urlscan.io logo urlscan.io
SecurityTrails logo

www.google.com Open in urlscan Pro
74.125.130.104  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://todes.org/
Effective URL: https://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=&cad=rja&uact=8&ved=2ahUKEwisjpHz9-n6AhV-LkQIHZnPD0oQFnoE...
Submission: On October 24 via manual from US — Scanned from AU
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 2 countries across 7 domains to perform 16 HTTP transactions. The main IP is 74.125.130.104, located in and belongs to . The main domain is www.google.com.
TLS certificate: Issued by GTS CA 1C3 on September 26th 2022. Valid for: 3 months.
This is the only time www.google.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
8 172.67.129.83 13335 (CLOUDFLAR...)
1 142.250.4.95 15169 (GOOGLE)
2 104.21.41.38 13335 (CLOUDFLAR...)
2 142.251.12.94 15169 (GOOGLE)
1 173.233.137.60 7979 (SERVERS-COM)
1 74.125.130.104 ()
16 7
8    172.67.129.83 (United States)

ASN13335 (CLOUDFLARENET, US)
todes.org
1    142.250.4.95 (United States)

ASN15169 (GOOGLE, US)
PTR: sm-in-f95.1e100.net
fonts.googleapis.com
2    104.21.41.38 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
106112958791956236848.uads.cc
2    142.251.12.94 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f94.1e100.net
fonts.gstatic.com
1    173.233.137.60 (United States)

ASN7979 (SERVERS-COM, US)
www.highperformancedisplayformat.com
1    74.125.130.104 (None, )

ASN- ()
www.google.com
Domain Requested by
8 todes.org todes.org
2 fonts.gstatic.com fonts.googleapis.com
2 106112958791956236848.uads.cc todes.org
106112958791956236848.uads.cc
1 www.google.com 106112958791956236848.uads.cc
1 www.highperformancedisplayformat.com todes.org
1 fonts.googleapis.com todes.org
0 tshirtsfever.com Failed www.google.com
16 7

This site contains no links.

Subject Issuer Validity Valid
*.todes.org
GTS CA 1P5		 2022-09-09 -
2022-12-08		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
*.uads.cc
E1		 2022-09-13 -
2022-12-12		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
highperformancedisplayformat.com
R3		 2022-08-30 -
2022-11-28		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh

This page contains 1 frames:

Frame: https://tshirtsfever.com/
Frame ID: 54B4528FA26B75F597902C57AA493C0B
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://todes.org/ Page URL
  2. https://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=&cad=rja&uact=8&ved=2ahUKEwisjpHz9-n6... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/

Page Statistics

16
Requests

94 %
HTTPS

0 %
IPv6

7
Domains

7
Subdomains

7
IPs

2
Countries

122 kB
Transfer

304 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://todes.org/ Page URL
  2. https://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=&cad=rja&uact=8&ved=2ahUKEwisjpHz9-n6AhV-LkQIHZnPD0oQFnoECAQQAQ&url=https%3A%2F%2Ftshirtsfever.com%2F%23uads%3DaHR0cHM6Ly90b2Rlcy5vcmcvfHNwbGl0fERPTTIzNjg0ODkyMDEzMjk2&usg=AOvVaw1sqxYvm6ExnW9kY4uAdtXI Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
todes.org/ 		54 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://todes.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.129.83 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
45bb967857689f360e9bbc8711d70bd0a7d14a98fb2ea991454b270c6c1de038

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
75f51baaba22aacc-SYD
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 24 Oct 2022 19:27:10 GMT
link
<https://todes.org/wp-json/>; rel="https://api.w.org/"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F9tUPFGeyQughGKl0B%2FYmN1dsblj%2Fou1eH%2FpiYXpUNZAFAvmnwr9e3y04NoDPxAYjViJ6aBWdDAHsMsxNGhUm%2BVf3b6m2mbPqgiU5VTBmwbLwALOVjiWSUl%2B4Rc%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
style.min.css
todes.org/wp-includes/css/dist/block-library/ 		87 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://todes.org/wp-includes/css/dist/block-library/style.min.css?ver=6.0.3
Requested by
Host: todes.org
URL: https://todes.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.129.83 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://todes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 19:27:10 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 09 Sep 2022 13:54:22 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"15b64-631b458e-5f66ef;gz"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CdVIi%2Bssv%2Bl8qWDNQriRLBsm5BUklY5ZM8D8D1EkgBfZNLJG%2FTWzM7UmDOx3z387YyMNo5Bambt1yy%2B0hk8QsKYvZxUZFppFrGkbbKI2ZCE5zJdP3i%2Fj1OdAkUM%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
75f51bbb0cb5aacc-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Mon, 31 Oct 2022 19:27:10 GMT
idblog-core.css
todes.org/wp-content/plugins/idblog-core/css/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://todes.org/wp-content/plugins/idblog-core/css/idblog-core.css?ver=1.0.0
Requested by
Host: todes.org
URL: https://todes.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.129.83 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
edf28446f50d57b497e259711b3e7144cdc8d3d344b625f8f00878f877aecbd1

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://todes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 19:27:10 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 13 Oct 2022 16:07:56 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"1a77-634837dc-8702e9;gz"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X%2B4WePmV69WR6oEXB2BNGKUxGeLr%2BfTeQvFg%2F9GT8CPqDU36FZJsHMA5lQM%2FREdMnRqRgCreD8RCCv2WqxdxC9WN%2BiEnzQsqfcHs2hz%2Buu9oZ7%2FnGldafPfqQ0Q%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
75f51bbb0cb6aacc-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Mon, 31 Oct 2022 19:27:10 GMT
css
fonts.googleapis.com/ 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Nunito%3Aregular%2C700%2C600%2C300%26subset%3Dlatin%2C&ver=2.0.9
Requested by
Host: todes.org
URL: https://todes.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f95.1e100.net
Software
ESF /
Resource Hash
6d6b4e3715b628457d40f2bf6e62b661d2bb36d85296d08a0bca4858dd617f7d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://todes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 24 Oct 2022 19:27:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 24 Oct 2022 18:40:11 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 24 Oct 2022 19:27:10 GMT
style.css
todes.org/wp-content/themes/superfast-child/ 		522 B
598 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://todes.org/wp-content/themes/superfast-child/style.css?ver=6.0.3
Requested by
Host: todes.org
URL: https://todes.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.129.83 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
358740b65306487a3c928b6aaff9ea2bc1530b221bc89f57d42574291ae26bb0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://todes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 19:27:10 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 13 Oct 2022 16:07:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"20a-634837cd-870221;gz"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UVM5ZoYYPq9KsbXsIteG%2BlrG20CuXGXrVx6uT9bid159sk3kd6HmHQrYaFUaVTAJMSsg%2Fvj8Rm4ouFohXfNdL%2Fbuhn5CeDS0AqClCJ7GelnSaGW4cHg8cZcjwX0%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
75f51bbb0cb7aacc-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Mon, 31 Oct 2022 19:27:10 GMT
client.js
106112958791956236848.uads.cc/ 		525 B
998 B 		Script
General
Check archive.org
Download Go to
Full URL
https://106112958791956236848.uads.cc/client.js
Requested by
Host: todes.org
URL: https://todes.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.41.38 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
33cd61847d508b7e24d894611392477a41aa0cf4c993534f1204c0032d56e875

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://todes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Oct 2022 19:27:14 GMT
content-encoding
br
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mYC%2F5Z5FyhHfnGTkKDtR5SnklkEQwNtTs3vkP1WfLxDPSkSqmxsIi6ITbTqBih6Awc0zHISUAvzvXOsfmlnCsMMRTH4besrq58go%2FW0cB%2B0CwVBS%2BlTopsoE1eBaEQAgPecmdTmw5ICO0rRMvvshSg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
no-store, no-cache, must-revalidate, no-store, max-age=0, no-cache
cf-ray
75f51bbd5a33552d-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 19 Nov 1981 08:52:00 GMT
todes-1.png
todes.org/wp-content/uploads/2022/10/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://todes.org/wp-content/uploads/2022/10/todes-1.png
Requested by
Host: todes.org
URL: https://todes.org/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.129.83 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
69bc2207fcc2774b7b2d499fa8e3ec10ec78a90ecada21f10a9d373db3275ed2

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://todes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 19:27:12 GMT
cf-cache-status
MISS
last-modified
Thu, 13 Oct 2022 16:12:55 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"1074-63483907-5faea6;;;"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YInyaUCHw4u0f5u%2FxA4dtHzSQtEN9Q9QyGIpxOH%2BF8LrSM46FIhmSyTlNGcSphJLSjCpxqvqemUoLH%2BArsmz6aKy%2FhMb9TNkkgBifcjbjt94O0%2FokIBv5zSvEvc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
75f51bc4ab4ba7ff-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4212
expires
Mon, 31 Oct 2022 19:27:12 GMT
customscript.js
todes.org/wp-content/themes/superfast/js/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://todes.org/wp-content/themes/superfast/js/customscript.js?ver=2.0.9
Requested by
Host: todes.org
URL: https://todes.org/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.129.83 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c22704bb766e5b12aba53ab19f0d39aba78b05cb135e065682e3aaff8bca15da

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://todes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 19:27:12 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 13 Oct 2022 16:07:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"3669-634837c0-870279;gz"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aeL8p4MihNnRJIZpFu4dn67GVIxWR1QRFXWUsWP6X19F160%2BEsHnBUnsCmBiEJeB8Gy6U%2BzPm1%2B8FCeU1899meh8PVPUh%2BFfQnmXKY8ib0OgADd989KEMt5LyVw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
public, max-age=604800
cf-ray
75f51bc168e4a7ff-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Mon, 31 Oct 2022 19:27:11 GMT
wp-emoji-release.min.js
todes.org/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://todes.org/wp-includes/js/wp-emoji-release.min.js?ver=6.0.3
Requested by
Host: todes.org
URL: https://todes.org/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.129.83 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://todes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 19:27:13 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 09 Sep 2022 13:54:22 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"48b9-631b458e-5f6abb;gz"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GmzhJ0N9O3snbfWpRfJ9DUmsDQIdltNRgkHwETFzG%2BiCNE7ZOoTuZ02SGvs5a6%2FBY05KUQFzGcrhvZ7dIFCGUWBC6Fw6uknMa2oH%2BAL3sBwa4zxlkShcoj8NK4Y%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
public, max-age=604800
cf-ray
75f51bc7dd59a7ff-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Mon, 31 Oct 2022 19:27:12 GMT
style.css
todes.org/wp-content/themes/superfast/ 		44 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://todes.org/wp-content/themes/superfast/style.css
Requested by
Host: todes.org
URL: https://todes.org/wp-content/themes/superfast-child/style.css?ver=6.0.3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.129.83 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a20498b658e973784e5b80a842b88d8bf179dcf02ba8a27ae93cf6774bdc51a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://todes.org/wp-content/themes/superfast-child/style.css?ver=6.0.3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 19:27:11 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 13 Oct 2022 16:07:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"b1ab-634837c0-870274;gz"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NGYMLEXMhq2FlTWw1naYuEZLMxcL2rKhggXN%2BJwImDuvewi4mXNLaZ0ABmu02Tq3gs0ifNbg2iokpFRlqRMM2n3Cq7kP4XCfb%2F3YkMVQOodWe79z1TNrw3T1GaE%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
75f51bbe3ecfa7ff-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Mon, 31 Oct 2022 19:27:11 GMT
ping
106112958791956236848.uads.cc/ 		495 B
958 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://106112958791956236848.uads.cc/ping?x=https%3A%2F%2Ftodes.org%2F
Requested by
Host: 106112958791956236848.uads.cc
URL: https://106112958791956236848.uads.cc/client.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.41.38 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://todes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Oct 2022 19:27:19 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xEghKkofPsgd0oyslrjQmy4UgJH7B7aQrhymmOyoF19uL6gU6IgIEKNkPPFE5Y%2F2obLqQf%2B6wmq%2FqmBbbesjeEa1iE2CXSGdfWWoCB5fPitlL3to6jzt0pLJSncd0IXXnJWyaF5NMJPnaE5SL4GrEA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
no-store, no-cache, must-revalidate, no-store, max-age=0, no-cache
cf-ray
75f51bd2b80fa808-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 19 Nov 1981 08:52:00 GMT
XRXV3I6Li01BKofINeaB.woff2
fonts.gstatic.com/s/nunito/v25/ 		35 KB
36 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/nunito/v25/XRXV3I6Li01BKofINeaB.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito%3Aregular%2C700%2C600%2C300%26subset%3Dlatin%2C&ver=2.0.9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f94.1e100.net
Software
sffe /
Resource Hash
96217f1d27fb909f92b4a6b35a0d3d6775f2f0b4d136d27aee88547d3ed87357
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://todes.org
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 12:07:02 GMT
x-content-type-options
nosniff
age
285612
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35904
x-xss-protection
0
last-modified
Mon, 18 Jul 2022 19:34:47 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 21 Oct 2023 12:07:02 GMT
invoke.js
www.highperformancedisplayformat.com/9b31577e00e5b02d9cac3eee57112835/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.highperformancedisplayformat.com/9b31577e00e5b02d9cac3eee57112835/invoke.js
Requested by
Host: todes.org
URL: https://todes.org/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.233.137.60 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx/1.19.5 /
Resource Hash

Request headers

Referer
https://todes.org/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date
Mon, 24 Oct 2022 19:27:14 GMT
Server
nginx/1.19.5
Accept-CH
Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Content-Type
application/javascript
Connection
keep-alive
Content-Length
0
XRXV3I6Li01BKofIO-aBXso.woff2
fonts.gstatic.com/s/nunito/v25/ 		32 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/nunito/v25/XRXV3I6Li01BKofIO-aBXso.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito%3Aregular%2C700%2C600%2C300%26subset%3Dlatin%2C&ver=2.0.9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f94.1e100.net
Software
sffe /
Resource Hash
89def7428656f40331c1430ee1dc1846ed1e30d7001707b548f9f816d27264a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://todes.org
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 14:52:45 GMT
x-content-type-options
nosniff
age
16469
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32720
x-xss-protection
0
last-modified
Mon, 18 Jul 2022 19:31:31 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 24 Oct 2023 14:52:45 GMT
Primary Request url
www.google.com/ 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=&cad=rja&uact=8&ved=2ahUKEwisjpHz9-n6AhV-LkQIHZnPD0oQFnoECAQQAQ&url=https%3A%2F%2Ftshirtsfever.com%2F%23uads%3DaHR0cHM6Ly90b2Rlcy5vcmcvfHNwbGl0fERPTTIzNjg0ODkyMDEzMjk2&usg=AOvVaw1sqxYvm6ExnW9kY4uAdtXI
Requested by
Host: 106112958791956236848.uads.cc
URL: https://106112958791956236848.uads.cc/client.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.104 -, , ASN (),
Reverse DNS
Software
gws /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 0

Request headers

Referer
https://todes.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Platform Sec-CH-UA-Platform-Version Sec-CH-UA-Full-Version Sec-CH-UA-Arch Sec-CH-UA-Model Sec-CH-UA-Bitness Sec-CH-UA-Full-Version-List Sec-CH-UA-WoW64
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
bfcache-opt-in
unload
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
535
content-type
text/html; charset=UTF-8
date
Mon, 24 Oct 2022 19:27:19 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
pragma
no-cache
server
gws
strict-transport-security
max-age=31536000
x-xss-protection
0
/
tshirtsfever.com/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
tshirtsfever.com
URL
https://tshirtsfever.com/

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation

0 Cookies

3 Console Messages

Source Level URL
Text
javascript warning URL: https://todes.org/(Line 471)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.highperformancedisplayformat.com/9b31577e00e5b02d9cac3eee57112835/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://todes.org/(Line 471)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.highperformancedisplayformat.com/9b31577e00e5b02d9cac3eee57112835/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network error URL: https://www.highperformancedisplayformat.com/9b31577e00e5b02d9cac3eee57112835/invoke.js
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)