXm1igwUgezW%2BffCHtwT1f%2Fnssb58KjMQ7cQg%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Thu, 28 Nov 2024 04:33:53 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=9599&sent=37&recv=12&lost=0&retrans=0&sent_bytes=36485&recv_bytes=3149&delivery_rate=1923258&cwnd=254&unsent_bytes=0&cid=1257719241aedf22&ts=151&x=0"
date: Sun, 24 Nov 2024 15:44:41 GMT
content-type: text/css
last-modified: Mon, 02 Sep 2024 08:13:19 GMT
vary: Accept-Encoding
platform: hostinger
content-security-policy: upgrade-insecure-requests
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e7a8592f8547d08-EWR
x-turbo-charged-by: LiteSpeed
server: cloudflare
panel: hpanel

GET
H2 200 woocommerce-multi-currency.min.css
shadowsplay.io/wp-content/plugins/woocommerce-multi-currency/css/ 24 KB
5 KB 48ms
35ms Stylesheet
text/css 2606:4700:3037::6815:4dbc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://shadowsplay.io/wp-content/plugins/woocommerce-multi-currency/css/woocommerce-multi-currency.min.css?ver=2.3.5

Requested by

Host: shadowsplay.io
URL: https://shadowsplay.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::6815:4dbc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6e3141f41a8b13e98639edf02ef36b2a39c07c05431bc1aad4764015722cf347

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://shadowsplay.io/

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"6042-67220aae-17da5ca3c36d53d2;br"
age: 299448
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MTudSAAo175bMyLhq5%2BNSd0QxilSRt2YOss1du32Dlhc7zz7sXh%2FVWGU5TCqNeiU6X9BuZjqA63a%2BIlf1LTN2ntAMIY3OtNnWIEFIpZnEg81m2Go25XJ1EdAsAQAZhDScgUAW%2B4ADmFca6%2F26g%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Thu, 28 Nov 2024 04:33:53 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=9599&sent=61&recv=12&lost=0&retrans=0&sent_bytes=57166&recv_bytes=3149&delivery_rate=1923258&cwnd=254&unsent_bytes=0&cid=1257719241aedf22&ts=154&x=0"
date: Sun, 24 Nov 2024 15:44:41 GMT
content-type: text/css
last-modified: Wed, 30 Oct 2024 10:30:06 GMT
vary: Accept-Encoding
platform: hostinger
content-security-policy: upgrade-insecure-requests
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e7a8592f8577d08-EWR
x-turbo-charged-by: LiteSpeed
server: cloudflare
panel: hpanel

GET
H2 200 frontend.css
shadowsplay.io/wp-content/plugins/customer-reviews-woocommerce/css/ 122 KB
18 KB 46ms
34ms Stylesheet
text/css 2606:4700:3037::6815:4dbc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://shadowsplay.io/wp-content/plugins/customer-reviews-woocommerce/css/frontend.css?ver=5.63.1

Requested by

Host: shadowsplay.io
URL: https://shadowsplay.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::6815:4dbc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d5fc0af48758f4c4da7dcb0c35c583cecbe142bc6e4f4e753f276a85a3bb25a8

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://shadowsplay.io/

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"1e6dd-673af747-65c6598308dd6c40;br"
age: 299448
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RNUBfwOS%2Fi%2B4t8peUhVpx66wT9FFDCVcXiMb%2FVhKa9aIy3wxbYTVlRiU61wBc23ut4vFG7K4C3w6zz0PqrAA%2FWkjTOuRPGtbBAb0ivBxOKIak%2BKE%2BFwL815M6cEIFQfVPV%2Fi0MFku0KCdGgRpg%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Thu, 28 Nov 2024 04:33:53 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=9599&sent=42&recv=12&lost=0&retrans=0&sent_bytes=38511&recv_bytes=3149&delivery_rate=1923258&cwnd=254&unsent_bytes=0&cid=1257719241aedf22&ts=153&x=0"
date: Sun, 24 Nov 2024 15:44:41 GMT
content-type: text/css
last-modified: Mon, 18 Nov 2024 08:13:59 GMT
vary: Accept-Encoding
platform: hostinger
content-security-policy: upgrade-insecure-requests
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e7a8592f85a7d08-EWR
x-turbo-charged-by: LiteSpeed
server: cloudflare
panel: hpanel

GET
H2 200 wpcl-advanced-discounts-and-fees-public.css
shadowsplay.io/wp-content/plugins/codecanyon-eqClWmJY-woocommerce-advanced-discounts-and-fees/public/css/ 98 B
623 B 42ms
30ms Stylesheet
text/css 2606:4700:3037::6815:4dbc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://shadowsplay.io/wp-content/plugins/codecanyon-eqClWmJY-woocommerce-advanced-discounts-and-fees/public/css/wpcl-advanced-discounts-and-fees-public.css?ver=1.0.0

Requested by

Host: shadowsplay.io
URL: https://shadowsplay.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::6815:4dbc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

547dda3c14b284819be511be1e410da94a5efc6ccc4a9afe1c75394f9333191a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://shadowsplay.io/

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"62-66b54c42-cc72bfa11635584b;;;"
age: 299448
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=afZtIbnJXGJkbsxTQxZ7vOa0vuOgOABQABI3bhrJb86o7eVdQIzv4qA5hv7D1Qfrp2h6gZ79QMm2wAqCuotyl7Kr%2FUYftTXE%2BRIeFP74zhBGT4snqN9GwNuL1DSysj00bRVm40%2B8ixhFg1qvDA%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Thu, 28 Nov 2024 04:33:53 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=9599&sent=35&recv=12&lost=0&retrans=0&sent_bytes=35796&recv_bytes=3149&delivery_rate=1923258&cwnd=254&unsent_bytes=0&cid=1257719241aedf22&ts=149&x=0"
date: Sun, 24 Nov 2024 15:44:41 GMT
content-type: text/css
last-modified: Thu, 08 Aug 2024 22:52:50 GMT
vary: Accept-Encoding
platform: hostinger
content-security-policy: upgrade-insecure-requests
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e7a8592f85d7d08-EWR
x-turbo-charged-by: LiteSpeed
server: cloudflare
panel: hpanel

GET
H2 200 wt-smart-coupon-public.css
shadowsplay.io/wp-content/plugins/wt-smart-coupons-for-woocommerce/public/css/ 1 KB
1 KB 44ms
33ms Stylesheet
text/css 2606:4700:3037::6815:4dbc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://shadowsplay.io/wp-content/plugins/wt-smart-coupons-for-woocommerce/public/css/wt-smart-coupon-public.css?ver=1.8.4

Requested by

Host: shadowsplay.io
URL: https://shadowsplay.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::6815:4dbc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

36698119e2a40a23260fec93db067566e3dd26d22071c4e21aa74d6a8083cf62

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://shadowsplay.io/

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"42a-67361731-2157f65655ec43b1;br"
age: 299448
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ufj5TTXj3VkB09ePpgEctj%2BYTaL1cFi8Xx7wg1aQi1SqWf4EuejAD4BSCBtJOzrIyXpvmoK0rZITnzFAviD3LPI%2FzZLNajL%2B91g9HcAmJTKawhsu8eUhafYy9Lc8fjquypiA3wLM3caq0%2BWOjw%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Thu, 28 Nov 2024 04:33:53 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=9599&sent=39&recv=12&lost=0&retrans=0&sent_bytes=37410&recv_bytes=3149&delivery_rate=1923258&cwnd=254&unsent_bytes=0&cid=1257719241aedf22&ts=152&x=0"
date: Sun, 24 Nov 2024 15:44:41 GMT
content-type: text/css
last-modified: Thu, 14 Nov 2024 15:28:49 GMT
vary: Accept-Encoding
platform: hostinger
content-security-policy: upgrade-insecure-requests
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e7a8592f85e7d08-EWR
x-turbo-charged-by: LiteSpeed
server: cloudflare
panel: hpanel

GET
H2 200 public.min.css
shadowsplay.io/wp-content/plugins/variation-price-display/public/css/ 34 B
565 B 52ms
41ms Stylesheet
text/css 2606:4700:3037::6815:4dbc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://shadowsplay.io/wp-content/plugins/variation-price-display/public/css/public.min.css?ver=1.3.15

Requested by

Host: shadowsplay.io
URL: https://shadowsplay.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::6815:4dbc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

70b3150794f3fc3a18ebfdf99ed057d948fdeed66c2c307ebf0b536c80094731

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://shadowsplay.io/

Response headers

cf-cache-status: HIT
etag: "22-66d70534-bed8c1ea318c142c;;;"
age: 246409
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OVF1G204XlaQivrkeopIwgAAA6L7Q9b5wm7haiW1TqPe1XFXtasL7JBosYRgU4yyNYvbvUzwq79tn8QO8%2FCXEZQS0gN3K1IPlWyvRTGtSe688Pc8%2F0KUioVWxVYrVO6VI8P5MckbTf0gFYh7Nw%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Thu, 28 Nov 2024 19:17:52 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=9599&sent=67&recv=12&lost=0&retrans=0&sent_bytes=62066&recv_bytes=3149&delivery_rate=1923258&cwnd=254&unsent_bytes=0&cid=1257719241aedf22&ts=154&x=0"
date: Sun, 24 Nov 2024 15:44:41 GMT
content-type: text/css
last-modified: Tue, 03 Sep 2024 12:46:44 GMT
vary: Accept-Encoding
platform: hostinger
content-security-policy: upgrade-insecure-requests
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e7a8592f8607d08-EWR
accept-ranges: bytes
content-length: 34
x-turbo-charged-by: LiteSpeed
server: cloudflare
panel: hpanel

GET
H2 200 mp-plugins-components.min.css
shadowsplay.io/wp-content/plugins/woocommerce-mercadopago/assets/css/checkouts/ 45 KB
8 KB 62ms
50ms Stylesheet
text/css 2606:4700:3037::6815:4dbc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://shadowsplay.io/wp-content/plugins/woocommerce-mercadopago/assets/css/checkouts/mp-plugins-components.min.css?ver=7.8.2

Requested by

Host: shadowsplay.io
URL: https://shadowsplay.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::6815:4dbc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8735901bdcfdaf6719c2162bce9c3ea82b37e27bf8e0c68fbd858f05f1d93dbf

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://shadowsplay.io/

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"b429-672d1afd-a81f47d42fed8240;br"
age: 299448
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3iPXNl5Cs7dF%2F6zQDUwm2OdtBK6yMj18YWdkFQGMmyFsC5N7p9FS3bEG6i3YNTo9byPqyovjbXr1kxan4iqOSUFQejIr7xdI5LEP6TCEKYQqtVKSY1hV1l07My%2FJ1NZC5zPFIPZuxrdK5qCREg%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Thu, 28 Nov 2024 04:33:53 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=8998&sent=72&recv=22&lost=0&retrans=0&sent_bytes=64447&recv_bytes=4037&delivery_rate=3438429&cwnd=254&unsent_bytes=0&cid=1257719241aedf22&ts=172&x=0"
date: Sun, 24 Nov 2024 15:44:41 GMT
content-type: text/css
last-modified: Thu, 07 Nov 2024 19:54:37 GMT
vary: Accept-Encoding
platform: hostinger
content-security-policy: upgrade-insecure-requests
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e7a8593189b7d08-EWR
x-turbo-charged-by: LiteSpeed
server: cloudflare
panel: hpanel

GET
H2 200 flatsome-swatches-frontend.css
shadowsplay.io/wp-content/themes/flatsome/assets/css/extensions/ 4 KB
2 KB 62ms
50ms Stylesheet
text/css 2606:4700:3037::6815:4dbc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://shadowsplay.io/wp-content/themes/flatsome/assets/css/extensions/flatsome-swatches-frontend.css?ver=3.19.7

Requested by

Host: shadowsplay.io
URL: https://shadowsplay.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::6815:4dbc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a3f0e1086e2a541ea01abd7be8fac4632ce5abe1f5984fb6bd2d80f600b1ecd9

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://shadowsplay.io/

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"106f-67345fa7-3e389d4afa7bc6ff;br"
age: 299448
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hk8DbKn1nt7gDvkVJDkUi2r%2FgTV7mISXZtc9%2FOywTEMac8p7uWpzQg%2BfXjAnYSol7%2BWdTkZF7cmWdLwQphBwjA2Y%2BsFl3suh04EPQOSxqj7M1Xho6G6f%2Bjyljwo1%2Fss8rtLiE3LACltqb9YrJg%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Thu, 28 Nov 2024 04:33:53 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=8998&sent=81&recv=22&lost=0&retrans=0&sent_bytes=72565&recv_bytes=4037&delivery_rate=3438429&cwnd=254&unsent_bytes=0&cid=1257719241aedf22&ts=173&x=0"
date: Sun, 24 Nov 2024 15:44:41 GMT
content-type: text/css
last-modified: Wed, 13 Nov 2024 08:13:27 GMT
vary: Accept-Encoding
platform: hostinger
content-security-policy: upgrade-insecure-requests
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e7a859318a37d08-EWR
x-turbo-charged-by: LiteSpeed
server: cloudflare
panel: hpanel

GET
H2 200 frontend.css
shadowsplay.io/wp-content/plugins/woo-wallet/assets/css/ 3 KB
2 KB 60ms
49ms Stylesheet
text/css 2606:4700:3037::6815:4dbc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://shadowsplay.io/wp-content/plugins/woo-wallet/assets/css/frontend.css?ver=1.5.7

Requested by

Host: shadowsplay.io
URL: https://shadowsplay.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::6815:4dbc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4b23211e431ddc2f45413e23630d9db9da8bcb7713d5d409777a962b250bf4f2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://shadowsplay.io/

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"db5-66d5739f-d046e1fa2cfbf40d;br"
age: 246409
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zH7yTRWGC1Xq9QttQDq8Q1t4c87CvZ3e8Dxy4d9Vn2ifbVHKGIKnnMxgeZ%2FnUN%2FinDfT4FBsU%2FwI6%2BYxqh8k6wlUAs5Bblyu0hRw091%2Fbfb5CWK8ME%2BjZIg8WRQSxOAZtk3m5hx%2B%2BKf0MnAAeA%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Thu, 28 Nov 2024 19:17:52 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=8998&sent=69&recv=22&lost=0&retrans=0&sent_bytes=62697&recv_bytes=4037&delivery_rate=3438429&cwnd=254&unsent_bytes=0&cid=1257719241aedf22&ts=171&x=0"
date: Sun, 24 Nov 2024 15:44:41 GMT
content-type: text/css
last-modified: Mon, 02 Sep 2024 08:13:19 GMT
vary: Accept-Encoding
platform: hostinger
content-security-policy: upgrade-insecure-requests
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e7a859318a57d08-EWR
x-turbo-charged-by: LiteSpeed
server: cloudflare
panel: hpanel

GET
H2 200 flatsome.css
shadowsplay.io/wp-content/themes/flatsome/assets/css/ 148 KB
33 KB 63ms
53ms Stylesheet
text/css 2606:4700:3037::6815:4dbc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://shadowsplay.io/wp-content/themes/flatsome/assets/css/flatsome.css?ver=3.19.7

Requested by

Host: shadowsplay.io
URL: https://shadowsplay.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::6815:4dbc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

18c56efbd596fc0d574d5ae9839c9f48c7eb826024fbcfb960e0036baa9fb32b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://shadowsplay.io/

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"251fc-67345fa7-d2c7f822772d098c;br"
age: 299448
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PL89VkxxT6oPeB7yy5kFErnSj5DXhJPgMysMi0Zz6cCgJ0SojnRPQuT%2FUoBCJO4%2BvMMifJK8sfe7eav92Du118vdJHyFeGmL1mJ1IYXIaZ4WoOTOLmuTdlKu%2Fw6qPD82ng6ZMgJW%2BSfkTn8mRw%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Thu, 28 Nov 2024 04:33:53 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=8998&sent=92&recv=22&lost=0&retrans=0&sent_bytes=82912&recv_bytes=4037&delivery_rate=3438429&cwnd=254&unsent_bytes=0&cid=1257719241aedf22&ts=174&x=0"
date: Sun, 24 Nov 2024 15:44:41 GMT
content-type: text/css
last-modified: Wed, 13 Nov 2024 08:13:27 GMT
vary: Accept-Encoding
platform: hostinger
content-security-policy: upgrade-insecure-requests
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e7a859318a77d08-EWR
x-turbo-charged-by: LiteSpeed
server: cloudflare
panel: hpanel

GET
H2 200 flatsome-shop.css
shadowsplay.io/wp-content/themes/flatsome/assets/css/ 31 KB
8 KB 63ms
52ms Stylesheet
text/css 2606:4700:3037::6815:4dbc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://shadowsplay.io/wp-content/themes/flatsome/assets/css/flatsome-shop.css?ver=3.19.7

Requested by

Host: shadowsplay.io
URL: https://shadowsplay.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::6815:4dbc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

36cb382ecd6087c68614b8c456c20f3b0d4346c48ed2db5071dd09d672e28fa9

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://shadowsplay.io/

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"7ba7-67345fa7-97b5cf71e02a837d;br"
age: 299448
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IB6fAfljtE3C0n6YV1AAgpySjfHeYQM5v6aDdzdh59y%2B62FkRf%2B3RZcmySUCiGVKP5NN5YYadD5b9xRtrDU6so2Ya9Eqcw7PDATOHxMjDwREfU%2BiXVHVJlBb8gX7FVQZKzkd6YGTcbbGZCl8GA%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Thu, 28 Nov 2024 04:33:53 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=8998&sent=84&recv=22&lost=0&retrans=0&sent_bytes=74315&recv_bytes=4037&delivery_rate=3438429&cwnd=254&unsent_bytes=0&cid=1257719241aedf22&ts=174&x=0"
date: Sun, 24 Nov 2024 15:44:41 GMT
content-type: text/css
last-modified: Wed, 13 Nov 2024 08:13:27 GMT
vary: Accept-Encoding
platform: hostinger
content-security-policy: upgrade-insecure-requests
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e7a859318aa7d08-EWR
x-turbo-charged-by: LiteSpeed
server: cloudflare
panel: hpanel

GET
H3 200 all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta3/css/ 82 KB
15 KB 112ms
36ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta3/css/all.min.css

Requested by

Host: shadowsplay.io
URL: https://shadowsplay.io/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a361e7885c36bacb3fd9cb068da207c3b9329962cac022d06e28923939f575e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://shadowsplay.io/

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "619c057b-3a02"
age: 329647
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=19Zw4CuAn9fPLmVjYnFnNPk3awU6KywEmgfHm%2FDaIe4VHO1H7HjotK0xvAqQXrIVP919vGB5drDn8COD%2BK9Do3rkU6%2Bd7hNKujdaZUW%2FYQR6nabASdp3fhfneiSHihTSjhxWWazYbLREPu4HWMzmW3rf"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Fri, 14 Nov 2025 15:44:41 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sun, 24 Nov 2024 15:44:41 GMT
content-type: text/css; charset=utf-8
last-modified: Mon, 22 Nov 2021 21:02:51 GMT
vary: Accept-Encoding
priority: u=0,i=?0
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8e7a85936dfc8cba-EWR
accept-ranges: bytes
access-control-allow-origin: *
content-length: 14850
server: cloudflare

GET
H2 200 android-chrome-512x512-1.png
shadowsplay.io/wp-content/uploads/2023/12/ 14 KB
15 KB 294ms
285ms Image
image/avif 2606:4700:3037::6815:4dbc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://shadowsplay.io/wp-content/uploads/2023/12/android-chrome-512x512-1.png

Requested by

Host: shadowsplay.io
URL: https://shadowsplay.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::6815:4dbc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6676ee637b8bf593896c510a7e0535e0b927b6f5eae88c02def9cf05b39fe1da

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://shadowsplay.io/

Response headers

cf-cache-status: BYPASS
etag: "386e-66b54bf0-9a9ae0d26e857d92;;;"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iTF4JaAlICOZH%2Be2X4UQkjg8QZ3Xe2LvGAFGzuLAeqqbfF9WfhNJBIhtirX2JlWgXdd9wYZ%2BDPsx0oQqrjWT%2BZY88P5%2B2dVwBNnpVfX7wjhaPtnAK4rm7ws6%2BAxn7XcSVW2YKrY6mPwBFhSKRA%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Mon, 24 Nov 2025 15:44:41 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=9622&sent=187&recv=57&lost=0&retrans=0&sent_bytes=187273&recv_bytes=4740&delivery_rate=6735704&cwnd=264&unsent_bytes=0&cid=1257719241aedf22&ts=407&x=0"
date: Sun, 24 Nov 2024 15:44:41 GMT
content-type: image/avif
last-modified: Thu, 08 Aug 2024 22:51:28 GMT
vary: Accept, Accept-Encoding
platform: hostinger
content-security-policy: upgrade-insecure-requests
cache-control: private
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e7a859318af7d08-EWR
accept-ranges: bytes
content-length: 14446
x-turbo-charged-by: LiteSpeed
server: cloudflare
panel: hpanel

GET
H2 200 IP38-EggHunt-1-scaled-4-scaled.jpg
shadowsplay.io/wp-content/uploads/2024/08/ 191 KB
192 KB 295ms
286ms Image
image/avif 2606:4700:3037::6815:4dbc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://shadowsplay.io/wp-content/uploads/2024/08/IP38-EggHunt-1-scaled-4-scaled.jpg

Requested by

Host: shadowsplay.io
URL: https://shadowsplay.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::6815:4dbc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bdc79e4e004ebfaba9804171a64a45244fbff00619fb45503216649a12a8d19b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://shadowsplay.io/

Response headers

cf-cache-status: BYPASS
etag: "2fbd8-66b54c07-ded93053e6cd236c;;;"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=H7WEx8eMA6c4MTVM2lC5GaPS8%2FVNf%2BkN6a7nQmXoHrOb9%2FRv5Yz0BTxMYu1ymEFdQzQyUfrIZBtULVQM4rMyU5BCUBhiN5a3ZSncXuyB2eCB8StZlEV2OV0eV7DpJ3ohEE0eI44hCADG0kLqIg%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Mon, 24 Nov 2025 15:44:41 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=9622&sent=200&recv=57&lost=0&retrans=0&sent_bytes=202370&recv_bytes=4740&delivery_rate=6735704&cwnd=264&unsent_bytes=0&cid=1257719241aedf22&ts=409&x=0"
date: Sun, 24 Nov 2024 15:44:41 GMT
content-type: image/avif
last-modified: Thu, 08 Aug 2024 22:51:51 GMT
vary: Accept, Accept-Encoding
platform: hostinger
content-security-policy: upgrade-insecure-requests
cache-control: private
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e7a859318ad7d08-EWR
accept-ranges: bytes
content-length: 195544
x-turbo-charged-by: LiteSpeed
server: cloudflare
panel: hpanel

GET
H2 200 wc-blocks.css
shadowsplay.io/wp-content/plugins/woocommerce/assets/client/blocks/ 13 KB
3 KB 77ms
68ms Stylesheet
text/css 2606:4700:3037::6815:4dbc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://shadowsplay.io/wp-content/plugins/woocommerce/assets/client/blocks/wc-blocks.css?ver=wc-9.4.2

Requested by

Host: shadowsplay.io
URL: https://shadowsplay.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::6815:4dbc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b21dfcae243571313013dfbb9038665e0d4896185652ac688a3123577c5ff972

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://shadowsplay.io/

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"320f-673cf15e-38a53de9c5760dd7;br"
age: 246409
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mfykz22ii90tkHAgBkyFobr5eYP2xhbZ%2BaaSFkzMtPjsA4k2e0lklpF4LArBKxfz8Xxrt3qAA%2B1W0zwIEMnBmap%2FDb8jReL07aavNMT3UwNGVyPkqjHOwDizJvkdVevIgxgrpngGMnmriy5y7Q%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Thu, 28 Nov 2024 19:17:52 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=8813&sent=126&recv=35&lost=0&retrans=0&sent_bytes=121661&recv_bytes=4668&delivery_rate=5778249&cwnd=254&unsent_bytes=0&cid=1257719241aedf22&ts=189&x=0"
date: Sun, 24 Nov 2024 15:44:41 GMT
content-type: text/css
last-modified: Tue, 19 Nov 2024 20:13:18 GMT
vary: Accept-Encoding
platform: hostinger
content-security-policy: upgrade-insecure-requests
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e7a859318b17d08-EWR
x-turbo-charged-by: LiteSpeed
server: cloudflare
panel: hpanel

GET
H2 200 rocket-loader.min.js Show response
shadowsplay.io/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 39ms
32ms Script
application/javascript 2606:4700:3037::6815:4dbc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://shadowsplay.io/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: shadowsplay.io
URL: https://shadowsplay.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::6815:4dbc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://shadowsplay.io/

Response headers

x-frame-options: DENY
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: max-age=172800, public
content-encoding: gzip
etag: W/"673dd3d6-302c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zZf8FGLhDzZppAp58MgtVHWyQJmPilXh4QREUVDSiejwPeHzeejLsWB6GfABj5Se7OjMwLBOiAHnGAQY1en1klHJX6fJqKoBd6ElAEbW9wf5d%2FOYe%2FQXY6GH3VMxckxGeIukcfFF1KvAqTkvrA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
cf-ray: 8e7a859338e87d08-EWR
expires: Tue, 26 Nov 2024 15:44:41 GMT
date: Sun, 24 Nov 2024 15:44:41 GMT
content-type: application/javascript
last-modified: Wed, 20 Nov 2024 12:19:34 GMT
server: cloudflare
vary: Accept-Encoding

GET
H2 200 vcd15cbe7772f49c399c6a5babf22c1241717689176015 Show response
static.cloudflareinsights.com/beacon.min.js/ 19 KB
7 KB 261ms
39ms Script
text/javascript 2606:4700::6810:5049
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Requested by: Host: shadowsplay.io
URL: https://shadowsplay.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:5049 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://shadowsplay.io
Referer: https://shadowsplay.io/

Response headers

cache-control: public, max-age=86400
content-encoding: gzip
etag: W/"2024.6.1"
cross-origin-resource-policy: cross-origin
cf-ray: 8e7a859489311821-EWR
access-control-allow-origin: *
date: Sun, 24 Nov 2024 15:44:41 GMT
content-type: text/javascript;charset=UTF-8
last-modified: Thu, 06 Jun 2024 15:52:56 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 flatsome.js
shadowsplay.io/wp-content/themes/flatsome/assets/js/ 0
18 KB 49ms
43ms Other
application/x-javascript 2606:4700:3037::6815:4dbc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://shadowsplay.io/wp-content/themes/flatsome/assets/js/flatsome.js?ver=8e60d746741250b4dd4e

Requested by

Host: shadowsplay.io
URL: https://shadowsplay.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::6815:4dbc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://shadowsplay.io/

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"ce7b-67345fa7-fd52d1477e0d0261;br"
age: 124284
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cbgB2w20HXHQ%2FSMQirjbxs6iCZFoaxibxq5wvyHuClJYY0%2FIi1%2BpJqqUxB3plnVf9WQNKyLNrznA6fGkv5s1NQZ5Xl56CUE8g5%2FB1mzEmvzAHYf3Pc6Wzie4IjcLivm9KUjrHA2sAY5dWIQrqQ%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Sat, 30 Nov 2024 05:13:16 GMT
server-timing: cfCacheStatus;desc="HIT", cfL4;desc="?proto=TCP&rtt=8782&sent=144&recv=37&lost=0&retrans=0&sent_bytes=140239&recv_bytes=4740&delivery_rate=5778249&cwnd=254&unsent_bytes=0&cid=1257719241aedf22&ts=195&x=0"
alt-svc: h3=":443"; ma=86400
date: Sun, 24 Nov 2024 15:44:41 GMT
content-type: application/x-javascript
last-modified: Wed, 13 Nov 2024 08:13:27 GMT
vary: Accept-Encoding
platform: hostinger
content-security-policy: upgrade-insecure-requests
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e7a859338eb7d08-EWR
x-turbo-charged-by: LiteSpeed
server: cloudflare
panel: hpanel

GET
H2 200 chunk.slider.js
shadowsplay.io/wp-content/themes/flatsome/assets/js/ 0
15 KB 48ms
42ms Other
application/x-javascript 2606:4700:3037::6815:4dbc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://shadowsplay.io/wp-content/themes/flatsome/assets/js/chunk.slider.js?ver=3.19.7

Requested by

Host: shadowsplay.io
URL: https://shadowsplay.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::6815:4dbc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://shadowsplay.io/

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"c2f8-67345fa7-81706a592e052f99;br"
age: 299448
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7u7lAhSWfXg5F3dGRN9XkfTdagRl%2Fii2BqkDt2zriHAMNsGgK5yYMvBsZ%2Bjqt%2FQQaTb2i5GGUjWHM8G%2BoqDiRa0AHNtbMhNi3tR6%2FxVSf8dU7ADYyaiYcnR%2BxmAuY%2Fm4fI%2BjIm6pA1hTnAyVuw%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Thu, 28 Nov 2024 04:33:53 GMT
server-timing: cfCacheStatus;desc="HIT", cfL4;desc="?proto=TCP&rtt=8782&sent=131&recv=37&lost=0&retrans=0&sent_bytes=125032&recv_bytes=4740&delivery_rate=5778249&cwnd=254&unsent_bytes=0&cid=1257719241aedf22&ts=194&x=0"
alt-svc: h3=":443"; ma=86400
date: Sun, 24 Nov 2024 15:44:41 GMT
content-type: application/x-javascript
last-modified: Wed, 13 Nov 2024 08:13:27 GMT
vary: Accept-Encoding
platform: hostinger
content-security-policy: upgrade-insecure-requests
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e7a859338ec7d08-EWR
x-turbo-charged-by: LiteSpeed
server: cloudflare
panel: hpanel

GET
H2 200 chunk.popups.js
shadowsplay.io/wp-content/themes/flatsome/assets/js/ 0
8 KB 50ms
45ms Other
application/x-javascript 2606:4700:3037::6815:4dbc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://shadowsplay.io/wp-content/themes/flatsome/assets/js/chunk.popups.js?ver=3.19.7

Requested by

Host: shadowsplay.io
URL: https://shadowsplay.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::6815:4dbc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://shadowsplay.io/

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"4e48-67345fa7-eab287be1bc7b6d2;br"
age: 299448
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XlIs8wnbkMSxSYEVuVE7AODRrORbi%2By3j7lhPzH8qMX73P69eJtYCHVqrwAdGmXdx4wC4waY6kOgOsOtMHqUc18i7IYiiiqESwMubBAQHKcFuCjebrFtouqT%2BkTw8vx%2FN818B2OTbmcUuWnDOQ%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Thu, 28 Nov 2024 04:33:53 GMT
server-timing: cfCacheStatus;desc="HIT", cfL4;desc="?proto=TCP&rtt=8782&sent=159&recv=37&lost=0&retrans=0&sent_bytes=158669&recv_bytes=4740&delivery_rate=5778249&cwnd=254&unsent_bytes=0&cid=1257719241aedf22&ts=197&x=0"
alt-svc: h3=":443"; ma=86400
date: Sun, 24 Nov 2024 15:44:41 GMT
content-type: application/x-javascript
last-modified: Wed, 13 Nov 2024 08:13:27 GMT
vary: Accept-Encoding
platform: hostinger
content-security-policy: upgrade-insecure-requests
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e7a859338ef7d08-EWR
x-turbo-charged-by: LiteSpeed
server: cloudflare
panel: hpanel

GET
H2 200 chunk.tooltips.js
shadowsplay.io/wp-content/themes/flatsome/assets/js/ 0
11 KB 70ms
65ms Other
application/x-javascript 2606:4700:3037::6815:4dbc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://shadowsplay.io/wp-content/themes/flatsome/assets/js/chunk.tooltips.js?ver=3.19.7

Requested by

Host: shadowsplay.io
URL: https://shadowsplay.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::6815:4dbc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://shadowsplay.io/

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"9bb3-67345fa7-d681e3dd6d0bd432;br"
age: 299448
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NgwwPqJK4slpFGTZFDjS07ZP7g3r77tI0sEN6tOguaG8kRC4SU1oWGFRi9Ll2Oc81zTGlJYEeYDfHXA%2FrtvNiSdZdcYY1gxGmgoTNG4ymwU9ZGJt4V6rtYY5e3Eh6dSRqEhvlBZxYQsteZjcLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Thu, 28 Nov 2024 04:33:53 GMT
server-timing: cfCacheStatus;desc="HIT", cfL4;desc="?proto=TCP&rtt=8765&sent=176&recv=53&lost=0&retrans=0&sent_bytes=175773&recv_bytes=4740&delivery_rate=6735704&cwnd=262&unsent_bytes=0&cid=1257719241aedf22&ts=209&x=0"
alt-svc: h3=":443"; ma=86400
date: Sun, 24 Nov 2024 15:44:41 GMT
content-type: application/x-javascript
last-modified: Wed, 13 Nov 2024 08:13:27 GMT
vary: Accept-Encoding
platform: hostinger
content-security-policy: upgrade-insecure-requests
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e7a859338f17d08-EWR
x-turbo-charged-by: LiteSpeed
server: cloudflare
panel: hpanel

GET
H2 200 woocommerce.js
shadowsplay.io/wp-content/themes/flatsome/assets/js/ 0
9 KB 51ms
45ms Other
application/x-javascript 2606:4700:3037::6815:4dbc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://shadowsplay.io/wp-content/themes/flatsome/assets/js/woocommerce.js?ver=dd6035ce106022a74757

Requested by

Host: shadowsplay.io
URL: https://shadowsplay.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::6815:4dbc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://shadowsplay.io/

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"5aae-67345fa7-571687f6a5596142;br"
age: 299448
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Juii420Db0or%2BSUIawDNRPQa0Sd2i1QYHQZust5JKa5cdbvtL%2BgDvfA%2B6Ofcu5bAKOfdWAOdPUIlzgOtVvRri8mBODJUgww1kZ3oMuuZ2h3rnfPHpMUq%2FGj1nugIdMbLHb8pOow9bvDirlKgAg%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Thu, 28 Nov 2024 04:33:53 GMT
server-timing: cfCacheStatus;desc="HIT", cfL4;desc="?proto=TCP&rtt=9208&sent=167&recv=40&lost=0&retrans=0&sent_bytes=166913&recv_bytes=4740&delivery_rate=5778249&cwnd=254&unsent_bytes=0&cid=1257719241aedf22&ts=198&x=0"
alt-svc: h3=":443"; ma=86400
date: Sun, 24 Nov 2024 15:44:41 GMT
content-type: application/x-javascript
last-modified: Wed, 13 Nov 2024 08:13:27 GMT
vary: Accept-Encoding
platform: hostinger
content-security-policy: upgrade-insecure-requests
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e7a859338f47d08-EWR
x-turbo-charged-by: LiteSpeed
server: cloudflare
panel: hpanel

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5e9eca476e690d08f2b1500fa151e886eb35822c69b0fcf16d15e853a4210e39

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
H3 200 cart-fragments.min.js Show response
shadowsplay.io/wp-content/plugins/woocommerce/assets/js/frontend/ 3 KB
2 KB 44ms
43ms Script
application/x-javascript 2606:4700:3037::6815:4dbc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://shadowsplay.io/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=9.4.2

Requested by

Host: shadowsplay.io
URL: https://shadowsplay.io/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:4dbc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

592acc60b8eea94fc366110175d8406604a609201d6debe5eb008a6debfbdc3b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://shadowsplay.io/

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"b7b-673cf15e-a72a1b20712015f6;br"
age: 299447
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=i3f%2FdlGiR6fMhT9XSm0pm2QEP0X4DM04pZ6D3DuUaU1%2BXM2IbNvxmVrN7H4kqhtTll2P0wBc0KvctHGFJ%2BRWH46DHaHk6hZDAO%2FmUISAXcRouDPurKkhe%2B9AaAzYNfq%2B4eCk91OyExj4S8POig%3D%3D"}],"group":"cf-nel","max_age":604800}, {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=YanMan1mDtGMsV2h0LrPTxHIIhPoC7HD4HKz47jDEcM-1732463081-1.0.1.1-dbLSaM5yGa26o50aMAfpW5s6Bjckg8S.0hc70K02_Q_CFtWmLvBp4.8vg.n7z4bMgOw3cJf_tIbnp6F8itsz1UYWTDTRUMkwGs8ZM7VdnJMHzrkhNLoP6Np0tpjJMdJU37Vi2ep8nmRuO4.izaHlTw"}],"group":"cf-csp-endpoint","max_age":86400}
expires: Thu, 28 Nov 2024 04:33:54 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=21079&sent=14&recv=14&lost=0&retrans=0&sent_bytes=4331&recv_bytes=5721&delivery_rate=602&cwnd=12000&unsent_bytes=0&cid=04e4f980c1a7e883&ts=120&x=1", cfHdrFlush;dur=0
date: Sun, 24 Nov 2024 15:44:41 GMT
content-type: application/x-javascript
last-modified: Tue, 19 Nov 2024 20:13:18 GMT
vary: Accept-Encoding
platform: hostinger
content-security-policy: upgrade-insecure-requests
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-security-policy-report-only: script-src 'none'; connect-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=YanMan1mDtGMsV2h0LrPTxHIIhPoC7HD4HKz47jDEcM-1732463081-1.0.1.1-dbLSaM5yGa26o50aMAfpW5s6Bjckg8S.0hc70K02_Q_CFtWmLvBp4.8vg.n7z4bMgOw3cJf_tIbnp6F8itsz1UYWTDTRUMkwGs8ZM7VdnJMHzrkhNLoP6Np0tpjJMdJU37Vi2ep8nmRuO4.izaHlTw; report-to cf-csp-endpoint
cf-ray: 8e7a8593df1f72c2-EWR
x-turbo-charged-by: LiteSpeed
server: cloudflare
panel: hpanel

GET
H2 200 woocommerce.js Show response
shadowsplay.io/wp-content/themes/flatsome/assets/js/ 23 KB
0 16ms
15ms Script
application/x-javascript 2606:4700:3037::6815:4dbc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://shadowsplay.io/wp-content/themes/flatsome/assets/js/woocommerce.js?ver=dd6035ce106022a74757

Requested by

Host: shadowsplay.io
URL: https://shadowsplay.io/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::6815:4dbc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

72333bac4a6315ca51037ef2f783017c23961bb75b3aa73a291f3a0d8fac9298

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://shadowsplay.io/

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"5aae-67345fa7-571687f6a5596142;br"
age: 299448
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Juii420Db0or%2BSUIawDNRPQa0Sd2i1QYHQZust5JKa5cdbvtL%2BgDvfA%2B6Ofcu5bAKOfdWAOdPUIlzgOtVvRri8mBODJUgww1kZ3oMuuZ2h3rnfPHpMUq%2FGj1nugIdMbLHb8pOow9bvDirlKgAg%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Thu, 28 Nov 2024 04:33:53 GMT
server-timing: cfCacheStatus;desc="HIT", cfL4;desc="?proto=TCP&rtt=9208&sent=167&recv=40&lost=0&retrans=0&sent_bytes=166913&recv_bytes=4740&delivery_rate=5778249&cwnd=254&unsent_bytes=0&cid=1257719241aedf22&ts=198&x=0"
alt-svc: h3=":443"; ma=86400
date: Sun, 24 Nov 2024 15:44:41 GMT
content-type: application/x-javascript
last-modified: Wed, 13 Nov 2024 08:13:27 GMT
vary: Accept-Encoding
platform: hostinger
content-security-policy: upgrade-insecure-requests
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e7a859338f47d08-EWR
x-turbo-charged-by: LiteSpeed
server: cloudflare
panel: hpanel

GET
H3 200 flatsome-lazy-load.js Show response
shadowsplay.io/wp-content/themes/flatsome/inc/extensions/flatsome-lazy-load/ 2 KB
1 KB 49ms
44ms Script
application/x-javascript 2606:4700:3037::6815:4dbc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://shadowsplay.io/wp-content/themes/flatsome/inc/extensions/flatsome-lazy-load/flatsome-lazy-load.js?ver=3.19.7

Requested by

Host: shadowsplay.io
URL: https://shadowsplay.io/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:4dbc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef8fea302c93f5619c53b4b7f8435c3d7dbaf5a4296593fb9f353e574c9b34d4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://shadowsplay.io/

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"933-67345fa7-fe772f2336c4b9ea;br"
age: 299447
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bWC15UNOjmhSj9NtyCNrJxQWh2MOshfyhpfDu9bA%2FzYCy1kR5hdwV4XDLtHtb2Zbx2rNBBErlO%2B7zw5JdwSfreqxi4RU4FuohmqhSmnxExgNDxi5N22UlHUZ2D8hRyWlSLfcWQ5EL4lfqVu1zg%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Thu, 28 Nov 2024 04:33:54 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=21079&sent=18&recv=37&lost=0&retrans=0&sent_bytes=6970&recv_bytes=13640&delivery_rate=602&cwnd=12000&unsent_bytes=0&cid=04e4f980c1a7e883&ts=130&x=1", cfHdrFlush;dur=0
date: Sun, 24 Nov 2024 15:44:41 GMT
content-type: application/x-javascript
last-modified: Wed, 13 Nov 2024 08:13:27 GMT
vary: Accept-Encoding
platform: hostinger
content-security-policy: upgrade-insecure-requests
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e7a8593ef2872c2-EWR
x-turbo-charged-by: LiteSpeed
server: cloudflare
panel: hpanel

GET
H3 200 flatsome-variation-images-frontend.js Show response
shadowsplay.io/wp-content/themes/flatsome/assets/js/extensions/ 4 KB
2 KB 50ms
40ms Script
application/x-javascript 2606:4700:3037::6815:4dbc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://shadowsplay.io/wp-content/themes/flatsome/assets/js/extensions/flatsome-variation-images-frontend.js?ver=3.19.7

Requested by

Host: shadowsplay.io
URL: https://shadowsplay.io/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:4dbc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c80781d95d44e13271d84c6ac8a51150e49183a80238f25c98e966812cea2250

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://shadowsplay.io/

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"113c-67345fa7-b58208be3739aca3;br"
age: 299447
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=F3Z4z2YutqXRE4FJrEr8hSAYQxod%2Bq95XGQ2HqYfvYLY2vsq%2BEREI05kARLH4vXIHL0G8HTBzzvyE%2FnDGZlbt7DOeUpafN%2FaAZRadujZLaIsm61FZJC%2BGXPDR4J4eAWK419XvxPvmqL%2BVJ8iXQ%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Thu, 28 Nov 2024 04:33:54 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=21079&sent=18&recv=37&lost=0&retrans=0&sent_bytes=6970&recv_bytes=13640&delivery_rate=602&cwnd=12000&unsent_bytes=0&cid=04e4f980c1a7e883&ts=130&x=1", cfHdrFlush;dur=0
date: Sun, 24 Nov 2024 15:44:41 GMT
content-type: application/x-javascript
last-modified: Wed, 13 Nov 2024 08:13:27 GMT
vary: Accept-Encoding
platform: hostinger
content-security-policy: upgrade-insecure-requests
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e7a8593ef2f72c2-EWR
x-turbo-charged-by: LiteSpeed
server: cloudflare
panel: hpanel

GET
H3 200 flatsome-swatches-frontend.js Show response
shadowsplay.io/wp-content/themes/flatsome/assets/js/extensions/ 6 KB
3 KB 51ms
38ms Script
application/x-javascript 2606:4700:3037::6815:4dbc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://shadowsplay.io/wp-content/themes/flatsome/assets/js/extensions/flatsome-swatches-frontend.js?ver=3.19.7

Requested by

Host: shadowsplay.io
URL: https://shadowsplay.io/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:4dbc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4c0cf189bb3b0c52d35a0b3a93a7b76034ee98b2bec64f1f65ad5fe81d13fb55

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://shadowsplay.io/

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"176d-67345fa7-8a882ee8c855531f;br"
age: 246409
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=u3Ku3Wd%2BDkJSoYXYRzf9lzT%2BNF23GwFLTudTaOzKz6vCCGOy7gZsGrMZG1ci2JrVT4iyBAbG7vxEQPvOp6v6c%2BlMu86k%2FzpR5n6AFJwuCH0TyueSdorPelem12qD2%2FwiXTP5BX%2F%2F89F13gt6Rg%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Thu, 28 Nov 2024 19:17:52 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=21079&sent=25&recv=37&lost=0&retrans=0&sent_bytes=12587&recv_bytes=13640&delivery_rate=602&cwnd=12000&unsent_bytes=0&cid=04e4f980c1a7e883&ts=132&x=1", cfHdrFlush;dur=0
date: Sun, 24 Nov 2024 15:44:41 GMT
content-type: application/x-javascript
last-modified: Wed, 13 Nov 2024 08:13:27 GMT
vary: Accept-Encoding
platform: hostinger
content-security-policy: upgrade-insecure-requests
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e7a8593ef3272c2-EWR
x-turbo-charged-by: LiteSpeed
server: cloudflare
panel: hpanel

GET
H2 200 flatsome.js Show response
shadowsplay.io/wp-content/themes/flatsome/assets/js/ 52 KB
0 19ms
19ms Script
application/x-javascript 2606:4700:3037::6815:4dbc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://shadowsplay.io/wp-content/themes/flatsome/assets/js/flatsome.js?ver=8e60d746741250b4dd4e

Requested by

Host: shadowsplay.io
URL: https://shadowsplay.io/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::6815:4dbc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

10d17b852c0a0ab3de4638a2b0fcaee7ed4632a04fb126d388e871bffd0d0854

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://shadowsplay.io/

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"ce7b-67345fa7-fd52d1477e0d0261;br"
age: 124284
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cbgB2w20HXHQ%2FSMQirjbxs6iCZFoaxibxq5wvyHuClJYY0%2FIi1%2BpJqqUxB3plnVf9WQNKyLNrznA6fGkv5s1NQZ5Xl56CUE8g5%2FB1mzEmvzAHYf3Pc6Wzie4IjcLivm9KUjrHA2sAY5dWIQrqQ%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Sat, 30 Nov 2024 05:13:16 GMT
server-timing: cfCacheStatus;desc="HIT", cfL4;desc="?proto=TCP&rtt=8782&sent=144&recv=37&lost=0&retrans=0&sent_bytes=140239&recv_bytes=4740&delivery_rate=5778249&cwnd=254&unsent_bytes=0&cid=1257719241aedf22&ts=195&x=0"
alt-svc: h3=":443"; ma=86400
date: Sun, 24 Nov 2024 15:44:41 GMT
content-type: application/x-javascript
last-modified: Wed, 13 Nov 2024 08:13:27 GMT
vary: Accept-Encoding
platform: hostinger
content-security-policy: upgrade-insecure-requests
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e7a859338eb7d08-EWR
x-turbo-charged-by: LiteSpeed
server: cloudflare
panel: hpanel

GET
H3 200 hoverIntent.min.js Show response
shadowsplay.io/wp-includes/js/ 1 KB
1 KB 48ms
35ms Script
application/x-javascript 2606:4700:3037::6815:4dbc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://shadowsplay.io/wp-includes/js/hoverIntent.min.js?ver=1.10.2

Requested by

Host: shadowsplay.io
URL: https://shadowsplay.io/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:4dbc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ed5b5df9ceacfe76857ac51964972b0b417a215b2f50e837fd6b64bad7339c40

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://shadowsplay.io/

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"5db-64547286-5c27498f506f9ab;br"
age: 299447
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gNgLsuEXZuXMElVaGV6jHjVFVRHNe79pMzOLQb%2BYrUPaCTSKqkAhh5s9Qq25kV1OCtnw6Nj5%2BwsJYhTt48X2Gq8poqFN%2BK7VH0EAhMuqnv1ohf9ssAAhdnNdab1kP0wmuInXXXm3OAXGSyax8A%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Thu, 28 Nov 2024 04:33:54 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=21079&sent=23&recv=37&lost=0&retrans=0&sent_bytes=11015&recv_bytes=13640&delivery_rate=602&cwnd=12000&unsent_bytes=0&cid=04e4f980c1a7e883&ts=131&x=1", cfHdrFlush;dur=0
date: Sun, 24 Nov 2024 15:44:41 GMT
content-type: application/x-javascript
last-modified: Fri, 05 May 2023 03:05:42 GMT
vary: Accept-Encoding
platform: hostinger
content-security-policy: upgrade-insecure-requests
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e7a8593ef3372c2-EWR
x-turbo-charged-by: LiteSpeed
server: cloudflare
panel: hpanel

GET
H3 200 mp-ticket-checkout.min.js Show response
shadowsplay.io/wp-content/plugins/woocommerce-mercadopago/assets/js/checkouts/ticket/ 2 KB
1 KB 51ms
38ms Script
application/x-javascript 2606:4700:3037::6815:4dbc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://shadowsplay.io/wp-content/plugins/woocommerce-mercadopago/assets/js/checkouts/ticket/mp-ticket-checkout.min.js?ver=7.8.2

Requested by

Host: shadowsplay.io
URL: https://shadowsplay.io/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:4dbc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c746bc275524e95441456c5eb462072a1284c67cc1510997da5e8746df74b88a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://shadowsplay.io/

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"635-672d1afd-652be50ab35a5798;br"
age: 124284
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sZ9a0%2FsHjyQeh7%2Bi1r2xCKDrDH7kLTbhDxh98oeVTfCdKYvaryU6tauVFiHz6LwCr3I2iT50LyzRXSthbS9YEl1qsgjx4hlTz75vBKyl5lRW959%2FywZ4YFzGcpGxYgJwxhsJny0pkd16VHTuYA%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Sat, 30 Nov 2024 05:13:17 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=21079&sent=28&recv=37&lost=0&retrans=0&sent_bytes=15477&recv_bytes=13640&delivery_rate=602&cwnd=12000&unsent_bytes=0&cid=04e4f980c1a7e883&ts=134&x=1", cfHdrFlush;dur=0
date: Sun, 24 Nov 2024 15:44:41 GMT
content-type: application/x-javascript
last-modified: Thu, 07 Nov 2024 19:54:37 GMT
vary: Accept-Encoding
platform: hostinger
content-security-policy: upgrade-insecure-requests
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e7a8593ff3572c2-EWR
x-turbo-charged-by: LiteSpeed
server: cloudflare
panel: hpanel

GET
H3 200 mp-ticket-elements.min.js Show response
shadowsplay.io/wp-content/plugins/woocommerce-mercadopago/assets/js/checkouts/ticket/ 128 B
897 B 74ms
61ms Script
application/x-javascript 2606:4700:3037::6815:4dbc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://shadowsplay.io/wp-content/plugins/woocommerce-mercadopago/assets/js/checkouts/ticket/mp-ticket-elements.min.js?ver=7.8.2

Requested by

Host: shadowsplay.io
URL: https://shadowsplay.io/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:4dbc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e5170c6fe08b10e864472292032740c660827a1ffcd1425b816a3f923c737e97

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://shadowsplay.io/

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"80-672d1afd-400daec5df97170b;;;"
age: 299447
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KnHQjjDEsbFCc3t%2B6pMYzbJEatlPI%2FoR9cP9RGZs9oFvxD92gPiZZfauhvpjIPKiUxF52prPL5FNuXz3jypipLVwSP7RWaDYXcWLoA35ggiwOMEngFX14LhpHhlBMXiq2ayrJyMVqFmwim4PoA%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Thu, 28 Nov 2024 04:33:54 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=21079&sent=29&recv=37&lost=0&retrans=0&sent_bytes=16354&recv_bytes=13640&delivery_rate=602&cwnd=12000&unsent_bytes=0&cid=04e4f980c1a7e883&ts=139&x=1", cfHdrFlush;dur=7
date: Sun, 24 Nov 2024 15:44:41 GMT
content-type: application/x-javascript
last-modified: Thu, 07 Nov 2024 19:54:37 GMT
vary: Accept-Encoding
platform: hostinger
content-security-policy: upgrade-insecure-requests
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e7a8593ff3672c2-EWR
x-turbo-charged-by: LiteSpeed
server: cloudflare
panel: hpanel

GET
H3 200 mp-ticket-page.min.js Show response
shadowsplay.io/wp-content/plugins/woocommerce-mercadopago/assets/js/checkouts/ticket/ 436 B
2 KB 82ms
69ms Script
application/x-javascript 2606:4700:3037::6815:4dbc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://shadowsplay.io/wp-content/plugins/woocommerce-mercadopago/assets/js/checkouts/ticket/mp-ticket-page.min.js?ver=7.8.2

Requested by

Host: shadowsplay.io
URL: https://shadowsplay.io/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:4dbc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9068d799a2282cc9c55051466b4e01658578a3402ee8acc3372f8625e257d3d0

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://shadowsplay.io/

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"1b4-672d1afd-964a7a1291ce859a;br"
age: 299447
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=N0M8lwrMx13cTv60f%2FVUmwFN3DQfzDlMd6jqLWeQijhMrCkoQjdB8xVNTlCO25wY5uV2xkL%2FUaIOIurNdDeJohxs5Jz2yE4wYYsA3wXKwtP5F4ZU1BoAFcwsVcxRydBbK59v2pQ6Mrd3U8tKeQ%3D%3D"}],"group":"cf-nel","max_age":604800}, {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=_pOme8OdvS9skJLePMxCJ4irD_KnsglZGbPxhCyBaFM-1732463081-1.0.1.1-VPjTk6y3fWQxtPvctOUAPH3mnZup.0i8YcoPne45zl7LKSGWs1Js5sN_sVgiskhwrYE50AxyvSHrOlGzwLb_M3DKF.UEl9H6D22xV2Kqn_mLehJ_zU8I4_C9Ssn76yXh_2LqdxkZbTIDz1O1QLZ4.w"}],"group":"cf-csp-endpoint","max_age":86400}
expires: Thu, 28 Nov 2024 04:33:54 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=23450&sent=36&recv=43&lost=0&retrans=0&sent_bytes=22283&recv_bytes=13898&delivery_rate=266270&cwnd=21600&unsent_bytes=0&cid=04e4f980c1a7e883&ts=154&x=1", cfHdrFlush;dur=2
date: Sun, 24 Nov 2024 15:44:41 GMT
content-type: application/x-javascript
last-modified: Thu, 07 Nov 2024 19:54:37 GMT
vary: Accept-Encoding
platform: hostinger
content-security-policy: upgrade-insecure-requests
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-security-policy-report-only: script-src 'none'; connect-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=_pOme8OdvS9skJLePMxCJ4irD_KnsglZGbPxhCyBaFM-1732463081-1.0.1.1-VPjTk6y3fWQxtPvctOUAPH3mnZup.0i8YcoPne45zl7LKSGWs1Js5sN_sVgiskhwrYE50AxyvSHrOlGzwLb_M3DKF.UEl9H6D22xV2Kqn_mLehJ_zU8I4_C9Ssn76yXh_2LqdxkZbTIDz1O1QLZ4.w; report-to cf-csp-endpoint
cf-ray: 8e7a8593ff3872c2-EWR
x-turbo-charged-by: LiteSpeed
server: cloudflare
panel: hpanel

GET
H3 200 mp-custom-checkout.min.js Show response
shadowsplay.io/wp-content/plugins/woocommerce-mercadopago/assets/js/checkouts/custom/ 13 KB
5 KB 63ms
49ms Script
application/x-javascript 2606:4700:3037::6815:4dbc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://shadowsplay.io/wp-content/plugins/woocommerce-mercadopago/assets/js/checkouts/custom/mp-custom-checkout.min.js?ver=7.8.2

Requested by

Host: shadowsplay.io
URL: https://shadowsplay.io/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:4dbc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8a8fca673e1da4790d3cb71d3a877c1a99d078da223687d5063fe4949a7b72e0

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://shadowsplay.io/

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"35ab-672d1afd-fde6bb54c431d747;br"
age: 124284
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SG0AZSAh%2FpJnPrPkhCaGBcLwUFqzPg1OZaX2wRusXEVrS1OV0fbnl%2BqkXpNkXHqt6BiD2cedcsx73kbZU77sbqbaFPxJJ9%2FkUbAaYalfg4Rhpz1Bg4ZtPqApuq7WRQFL2axZGlYtHEYBMZJltw%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Sat, 30 Nov 2024 05:13:17 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=21079&sent=29&recv=37&lost=0&retrans=0&sent_bytes=16354&recv_bytes=13640&delivery_rate=602&cwnd=12000&unsent_bytes=0&cid=04e4f980c1a7e883&ts=136&x=1", cfHdrFlush;dur=10
date: Sun, 24 Nov 2024 15:44:41 GMT
content-type: application/x-javascript
last-modified: Thu, 07 Nov 2024 19:54:37 GMT
vary: Accept-Encoding
platform: hostinger
content-security-policy: upgrade-insecure-requests
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e7a8593ff3b72c2-EWR
x-turbo-charged-by: LiteSpeed
server: cloudflare
panel: hpanel

GET
H3 200 mp-custom-elements.min.js Show response
shadowsplay.io/wp-content/plugins/woocommerce-mercadopago/assets/js/checkouts/custom/ 1 KB
1 KB 79ms
66ms Script
application/x-javascript 2606:4700:3037::6815:4dbc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://shadowsplay.io/wp-content/plugins/woocommerce-mercadopago/assets/js/checkouts/custom/mp-custom-elements.min.js?ver=7.8.2

Requested by

Host: shadowsplay.io
URL: https://shadowsplay.io/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:4dbc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ced36cf2b62bb84662f6950306ae2296d28b6d99b3b939b6872e55a401182dc2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://shadowsplay.io/

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"503-672d1afd-e5b5c8525f40701e;br"
age: 299447
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xgZAFy1aBviPF5Cj2iQQEFz34Sw%2BHHP6kN6z42YfI4Z7FPZ%2Fx%2B0u7joMzvMjHFpvvZFhinmuq0W9wvRTHkqs1G3jc9isB8HAv25ss%2Ftli9RD61SjrAA4a1UJJe2S2KrV7V2WN%2FrLS%2FWWZLkk9A%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Thu, 28 Nov 2024 04:33:54 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=21079&sent=29&recv=37&lost=0&retrans=0&sent_bytes=16354&recv_bytes=13640&delivery_rate=602&cwnd=12000&unsent_bytes=0&cid=04e4f980c1a7e883&ts=139&x=1", cfHdrFlush;dur=13
date: Sun, 24 Nov 2024 15:44:41 GMT
content-type: application/x-javascript
last-modified: Thu, 07 Nov 2024 19:54:37 GMT
vary: Accept-Encoding
platform: hostinger
content-security-policy: upgrade-insecure-requests
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e7a8593ff3d72c2-EWR
x-turbo-charged-by: LiteSpeed
server: cloudflare
panel: hpanel

GET
H3 200 mp-custom-page.min.js Show response
shadowsplay.io/wp-content/plugins/woocommerce-mercadopago/assets/js/checkouts/custom/ 8 KB
4 KB 82ms
68ms Script
application/x-javascript 2606:4700:3037::6815:4dbc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://shadowsplay.io/wp-content/plugins/woocommerce-mercadopago/assets/js/checkouts/custom/mp-custom-page.min.js?ver=7.8.2

Requested by

Host: shadowsplay.io
URL: https://shadowsplay.io/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:4dbc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c0a65cb7d9d38e780cdf95e9a63b2717e3c21c6580d9155cda7a7b939e0169dc

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://shadowsplay.io/

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"2145-672d1afd-35d4287aa9e4f758;br"
age: 299447
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GrNfe%2F6haBBPZ8Riv3OZUZNdcb%2B21bDlDiZU287sNaLkYgKnnVc2JbhkintyMVQQ6BVy3xUQZr8HBRmxDdvXGL2z0wGiKC4n%2BwPsa4OcgB7JgYTH2j%2FMFfr7S0Q5WgBme4dzxWzaybw%2FRQkjFg%3D%3D"}],"group":"cf-nel","max_age":604800}, {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=jCjMp55TKjJ1NK1pQtJH8cdmevCcHWO8clorLHPZeUk-1732463081-1.0.1.1-wvMPCOIXExsloXdlPcHq75siVmcApWIUpKXVgLQaBvHeIt4Y14nSVOv_EV.0KM_gz0tVk1I1W5oSA_HUB5cUM20GArDPRsAJikSMqIrsKEtUyK020HNmhCmE9ThNEjx9aiDwkpnC4f4Zxw2smEKX2g"}],"group":"cf-csp-endpoint","max_age":86400}
expires: Thu, 28 Nov 2024 04:33:54 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=21079&sent=29&recv=37&lost=0&retrans=0&sent_bytes=16354&recv_bytes=13640&delivery_rate=602&cwnd=12000&unsent_bytes=0&cid=04e4f980c1a7e883&ts=137&x=1", cfHdrFlush;dur=15
date: Sun, 24 Nov 2024 15:44:41 GMT
content-type: application/x-javascript
last-modified: Thu, 07 Nov 2024 19:54:37 GMT
vary: Accept-Encoding
platform: hostinger
content-security-policy: upgrade-insecure-requests
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-security-policy-report-only: script-src 'none'; connect-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=jCjMp55TKjJ1NK1pQtJH8cdmevCcHWO8clorLHPZeUk-1732463081-1.0.1.1-wvMPCOIXExsloXdlPcHq75siVmcApWIUpKXVgLQaBvHeIt4Y14nSVOv_EV.0KM_gz0tVk1I1W5oSA_HUB5cUM20GArDPRsAJikSMqIrsKEtUyK020HNmhCmE9ThNEjx9aiDwkpnC4f4Zxw2smEKX2g; report-to cf-csp-endpoint
cf-ray: 8e7a8593ff3e72c2-EWR
x-turbo-charged-by: LiteSpeed
server: cloudflare
panel: hpanel

GET
H3 200 session.min.js Show response
shadowsplay.io/wp-content/plugins/woocommerce-mercadopago/assets/js/checkouts/custom/ 351 B
1 KB 82ms
69ms Script
application/x-javascript 2606:4700:3037::6815:4dbc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://shadowsplay.io/wp-content/plugins/woocommerce-mercadopago/assets/js/checkouts/custom/session.min.js?ver=7.8.2

Requested by

Host: shadowsplay.io
URL: https://shadowsplay.io/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:4dbc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e2fa780544eb73db27b04a5641bacd81d921a66993b2890551b23ce89a282eda

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://shadowsplay.io/

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"15f-672d1afd-a98065624773c1cd;br"
age: 299447
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PA61fKGanpVUDJPI5EQcTBXFl6Bwcv%2BEyPETD3jJ2U08OdTiEZmjBWfDuuBcDIg7my1REw46dH%2B%2BIiQAR0NTvdGP6Jw%2BIZZv4zgGTMihheWdHPLOo0mK%2Fticau%2B8V1jbOPOmHNYDC0bUaimV%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Thu, 28 Nov 2024 04:33:54 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=21079&sent=29&recv=37&lost=0&retrans=0&sent_bytes=16354&recv_bytes=13640&delivery_rate=602&cwnd=12000&unsent_bytes=0&cid=04e4f980c1a7e883&ts=139&x=1", cfHdrFlush;dur=13
date: Sun, 24 Nov 2024 15:44:41 GMT
content-type: application/x-javascript
last-modified: Thu, 07 Nov 2024 19:54:37 GMT
vary: Accept-Encoding
platform: hostinger
content-security-policy: upgrade-insecure-requests
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e7a8593ff4072c2-EWR
x-turbo-charged-by: LiteSpeed
server: cloudflare
panel: hpanel

GET
H2 200 v2 Show response
sdk.mercadopago.com/js/ 147 KB
35 KB 198ms
71ms Script
application/javascript 23.57.90.111
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL

https://sdk.mercadopago.com/js/v2?ver=7.8.2

Requested by

Host: shadowsplay.io
URL: https://shadowsplay.io/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.57.90.111 Secaucus, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

a23-57-90-111.deploy.static.akamaitechnologies.com

Software

Tengine /

Resource Hash

357871e3e8e179f9ea147cac7f329e9ab6c7d9e145e2707d4dd4547f6a10773b

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://shadowsplay.io/

Response headers

x-request-id: f1c71fc9-5656-4334-b5b6-b5912b73acca
content-encoding: br
x-content-type-options: nosniff
x-request-device-id: f1c71fc9-5656-4334-b5b6-b5912b73acca
date: Sun, 24 Nov 2024 15:44:41 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Fri, 08 Nov 2024 12:12:12 GMT
strict-transport-security: max-age=300; includeSubDomains;
cache-control: public, max-age=86400
x-envoy-upstream-service-time: 5
x-d2id: f1c71fc9-5656-4334-b5b6-b5912b73acca
referrer-policy: no-referrer-when-downgrade
accept-ranges: bytes
access-control-allow-origin: *
content-length: 35784
x-xss-protection: 1; mode=block
server: Tengine

GET
H3 200 mp-checkout-update.min.js Show response
shadowsplay.io/wp-content/plugins/woocommerce-mercadopago/assets/js/checkouts/ 164 B
920 B 82ms
69ms Script
application/x-javascript 2606:4700:3037::6815:4dbc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://shadowsplay.io/wp-content/plugins/woocommerce-mercadopago/assets/js/checkouts/mp-checkout-update.min.js?ver=7.8.2

Requested by

Host: shadowsplay.io
URL: https://shadowsplay.io/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:4dbc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

99423b855711476924567120d19c9ed70ddf3ff4c33a37cea74115246578f9e8

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://shadowsplay.io/

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"a4-672d1afd-9d59931e1420a9e4;;;"
age: 299447
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Gc%2FGekwE5e%2BHpxfKIeIKScd2b2vw%2Bn9jzjPD2wmO0bXRJfzU8ersU9yL0lJSet%2Fqr8EOVEBo5aiMHkSZd846rNEkJ%2BFKYpabYBxzX3275YtTJbCjQsl9Yhg2oaHba5eFP%2BIFFQDm4Rq1PUGoSg%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Thu, 28 Nov 2024 04:33:54 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=21079&sent=29&recv=37&lost=0&retrans=0&sent_bytes=16354&recv_bytes=13640&delivery_rate=602&cwnd=12000&unsent_bytes=0&cid=04e4f980c1a7e883&ts=137&x=1", cfHdrFlush;dur=15
date: Sun, 24 Nov 2024 15:44:41 GMT
content-type: application/x-javascript
last-modified: Thu, 07 Nov 2024 19:54:37 GMT
vary: Accept-Encoding
platform: hostinger
content-security-policy: upgrade-insecure-requests
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e7a8593ff4272c2-EWR
x-turbo-charged-by: LiteSpeed
server: cloudflare
panel: hpanel

GET
H3 200 mp-plugins-components.min.js Show response
shadowsplay.io/wp-content/plugins/woocommerce-mercadopago/assets/js/checkouts/ 41 KB
9 KB 82ms
70ms Script
application/x-javascript 2606:4700:3037::6815:4dbc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://shadowsplay.io/wp-content/plugins/woocommerce-mercadopago/assets/js/checkouts/mp-plugins-components.min.js?ver=7.8.2

Requested by

Host: shadowsplay.io
URL: https://shadowsplay.io/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:4dbc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

caaadfd7e2cdb850df6c58863556214eefd3fbd3dd334cd79767f63677743676

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://shadowsplay.io/

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"a2e0-672d1afd-946ec0698c689534;br"
age: 299447
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5BMlzjqX5JvNBcuqA4lRcNpR5vUP0R3yVpQBTZC%2F3WMeVEStekNdd%2BkjhLS7H0B19t%2B68T4oMLLuRr2OEI1rK6iqHclL5GPYrp2u39Dq3N1swo2JucUVh%2ByePbn26NUxZ32t523liY1ScHbcFw%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Thu, 28 Nov 2024 04:33:54 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=21079&sent=29&recv=37&lost=0&retrans=0&sent_bytes=16354&recv_bytes=13640&delivery_rate=602&cwnd=12000&unsent_bytes=0&cid=04e4f980c1a7e883&ts=139&x=1", cfHdrFlush;dur=13
date: Sun, 24 Nov 2024 15:44:41 GMT
content-type: application/x-javascript
last-modified: Thu, 07 Nov 2024 19:54:37 GMT
vary: Accept-Encoding
platform: hostinger
content-security-policy: upgrade-insecure-requests
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e7a8593ff4372c2-EWR
x-turbo-charged-by: LiteSpeed
server: cloudflare
panel: hpanel

GET
H3 200 order-attribution.min.js Show response
shadowsplay.io/wp-content/plugins/woocommerce/assets/js/frontend/ 2 KB
2 KB 79ms
67ms Script
application/x-javascript 2606:4700:3037::6815:4dbc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://shadowsplay.io/wp-content/plugins/woocommerce/assets/js/frontend/order-attribution.min.js?ver=9.4.2

Requested by

Host: shadowsplay.io
URL: https://shadowsplay.io/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:4dbc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

363aa2d4106f0f661a989977347dc0a55b612de18d3c0247cecc0ca725f98270

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://shadowsplay.io/

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"934-673cf15e-a1f4dea2cbf2c17d;br"
age: 299447
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WNd8F21UYVd%2F563kCLk%2BF4iXuYnWMud76vnfXqlTPVOFhCoLOwe%2FBAmFUk%2FaZhTR2G3KLxhpNc7F8aqs8ZSOlZpfZYl4S8XHvC4%2BK88GYOJMlujls2dHpVeSqNFr%2BKk1zCiAJeD3sWB7vRH48Q%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Thu, 28 Nov 2024 04:33:54 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=21079&sent=29&recv=37&lost=0&retrans=0&sent_bytes=16354&recv_bytes=13640&delivery_rate=602&cwnd=12000&unsent_bytes=0&cid=04e4f980c1a7e883&ts=138&x=1", cfHdrFlush;dur=14
date: Sun, 24 Nov 2024 15:44:41 GMT
content-type: application/x-javascript
last-modified: Tue, 19 Nov 2024 20:13:18 GMT
vary: Accept-Encoding
platform: hostinger
content-security-policy: upgrade-insecure-requests
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e7a8593ff4472c2-EWR
x-turbo-charged-by: LiteSpeed
server: cloudflare
panel: hpanel

GET
H3 200 sourcebuster.min.js Show response
shadowsplay.io/wp-content/plugins/woocommerce/assets/js/sourcebuster/ 15 KB
6 KB 100ms
88ms Script
application/x-javascript 2606:4700:3037::6815:4dbc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://shadowsplay.io/wp-content/plugins/woocommerce/assets/js/sourcebuster/sourcebuster.min.js?ver=9.4.2

Requested by

Host: shadowsplay.io
URL: https://shadowsplay.io/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:4dbc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c50a0b33030ba0ec063be642c297f48af94359e2222ff140817248d591faf837

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://shadowsplay.io/

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"3bd3-673cf15e-cac3a6f0c8fbd2b0;br"
age: 299447
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7yQ325UeYHxqJn61tuv8BVaa3j4T%2B7T4Ku1CzGIZnmsTY1%2F%2FwrzNIzpxjXWYEywSs%2BXcjerd81qtzP2cAW9qx4IFAQAMiLPgAqg7aCpgIdwk48rE%2BBOxBGPcbRqMI4auL1rGaA842rxJgEry5w%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Thu, 28 Nov 2024 04:33:54 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=21079&sent=29&recv=37&lost=0&retrans=0&sent_bytes=16354&recv_bytes=13640&delivery_rate=602&cwnd=12000&unsent_bytes=0&cid=04e4f980c1a7e883&ts=139&x=1", cfHdrFlush;dur=13
date: Sun, 24 Nov 2024 15:44:41 GMT
content-type: application/x-javascript
last-modified: Tue, 19 Nov 2024 20:13:18 GMT
vary: Accept-Encoding
platform: hostinger
content-security-policy: upgrade-insecure-requests
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e7a8593ff4572c2-EWR
x-turbo-charged-by: LiteSpeed
server: cloudflare
panel: hpanel

GET
H3 200 flatsome-instant-page.js Show response
shadowsplay.io/wp-content/themes/flatsome/inc/extensions/flatsome-instant-page/ 3 KB
2 KB 103ms
92ms Script
application/x-javascript 2606:4700:3037::6815:4dbc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://shadowsplay.io/wp-content/themes/flatsome/inc/extensions/flatsome-instant-page/flatsome-instant-page.js?ver=1.2.1

Requested by

Host: shadowsplay.io
URL: https://shadowsplay.io/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:4dbc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

44d8986e61b7b212a93ba0c3a3a9c880420451d7efa7938d711dd03e655c0969

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://shadowsplay.io/

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"dd2-67345fa7-484adfcbe678e53f;br"
age: 299447
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=viRBfBPfNECYAaHyWguJ%2F0lj6MCm08TchaFsLutiqI7tFsXu2CkseKlsUcnWqZAYnTQkwWNnoZXAhnxQNFyf6WjGz5RiBmDRUireCwx9nTWfCKnUDNNujMbcIfn41MVd1l2WGVZOLDJ9XFT2Iw%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Thu, 28 Nov 2024 04:33:54 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=21079&sent=29&recv=37&lost=0&retrans=0&sent_bytes=16354&recv_bytes=13640&delivery_rate=602&cwnd=12000&unsent_bytes=0&cid=04e4f980c1a7e883&ts=138&x=1", cfHdrFlush;dur=14
date: Sun, 24 Nov 2024 15:44:41 GMT
content-type: application/x-javascript
last-modified: Wed, 13 Nov 2024 08:13:27 GMT
vary: Accept-Encoding
platform: hostinger
content-security-policy: upgrade-insecure-requests
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e7a8593ff4672c2-EWR
x-turbo-charged-by: LiteSpeed
server: cloudflare
panel: hpanel

GET
H3 200 public.min.js Show response
shadowsplay.io/wp-content/plugins/variation-price-display/public/js/ 2 KB
2 KB 103ms
93ms Script
application/x-javascript 2606:4700:3037::6815:4dbc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://shadowsplay.io/wp-content/plugins/variation-price-display/public/js/public.min.js?ver=1.3.15

Requested by

Host: shadowsplay.io
URL: https://shadowsplay.io/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:4dbc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

37ebbab4461f2c081840c9ceb79456f59dd1020d9c9b962a43f2fe59460fd069

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://shadowsplay.io/

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"7be-66d70534-4afa686121aa66ed;br"
age: 299447
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tvoXfnCrcCIvkbv3m7QPW9E%2FD0l2joBgQecSmnlqf1%2BGyWRgOW7kNHRh2kAhphW3vx2SQAEba2Zkt1HtpQST%2FAJMr8GdJyR6lAb4yhl1Q2Yvx0VomifkhSZNADV5YceUaxKId4GoZOOWeIChzg%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Thu, 28 Nov 2024 04:33:54 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=21079&sent=29&recv=37&lost=0&retrans=0&sent_bytes=16354&recv_bytes=13640&delivery_rate=602&cwnd=12000&unsent_bytes=0&cid=04e4f980c1a7e883&ts=142&x=1", cfHdrFlush;dur=10
date: Sun, 24 Nov 2024 15:44:41 GMT
content-type: application/x-javascript
last-modified: Tue, 03 Sep 2024 12:46:44 GMT
vary: Accept-Encoding
platform: hostinger
content-security-policy: upgrade-insecure-requests
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e7a8593ff4772c2-EWR
x-turbo-charged-by: LiteSpeed
server: cloudflare
panel: hpanel

GET
H3 200 woocommerce.min.js Show response
shadowsplay.io/wp-content/plugins/woocommerce/assets/js/frontend/ 3 KB
2 KB 100ms
91ms Script
application/x-javascript 2606:4700:3037::6815:4dbc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://shadowsplay.io/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=9.4.2

Requested by

Host: shadowsplay.io
URL: https://shadowsplay.io/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:4dbc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b3241e8eedad3697018639715acee69fb5b06b1c9b39646be0f45a240a0d3ffc

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://shadowsplay.io/

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"c6a-673cf15e-67590c13b4e3efea;br"
age: 299447
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ynm%2FoAvF4gzfY78cxB05M8FEwMh7lUiVt5YzAAtLPVhOvHL1EaxBDTNtGOU2TtgDqqkCiuB%2B2iWgXJTX71W7YwT3uzGVmi9YU7XPBN7w2BEB5ugr52xZOQis07E1XuGzoIgdvhVef1SgnTv1VA%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Thu, 28 Nov 2024 04:33:54 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=21079&sent=29&recv=37&lost=0&retrans=0&sent_bytes=16354&recv_bytes=13640&delivery_rate=602&cwnd=12000&unsent_bytes=0&cid=04e4f980c1a7e883&ts=138&x=1", cfHdrFlush;dur=14
date: Sun, 24 Nov 2024 15:44:41 GMT
content-type: application/x-javascript
last-modified: Tue, 19 Nov 2024 20:13:18 GMT
vary: Accept-Encoding
platform: hostinger
content-security-policy: upgrade-insecure-requests
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e7a8593ff4872c2-EWR
x-turbo-charged-by: LiteSpeed
server: cloudflare
panel: hpanel

GET
H3 200 colcade.js Show response
shadowsplay.io/wp-content/plugins/customer-reviews-woocommerce/js/ 10 KB
4 KB 101ms
92ms Script
application/x-javascript 2606:4700:3037::6815:4dbc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://shadowsplay.io/wp-content/plugins/customer-reviews-woocommerce/js/colcade.js?ver=5.63.1

Requested by

Host: shadowsplay.io
URL: https://shadowsplay.io/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:4dbc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1f75584451d1806af31c524aed578b1efabe9eafcb303b835f5735d20da2e07d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://shadowsplay.io/

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"2886-673af747-557981b643a54f01;br"
age: 299447
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EunfhHrTpo7pWbsgmcUScjkDif98ELoFvJ%2FtzWdBD3o%2Bv4whEq5bUp2UuT8SolMSdz2UEOTc2pCXPCC%2F66wxmrZqKK1cX%2F4eIMo64ouKmwOrCPcfwc28ScqNovTFU8QJHHrAKXpCzA3ddcWwEw%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Thu, 28 Nov 2024 04:33:54 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=23430&sent=34&recv=38&lost=0&retrans=0&sent_bytes=21154&recv_bytes=13683&delivery_rate=60100&cwnd=14400&unsent_bytes=0&cid=04e4f980c1a7e883&ts=148&x=1", cfHdrFlush;dur=4
date: Sun, 24 Nov 2024 15:44:41 GMT
content-type: application/x-javascript
last-modified: Mon, 18 Nov 2024 08:13:59 GMT
vary: Accept-Encoding
platform: hostinger
content-security-policy: upgrade-insecure-requests
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e7a8593ff4a72c2-EWR
x-turbo-charged-by: LiteSpeed
server: cloudflare
panel: hpanel

GET
H3 200 frontend.js Show response
shadowsplay.io/wp-content/plugins/customer-reviews-woocommerce/js/ 86 KB
15 KB 104ms
95ms Script
application/x-javascript 2606:4700:3037::6815:4dbc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://shadowsplay.io/wp-content/plugins/customer-reviews-woocommerce/js/frontend.js?ver=5.63.1

Requested by

Host: shadowsplay.io
URL: https://shadowsplay.io/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:4dbc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

03491e669b4bbfec239ac571e727b7a6221c365f9b9928e6dad2586e792ab850

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://shadowsplay.io/

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"15937-673af747-d9e2274ba4b7fc45;br"
age: 299447
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PWQaZnMLyrL7vWOHIecWnoBbC84VkE%2F5sgLTw%2BO7CCktvhLfiY5EwR%2F%2ByS7%2FzFbGqZRC69RDpuvGZQlqlXI4W1CDkPHri52HHOqCF4xW5LbARo8I7WeCP3AHV%2B31EE%2BlBvSUAifeVl3ZT66Uww%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Thu, 28 Nov 2024 04:33:54 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=21079&sent=29&recv=37&lost=0&retrans=0&sent_bytes=16354&recv_bytes=13640&delivery_rate=602&cwnd=12000&unsent_bytes=0&cid=04e4f980c1a7e883&ts=141&x=1", cfHdrFlush;dur=11
date: Sun, 24 Nov 2024 15:44:41 GMT
content-type: application/x-javascript
last-modified: Mon, 18 Nov 2024 08:13:59 GMT
vary: Accept-Encoding
platform: hostinger
content-security-policy: upgrade-insecure-requests
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e7a8593ff4b72c2-EWR
x-turbo-charged-by: LiteSpeed
server: cloudflare
panel: hpanel

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 432 KB
135 KB 184ms
67ms Script
application/javascript 2607:f8b0:4006:821::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-NHJWPZSXZE

Requested by

Host: shadowsplay.io
URL: https://shadowsplay.io/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a60f3101a510280cfdf8d65dd70fb25ac82f60536677413beed60b81e45b8182

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://shadowsplay.io/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Sun, 24 Nov 2024 15:44:41 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 24 Nov 2024 15:44:41 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 138005
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 woocommerce-multi-currency-switcher.min.js Show response
shadowsplay.io/wp-content/plugins/woocommerce-multi-currency/js/ 7 KB
3 KB 103ms
95ms Script
application/x-javascript 2606:4700:3037::6815:4dbc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://shadowsplay.io/wp-content/plugins/woocommerce-multi-currency/js/woocommerce-multi-currency-switcher.min.js?ver=2.3.5

Requested by

Host: shadowsplay.io
URL: https://shadowsplay.io/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:4dbc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0584377df7aaa009067f6feefd8ccf43482260bcd7951d12dbbfb65c84437976

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://shadowsplay.io/

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"1cf0-67220aae-219856b1c5cf1581;br"
age: 299447
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Y3vLoUSv2Wg%2BLqXFzgu8xNPl7AAZrddlia%2F6WKtHWq0qnPRX4kGb26w8X1Xmv2J0i9Krsnk13CtLZb9bbO9F9z07x7DlKlXU3wPODWJ2%2BmYQVNeXYmTpPalXVOzZdUxcKrq%2FRlN8QccG9HmoVg%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Thu, 28 Nov 2024 04:33:54 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=21079&sent=29&recv=37&lost=0&retrans=0&sent_bytes=16354&recv_bytes=13640&delivery_rate=602&cwnd=12000&unsent_bytes=0&cid=04e4f980c1a7e883&ts=144&x=1", cfHdrFlush;dur=12
date: Sun, 24 Nov 2024 15:44:41 GMT
content-type: application/x-javascript
last-modified: Wed, 30 Oct 2024 10:30:06 GMT
vary: Accept-Encoding
platform: hostinger
content-security-policy: upgrade-insecure-requests
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e7a8593ff4c72c2-EWR
x-turbo-charged-by: LiteSpeed
server: cloudflare
panel: hpanel

GET
H3 200 wt-smart-coupon-public.js Show response
shadowsplay.io/wp-content/plugins/wt-smart-coupons-for-woocommerce/public/js/ 10 KB
4 KB 103ms
96ms Script
application/x-javascript 2606:4700:3037::6815:4dbc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://shadowsplay.io/wp-content/plugins/wt-smart-coupons-for-woocommerce/public/js/wt-smart-coupon-public.js?ver=1.8.4

Requested by

Host: shadowsplay.io
URL: https://shadowsplay.io/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:4dbc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0d2e53642d3e0aeaf3750ccf643a3df2f2b083ccd222dd8858b95337ce9a146c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://shadowsplay.io/

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"294b-67361731-33c5007d86ef2db1;br"
age: 299447
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4ZK1vhiN%2FSlMFt76QgTZwpHBt9X3pSBdxMJu%2FKORQMhSoPsnOva%2F1Gv%2F2WTOBZDON5LuQxt4QmKnSEYxSEck3%2BGgJFewIRfZGKYKS2uVeih3k%2B5iaSV0lKgFQ%2B%2Fw%2F43K%2BcHCETEdxPGuL0MEww%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Thu, 28 Nov 2024 04:33:54 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=21079&sent=29&recv=37&lost=0&retrans=0&sent_bytes=16354&recv_bytes=13640&delivery_rate=602&cwnd=12000&unsent_bytes=0&cid=04e4f980c1a7e883&ts=146&x=1", cfHdrFlush;dur=22
date: Sun, 24 Nov 2024 15:44:41 GMT
content-type: application/x-javascript
last-modified: Thu, 14 Nov 2024 15:28:49 GMT
vary: Accept-Encoding
platform: hostinger
content-security-policy: upgrade-insecure-requests
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e7a8593ff4e72c2-EWR
x-turbo-charged-by: LiteSpeed
server: cloudflare
panel: hpanel

GET
H3 200 js.cookie.min.js Show response
shadowsplay.io/wp-content/plugins/woocommerce/assets/js/js-cookie/ 2 KB
2 KB 109ms
102ms Script
application/x-javascript 2606:4700:3037::6815:4dbc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://shadowsplay.io/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.9.4.2

Requested by

Host: shadowsplay.io
URL: https://shadowsplay.io/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:4dbc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8b083f64f2e9e8ac445c730dfce7013cc6449ce155fd1c2f42b60edba4ecb4b1

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://shadowsplay.io/

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"6b8-673cf15e-1d3a1036a01a2f3c;br"
age: 299447
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SC7hqa1%2FGdguXkuk47wYqj2D1tOxGOIDYcpSvivx49pT8mDvOLaPB9%2B71G4p6onNh%2F96F%2Bv1UrGJlzuMe%2Foxs6iAXvSsw4Zm%2FawlcFo23PgUtjF2oePHojx8Mj4H6jW%2FY0HkzWJi%2Bc0mOyLQFQ%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Thu, 28 Nov 2024 04:33:54 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=21079&sent=29&recv=37&lost=0&retrans=0&sent_bytes=16354&recv_bytes=13640&delivery_rate=602&cwnd=12000&unsent_bytes=0&cid=04e4f980c1a7e883&ts=139&x=1", cfHdrFlush;dur=29
date: Sun, 24 Nov 2024 15:44:41 GMT
content-type: application/x-javascript
last-modified: Tue, 19 Nov 2024 20:13:18 GMT
vary: Accept-Encoding
platform: hostinger
content-security-policy: upgrade-insecure-requests
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e7a8593ff5172c2-EWR
x-turbo-charged-by: LiteSpeed
server: cloudflare
panel: hpanel

GET
H3 200 add-to-cart.min.js Show response
shadowsplay.io/wp-content/plugins/woocommerce/assets/js/frontend/ 4 KB
2 KB 112ms
105ms Script
application/x-javascript 2606:4700:3037::6815:4dbc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://shadowsplay.io/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=9.4.2

Requested by

Host: shadowsplay.io
URL: https://shadowsplay.io/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:4dbc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

47e85b7ad2102c68307d98a8567c9d675e4c3121d405ff698bcbc06fcfe1e22f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://shadowsplay.io/

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"f9d-673cf15e-d9754687a0c3d18f;br"
age: 124284
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pYE3HHeoHNkW4xVwtw3bVLCdcEq9gW9wr8S7tyiorscjfVnIMxSPfIM4aZ4lxguHLHInGlKAJzFVFp66%2Bzc%2FyCEMFyJxEPmm7tqfhqugkvTdpZQ8I03nyPo8l5leqAnoE1kmZR0jeOUoRIMkWg%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Sat, 30 Nov 2024 05:13:17 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=21079&sent=29&recv=37&lost=0&retrans=0&sent_bytes=16354&recv_bytes=13640&delivery_rate=602&cwnd=12000&unsent_bytes=0&cid=04e4f980c1a7e883&ts=145&x=1", cfHdrFlush;dur=23
date: Sun, 24 Nov 2024 15:44:41 GMT
content-type: application/x-javascript
last-modified: Tue, 19 Nov 2024 20:13:18 GMT
vary: Accept-Encoding
platform: hostinger
content-security-policy: upgrade-insecure-requests
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e7a8593ff5372c2-EWR
x-turbo-charged-by: LiteSpeed
server: cloudflare
panel: hpanel

GET
H3 200 jquery.blockUI.min.js Show response
shadowsplay.io/wp-content/plugins/woocommerce/assets/js/jquery-blockui/ 9 KB
4 KB 110ms
103ms Script
application/x-javascript 2606:4700:3037::6815:4dbc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://shadowsplay.io/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.9.4.2

Requested by

Host: shadowsplay.io
URL: https://shadowsplay.io/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:4dbc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d151f8c0b2659cfb63704d68654ad8d9437ae9da4410536f63ddec21689a0620

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://shadowsplay.io/

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"25a4-673cf15e-d4d69cf49fa16a01;br"
age: 299447
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=07RD4zKNSbtRuWIt4C6nlzwZhEKihNWlJR3U%2FXgzOd%2BYXdgzUT7J%2BGLuWfVAZ6UCIl5qlsLGajmQ3cXHeyiZgCAyb6uWsdAmZka356kCVSGG32tOs6JKaFW841IFk4tLzIXXnLmmf3c3pqjMbA%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Thu, 28 Nov 2024 04:33:54 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=21079&sent=29&recv=37&lost=0&retrans=0&sent_bytes=16354&recv_bytes=13640&delivery_rate=602&cwnd=12000&unsent_bytes=0&cid=04e4f980c1a7e883&ts=142&x=1", cfHdrFlush;dur=26
date: Sun, 24 Nov 2024 15:44:41 GMT
content-type: application/x-javascript
last-modified: Tue, 19 Nov 2024 20:13:18 GMT
vary: Accept-Encoding
platform: hostinger
content-security-policy: upgrade-insecure-requests
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e7a8593ff5472c2-EWR
x-turbo-charged-by: LiteSpeed
server: cloudflare
panel: hpanel

GET
H3 200 woocommerce-multi-currency.min.js Show response
shadowsplay.io/wp-content/plugins/woocommerce-multi-currency/js/ 17 KB
4 KB 111ms
104ms Script
application/x-javascript 2606:4700:3037::6815:4dbc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://shadowsplay.io/wp-content/plugins/woocommerce-multi-currency/js/woocommerce-multi-currency.min.js?ver=2.3.5

Requested by

Host: shadowsplay.io
URL: https://shadowsplay.io/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:4dbc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d7d9e56abc007dbccc4dbd8c7808effbf80f649e8749e7d88a94c1381013e3ec

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://shadowsplay.io/

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"4407-67220aae-f61e2859ff40bf63;br"
age: 299447
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RpncGQMHFYvsrC0mCnpespgsqjzAkjZ1XGolrmDqyxCu%2BnAJEsbtAA1tAXayzjSqhRqM0CYS6hQei8bE0Ycp6RbM5poSdOcT8xQP%2F10FtsOvz2%2FDjBr5Lmf%2BgsGK%2FyC8n26FjUjnYjfq05Ib8g%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Thu, 28 Nov 2024 04:33:54 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=21079&sent=29&recv=37&lost=0&retrans=0&sent_bytes=16354&recv_bytes=13640&delivery_rate=602&cwnd=12000&unsent_bytes=0&cid=04e4f980c1a7e883&ts=143&x=1", cfHdrFlush;dur=40
date: Sun, 24 Nov 2024 15:44:41 GMT
content-type: application/x-javascript
last-modified: Wed, 30 Oct 2024 10:30:06 GMT
vary: Accept-Encoding
platform: hostinger
content-security-policy: upgrade-insecure-requests
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e7a8593ff5572c2-EWR
x-turbo-charged-by: LiteSpeed
server: cloudflare
panel: hpanel

GET
H3 200 jquery.min.js Show response
shadowsplay.io/wp-includes/js/jquery/ 86 KB
32 KB 115ms
109ms Script
application/x-javascript 2606:4700:3037::6815:4dbc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://shadowsplay.io/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Requested by

Host: shadowsplay.io
URL: https://shadowsplay.io/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:4dbc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://shadowsplay.io/

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"15601-654b6f39-4dd72b6d052f72a9;br"
age: 246409
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8%2BnqFInei9UgwP8TNz7gaUjxrO6usevrE4qYVo5n99g4HSGw1FmiHdjn5wIHyva%2FcY6qHMjpmXish28v3DBlK2SmmGMIvuhK93OUZBH%2FnE65t113dMPLgxZwj%2B9I7RKOnywGDJlcDmiaGnxStQ%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Thu, 28 Nov 2024 19:17:52 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=21079&sent=29&recv=37&lost=0&retrans=0&sent_bytes=16354&recv_bytes=13640&delivery_rate=602&cwnd=12000&unsent_bytes=0&cid=04e4f980c1a7e883&ts=144&x=1", cfHdrFlush;dur=39
date: Sun, 24 Nov 2024 15:44:41 GMT
content-type: application/x-javascript
last-modified: Wed, 08 Nov 2023 11:21:29 GMT
vary: Accept-Encoding
platform: hostinger
content-security-policy: upgrade-insecure-requests
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e7a8593ff5672c2-EWR
x-turbo-charged-by: LiteSpeed
server: cloudflare
panel: hpanel

GET
H3 200 fa-brands-400.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta3/webfonts/ 103 KB
103 KB 77ms
65ms Font
application/octet-stream 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta3/webfonts/fa-brands-400.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta3/css/all.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

33a252d6393cbd6debe0ac517229c7aa258a0ee68fc0253f8be6a7cee8b65ee9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://shadowsplay.io
Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta3/css/all.min.css

Response headers

cf-cdnjs-via: cfworker/kv
cf-cache-status: HIT
etag: "619c057b-19af4"
age: 855188
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KHthgq433UFy%2BRRw8l781BbTYP%2FL3siqc4T%2BfwkJuTJfuX%2B3bnqEqY8S%2B3HzUAi2pDOoknKk4pGUO2GFFr8smrZvlhGwWQUgPCIi4za4TA%2F2q0JC11vjK44jiAwU0655BgRyfqxAI4zpDZmvuyzDsrCU"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Fri, 14 Nov 2025 15:44:41 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sun, 24 Nov 2024 15:44:41 GMT
content-type: application/octet-stream; charset=utf-8
last-modified: Mon, 22 Nov 2021 21:02:51 GMT
vary: Accept-Encoding
priority: u=0,i=?0
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8e7a8594a9a95e73-EWR
accept-ranges: bytes
access-control-allow-origin: *
content-length: 105204
server: cloudflare

GET
H3 200 normal.woff2
shadowsplay.io/cf-fonts/s/poppins/5.0.11/latin/400/ 8 KB
8 KB 48ms
40ms Font
font/woff2 2606:4700:3037::6815:4dbc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://shadowsplay.io/cf-fonts/s/poppins/5.0.11/latin/400/normal.woff2
Requested by: Host: shadowsplay.io
URL: https://shadowsplay.io/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:4dbc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://shadowsplay.io
Referer: https://shadowsplay.io/

Response headers

cache-control: public, max-age=31536000, immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fwKWXgRduY7I8Etqdzt%2FQwOTOrpqVIFqCTBgYT9Z2AyJvxNHhNFKCh7rPQCfpr3GwzexdlicuonTZz63zKmLpvcGU3mCE3OC2w0z8AQjGB2iQZcoLaIKJ8BMlVEakhFT8GctZmB4nLNYVNXUTg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e7a8594780772c2-EWR
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=23035&sent=147&recv=85&lost=0&retrans=0&sent_bytes=137489&recv_bytes=16626&delivery_rate=1610457&cwnd=66900&unsent_bytes=0&cid=04e4f980c1a7e883&ts=223&x=1", cfHdrFlush;dur=0
content-length: 7884
date: Sun, 24 Nov 2024 15:44:41 GMT
content-type: font/woff2
vary: Accept-Encoding
server: cloudflare

GET
H3 200 fl-icons.woff2
shadowsplay.io/wp-content/themes/flatsome/assets/css/icons/ 7 KB
8 KB 45ms
36ms Font
font/woff2 2606:4700:3037::6815:4dbc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://shadowsplay.io/wp-content/themes/flatsome/assets/css/icons/fl-icons.woff2?v=3.19.7

Requested by

Host: shadowsplay.io
URL: https://shadowsplay.io/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:4dbc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3c5b7d55b56f4bdee9e362078497694a9605b716868eb907b7e9c39bc5b5b9cc

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://shadowsplay.io
Referer: https://shadowsplay.io/

Response headers

cf-cache-status: HIT
etag: "1d88-67345fa7-8ec840b2701d6ecd;;;"
age: 299447
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=C5vKXwGXo1dFTge3jVLlHfSlLis9aDeWM15EnSSwXk0a%2FgdixNAE9aWbHgiv77Z9uyPFPCZw3N34DSPA6r%2B%2BbacynuI37tJIEC9bIh53ITE5vJfCG3MYL50pUe4vpyaqT%2FAxlR9i86n5d0RRVA%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Thu, 28 Nov 2024 04:33:54 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=24028&sent=138&recv=78&lost=0&retrans=0&sent_bytes=128930&recv_bytes=16313&delivery_rate=1375455&cwnd=66900&unsent_bytes=0&cid=04e4f980c1a7e883&ts=219&x=1", cfHdrFlush;dur=0
date: Sun, 24 Nov 2024 15:44:41 GMT
content-type: font/woff2
last-modified: Wed, 13 Nov 2024 08:13:27 GMT
vary: Accept-Encoding
platform: hostinger
content-security-policy: upgrade-insecure-requests
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e7a8594780972c2-EWR
accept-ranges: bytes
content-length: 7560
x-turbo-charged-by: LiteSpeed
server: cloudflare
panel: hpanel

GET
H3 200 normal.woff2
shadowsplay.io/cf-fonts/s/red-rose/5.0.18/latin/700/ 13 KB
14 KB 110ms
101ms Font
font/woff2 2606:4700:3037::6815:4dbc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://shadowsplay.io/cf-fonts/s/red-rose/5.0.18/latin/700/normal.woff2
Requested by: Host: shadowsplay.io
URL: https://shadowsplay.io/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:4dbc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8025189a128e03ec73939ddb6fce2353000ce5ee1c71168993b856d5d9c88ccf

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://shadowsplay.io
Referer: https://shadowsplay.io/

Response headers

cache-control: public, max-age=31536000, immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yNUyzqW2rrSbrgwG7wx47PTKHbjANdGq7IdqkwG7Y5WtGnCo2wFfGiHJyRqWSFe0VyEoWPLyPIEwFzuXccKwRLixVznl5KWw52dVSgCamQ6lIUEWTLs89mleZlHua6Fr3ZJO%2FCFykOy%2BLB9YVw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e7a8594780a72c2-EWR
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=22916&sent=155&recv=91&lost=0&retrans=0&sent_bytes=146195&recv_bytes=16893&delivery_rate=2045831&cwnd=66900&unsent_bytes=0&cid=04e4f980c1a7e883&ts=280&x=1", cfHdrFlush;dur=0
content-length: 13788
date: Sun, 24 Nov 2024 15:44:41 GMT
content-type: font/woff2
vary: Accept-Encoding
server: cloudflare

GET
H3 404 favicon.ico
shadowsplay.io/ 21 KB
3 KB 36ms
36ms Other
text/html 2606:4700:3037::6815:4dbc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://shadowsplay.io/favicon.ico

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:4dbc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8b4329e9eaf0d80b57d16cf7bd4014689234adbb0656abf9017035beeae10219

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://shadowsplay.io/

Response headers

content-encoding: zstd
cf-cache-status: HIT
age: 115
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=anxlJA29YmzakfBX4UywgM7H8%2B6X5rYXHYXhwrpaP8lDFUn2RrJuCxVCrbyoHO9v3Icgu4HJPGR8mw05k%2F1sktVvIDxLPKDQTYGuzYb3jiFBBbd04RtNIRd5OgPfHAoKBfmtpzxIkxXvryAdfg%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=23392&sent=169&recv=94&lost=0&retrans=0&sent_bytes=160957&recv_bytes=17328&delivery_rate=609014&cwnd=66900&unsent_bytes=0&cid=04e4f980c1a7e883&ts=513&x=1", cfHdrFlush;dur=0
date: Sun, 24 Nov 2024 15:44:41 GMT
content-type: text/html
last-modified: Tue, 21 Nov 2023 11:30:51 GMT
vary: Accept-Encoding
platform: hostinger
content-security-policy: upgrade-insecure-requests
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e7a8596497a72c2-EWR
x-turbo-charged-by: LiteSpeed
server: cloudflare
panel: hpanel

GET
H2

204

https://analytics.google.com/g/collect?v=2&tid=G-NHJWPZSXZE&gtm=45je4bk0v893434592za200&_p=1732463081959&_gaz=1&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102077855~10208148...
https://www.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=868585010.1732463082&dbk=182181151895896233&dma=0&en=page_view&gtm=45je4bk0v893434592za200&npa=0&tid=G-NHJWPZSXZE&dl=ht...

0
0

69ms
69ms

Fetch
text/plain

2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=868585010.1732463082&dbk=182181151895896233&dma=0&en=page_view&gtm=45je4bk0v893434592za200&npa=0&tid=G-NHJWPZSXZE&dl=https%3A%2F%2Fshadowsplay.io%3F
Protocol: H2
Server: 2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://shadowsplay.io/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
attribution-reporting-info: preferred-platform=os
cross-origin-resource-policy: cross-origin
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgnc:90:0"}],}
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgnc:90:0
attribution-reporting-register-os-trigger: "https://www.google-analytics.com/privacy-sandbox/register-os-conversion?_c=1&cid=868585010.1732463082&dbk=182181151895896233&dma=0&en=page_view&gtm=45je4bk0v893434592za200&npa=0&tid=G-NHJWPZSXZE&dl=https%3A%2F%2Fshadowsplay.io%3F"
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
attribution-reporting-register-trigger: {"aggregatable_trigger_data":[{"key_piece":"0xc70e8a158857eac6","source_keys":["1"]},{"key_piece":"0x3472febaf5c991e9","source_keys":["2","3","4"]}],"aggregatable_values":{"1":65,"2":65,"3":65,"4":6356},"aggregation_coordinator_origin":"https://publickeyservice.msmt.gcp.privacysandboxservices.com","debug_key":"182181151895896233","debug_reporting":true,"event_trigger_data":[{"filters":[{"source_type":["event"]}],"priority":"0","trigger_data":"0"}],"filters":{"2":["939968352"],"5":["11-24","11-23","11-22"]}}
date: Sun, 24 Nov 2024 15:44:42 GMT
content-type: text/plain
server: Golfe2

Redirect headers

cache-control: no-cache, no-store, must-revalidate
location: https://www.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=868585010.1732463082&dbk=182181151895896233&dma=0&en=page_view&gtm=45je4bk0v893434592za200&npa=0&tid=G-NHJWPZSXZE&dl=https%3A%2F%2Fshadowsplay.io%3F
pragma: no-cache
cross-origin-resource-policy: cross-origin
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 455
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 24 Nov 2024 15:44:42 GMT
content-type: text/html; charset=UTF-8
server: Golfe2

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
554 B 192ms
89ms Ping
text/plain 2607:f8b0:4004:c17::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-NHJWPZSXZE&cid=868585010.1732463082&gtm=45je4bk0v893434592za200&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101925629~102067555~102067808~102077855~102081485
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NHJWPZSXZE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c17::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://shadowsplay.io/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://shadowsplay.io
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 24 Nov 2024 15:44:42 GMT
content-type: text/plain
server: Golfe2

GET
H2 200 rul
td.doubleclick.net/td/ga/ Frame D536 0
0 173ms
77ms Document
text/html 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/ga/rul?tid=G-NHJWPZSXZE&gacid=868585010.1732463082&gtm=45je4bk0v893434592za200&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101925629~102067555~102067808~102077855~102081485&z=115568992

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NHJWPZSXZE

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://shadowsplay.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 24 Nov 2024 15:44:42 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
www.google-analytics.com/g/ 0
0 149ms
47ms Fetch
text/plain 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-GQF9H2BDV9&gtm=45je4bk0v893434592za200&_p=1732463081959&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=868585010.1732463082&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1732463082&sct=1&seg=0&dl=https%3A%2F%2Fshadowsplay.io%2F&dt=SHADOWS%20PLAY&en=page_view&_fv=1&_ss=1&_ee=1&tfd=993
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NHJWPZSXZE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://shadowsplay.io/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://shadowsplay.io
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 24 Nov 2024 15:44:42 GMT
content-type: text/plain
server: Golfe2

POST
H2 204 collect
www.google-analytics.com/g/ 0
0 136ms
40ms Fetch
text/plain 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-JBG9D6TKJK&gtm=45je4bk0v893434592za200&_p=1732463081959&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=868585010.1732463082&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1732463082&sct=1&seg=0&dl=https%3A%2F%2Fshadowsplay.io%2F&dt=SHADOWS%20PLAY&en=page_view&_fv=1&_ss=1&_ee=1&tfd=1000
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NHJWPZSXZE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://shadowsplay.io/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://shadowsplay.io
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 24 Nov 2024 15:44:42 GMT
content-type: text/plain
server: Golfe2

POST
H2 204 collect
www.google-analytics.com/g/ 0
0 126ms
39ms Fetch
text/plain 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-TMYN58KGTN&gtm=45je4bk0v893434592za200&_p=1732463081959&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=868585010.1732463082&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1732463082&sct=1&seg=0&dl=https%3A%2F%2Fshadowsplay.io%2F&dt=SHADOWS%20PLAY&en=page_view&_fv=1&_ss=1&_ee=1&tfd=1009
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NHJWPZSXZE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://shadowsplay.io/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://shadowsplay.io
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 24 Nov 2024 15:44:42 GMT
content-type: text/plain
server: Golfe2

POST
H3 200 collect
www.google.com/ccm/ 0
0 162ms
42ms Ping
text/plain 2607:f8b0:4006:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google.com/ccm/collect?en=page_view&dl=https%3A%2F%2Fshadowsplay.io%2F&scrsrc=www.googletagmanager.com&frm=0&rnd=653499066.1732463082&auid=1080239552.1732463082&npa=0&gtm=45je4bk0v893434592za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&tft=1732463082138&tfd=1015&apve=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NHJWPZSXZE
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:81c::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://shadowsplay.io/

Response headers

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/939968352/ 5 KB
2 KB 155ms
45ms Script
text/javascript 2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/939968352/?random=1732463082133&cv=11&fst=1732463082133&bg=ffffff&guid=ON&async=1&gtm=45je4bk0v893434592za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Fshadowsplay.io%2F&hn=www.googleadservices.com&frm=0&tiba=SHADOWS%20PLAY&npa=0&pscdl=noapi&auid=1080239552.1732463082&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NHJWPZSXZE

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

011c56275c14e5ed44b23cf6778059ea3e6748158357d8e06ad34aa70f47ea5e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://shadowsplay.io/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 2310
date: Sun, 24 Nov 2024 15:44:42 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H2 200 939968352
td.doubleclick.net/td/rul/ Frame 75D7 0
0 124ms
78ms Document
text/html 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/rul/939968352?random=1732463082133&cv=11&fst=1732463082133&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45je4bk0v893434592za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Fshadowsplay.io%2F&hn=www.googleadservices.com&frm=0&tiba=SHADOWS%20PLAY&npa=0&pscdl=noapi&auid=1080239552.1732463082&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NHJWPZSXZE

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://shadowsplay.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 24 Nov 2024 15:44:42 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
www.google-analytics.com/g/ 0
0 112ms
49ms Fetch
text/plain 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-KHRLZEKNBQ&gtm=45je4bk0v893434592za200&_p=1732463081959&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=868585010.1732463082&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1732463082&sct=1&seg=0&dl=https%3A%2F%2Fshadowsplay.io%2F&dt=SHADOWS%20PLAY&en=page_view&_fv=1&_ss=1&_ee=1&tfd=1032
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NHJWPZSXZE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://shadowsplay.io/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://shadowsplay.io
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 24 Nov 2024 15:44:42 GMT
content-type: text/plain
server: Golfe2

POST
H2 204 collect
www.google-analytics.com/g/ 0
0 108ms
50ms Fetch
text/plain 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-GYZQLRQY8G&gtm=45je4bk0v893434592za200&_p=1732463081959&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=868585010.1732463082&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1732463082&sct=1&seg=0&dl=https%3A%2F%2Fshadowsplay.io%2F&dt=SHADOWS%20PLAY&en=page_view&_fv=1&_ss=1&_ee=1&tfd=1038
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NHJWPZSXZE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://shadowsplay.io/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://shadowsplay.io
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 24 Nov 2024 15:44:42 GMT
content-type: text/plain
server: Golfe2

POST
H2 204 collect
www.google-analytics.com/g/ 0
0 102ms
49ms Fetch
text/plain 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-350JWYDFH3&gtm=45je4bk0v893434592za200&_p=1732463081959&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=868585010.1732463082&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1732463082&sct=1&seg=0&dl=https%3A%2F%2Fshadowsplay.io%2F&dt=SHADOWS%20PLAY&en=page_view&_fv=1&_ss=1&_ee=1&tfd=1043
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NHJWPZSXZE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://shadowsplay.io/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://shadowsplay.io
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 24 Nov 2024 15:44:42 GMT
content-type: text/plain
server: Golfe2

GET
H2

204

https://www.google-analytics.com/g/collect?v=2&tid=G-X7S2GV5L2R&gtm=45je4bk0v893434592za200&_p=1732463081959&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&c...
https://www.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=868585010.1732463082&dbk=4169980818137057531&dma=0&en=page_view&gtm=45je4bk0v893434592za200&npa=0&tid=G-X7S2GV5L2R&dl=h...

0
0

59ms
56ms

Fetch
text/plain

2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=868585010.1732463082&dbk=4169980818137057531&dma=0&en=page_view&gtm=45je4bk0v893434592za200&npa=0&tid=G-X7S2GV5L2R&dl=https%3A%2F%2Fshadowsplay.io%3F
Protocol: H2
Server: 2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://shadowsplay.io/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgnc:90:0"}],}
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgnc:90:0
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
date: Sun, 24 Nov 2024 15:44:42 GMT
content-type: text/plain
server: Golfe2

Redirect headers

cache-control: no-cache, no-store, must-revalidate
location: https://www.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=868585010.1732463082&dbk=4169980818137057531&dma=0&en=page_view&gtm=45je4bk0v893434592za200&npa=0&tid=G-X7S2GV5L2R&dl=https%3A%2F%2Fshadowsplay.io%3F
pragma: no-cache
cross-origin-resource-policy: cross-origin
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 456
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 24 Nov 2024 15:44:42 GMT
content-type: text/html; charset=UTF-8
server: Golfe2

GET
H2 200 sw_iframe.html
www.googletagmanager.com/static/service_worker/4bj0/ Frame 720E 0
0 110ms
29ms Document
text/html 2607:f8b0:4006:821::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/static/service_worker/4bj0/sw_iframe.html?origin=https%3A%2F%2Fshadowsplay.io

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NHJWPZSXZE

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 130359
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 1476
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy: cross-origin
date: Sat, 23 Nov 2024 03:32:03 GMT
expires: Sun, 23 Nov 2025 03:32:03 GMT
last-modified: Tue, 19 Nov 2024 10:38:00 GMT
report-to: {"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server: sffe
service-worker-allowed: /static/service_worker
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 security.js Show response
www.mercadopago.com/v2/ 5 KB
3 KB 206ms
46ms Script
application/javascript 13.225.63.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mercadopago.com/v2/security.js

Requested by

Host: shadowsplay.io
URL: https://shadowsplay.io/wp-content/plugins/woocommerce-mercadopago/assets/js/checkouts/custom/session.min.js?ver=7.8.2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.63.7 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-63-7.ewr53.r.cloudfront.net

Software

Resource Hash

2cc79dfa0fc01ae63857ab9c9f445f70ab0d29efc4f7a6ebdd8c26ddaaa84d39

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://shadowsplay.io/

Response headers

x-b3-spanid: 43a2ed0d5d2dde21
x-trace-digest-36: y3qbaHnRNiEeJeU3wkfzg/5N0f4saJ0i62/8UUpDfK1Y4GfeqeCK90FUkzqp0bi96xWxIl0P2jiokokzmVeWKG6H05RWZdQx6zqpQpK0LS/Qw78O49BBRfYyJxcTZcLczGC473qhg96lTiuaBzcvuW348IT+QKyX4ds0pgjEB0KOsq2HLhgoN3lIEYb5ZczpXlsRy9TrdSqa7XXnFiElNMdyzoWpBfHFdLa6UXtZj/5Fs4iALPCJt/SmU8TXSGvD
x-request-id: 54a58681-e698-422d-8d9f-20129ca7a855
content-encoding: gzip
x-transaction-name: get_off_widget_v2
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
x-request-device-id: 290f36db-56b0-409d-acd4-6182e9772942
x-cache: Miss from cloudfront
x-amz-cf-id: n7uk28ABv4jfq1bHutxhhqJLet_JAPMft2CfAIPnbg4BN8myZcvDcQ==
date: Sun, 24 Nov 2024 15:44:42 GMT
content-type: application/javascript
vary: accept-encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=0, private, no-store, no-cache, must-revalidate
x-b3-sampled: 0
x-d2id: 290f36db-56b0-409d-acd4-6182e9772942
x-meli-trace-bu: mercadopago
referrer-policy: no-referrer-when-downgrade
via: 1.1 e5eaa3ec30b881d1cd974c31701ba952.cloudfront.net (CloudFront)
x-meli-trace-site: UNKNOWN
x-meli-trace-platform: /web/desktop
x-b3-traceid: 43a2ed0d5d2dde21
access-control-allow-origin: *
x-xss-protection: 1; mode=block
x-amz-cf-pop: EWR53-C1
x-source-ip: 208.252.80.195

POST
H3 200 admin-ajax.php Show response
shadowsplay.io/wp-admin/ 2 KB
2 KB 717ms
714ms XHR
application/json 2606:4700:3037::6815:4dbc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://shadowsplay.io/wp-admin/admin-ajax.php

Requested by

Host: shadowsplay.io
URL: https://shadowsplay.io/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:4dbc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/8.2.15

Resource Hash

b7929f09d185e50f10821725e199e4ffd3ddeb86f6c3270210babe45b658c83a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://shadowsplay.io/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: */*
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

x-robots-tag: noindex
content-encoding: zstd
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aw%2BpWsISCz1%2FFPyjjbJud8gMOGvH%2FqqkElprWpsoMXgSszfWcHBPDvj5Bvk5sNjAFwWEgwh5jFaX61qlbTLLWbMfi5TDsQ4AJEa%2FQKI%2BGBh7hbdfz8UWMC0W5omJd4mtwdZv23pgXaWlMQ7E8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Sun, 24 Nov 2024 15:44:42 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=22619&sent=216&recv=121&lost=0&retrans=0&sent_bytes=203067&recv_bytes=32453&delivery_rate=80928&cwnd=66900&unsent_bytes=0&cid=04e4f980c1a7e883&ts=1542&x=1", cfHdrFlush;dur=0
date: Sun, 24 Nov 2024 15:44:43 GMT
content-type: application/json; charset=UTF-8
vary: Accept-Encoding
platform: hostinger
x-frame-options: SAMEORIGIN
content-security-policy: upgrade-insecure-requests
cache-control: no-store, no-cache, must-revalidate, max-age=0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
cross-origin-resource-policy: same-origin
access-control-allow-credentials: true
referrer-policy: strict-origin-when-cross-origin
x-wp-cf-super-cache-cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 8e7a85988bd772c2-EWR
cross-origin-embedder-policy: same-origin
access-control-allow-origin: https://shadowsplay.io
x-wp-cf-super-cache: no-cache
x-turbo-charged-by: LiteSpeed
x-powered-by: PHP/8.2.15
server: cloudflare
panel: hpanel

POST
H3 200 / Show response
shadowsplay.io/ 1 KB
2 KB 578ms
577ms XHR
application/json 2606:4700:3037::6815:4dbc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://shadowsplay.io/?wc-ajax=get_refreshed_fragments

Requested by

Host: shadowsplay.io
URL: https://shadowsplay.io/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:4dbc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/8.2.15

Resource Hash

fdf5659819f09b2ee853ceec7a4659b1e27c38b1281598d40e67778fc3b58ab5

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff

Request headers

Referer: https://shadowsplay.io/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: */*
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

x-robots-tag: noindex
content-encoding: zstd
cf-cache-status: DYNAMIC
x-wp-spc-disk-cache: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nLXMISq3%2FuM5HziygcmFzca5cpI2XC5K6k50el1t4Ba%2BhQafErnyu0d8QdDJN1YJ7wQ3wIXNFCPugBZqeGtyPvi9z1oaXlZa10BM12XgpD9twEwSuQL1iirWPywNRdwcM199mCee0ZA3EygwiA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Sun, 24 Nov 2024 15:44:42 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=22748&sent=213&recv=120&lost=0&retrans=0&sent_bytes=200885&recv_bytes=32408&delivery_rate=1235343&cwnd=66900&unsent_bytes=0&cid=04e4f980c1a7e883&ts=1455&x=1", cfHdrFlush;dur=0
date: Sun, 24 Nov 2024 15:44:42 GMT
content-type: application/json; charset=UTF-8
vary: Accept-Encoding
platform: hostinger
x-wp-cf-super-cache-disabled-reason: AJAX Request
cache-control: no-store, no-cache, must-revalidate, max-age=0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-security-policy: upgrade-insecure-requests
pragma: no-cache
cross-origin-resource-policy: same-origin
access-control-allow-credentials: true
x-wp-cf-super-cache-cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 8e7a8598cc3372c2-EWR
cross-origin-embedder-policy: same-origin
access-control-allow-origin: https://shadowsplay.io
x-wp-cf-super-cache: no-cache
x-turbo-charged-by: LiteSpeed
x-powered-by: PHP/8.2.15
server: cloudflare
panel: hpanel

POST
H3 204 rum Show response
shadowsplay.io/cdn-cgi/ 0
141 B 31ms
30ms XHR
text/plain 2606:4700:3037::6815:4dbc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://shadowsplay.io/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:4dbc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type: application/json
Referer: https://shadowsplay.io/

Response headers

access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-methods: POST,OPTIONS
x-content-type-options: nosniff
cf-ray: 8e7a8598dc3c72c2-EWR
access-control-allow-origin: https://shadowsplay.io
date: Sun, 24 Nov 2024 15:44:42 GMT
vary: Origin
server: cloudflare
x-frame-options: DENY

GET
H3 200 /
www.google.com/pagead/1p-user-list/939968352/ 42 B
64 B 47ms
46ms Image
image/gif 2607:f8b0:4006:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/939968352/?random=1732463082133&cv=11&fst=1732460400000&bg=ffffff&guid=ON&async=1&gtm=45je4bk0v893434592za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Fshadowsplay.io%2F&hn=www.googleadservices.com&frm=0&tiba=SHADOWS%20PLAY&npa=0&pscdl=noapi&auid=1080239552.1732463082&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwCa7L7dhhje73PZICqyDF8_ok-U7yu8sCv8tg&random=3535921619&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://shadowsplay.io/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Sun, 24 Nov 2024 15:44:42 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 200 chunk.slider.js Show response
shadowsplay.io/wp-content/themes/flatsome/assets/js/ 49 KB
0 3ms
3ms Script
application/x-javascript 2606:4700:3037::6815:4dbc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://shadowsplay.io/wp-content/themes/flatsome/assets/js/chunk.slider.js?ver=3.19.7

Requested by

Host: shadowsplay.io
URL: https://shadowsplay.io/wp-content/themes/flatsome/assets/js/flatsome.js?ver=8e60d746741250b4dd4e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::6815:4dbc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c1abb1c5dfd238fe28fdfd930789c1ced9b5fe35d4d05a1e48b23280afe64e71

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://shadowsplay.io/

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"c2f8-67345fa7-81706a592e052f99;br"
age: 299448
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7u7lAhSWfXg5F3dGRN9XkfTdagRl%2Fii2BqkDt2zriHAMNsGgK5yYMvBsZ%2Bjqt%2FQQaTb2i5GGUjWHM8G%2BoqDiRa0AHNtbMhNi3tR6%2FxVSf8dU7ADYyaiYcnR%2BxmAuY%2Fm4fI%2BjIm6pA1hTnAyVuw%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Thu, 28 Nov 2024 04:33:53 GMT
server-timing: cfCacheStatus;desc="HIT", cfL4;desc="?proto=TCP&rtt=8782&sent=131&recv=37&lost=0&retrans=0&sent_bytes=125032&recv_bytes=4740&delivery_rate=5778249&cwnd=254&unsent_bytes=0&cid=1257719241aedf22&ts=194&x=0"
alt-svc: h3=":443"; ma=86400
date: Sun, 24 Nov 2024 15:44:41 GMT
content-type: application/x-javascript
last-modified: Wed, 13 Nov 2024 08:13:27 GMT
vary: Accept-Encoding
platform: hostinger
content-security-policy: upgrade-insecure-requests
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e7a859338ec7d08-EWR
x-turbo-charged-by: LiteSpeed
server: cloudflare
panel: hpanel

GET
H3 200 fc25b-247x296.png
shadowsplay.io/wp-content/uploads/2024/10/ 5 KB
6 KB 218ms
216ms Image
image/avif 2606:4700:3037::6815:4dbc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://shadowsplay.io/wp-content/uploads/2024/10/fc25b-247x296.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:4dbc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

30f20fa5a98e3168f3e323925862a8e8e5b9ba936987257667d98ec42659837c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://shadowsplay.io/

Response headers

cf-cache-status: BYPASS
etag: "134c-67004f4f-b139b85dc362a3be;;;"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bGDVZGZLdKliXrCkmLnhAvAWP%2FzHnh5WHujqyz%2FMRHlNZ1cSj0JgCoEL5zrYWbClg4t6Dd9obrcLZ522wjTxZqEzyz5Ew5CqhEQIlMk1PDv30vNpJA%2B14rZNTBwfHG6nPO0fsJ%2FglR0%2B768RaQ%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Mon, 24 Nov 2025 15:44:42 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=23109&sent=193&recv=116&lost=0&retrans=0&sent_bytes=178956&recv_bytes=32230&delivery_rate=2546&cwnd=66900&unsent_bytes=0&cid=04e4f980c1a7e883&ts=1116&x=1", cfHdrFlush;dur=0
date: Sun, 24 Nov 2024 15:44:42 GMT
content-type: image/avif
last-modified: Fri, 04 Oct 2024 20:25:51 GMT
vary: Accept, Accept-Encoding
platform: hostinger
content-security-policy: upgrade-insecure-requests
cache-control: private
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e7a8598fc5672c2-EWR
accept-ranges: bytes
content-length: 4940
x-turbo-charged-by: LiteSpeed
server: cloudflare
panel: hpanel

GET
H3 200 throne-libery-247x296.png
shadowsplay.io/wp-content/uploads/2024/09/ 7 KB
8 KB 228ms
225ms Image
image/avif 2606:4700:3037::6815:4dbc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://shadowsplay.io/wp-content/uploads/2024/09/throne-libery-247x296.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:4dbc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

169aee0ea86ec270f47ec6c45395003aadb574aba5431a722fc768cdce71a5fe

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://shadowsplay.io/

Response headers

cf-cache-status: BYPASS
etag: "1df4-66f2cd6c-cc38a91d602298ec;;;"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xJdIWj6lK1kMV1u4Whj4%2FC3Zb%2FyB1zimKILwY7FRUnMs9T%2BteAbuU9ozfikt%2B3M78K0ffD2UT3WWMtl876fMqmUruubhqmp6Npc4dxh4l7ce85uFKA3UlZf6ZzZUAVBYTehplWY9%2FvhKT6JAmw%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Mon, 24 Nov 2025 15:44:42 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=23109&sent=205&recv=116&lost=0&retrans=0&sent_bytes=192253&recv_bytes=32230&delivery_rate=2546&cwnd=66900&unsent_bytes=0&cid=04e4f980c1a7e883&ts=1125&x=1", cfHdrFlush;dur=0
date: Sun, 24 Nov 2024 15:44:42 GMT
content-type: image/avif
last-modified: Tue, 24 Sep 2024 14:32:12 GMT
vary: Accept, Accept-Encoding
platform: hostinger
content-security-policy: upgrade-insecure-requests
cache-control: private
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e7a8598fc5872c2-EWR
accept-ranges: bytes
content-length: 7668
x-turbo-charged-by: LiteSpeed
server: cloudflare
panel: hpanel

GET
H3 200 shadows-fn-collor-247x296.png
shadowsplay.io/wp-content/uploads/2024/09/ 6 KB
7 KB 208ms
206ms Image
image/avif 2606:4700:3037::6815:4dbc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://shadowsplay.io/wp-content/uploads/2024/09/shadows-fn-collor-247x296.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:4dbc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

57d1a64f8b1e3faf1ed25b1c682b4747c1c1550411063768ff65a63d1b124442

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://shadowsplay.io/

Response headers

cf-cache-status: BYPASS
etag: "171b-66d768e8-7a954a99a3ac93c0;;;"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=J69dIUFYdPzxNhGq%2FnhAzs7Fb0US8TPqWRtsMY5IjD6N%2BRZzNd0Dj21YHV6x1%2FV7EeXHRsw78lqXpZjlnpfz314hgc2fMRHSokDxa5rW3N1p8N8Z8EriBltqlAySXHidiJxargQUNY3CQjLPWA%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Mon, 24 Nov 2025 15:44:42 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=23109&sent=180&recv=116&lost=0&retrans=0&sent_bytes=164576&recv_bytes=32230&delivery_rate=2546&cwnd=66900&unsent_bytes=0&cid=04e4f980c1a7e883&ts=1103&x=1", cfHdrFlush;dur=0
date: Sun, 24 Nov 2024 15:44:42 GMT
content-type: image/avif
last-modified: Tue, 03 Sep 2024 19:52:08 GMT
vary: Accept, Accept-Encoding
platform: hostinger
content-security-policy: upgrade-insecure-requests
cache-control: private
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e7a8598fc5b72c2-EWR
accept-ranges: bytes
content-length: 5915
x-turbo-charged-by: LiteSpeed
server: cloudflare
panel: hpanel

GET
H3 200 dead-lock-247x296.png
shadowsplay.io/wp-content/uploads/2024/08/ 6 KB
7 KB 211ms
209ms Image
image/avif 2606:4700:3037::6815:4dbc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://shadowsplay.io/wp-content/uploads/2024/08/dead-lock-247x296.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:4dbc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

109a7dd42b3b6eecdf57fc87f7d514c3c11e8340196fcac72678d67e46da88d7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://shadowsplay.io/

Response headers

cf-cache-status: BYPASS
etag: "19d3-66d14db6-e31bc439a5ece345;;;"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qRGUu%2FGF%2BlC00wdgBcqDdN68O%2B9c26if0p1fhf8Qv9pF2vHEs2VD2brPST3%2FK%2B3WY%2FgUri3M0y2qcbxk0YbQiwswQ6Ia5O%2Fes5j1TSrPeQx6koDkBrqcKEmi2bGQJNfP3WDyhtfZM6wGI0nf%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Mon, 24 Nov 2025 15:44:42 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=23109&sent=186&recv=116&lost=0&retrans=0&sent_bytes=171403&recv_bytes=32230&delivery_rate=2546&cwnd=66900&unsent_bytes=0&cid=04e4f980c1a7e883&ts=1110&x=1", cfHdrFlush;dur=0
date: Sun, 24 Nov 2024 15:44:42 GMT
content-type: image/avif
last-modified: Fri, 30 Aug 2024 04:42:30 GMT
vary: Accept, Accept-Encoding
platform: hostinger
content-security-policy: upgrade-insecure-requests
cache-control: private
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e7a8598fc5c72c2-EWR
accept-ranges: bytes
content-length: 6611
x-turbo-charged-by: LiteSpeed
server: cloudflare
panel: hpanel

GET
H3 200 once-human-247x296.png
shadowsplay.io/wp-content/uploads/2024/07/ 6 KB
7 KB 217ms
215ms Image
image/avif 2606:4700:3037::6815:4dbc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://shadowsplay.io/wp-content/uploads/2024/07/once-human-247x296.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:4dbc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8ff79a27de3d19cc59a9059d79a2924fcdcf5bb49ab30230adcee10048e03c52

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://shadowsplay.io/

Response headers

cf-cache-status: BYPASS
etag: "1981-66b54c01-544e26b475d4532;;;"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yj7d7zh03lfoZCjQbNJhthXJoww5EbYWO9dLTRVOKkUkqbnhZKqMOId0yAjetCOIowCxFfL%2BqA80PNNFXBsUjeKSeWiB8woSCCXU4meTWsgk2UxzoiIhwYMuQ%2BbeJEVsSkzwVhvpiEncxpxOHw%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Mon, 24 Nov 2025 15:44:42 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=23109&sent=198&recv=116&lost=0&retrans=0&sent_bytes=184787&recv_bytes=32230&delivery_rate=2546&cwnd=66900&unsent_bytes=0&cid=04e4f980c1a7e883&ts=1116&x=1", cfHdrFlush;dur=0
date: Sun, 24 Nov 2024 15:44:42 GMT
content-type: image/avif
last-modified: Thu, 08 Aug 2024 22:51:45 GMT
vary: Accept, Accept-Encoding
platform: hostinger
content-security-policy: upgrade-insecure-requests
cache-control: private
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e7a8598fc5e72c2-EWR
accept-ranges: bytes
content-length: 6529
x-turbo-charged-by: LiteSpeed
server: cloudflare
panel: hpanel

POST
H2 200 web_device Show response
api.mercadopago.com/v1/device_sessions/ 49 KB
15 KB 181ms
180ms XHR
application/json 34.232.5.129
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.mercadopago.com/v1/device_sessions/web_device

Requested by

Host: www.mercadopago.com
URL: https://www.mercadopago.com/v2/security.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.232.5.129 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-232-5-129.compute-1.amazonaws.com

Software

Resource Hash

d4001d8a1cd41cdffdb99c7a00192deaad4ff41cf509e85248691972a7d9aeb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-type: application/json
Referer: https://shadowsplay.io/

Response headers

x-b3-spanid: 877462659a5e7965
x-request-id: 73fd6548-314a-4e5a-a7e0-0aa5565f684e
access-control-max-age: 86400
content-encoding: gzip
x-content-type-options: nosniff
access-control-allow-methods: PUT, GET, POST, DELETE, OPTIONS
date: Sun, 24 Nov 2024 15:44:42 GMT
x-it-payload: eyJpdGgiOiIxIiwib3JzIjoicHJvZHVjdGlvbi5kZXZpY2Utc2Vzc2lvbnMtYXBpIiwicm9wIjoiMSJ9
content-type: application/json; charset=utf-8
vary: Accept-Encoding, Accept,Accept-Encoding
access-control-allow-headers: Content-Type
strict-transport-security: max-age=16070400; includeSubDomains; preload
cache-control: max-age=0
timing-allow-origin: *
x-b3-sampled: 0
access-control-allow-credentials: true
x-trace-digest-40: +lbAJ6A7+HuJxwzZHd11gm7416nGJ2NRC85ShLAYnVjbpzLwgcbue0YLV7LCvxojVRxyGnwY/DG7hPTwx8Okxd4ixzKdAOFJtEjU6C0CFYcwwdjkb6a98ks+JDwBwN14t9V5YhZ9Ibt8r3LH/q0lD0WC1enP7eHTgC/ZswRlWLE=
access-control-allow-origin: https://shadowsplay.io
x-b3-traceid: 877462659a5e7965
x-xss-protection: 1; mode=block
x-source-ip: 208.252.80.195

OPTIONS
H2 200 web_device
api.mercadopago.com/v1/device_sessions/ Frame 0
0 188ms
81ms Preflight
application/json 34.232.5.129
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.mercadopago.com/v1/device_sessions/web_device

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.232.5.129 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-232-5-129.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://shadowsplay.io
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: PUT, GET, POST, DELETE, OPTIONS
access-control-allow-origin: https://shadowsplay.io
access-control-max-age: 86400
cache-control: max-age=0
content-length: 0
content-type: application/json; charset=utf-8
date: Sun, 24 Nov 2024 15:44:42 GMT
strict-transport-security: max-age=16070400; includeSubDomains; preload
timing-allow-origin: *
vary: Accept,Accept-Encoding
x-b3-sampled: 0
x-b3-spanid: 8a188d196f23d1ee
x-b3-traceid: 8a188d196f23d1ee
x-content-type-options: nosniff
x-it-payload: eyJpdGgiOiIxIiwib3JzIjoicHJvZHVjdGlvbi5kZXZpY2Utc2Vzc2lvbnMtYXBpIiwicm9wIjoiMSJ9
x-request-id: 88fa2a6c-e55f-4192-902c-159ad947816e
x-source-ip: 208.252.80.195
x-trace-digest-57: 1Jbj6x/i4jc8kGAKlU/9RzMKOJ1bqKzamxTCSYzUtbRNB1w0Vg4NyGERHcGt34mWDMVaTiumxikbyIDm9T0texax91qLw42MiNOpcCyG/tnHaUtwLScK64seoV3OJfXCgDOPrk1Vkt3am9Rr4bqtiIbnO/3hFPxhvLLb7YW/aoY=
x-xss-protection: 1; mode=block

GET
H2 200 etid Show response
www.mercadolibre.com/jms/lgz/background/ 0
906 B 171ms
65ms XHR
text/html 3.33.182.45
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mercadolibre.com/jms/lgz/background/etid

Requested by

Host: shadowsplay.io
URL: https://shadowsplay.io/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.33.182.45 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a35f64fceb718ad27.awsglobalaccelerator.com

Software

Tengine /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://shadowsplay.io/

Response headers

x-b3-spanid: d8f79dc049fd9954
x-request-id: a939b159-264f-443b-9f07-a45da1dcab40
access-control-expose-headers: Etag
etag: 538f3c4b-5dee-4858-aa57-b30d33b01972-1732463083060
x-content-type-options: nosniff
x-request-device-id: a939b159-264f-443b-9f07-a45da1dcab40
date: Sun, 24 Nov 2024 15:44:43 GMT
content-type: text/html
x-trace-digest-51: Hhb9/dtXFhi+a3o6Y3aWLJ+OmVPpcmyljIAHITt9/NcWLqnRJ77jhLlaiwfSShJKkl/Xt3PIY1/b0ELL6w/L/wDSp+tWthPs81jPYea5E3fy2KNwpiGfguwyEKj1DiYS5rK0UaJcy1gtV0ot+HgpnwRyZrZkuKVYRC0ChMU0tbRe/jiDwFZ+xHDoAw5OvZg3Uf/hiBfwdt+rlW20fUZQJB/vuniz9/mJjEb2Ry0nxk4JSLv1mpwY1+MMtjAIB451
cache-control: private, must-revalidate, proxy-revalidate
x-b3-sampled: 0
x-envoy-upstream-service-time: 2
x-d2id: a939b159-264f-443b-9f07-a45da1dcab40
x-meli-trace-bu: mercadolibre
referrer-policy: no-referrer-when-downgrade
x-meli-trace-site: UNKNOWN
x-meli-trace-platform: /web/desktop
access-control-allow-origin: *
x-b3-traceid: d8f79dc049fd9954
content-length: 0
x-xss-protection: 1; mode=block
server: Tengine
x-source-ip: 208.252.80.195

GET
H2 200 background
www.mercadolibre.com/jms/lgz/ Frame 6366 0
0 127ms
48ms Document
text/html 3.33.182.45
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mercadolibre.com/jms/lgz/background?dps=armor.35aee38028d4eebb8a029d7922e9a68372fd6dead23da5c64074b73955afff2f9dfb0bacb7e7eae6457690115b8a0aa5fb92ad5067ba0fb4e8b612d78cb614fb2f2b4b76d658227fa335d59205cb4d602b106184504a60e16cbc195d2b998e7f.ffc9ffdc673ee8f823de328f4eaa292d

Requested by

Host: shadowsplay.io
URL: https://shadowsplay.io/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.33.182.45 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a35f64fceb718ad27.awsglobalaccelerator.com

Software

Tengine /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://shadowsplay.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
content-length: 8601
content-type: text/html
date: Sun, 24 Nov 2024 15:44:43 GMT
referrer-policy: no-referrer-when-downgrade
server: Tengine
strict-transport-security: max-age=300; includeSubDomains;
x-b3-sampled: 0
x-b3-spanid: 8e53acea272de6c4
x-b3-traceid: 8e53acea272de6c4
x-content-type-options: nosniff
x-d2id: abb2ecfd-0cbf-4fb3-8e83-958793fb567c
x-envoy-upstream-service-time: 2
x-meli-trace-bu: mercadolibre
x-meli-trace-platform: /web/desktop
x-meli-trace-site: UNKNOWN
x-request-device-id: abb2ecfd-0cbf-4fb3-8e83-958793fb567c
x-request-id: abb2ecfd-0cbf-4fb3-8e83-958793fb567c
x-source-ip: 208.252.80.195
x-trace-digest-64: uGDf90Kj4+7OifQ7/+slJyfsgGE47ZEz25U+lnokeBMwLcG5hhW4VMqf4cCuPAyXOjonZEjWfczKfTF7YkFLxIrslpZaQbDdpxhxyUGsIHHUG4SrtmIg/rG7VFM6UWqa5zVxi0ecsSoXqzTBGWZP7x5AqwWey5F/oE8Gd4WXozwAz1/CD/hRqbpV9xJ95KAzGQ+dxH3tscyqS99CmHBaUhkVYeJsiSttOojiuNRURnZVaOQlgWE5+lbNolBEj/gV
x-transaction-name: cross_domain_profiler
x-xss-protection: 1; mode=block

GET
H2 200 armor.35aee38028d4eebb8a029d7922e9a68372fd6dead23da5c64074b73955afff2f9dfb0bacb7e7eae6457690115b8a0aa5fb92ad5067ba0fb4e8b612d78cb614fb2f2b4b76d658227fa335d59205cb4d602b106184504a60e16cbc195d2b998e7...
www.mercadolibre.com/jms/lgz/background/session/ 78 B
1 KB 119ms
40ms Image
image/svg+xml 3.33.182.45
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mercadolibre.com/jms/lgz/background/session/armor.35aee38028d4eebb8a029d7922e9a68372fd6dead23da5c64074b73955afff2f9dfb0bacb7e7eae6457690115b8a0aa5fb92ad5067ba0fb4e8b612d78cb614fb2f2b4b76d658227fa335d59205cb4d602b106184504a60e16cbc195d2b998e7f.ffc9ffdc673ee8f823de328f4eaa292d?background=armor.35aee38028d4eebb8a029d7922e9a68372fd6dead23da5c64074b73955afff2f9dfb0bacb7e7eae6457690115b8a0aa5fb92ad5067ba0fb4e8b612d78cb614fb2f2b4b76d658227fa335d59205cb4d602b106184504a60e16cbc195d2b998e7f.ffc9ffdc673ee8f823de328f4eaa292d&message=eyJqc190eXBlIjoianNfY29va2llIiwidmFsdWUiOiJ4In0%3D

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.33.182.45 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a35f64fceb718ad27.awsglobalaccelerator.com

Software

Tengine /

Resource Hash

1a5bb92d3a4f3d6c5260b0cebc7fd5fc9da5afc7dbba4716771abbb64922fcce

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://shadowsplay.io
Referer: https://shadowsplay.io/

Response headers

x-b3-spanid: c0e289e6c4d25e45
x-request-id: e624f662-510f-4be4-b28a-db9a522d902b
x-transaction-name: save_js_profiling
x-content-type-options: nosniff
x-request-device-id: e624f662-510f-4be4-b28a-db9a522d902b
date: Sun, 24 Nov 2024 15:44:43 GMT
content-type: image/svg+xml
vary: origin
strict-transport-security: max-age=300; includeSubDomains;
cache-control: max-age=0, private, no-store, no-cache, must-revalidate
x-b3-sampled: 0
x-trace-digest-48: +oVMoX5JDUicmGR1i/xHZ3VME6e4xKvxyQp8jNdtEvDLPB1VQJyEMLol0JjqhUu1OAbEjvOS/ALE+xqzHdtilO5YaifygqV9LR6dpdI+1bD1orWGTQwDQHksjrtiBUiXf2Qz5CYcWWdya+HSjfXDDQ6rGcS+E2ckJ8sYuaRsKlcLTPCXzSBLLtNqiJnrLdDtENWi7LX83JzQINbS+CPX97m+Lp/A86Jm46kO/FXpZz2Xwir4gRx7QZcmog8lLU4t
x-d2id: e624f662-510f-4be4-b28a-db9a522d902b
x-envoy-upstream-service-time: 3
x-meli-trace-bu: mercadolibre
access-control-allow-credentials: true
referrer-policy: no-referrer-when-downgrade
x-meli-trace-site: UNKNOWN
x-meli-trace-platform: /web/desktop
access-control-allow-origin: https://shadowsplay.io
x-b3-traceid: c0e289e6c4d25e45
content-length: 78
x-xss-protection: 1; mode=block
server: Tengine
x-source-ip: 208.252.80.195

GET
H2 200 armor.35aee38028d4eebb8a029d7922e9a68372fd6dead23da5c64074b73955afff2f9dfb0bacb7e7eae6457690115b8a0aa5fb92ad5067ba0fb4e8b612d78cb614fb2f2b4b76d658227fa335d59205cb4d602b106184504a60e16cbc195d2b998e7...
www.mercadolivre.com/jms/mlb/lgz/background/session/ 78 B
2 KB 223ms
83ms Image
image/svg+xml 13.32.164.19
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mercadolivre.com/jms/mlb/lgz/background/session/armor.35aee38028d4eebb8a029d7922e9a68372fd6dead23da5c64074b73955afff2f9dfb0bacb7e7eae6457690115b8a0aa5fb92ad5067ba0fb4e8b612d78cb614fb2f2b4b76d658227fa335d59205cb4d602b106184504a60e16cbc195d2b998e7f.ffc9ffdc673ee8f823de328f4eaa292d?background=armor.35aee38028d4eebb8a029d7922e9a68372fd6dead23da5c64074b73955afff2f9dfb0bacb7e7eae6457690115b8a0aa5fb92ad5067ba0fb4e8b612d78cb614fb2f2b4b76d658227fa335d59205cb4d602b106184504a60e16cbc195d2b998e7f.ffc9ffdc673ee8f823de328f4eaa292d&message=eyJhZF9ibG9jayI6ZmFsc2UsImNhbnZhcyI6ImIzZjM2MWY2ODQxYzEwNmU3YzJlNjYwMjk1OGI0NjJmIiwiY29ubmVjdGlvbiI6eyJkb3dubGluayI6IjEwIiwicnR0IjoiMTAwIiwidHlwZSI6IjRnIn0sImNvb2tpZV9lbmFibGVkIjp0cnVlLCJkZXZpY2VfbWVtb3J5Ijo4LCJkb19ub3RfdHJhY2siOm51bGwsImV0YWciOiI1MzhmM2M0Yi01ZGVlLTQ4NTgtYWE1Ny1iMzBkMzNiMDE5NzItMTczMjQ2MzA4MzA2MCIsImZvbnRzIjp7Im9zIjoxNjA0MDc0Njg4LCJvdGhlcl9vcyI6IltdIiwibm90X29zIjoxMDg1NTM4NjI1fSwiaGFyZHdhcmVfY29uY3VycmVuY3kiOjE2LCJoaXN0b3J5IjoxLCJpbmNvZ25pdG8iOmZhbHNlLCJpc19tc2hvcHMiOmZhbHNlLCJqc190eXBlIjoianNfaGFzaCIsImxhbmciOiJlbi1VUyIsImxhbmd1YWdlcyI6WyJlbi1VUyIsImVuIl0sImxpdGVyYWxfY29sb3JzIjotOTQ4ODA4NTcxLCJsb2NhbF9zdG9yYWdlIjp0cnVlLCJtYXRoX251bWJlciI6MTEwMjMuMzg3NDA2MTUwOTQsIm9wZW5fZGF0YWJhc2UiOmZhbHNlLCJwaXhlbF9yYXRpbyI6MSwicGxhdGZvcm0iOiJMaW51eCB4ODZfNjQiLCJ3ZWJnbCI6eyJpbWFnZSI6ImZkMzgwMDU1YjUwZjRiZmY0NjRhNWZkMmYxMjZkNzdmIiwicmVwb3J0IjoiNmZkYzZmNTRmMTBjODcxZDhiNzI4MTUxYjhmZjk5NTIiLCJ2ZW5kb3IiOiJJbnRlbCBJbmMuIiwicmVuZGVyZXIiOiJJbnRlbCBJcmlzIE9wZW5HTCBFbmdpbmUifSwicGx1Z2lucyI6e30sInJlc29sdXRpb24iOiIxMjAweDE2MDB4MjQiLCJzY3JlZW4iOnsib3JpZW50YXRpb24iOjAsInR5cGUiOiJsYW5kc2NhcGUtcHJpbWFyeSIsImF2YWlsX2hlaWdodCI6MTIwMCwiYXZhaWxfbGVmdCI6MCwiYXZhaWxfdG9wIjowLCJhdmFpbF93aWR0aCI6MTYwMH0sInNlc3Npb25fc3RvcmFnZSI6dHJ1ZSwidGltZSI6eyJjYW52YXMiOjM5LCJ3ZWJnbCI6NTMsInVzZXJmb250cyI6MzUsImJyb3dzZXJwbHVnaW5zIjowLCJwbHVnaW5zIjowLCJpbnN0YWxsZWRmb250cyI6MTgsImhhc2giOjE2MywidG90YWwiOjE2M30sInRpbWVfYmFzZWRfZnAiOjAuMTAwMDAwMzgxNDY5NzI2NTYsInRpbWVfem9uZV9uYW1lIjoiUGFjaWZpYy9Ib25vbHVsdSIsInRpbWVfem9uZV9vZmZzZXQiOjYwMCwidG91Y2hfcG9pbnRzIjowLCJ1c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKFgxMTsgTGludXggeDg2XzY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTMwLjAuMC4wIFNhZmFyaS81MzcuMzYiLCJ2ZW5kb3IiOiJHb29nbGUgSW5jLiIsIndpbmRvd19zaXplIjp7ImlubmVyIjoiMTIwMHgxNjAwIiwib3V0ZXIiOiIxMjg1eDE2MDAifSwid2ViZHJpdmVyIjpmYWxzZSwiaW5zdGFsbGVkX2ZvbnRzIjpbIkFuZGFsZSBNb25vIiwiVGltZXMiXSwiaW5zdGFsbGVkX3BsdWdpbnMiOlsiUERGIFZpZXdlcjo6UG9ydGFibGUgRG9jdW1lbnQgRm9ybWF0OjphcHBsaWNhdGlvbi9wZGZ%2BcGRmLHRleHQvcGRmfnBkZiIsIkNocm9tZSBQREYgVmlld2VyOjpQb3J0YWJsZSBEb2N1bWVudCBGb3JtYXQ6OmFwcGxpY2F0aW9uL3BkZn5wZGYsdGV4dC9wZGZ%2BcGRmIiwiQ2hyb21pdW0gUERGIFZpZXdlcjo6UG9ydGFibGUgRG9jdW1lbnQgRm9ybWF0OjphcHBsaWNhdGlvbi9wZGZ%2BcGRmLHRleHQvcGRmfnBkZiIsIk1pY3Jvc29mdCBFZGdlIFBERiBWaWV3ZXI6OlBvcnRhYmxlIERvY3VtZW50IEZvcm1hdDo6YXBwbGljYXRpb24vcGRmfnBkZix0ZXh0L3BkZn5wZGYiLCJXZWJLaXQgYnVpbHQtaW4gUERGOjpQb3J0YWJsZSBEb2N1bWVudCBGb3JtYXQ6OmFwcGxpY2F0aW9uL3BkZn5wZGYsdGV4dC9wZGZ%2BcGRmIl0sImxpZ2h0X3ZlcnNpb24iOmZhbHNlLCJyZWZlcmVyIjpudWxsLCJ3ZWJjYW0iOnRydWUsImRlcHJlY2F0aW9uX2xhYmVsIjpmYWxzZSwicndzX3NjcmlwdCI6ZmFsc2UsInNlbmRfdGltZSI6NTYsImhhc19zZXNzaW9uX2lkIjp0cnVlfQ%3D%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.164.19 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-164-19.ord58.r.cloudfront.net

Software

Tengine /

Resource Hash

1a5bb92d3a4f3d6c5260b0cebc7fd5fc9da5afc7dbba4716771abbb64922fcce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://shadowsplay.io/

Response headers

x-b3-spanid: aa3f2dbe7708fbaa
x-request-id: 2846b71a-2344-4dc4-8b2a-2e007fb92344
x-transaction-name: save_js_profiling
x-content-type-options: nosniff
x-request-device-id: 2846b71a-2344-4dc4-8b2a-2e007fb92344
x-cache: Miss from cloudfront
x-amz-cf-id: bJFK7gYuWOYTTMlJcugBzs8zoXSoZ0oS_ekwP4I8bfkTHsb9d5u27g==
date: Sun, 24 Nov 2024 15:44:43 GMT
content-type: image/svg+xml
cache-control: max-age=0, private, no-store, no-cache, must-revalidate
x-trace-digest-84: nP6A1c/QZwmTa70vKI91T4Wy7kckEtD8wf9qpyt4FNyo5dkSib2F8K318Cxf7TlR/7vDCFq9G8ma39+CY5ykK389cRN4fCO6F0w8ARW1TsOr6nPiR7+OA6JMKsBeR6P7qms3vA0lGs/cLUb3jKAmAYfGdao89RRZebhand8zYmb8rj4vOT3l48X8zkQVEeLTWCwYm+enwsqkz2yqjiMthw8o6rfdDjmJCrmWh0G84YOoy8b1Cgzjz8b/njyrxtpG
x-b3-sampled: 0
x-envoy-upstream-service-time: 4
x-d2id: 2846b71a-2344-4dc4-8b2a-2e007fb92344
x-meli-trace-bu: mercadolibre
access-control-allow-credentials: true
referrer-policy: no-referrer-when-downgrade
via: 1.1 476cbc24d5f1a673aca06385c3863276.cloudfront.net (CloudFront)
x-meli-trace-site: UNKNOWN
x-meli-trace-platform: /web/desktop
access-control-allow-origin
x-b3-traceid: aa3f2dbe7708fbaa
content-length: 78
x-xss-protection: 1; mode=block
x-amz-cf-pop: ORD58-P1
server: Tengine
x-source-ip: 208.252.80.195

POST
H2 200 anonymous_device_session Show response
api.mercadopago.com/v1/device_sessions/ 329 B
1 KB 233ms
232ms XHR
application/json 34.232.5.129
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.mercadopago.com/v1/device_sessions/anonymous_device_session

Requested by

Host: www.mercadopago.com
URL: https://www.mercadopago.com/v2/security.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.232.5.129 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-232-5-129.compute-1.amazonaws.com

Software

Resource Hash

3e722dbc63f48cd4afc0b267db03f9319160eaf624cde16bab8cd5de53623fc7

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-type: application/json
Referer: https://shadowsplay.io/

Response headers

x-b3-spanid: b1a30af96ce25c61
x-request-id: a044267d-7299-47e7-97c1-0a2219dba7db
access-control-max-age: 86400
x-content-type-options: nosniff
access-control-allow-methods: PUT, GET, POST, DELETE, OPTIONS
date: Sun, 24 Nov 2024 15:44:46 GMT
x-it-payload: eyJpdGgiOiIxIiwib3JzIjoicHJvZHVjdGlvbi5kZXZpY2Utc2Vzc2lvbnMtYXBpIiwicm9wIjoiMSJ9
content-type: application/json; charset=utf-8
vary: Accept,Accept-Encoding
x-trace-digest-56: oM5L6x73ytLmB7++LHwNcCzQNlAxN7ooNDLY5uEx++Pp7nYKmEvwurRMnvYzlI6+o4jW6nFLSURCNLxYQC9LvFAXKnzC8o7E19SDUTlKWiikpz1W4erI3qjs7q1o/jy+eiFqDGW5zy+ZBzHv7UTL3u587KR2giAiHEKUXljdNXc=
access-control-allow-headers: Content-Type
strict-transport-security: max-age=16070400; includeSubDomains; preload
cache-control: max-age=0
timing-allow-origin: *
x-b3-sampled: 0
access-control-allow-credentials: true
access-control-allow-origin: https://shadowsplay.io
x-b3-traceid: b1a30af96ce25c61
content-length: 329
x-xss-protection: 1; mode=block
x-source-ip: 208.252.80.195

OPTIONS
H2 200 anonymous_device_session
api.mercadopago.com/v1/device_sessions/ Frame 0
0 37ms
37ms Preflight
application/json 34.232.5.129
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.mercadopago.com/v1/device_sessions/anonymous_device_session

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.232.5.129 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-232-5-129.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://shadowsplay.io
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: PUT, GET, POST, DELETE, OPTIONS
access-control-allow-origin: https://shadowsplay.io
access-control-max-age: 86400
cache-control: max-age=0
content-length: 0
content-type: application/json; charset=utf-8
date: Sun, 24 Nov 2024 15:44:46 GMT
strict-transport-security: max-age=16070400; includeSubDomains; preload
timing-allow-origin: *
vary: Accept,Accept-Encoding
x-b3-sampled: 0
x-b3-spanid: 1716cca0cbab0dd0
x-b3-traceid: 1716cca0cbab0dd0
x-content-type-options: nosniff
x-it-payload: eyJpdGgiOiIxIiwib3JzIjoicHJvZHVjdGlvbi5kZXZpY2Utc2Vzc2lvbnMtYXBpIiwicm9wIjoiMSJ9
x-request-id: 9bd26f72-d129-412a-a3c4-b336293233db
x-source-ip: 208.252.80.195
x-trace-digest-55: pda7h8G+Ftu/Vea8gv9t/GIBi0cfkvpo3zFLitAz2+SxS1LKjtLw3oTB/51+E8l0wXif0jvlwrVwQQL6cgf2v/QIbS9AyuxjAPM6q82MyPd8Y1Iuq93Oh27f4OBetBvCk3JCGxa1rbH2vC+8nhtcZKejIxKZbH+ohkolf+xAJmg=
x-xss-protection: 1; mode=block

Verdicts & Comments Add Verdict or Comment

117 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

29 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.mercadopago.com/	1970-01-21 09:59:59	Name: _d2id Value: 290f36db-56b0-409d-acd4-6182e9772942-n
.shadowsplay.io/	1970-01-21 10:50:23	Name: _ga_NHJWPZSXZE Value: GS1.1.1732463082.1.0.1732463082.60.0.1268148112
.shadowsplay.io/	1970-01-21 10:50:23	Name: _ga Value: GA1.1.868585010.1732463082
.shadowsplay.io/	1970-01-21 10:50:23	Name: _ga_GQF9H2BDV9 Value: GS1.1.1732463082.1.0.1732463082.0.0.0
.shadowsplay.io/	1970-01-21 10:50:23	Name: _ga_JBG9D6TKJK Value: GS1.1.1732463082.1.0.1732463082.0.0.0
.shadowsplay.io/	1970-01-21 10:50:23	Name: _ga_TMYN58KGTN Value: GS1.1.1732463082.1.0.1732463082.0.0.0
.shadowsplay.io/	1970-01-21 03:23:59	Name: _gcl_au Value: 1.1.1080239552.1732463082
.shadowsplay.io/	1970-01-21 10:50:23	Name: _ga_KHRLZEKNBQ Value: GS1.1.1732463082.1.0.1732463082.0.0.0
.shadowsplay.io/	1970-01-21 10:50:23	Name: _ga_GYZQLRQY8G Value: GS1.1.1732463082.1.0.1732463082.0.0.0
.shadowsplay.io/	1970-01-21 10:50:23	Name: _ga_350JWYDFH3 Value: GS1.1.1732463082.1.0.1732463082.0.0.0
.shadowsplay.io/	1970-01-21 10:50:23	Name: _ga_X7S2GV5L2R Value: GS1.1.1732463082.1.0.1732463082.0.0.0
.shadowsplay.io/	1969-12-31 23:59:59	Name: sbjs_migrations Value: 1418474375998%3D1
.shadowsplay.io/	1969-12-31 23:59:59	Name: sbjs_current_add Value: fd%3D2024-11-24%2015%3A44%3A42%7C%7C%7Cep%3Dhttps%3A%2F%2Fshadowsplay.io%2F%7C%7C%7Crf%3D%28none%29
.shadowsplay.io/	1969-12-31 23:59:59	Name: sbjs_first_add Value: fd%3D2024-11-24%2015%3A44%3A42%7C%7C%7Cep%3Dhttps%3A%2F%2Fshadowsplay.io%2F%7C%7C%7Crf%3D%28none%29
.shadowsplay.io/	1969-12-31 23:59:59	Name: sbjs_current Value: typ%3Dtypein%7C%7C%7Csrc%3D%28direct%29%7C%7C%7Cmdm%3D%28none%29%7C%7C%7Ccmp%3D%28none%29%7C%7C%7Ccnt%3D%28none%29%7C%7C%7Ctrm%3D%28none%29%7C%7C%7Cid%3D%28none%29%7C%7C%7Cplt%3D%28none%29%7C%7C%7Cfmt%3D%28none%29%7C%7C%7Ctct%3D%28none%29
.shadowsplay.io/	1969-12-31 23:59:59	Name: sbjs_first Value: typ%3Dtypein%7C%7C%7Csrc%3D%28direct%29%7C%7C%7Cmdm%3D%28none%29%7C%7C%7Ccmp%3D%28none%29%7C%7C%7Ccnt%3D%28none%29%7C%7C%7Ctrm%3D%28none%29%7C%7C%7Cid%3D%28none%29%7C%7C%7Cplt%3D%28none%29%7C%7C%7Cfmt%3D%28none%29%7C%7C%7Ctct%3D%28none%29
.shadowsplay.io/	1969-12-31 23:59:59	Name: sbjs_udata Value: vst%3D1%7C%7C%7Cuip%3D%28none%29%7C%7C%7Cuag%3DMozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F130.0.0.0%20Safari%2F537.36
.shadowsplay.io/	1970-01-21 01:14:24	Name: sbjs_session Value: pgs%3D1%7C%7C%7Ccpg%3Dhttps%3A%2F%2Fshadowsplay.io%2F
.doubleclick.net/	1970-01-21 01:14:23	Name: test_cookie Value: CheckForPermission
.www.google-analytics.com/	1970-01-21 03:23:59	Name: ar_debug Value: 1
shadowsplay.io/	1970-01-21 01:15:49	Name: wmc_ip_info Value: eyJjb3VudHJ5IjoiVVMiLCJjdXJyZW5jeV9jb2RlIjoiVVNEIn0%3D
shadowsplay.io/	1970-01-21 01:15:49	Name: wmc_current_currency Value: USD
shadowsplay.io/	1970-01-21 01:15:49	Name: wmc_current_currency_old Value: USD
.mercadolibre.com/	1970-01-21 09:59:59	Name: _d2id Value: e624f662-510f-4be4-b28a-db9a522d902b-n
.mercadolibre.com/	1970-01-21 10:50:23	Name: dsid Value: 81a3465e-5d4c-4f5a-8041-14eb1e04a1f9-1732463083232
.mercadolibre.com/	1970-01-21 10:50:23	Name: edsid Value: 86ccc8fc-d648-46bc-8f56-41a69511b552-1732463083232
.mercadolivre.com/	1970-01-21 09:59:59	Name: _d2id Value: 2846b71a-2344-4dc4-8b2a-2e007fb92344-n
www.mercadolivre.com/	1970-01-21 10:50:23	Name: p_dsid Value: b2c07206-055f-49e1-9251-c1469ec22f41-1732463083343
www.mercadolivre.com/	1970-01-21 10:50:23	Name: p_edsid Value: 8333cd6f-e7a3-411d-b240-d28f8d8d99ee-1732463083343

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://shadowsplay.io/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.google.com
api.mercadopago.com
cdnjs.cloudflare.com
googleads.g.doubleclick.net
sdk.mercadopago.com
shadowsplay.io
static.cloudflareinsights.com
stats.g.doubleclick.net
td.doubleclick.net
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.mercadolibre.com
www.mercadolivre.com
www.mercadopago.com
13.225.63.7
13.32.164.19
2001:4860:4802:34::178
23.57.90.111
2606:4700:3037::6815:4dbc
2606:4700::6810:5049
2606:4700::6811:180e
2607:f8b0:4004:c17::9c
2607:f8b0:4006:809::2002
2607:f8b0:4006:817::2002
2607:f8b0:4006:81c::2004
2607:f8b0:4006:821::2008
2607:f8b0:4006:822::200e
3.33.182.45
34.232.5.129
011c56275c14e5ed44b23cf6778059ea3e6748158357d8e06ad34aa70f47ea5e
03491e669b4bbfec239ac571e727b7a6221c365f9b9928e6dad2586e792ab850
0584377df7aaa009067f6feefd8ccf43482260bcd7951d12dbbfb65c84437976
0d2e53642d3e0aeaf3750ccf643a3df2f2b083ccd222dd8858b95337ce9a146c
109a7dd42b3b6eecdf57fc87f7d514c3c11e8340196fcac72678d67e46da88d7
10d17b852c0a0ab3de4638a2b0fcaee7ed4632a04fb126d388e871bffd0d0854
169aee0ea86ec270f47ec6c45395003aadb574aba5431a722fc768cdce71a5fe
18c56efbd596fc0d574d5ae9839c9f48c7eb826024fbcfb960e0036baa9fb32b
1a5bb92d3a4f3d6c5260b0cebc7fd5fc9da5afc7dbba4716771abbb64922fcce
1f75584451d1806af31c524aed578b1efabe9eafcb303b835f5735d20da2e07d
2cc79dfa0fc01ae63857ab9c9f445f70ab0d29efc4f7a6ebdd8c26ddaaa84d39
30f20fa5a98e3168f3e323925862a8e8e5b9ba936987257667d98ec42659837c
33a252d6393cbd6debe0ac517229c7aa258a0ee68fc0253f8be6a7cee8b65ee9
357871e3e8e179f9ea147cac7f329e9ab6c7d9e145e2707d4dd4547f6a10773b
363aa2d4106f0f661a989977347dc0a55b612de18d3c0247cecc0ca725f98270
36698119e2a40a23260fec93db067566e3dd26d22071c4e21aa74d6a8083cf62
36cb382ecd6087c68614b8c456c20f3b0d4346c48ed2db5071dd09d672e28fa9
37ebbab4461f2c081840c9ceb79456f59dd1020d9c9b962a43f2fe59460fd069
3c5b7d55b56f4bdee9e362078497694a9605b716868eb907b7e9c39bc5b5b9cc
3e722dbc63f48cd4afc0b267db03f9319160eaf624cde16bab8cd5de53623fc7
44d8986e61b7b212a93ba0c3a3a9c880420451d7efa7938d711dd03e655c0969
47e85b7ad2102c68307d98a8567c9d675e4c3121d405ff698bcbc06fcfe1e22f
4b23211e431ddc2f45413e23630d9db9da8bcb7713d5d409777a962b250bf4f2
4c0cf189bb3b0c52d35a0b3a93a7b76034ee98b2bec64f1f65ad5fe81d13fb55
547dda3c14b284819be511be1e410da94a5efc6ccc4a9afe1c75394f9333191a
57d1a64f8b1e3faf1ed25b1c682b4747c1c1550411063768ff65a63d1b124442
592acc60b8eea94fc366110175d8406604a609201d6debe5eb008a6debfbdc3b
5e9eca476e690d08f2b1500fa151e886eb35822c69b0fcf16d15e853a4210e39
6676ee637b8bf593896c510a7e0535e0b927b6f5eae88c02def9cf05b39fe1da
6e3141f41a8b13e98639edf02ef36b2a39c07c05431bc1aad4764015722cf347
70b3150794f3fc3a18ebfdf99ed057d948fdeed66c2c307ebf0b536c80094731
72333bac4a6315ca51037ef2f783017c23961bb75b3aa73a291f3a0d8fac9298
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
8025189a128e03ec73939ddb6fce2353000ce5ee1c71168993b856d5d9c88ccf
8735901bdcfdaf6719c2162bce9c3ea82b37e27bf8e0c68fbd858f05f1d93dbf
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f
8a8fca673e1da4790d3cb71d3a877c1a99d078da223687d5063fe4949a7b72e0
8b083f64f2e9e8ac445c730dfce7013cc6449ce155fd1c2f42b60edba4ecb4b1
8b4329e9eaf0d80b57d16cf7bd4014689234adbb0656abf9017035beeae10219
8ff79a27de3d19cc59a9059d79a2924fcdcf5bb49ab30230adcee10048e03c52
9068d799a2282cc9c55051466b4e01658578a3402ee8acc3372f8625e257d3d0
99423b855711476924567120d19c9ed70ddf3ff4c33a37cea74115246578f9e8
a361e7885c36bacb3fd9cb068da207c3b9329962cac022d06e28923939f575e8
a3f0e1086e2a541ea01abd7be8fac4632ce5abe1f5984fb6bd2d80f600b1ecd9
a60f3101a510280cfdf8d65dd70fb25ac82f60536677413beed60b81e45b8182
b21dfcae243571313013dfbb9038665e0d4896185652ac688a3123577c5ff972
b3241e8eedad3697018639715acee69fb5b06b1c9b39646be0f45a240a0d3ffc
b7929f09d185e50f10821725e199e4ffd3ddeb86f6c3270210babe45b658c83a
bdc79e4e004ebfaba9804171a64a45244fbff00619fb45503216649a12a8d19b
c0a65cb7d9d38e780cdf95e9a63b2717e3c21c6580d9155cda7a7b939e0169dc
c1abb1c5dfd238fe28fdfd930789c1ced9b5fe35d4d05a1e48b23280afe64e71
c50a0b33030ba0ec063be642c297f48af94359e2222ff140817248d591faf837
c746bc275524e95441456c5eb462072a1284c67cc1510997da5e8746df74b88a
c80781d95d44e13271d84c6ac8a51150e49183a80238f25c98e966812cea2250
caaadfd7e2cdb850df6c58863556214eefd3fbd3dd334cd79767f63677743676
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
ced36cf2b62bb84662f6950306ae2296d28b6d99b3b939b6872e55a401182dc2
d151f8c0b2659cfb63704d68654ad8d9437ae9da4410536f63ddec21689a0620
d4001d8a1cd41cdffdb99c7a00192deaad4ff41cf509e85248691972a7d9aeb7
d5fc0af48758f4c4da7dcb0c35c583cecbe142bc6e4f4e753f276a85a3bb25a8
d7d9e56abc007dbccc4dbd8c7808effbf80f649e8749e7d88a94c1381013e3ec
d953188738e41eba5ca1d108f0ca75a35fc0c8e4cdd302f7dd09079fa04038d2
e2fa780544eb73db27b04a5641bacd81d921a66993b2890551b23ce89a282eda
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5170c6fe08b10e864472292032740c660827a1ffcd1425b816a3f923c737e97
ed5b5df9ceacfe76857ac51964972b0b417a215b2f50e837fd6b64bad7339c40
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef8fea302c93f5619c53b4b7f8435c3d7dbaf5a4296593fb9f353e574c9b34d4
fb806b6c1f0f05c942f93ec77fb8d3675ab9dd56f2d9f2a2806065aa6c056a20
fdf5659819f09b2ee853ceec7a4659b1e27c38b1281598d40e67778fc3b58ab5

shadowsplay.io Open in urlscan Pro 2606:4700:3037::6815:4dbc Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

93 Requests

98 %HTTPS

67 %IPv6

10 Domains

15 Subdomains

15 IPs

1 Countries

896 kBTransfer

2161 kBSize

29 Cookies

1 Outgoing links

Page URL History

Redirected requests

93 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

shadowsplay.io Open in urlscan Pro
2606:4700:3037::6815:4dbc Public Scan

Screenshot
Live screenshot

Full Image

93
Requests

98 %
HTTPS

67 %
IPv6

10
Domains

15
Subdomains

15
IPs

1
Countries

896 kB
Transfer

2161 kB
Size

29
Cookies

93 HTTP transactions
1 data transactions