www.app.apmw.shadowshadowshadow.root64.de Open in urlscan Pro
104.243.38.18 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.app.apmw.shadowshadowshadow.root64.de/
Submission: On May 27 via api (May 27th 2025, 3:35:22 pm UTC) from US — Scanned from DE

Summary HTTP 122 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 52 IPs in 7 countries across 41 domains to perform 122 HTTP transactions. The main IP is 104.243.38.18, located in Piscataway, United States and belongs to RELIABLESITE, US. The main domain is www.app.apmw.shadowshadowshadow.root64.de.
TLS certificate: Issued by E5 on May 27th 2025. Valid for: 3 months.

This is the only time www.app.apmw.shadowshadowshadow.root64.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 32	104.243.38.18 104.243.38.18	23470 (RELIABLESITE) (RELIABLESITE)
4	2a00:1450:400... 2a00:1450:4001:80b::200a	15169 (GOOGLE) (GOOGLE)
1	104.18.17.201 104.18.17.201	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	188.114.96.3 188.114.96.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:1962	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	172.217.16.131 172.217.16.131	15169 (GOOGLE) (GOOGLE)
4	104.237.132.182 104.237.132.182	63949 (AKAMAI-LI...) (AKAMAI-LINODE-AP Akamai Connected Cloud)
1	172.67.188.110 172.67.188.110	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2001:4860:480... 2001:4860:4802:38::178	15169 (GOOGLE) (GOOGLE)
6	2606:4700:303... 2606:4700:3035::6815:142	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	216.58.206.68 216.58.206.68	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2004	15169 (GOOGLE) (GOOGLE)
3	104.17.25.14 104.17.25.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6812:1f31	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
4	172.67.205.141 172.67.205.141	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	159.65.211.77 159.65.211.77	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	172.67.128.189 172.67.128.189	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:aee2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	162.19.138.119 162.19.138.119	16276 (OVH OVH SAS) (OVH OVH SAS)
2	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE Criteo Technology SAS)
3	2606:4700:20:... 2606:4700:20::ac43:4bf1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
2	2606:4700:10:... 2606:4700:10::ac43:5ab	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:10:... 2606:4700:10::6816:4bd8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	152.42.150.143 152.42.150.143	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	81.17.55.113 81.17.55.113	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 LeaseWeb Netherlands B.V.)
1	35.186.253.211 35.186.253.211	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	34.120.63.153 34.120.63.153	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2602:803:c003... 2602:803:c003:200::21	26667 (RUBICONPR...) (RUBICONPROJECT)
1	34.1.1.166 34.1.1.166	15169 (GOOGLE) (GOOGLE)
1	143.244.197.139 143.244.197.139	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	2a02:2638:3::39 2a02:2638:3::39	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE Criteo Technology SAS)
1	51.38.120.206 51.38.120.206	16276 (OVH OVH SAS) (OVH OVH SAS)
4	34.252.183.237 34.252.183.237	16509 (AMAZON-02) (AMAZON-02)
1	209.38.60.16 209.38.60.16	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	52.222.236.4 52.222.236.4	16509 (AMAZON-02) (AMAZON-02)
1	2607:f350:3:2... 2607:f350:3:2569:0:10:0:a	27630 (AS-XFERNET) (AS-XFERNET)
1	37.252.171.52 37.252.171.52	29990 (ASN-APPNEX) (ASN-APPNEX)
1	35.71.170.66 35.71.170.66	16509 (AMAZON-02) (AMAZON-02)
1	34.36.200.111 34.36.200.111	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2606:4700:10:... 2606:4700:10::ac43:b78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.184.198 142.250.184.198	15169 (GOOGLE) (GOOGLE)
1	162.19.138.82 162.19.138.82	16276 (OVH OVH SAS) (OVH OVH SAS)
1	2606:4700::68... 2606:4700::6810:afe2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	130.211.23.194 130.211.23.194	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
1	172.217.18.1 172.217.18.1	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
1	142.250.185.161 142.250.185.161	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::3	15169 (GOOGLE) (GOOGLE)
122	52

32 104.243.38.18 (Piscataway, United States) 1 redirects

ASN23470 (RELIABLESITE, US)

www.app.apmw.shadowshadowshadow.root64.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.17.201 (None, )

ASN13335 (CLOUDFLARENET, US)

acscdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

partner.senty.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1962 (United States)

ASN13335 (CLOUDFLARENET, US)

youradexchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.16.131 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.237.132.182 (Richardson, United States)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: 104-237-132-182.ip.linodeusercontent.com

stats.senty.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.188.110 (United States)

ASN13335 (CLOUDFLARENET, US)

pubtrky.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:38::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:3035::6815:142 (United States)

ASN13335 (CLOUDFLARENET, US)

fontgenerator.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.206.68 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: tzfraa-aa-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

t2.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:1f31 (United States)

ASN13335 (CLOUDFLARENET, US)

stpd.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.67.205.141 (United States)

ASN13335 (CLOUDFLARENET, US)

app.tinyadz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 159.65.211.77 (Slough, United Kingdom)

ASN14061 (DIGITALOCEAN-ASN, US)

cdn4.buysellads.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.128.189 (United States)

ASN13335 (CLOUDFLARENET, US)

fontgenerator.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:aee2 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.19.138.119 (Frankfurt am Main, Germany)

ASN16276 (OVH OVH SAS, FR)
PTR: ns31533570.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::c (France)

ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:20::ac43:4bf1 (United States)

ASN13335 (CLOUDFLARENET, US)

script.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::ac43:5ab (United States)

ASN13335 (CLOUDFLARENET, US)

ex.ingage.tech	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:4bd8 (United States)

ASN13335 (CLOUDFLARENET, US)

btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 152.42.150.143 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)

srv.buysellads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 81.17.55.113 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 LeaseWeb Netherlands B.V., NL)

prg.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.253.211 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.63.153 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 153.63.120.34.bc.googleusercontent.com

prebid.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2602:803:c003:200::21 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.1.1.166 (Paris, France)

ASN15169 (GOOGLE, US)
PTR: 166.1.1.34.bc.googleusercontent.com

hb-api.omnitagjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.244.197.139 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)

ads.servenobid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::39 (France)

ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.38.120.206 (Hessen, Germany)

ASN16276 (OVH OVH SAS, FR)
PTR: ip206.ip-51-38-120.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.252.183.237 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-252-183-237.eu-west-1.compute.amazonaws.com

g2.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 209.38.60.16 (United States)

ASN14061 (DIGITALOCEAN-ASN, US)

exchange.cootlogix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.236.4 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-4.fra56.r.cloudfront.net

hb.yellowblue.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f350:3:2569:0:10:0:a (United States)

ASN27630 (AS-XFERNET, US)

apex.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.252.171.52 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.71.170.66 (United States)

ASN16509 (AMAZON-02, US)
PTR: a8c33d2b6751b365d.awsglobalaccelerator.com

direct.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.36.200.111 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 111.200.36.34.bc.googleusercontent.com

ag.dns-finder.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::ac43:b78 (United States)

ASN13335 (CLOUDFLARENET, US)

ad-delivery.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.198 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.82 (Frankfurt am Main, Germany)

ASN16276 (OVH OVH SAS, FR)
PTR: ns31532337.ip-162-19-138.eu

lb.eu-1-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:afe2 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 130.211.23.194 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 194.23.211.130.bc.googleusercontent.com

api.btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

ep1.adtrafficquality.google	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.1 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f1.1e100.net

0cdfc820b56b772b88acb99a44f98aba.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ep2.adtrafficquality.google	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.161 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f1.1e100.net

ep2.adtrafficquality.google	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::3 (United States)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
32	root64.de 1 redirects www.app.apmw.shadowshadowshadow.root64.de	484 KB
7	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 151 0cdfc820b56b772b88acb99a44f98aba.safeframe.googlesyndication.com	49 KB
7	fontgenerator.cc fontgenerator.cc — Cisco Umbrella Rank: 918538	39 KB
6	gstatic.com fonts.gstatic.com t2.gstatic.com csi.gstatic.com	35 KB
5	adtrafficquality.google ep1.adtrafficquality.google — Cisco Umbrella Rank: 473 ep2.adtrafficquality.google — Cisco Umbrella Rank: 478	25 KB
5	senty.com.au partner.senty.com.au — Cisco Umbrella Rank: 889487 stats.senty.com.au — Cisco Umbrella Rank: 511131	7 KB
4	gumgum.com g2.gumgum.com — Cisco Umbrella Rank: 1843	985 B
4	tinyadz.com app.tinyadz.com — Cisco Umbrella Rank: 273903	8 KB
4	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 269 ad.doubleclick.net — Cisco Umbrella Rank: 229	227 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 107	6 KB
3	btloader.com btloader.com — Cisco Umbrella Rank: 1318 api.btloader.com — Cisco Umbrella Rank: 1648	25 KB
3	4dex.io script.4dex.io — Cisco Umbrella Rank: 3744	22 KB
3	criteo.com gum.criteo.com — Cisco Umbrella Rank: 524 bidder.criteo.com — Cisco Umbrella Rank: 1735	598 B
3	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 296	95 KB
2	ad-delivery.net ad-delivery.net — Cisco Umbrella Rank: 1632	652 B
2	ingage.tech ex.ingage.tech — Cisco Umbrella Rank: 5387	478 B
2	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 560	1 KB
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 360	116 KB
2	stpd.cloud stpd.cloud — Cisco Umbrella Rank: 47187	120 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 118
1	eu-1-id5-sync.com lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1148	299 B
1	dns-finder.com ag.dns-finder.com — Cisco Umbrella Rank: 1834	233 B
1	adsrvr.org direct.adsrvr.org — Cisco Umbrella Rank: 1708	420 B
1	adnxs.com ib.adnxs.com — Cisco Umbrella Rank: 392	705 B
1	sonobi.com apex.go.sonobi.com — Cisco Umbrella Rank: 5823	1 KB
1	yellowblue.io hb.yellowblue.io — Cisco Umbrella Rank: 3097	629 B
1	cootlogix.com exchange.cootlogix.com — Cisco Umbrella Rank: 6064	439 B
1	onetag-sys.com onetag-sys.com — Cisco Umbrella Rank: 935	413 B
1	servenobid.com ads.servenobid.com — Cisco Umbrella Rank: 4200	629 B
1	omnitagjs.com hb-api.omnitagjs.com — Cisco Umbrella Rank: 5899	638 B
1	rubiconproject.com fastlane.rubiconproject.com — Cisco Umbrella Rank: 710	1 KB
1	media.net prebid.media.net — Cisco Umbrella Rank: 1481	557 B
1	openx.net rtb.openx.net — Cisco Umbrella Rank: 838	294 B
1	smartadserver.com prg.smartadserver.com — Cisco Umbrella Rank: 2304	441 B
1	buysellads.com srv.buysellads.com — Cisco Umbrella Rank: 33644	114 B
1	buysellads.net cdn4.buysellads.net — Cisco Umbrella Rank: 35165	186 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 100	128 KB
1	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 9	18 B
1	pubtrky.com pubtrky.com — Cisco Umbrella Rank: 14444	591 B
1	youradexchange.com youradexchange.com — Cisco Umbrella Rank: 16048
1	acscdn.com acscdn.com — Cisco Umbrella Rank: 21399	43 KB
122	41

	Domain	Requested by
32	www.app.apmw.shadowshadowshadow.root64.de	1 redirects www.app.apmw.shadowshadowshadow.root64.de
7	fontgenerator.cc	partner.senty.com.au fontgenerator.cc
6	pagead2.googlesyndication.com	securepubads.g.doubleclick.net ep2.adtrafficquality.google
4	g2.gumgum.com	cdn4.buysellads.net
4	app.tinyadz.com	fontgenerator.cc app.tinyadz.com
4	stats.senty.com.au	partner.senty.com.au stats.senty.com.au fontgenerator.cc
4	fonts.gstatic.com	fonts.googleapis.com
4	fonts.googleapis.com	www.app.apmw.shadowshadowshadow.root64.de fontgenerator.cc
3	ep2.adtrafficquality.google	securepubads.g.doubleclick.net ep2.adtrafficquality.google
3	script.4dex.io	stpd.cloud script.4dex.io
3	securepubads.g.doubleclick.net	fontgenerator.cc securepubads.g.doubleclick.net
3	cdnjs.cloudflare.com	fontgenerator.cc
2	ep1.adtrafficquality.google	securepubads.g.doubleclick.net
2	api.btloader.com	btloader.com
2	ad-delivery.net	fontgenerator.cc
2	ex.ingage.tech	cdn4.buysellads.net
2	gum.criteo.com	stpd.cloud
2	id5-sync.com	stpd.cloud
2	cdn.jsdelivr.net	stpd.cloud www.app.apmw.shadowshadowshadow.root64.de
2	stpd.cloud	fontgenerator.cc
2	www.google-analytics.com	www.app.apmw.shadowshadowshadow.root64.de
1	csi.gstatic.com	pagead2.googlesyndication.com
1	0cdfc820b56b772b88acb99a44f98aba.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	lb.eu-1-id5-sync.com	stpd.cloud
1	ad.doubleclick.net	fontgenerator.cc
1	ag.dns-finder.com	btloader.com
1	direct.adsrvr.org	cdn4.buysellads.net
1	ib.adnxs.com	cdn4.buysellads.net
1	apex.go.sonobi.com	cdn4.buysellads.net
1	hb.yellowblue.io	cdn4.buysellads.net
1	exchange.cootlogix.com	cdn4.buysellads.net
1	onetag-sys.com	cdn4.buysellads.net
1	bidder.criteo.com	cdn4.buysellads.net
1	ads.servenobid.com	cdn4.buysellads.net
1	hb-api.omnitagjs.com	cdn4.buysellads.net
1	fastlane.rubiconproject.com	cdn4.buysellads.net
1	prebid.media.net	cdn4.buysellads.net
1	rtb.openx.net	cdn4.buysellads.net
1	prg.smartadserver.com	cdn4.buysellads.net
1	srv.buysellads.com	cdn4.buysellads.net
1	btloader.com	cdn4.buysellads.net
1	cdn4.buysellads.net	fontgenerator.cc
1	www.googletagmanager.com	fontgenerator.cc
1	t2.gstatic.com	www.app.apmw.shadowshadowshadow.root64.de
1	www.google.com	1 redirects
1	pubtrky.com	acscdn.com
1	youradexchange.com	acscdn.com
1	partner.senty.com.au	www.app.apmw.shadowshadowshadow.root64.de
1	acscdn.com	www.app.apmw.shadowshadowshadow.root64.de
122	49

This site contains links to these domains. Also see Links.

Domain
youradexchange.com

Subject Issuer	Validity	Valid
www.app.apmw.shadowshadowshadow.root64.de E5	`2025-05-27` - `2025-08-25`	3 months	crt.sh
upload.video.google.com WE2	`2025-05-12` - `2025-08-04`	3 months	crt.sh
acscdn.com WE1	`2025-05-13` - `2025-08-11`	3 months	crt.sh
partner.senty.com.au WE1	`2025-04-17` - `2025-07-16`	3 months	crt.sh
youradexchange.com WE1	`2025-04-03` - `2025-07-02`	3 months	crt.sh
*.gstatic.com WE2	`2025-05-12` - `2025-08-04`	3 months	crt.sh
stats.senty.com.au E6	`2025-05-15` - `2025-08-13`	3 months	crt.sh
pubtrky.com WE1	`2025-05-05` - `2025-08-03`	3 months	crt.sh
*.google-analytics.com WR2	`2025-04-29` - `2025-07-22`	3 months	crt.sh
fontgenerator.cc WE1	`2025-04-14` - `2025-07-13`	3 months	crt.sh
cdnjs.cloudflare.com WE1	`2025-05-22` - `2025-08-20`	3 months	crt.sh
stpd.cloud WE1	`2025-04-30` - `2025-07-29`	3 months	crt.sh
*.g.doubleclick.net WE2	`2025-05-12` - `2025-08-04`	3 months	crt.sh
tinyadz.com WE1	`2025-05-08` - `2025-08-07`	3 months	crt.sh
*.cdn4.buysellads.net E5	`2025-05-14` - `2025-08-12`	3 months	crt.sh
*.jsdelivr.net Sectigo RSA Domain Validation Secure Server CA	`2025-04-25` - `2026-05-04`	a year	crt.sh
id5-sync.com E6	`2025-05-01` - `2025-07-30`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2025-04-18` - `2025-07-17`	3 months	crt.sh
script.4dex.io WE1	`2025-05-16` - `2025-08-14`	3 months	crt.sh
*.ingage.tech Sectigo RSA Organization Validation Secure Server CA	`2024-08-01` - `2025-08-11`	a year	crt.sh
btloader.com WE1	`2025-04-03` - `2025-07-02`	3 months	crt.sh
*.buysellads.com E5	`2025-05-14` - `2025-08-12`	3 months	crt.sh
*.smartadserver.com DigiCert Global G3 TLS ECC SHA384 2020 CA1	`2025-01-09` - `2026-02-09`	a year	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2024-08-14` - `2025-08-18`	a year	crt.sh
prebid.media.net WR3	`2025-05-22` - `2025-08-21`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2025-03-04` - `2026-04-03`	a year	crt.sh
omnitagjs.com Sectigo RSA Domain Validation Secure Server CA	`2024-07-02` - `2025-08-01`	a year	crt.sh
ads.servenobid.com R10	`2025-02-27` - `2025-05-28`	3 months	crt.sh
*.onetag-sys.com DigiCert Global G3 TLS ECC SHA384 2020 CA1	`2025-01-21` - `2025-12-27`	a year	crt.sh
ie-ad-exch-prd-two-eks.prd.eks.ie.adexchange.gumgum.com Amazon RSA 2048 M03	`2024-07-02` - `2025-08-01`	a year	crt.sh
*.cootlogix.com Starfield Secure Certificate Authority - G2	`2024-10-13` - `2025-10-13`	a year	crt.sh
*.yellowblue.io Amazon RSA 2048 M02	`2025-02-16` - `2026-03-17`	a year	crt.sh
*.go.sonobi.com Go Daddy Secure Certificate Authority - G2	`2024-12-06` - `2026-01-07`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2025-02-21` - `2026-03-23`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2025-03-19` - `2026-04-02`	a year	crt.sh
dns-finder.com WR3	`2025-05-12` - `2025-08-10`	3 months	crt.sh
ad-delivery.net WE1	`2025-05-06` - `2025-08-04`	3 months	crt.sh
*.doubleclick.net WE2	`2025-05-12` - `2025-08-04`	3 months	crt.sh
eu-1-id5-sync.com R11	`2025-05-01` - `2025-07-30`	3 months	crt.sh
api.btloader.com WR3	`2025-05-27` - `2025-08-25`	3 months	crt.sh
adtrafficquality.google WE2	`2025-05-12` - `2025-08-04`	3 months	crt.sh

This page contains 5 frames:

Primary Page: https://www.app.apmw.shadowshadowshadow.root64.de/
Frame ID: BC4B1E3A79DF5E98C3B0E986B8B0333F
Requests: 35 HTTP requests in this frame

Frame: https://fontgenerator.cc/embed
Frame ID: 895849732FB23E58F6EA9BCEDD92AED4
Requests: 68 HTTP requests in this frame

Frame: https://www.app.apmw.shadowshadowshadow.root64.de/home/
Frame ID: 1C3A9D34F20904BC4B1D7CC4CC8EEE38
Requests: 13 HTTP requests in this frame

Frame: https://0cdfc820b56b772b88acb99a44f98aba.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html?n=1
Frame ID: 4D0F362B7C6A7634C20114C3DF023EE6
Requests: 1 HTTP requests in this frame

Frame: https://ep2.adtrafficquality.google/sodar/sodar2/237/runner.html
Frame ID: C4D14063D12E554405D0AC29D295B43C
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Shadow

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

122
Requests

98 %
HTTPS

37 %
IPv6

41
Domains

49
Subdomains

52
IPs

7
Countries

1627 kB
Transfer

5537 kB
Size

14
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://youradexchange.com/ad/visit.php?al=1

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 30

https://www.google.com/s2/favicons/imgs/icons?domain=bnalk&sz=24 HTTP 301
https://t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://bnalk&size=24

Request Chain 48

https://www.app.apmw.shadowshadowshadow.root64.de/home HTTP 301
https://www.app.apmw.shadowshadowshadow.root64.de/home/

122 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.app.apmw.shadowshadowshadow.root64.de/ 23 KB
7 KB 488ms
235ms Document
text/html 104.243.38.18
RELIABLESITE

General

Check archive.org

Download Go to

Full URL: https://www.app.apmw.shadowshadowshadow.root64.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.243.38.18 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: / Express
Resource Hash: 5bcae56fb9334fe8446c36552a142eab9929fe2a2c91732072dd20818c9c17dc

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000
cache-control: public, max-age=604800
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin
date: Tue, 27 May 2025 15:35:23 GMT
etag: W/"5de0-196ee8b91bb"
last-modified: Tue, 20 May 2025 16:34:06 GMT
vary: Accept-Encoding
via: 1.1 Caddy
x-powered-by: Express

GET
H2 200 autoblank.js Show response
www.app.apmw.shadowshadowshadow.root64.de/assets/js/ 1 KB
692 B 143ms
136ms Script
text/javascript 104.243.38.18
RELIABLESITE

General

Check archive.org

Download Go to

Full URL: https://www.app.apmw.shadowshadowshadow.root64.de/assets/js/autoblank.js
Requested by: Host: www.app.apmw.shadowshadowshadow.root64.de
URL: https://www.app.apmw.shadowshadowshadow.root64.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.243.38.18 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: / Express
Resource Hash: 41e9e0b7ccf8d3af68bcbb38488e18d48198ee131b2df9ff128e4e6e911099c6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin: https://www.app.apmw.shadowshadowshadow.root64.de
Referer: https://www.app.apmw.shadowshadowshadow.root64.de/

Response headers

cache-control: public, max-age=86400, must-revalidate, public, max-age=604800
content-encoding: gzip
cross-origin-opener-policy: same-origin
etag: W/"553-19630f6df0b"
via: 1.1 Caddy
alt-svc: h3=":443"; ma=2592000
content-length: 594
date: Tue, 27 May 2025 15:35:23 GMT
content-type: text/javascript; charset=utf-8
last-modified: Sun, 13 Apr 2025 21:03:27 GMT
vary: Accept-Encoding
x-powered-by: Express

GET
H2 200 index.css
www.app.apmw.shadowshadowshadow.root64.de/css/ 12 KB
3 KB 140ms
134ms Stylesheet
text/css 104.243.38.18
RELIABLESITE

General

Check archive.org

Download Go to

Full URL: https://www.app.apmw.shadowshadowshadow.root64.de/css/index.css
Requested by: Host: www.app.apmw.shadowshadowshadow.root64.de
URL: https://www.app.apmw.shadowshadowshadow.root64.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.243.38.18 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: / Express
Resource Hash: d4be4824499330afdd7139a22d7ad59bd2146bc17565e9ac961461388245b0dc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.app.apmw.shadowshadowshadow.root64.de/

Response headers

cache-control: public, max-age=86400, must-revalidate, public, max-age=604800
content-encoding: gzip
cross-origin-opener-policy: same-origin
etag: W/"2e4a-196eb5befff"
via: 1.1 Caddy
alt-svc: h3=":443"; ma=2592000
content-length: 2514
date: Tue, 27 May 2025 15:35:23 GMT
content-type: text/css; charset=utf-8
last-modified: Tue, 20 May 2025 01:43:13 GMT
vary: Accept-Encoding
x-powered-by: Express

GET
H2 200 themes.css
www.app.apmw.shadowshadowshadow.root64.de/css/ 3 KB
809 B 140ms
135ms Stylesheet
text/css 104.243.38.18
RELIABLESITE

General

Check archive.org

Download Go to

Full URL: https://www.app.apmw.shadowshadowshadow.root64.de/css/themes.css
Requested by: Host: www.app.apmw.shadowshadowshadow.root64.de
URL: https://www.app.apmw.shadowshadowshadow.root64.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.243.38.18 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: / Express
Resource Hash: 92335a8a579ab20778ad116b2e403ac436989b7c6b760bd9e906d451483ddb24

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.app.apmw.shadowshadowshadow.root64.de/

Response headers

cache-control: public, max-age=86400, must-revalidate, public, max-age=604800
content-encoding: gzip
cross-origin-opener-policy: same-origin
etag: W/"b00-196c0828a31"
via: 1.1 Caddy
alt-svc: h3=":443"; ma=2592000
content-length: 734
date: Tue, 27 May 2025 15:35:23 GMT
content-type: text/css; charset=utf-8
last-modified: Sun, 11 May 2025 18:01:42 GMT
vary: Accept-Encoding
x-powered-by: Express

GET
H2 200 css2
fonts.googleapis.com/ 23 KB
2 KB 95ms
32ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&family=Open+Sans:wght@400;700&display=swap

Requested by

Host: www.app.apmw.shadowshadowshadow.root64.de
URL: https://www.app.apmw.shadowshadowshadow.root64.de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cc9b971ceaa6d18611d87707cbe276f96e878309cfe7e41e5084928e665df224

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.app.apmw.shadowshadowshadow.root64.de/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Tue, 27 May 2025 15:35:23 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 27 May 2025 15:35:23 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Tue, 27 May 2025 15:35:23 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 css2
fonts.googleapis.com/ 1 KB
918 B 96ms
33ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Poppins&display=swap

Requested by

Host: www.app.apmw.shadowshadowshadow.root64.de
URL: https://www.app.apmw.shadowshadowshadow.root64.de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e970bdd269198fc1bf6183c389d2d299cf05c1e7b2076cee4fcf6ba7ac01be02

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.app.apmw.shadowshadowshadow.root64.de/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Tue, 27 May 2025 15:35:23 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 27 May 2025 15:35:23 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Tue, 27 May 2025 13:49:13 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 settings.js Show response
www.app.apmw.shadowshadowshadow.root64.de/assets/js/ 4 KB
1 KB 142ms
137ms Script
text/javascript 104.243.38.18
RELIABLESITE

General

Check archive.org

Download Go to

Full URL: https://www.app.apmw.shadowshadowshadow.root64.de/assets/js/settings.js
Requested by: Host: www.app.apmw.shadowshadowshadow.root64.de
URL: https://www.app.apmw.shadowshadowshadow.root64.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.243.38.18 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: / Express
Resource Hash: 40847f04a0b4dbacd513872a0472555bf0dd89cfcd4c7d905a0166469f80b438

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin: https://www.app.apmw.shadowshadowshadow.root64.de
Referer: https://www.app.apmw.shadowshadowshadow.root64.de/

Response headers

cache-control: public, max-age=86400, must-revalidate, public, max-age=604800
content-encoding: gzip
cross-origin-opener-policy: same-origin
etag: W/"1028-196bc7a5607"
via: 1.1 Caddy
alt-svc: h3=":443"; ma=2592000
content-length: 997
date: Tue, 27 May 2025 15:35:23 GMT
content-type: text/javascript; charset=utf-8
last-modified: Sat, 10 May 2025 23:14:16 GMT
vary: Accept-Encoding
x-powered-by: Express

GET
H2 200 debugger.js Show response
www.app.apmw.shadowshadowshadow.root64.de/assets/js/ 1 KB
498 B 143ms
138ms Script
text/javascript 104.243.38.18
RELIABLESITE

General

Check archive.org

Download Go to

Full URL: https://www.app.apmw.shadowshadowshadow.root64.de/assets/js/debugger.js
Requested by: Host: www.app.apmw.shadowshadowshadow.root64.de
URL: https://www.app.apmw.shadowshadowshadow.root64.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.243.38.18 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: / Express
Resource Hash: 0b11eecfa382b1f2092d94e727a0145c9f6c2866e04419eef89e9bc381c7a787

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.app.apmw.shadowshadowshadow.root64.de/

Response headers

cache-control: public, max-age=86400, must-revalidate, public, max-age=604800
content-encoding: gzip
cross-origin-opener-policy: same-origin
etag: W/"464-19630f6df0b"
via: 1.1 Caddy
alt-svc: h3=":443"; ma=2592000
content-length: 446
date: Tue, 27 May 2025 15:35:23 GMT
content-type: text/javascript; charset=utf-8
last-modified: Sun, 13 Apr 2025 21:03:27 GMT
vary: Accept-Encoding
x-powered-by: Express

GET
H3 200 ana.js Show response
www.app.apmw.shadowshadowshadow.root64.de/ 379 KB
127 KB 126ms
114ms Script
application/javascript 104.243.38.18
RELIABLESITE

General

Check archive.org

Download Go to

Full URL

https://www.app.apmw.shadowshadowshadow.root64.de/ana.js

Requested by

Host: www.app.apmw.shadowshadowshadow.root64.de
URL: https://www.app.apmw.shadowshadowshadow.root64.de/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.243.38.18 Piscataway, United States, ASN23470 (RELIABLESITE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

115e6a31ef60c48a82c89bc6a7ef88eaaee076a2eab6595aed0072598f0f9d55

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.app.apmw.shadowshadowshadow.root64.de/

Response headers

content-encoding: br
report-to: {"group":"ascgcycc:1075:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1075:0"}],}
expires: Tue, 27 May 2025 15:35:23 GMT
date: Tue, 27 May 2025 15:35:23 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1075:0
via: 2.0 Caddy
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=ascgcycc:1075:0
content-length: 129726
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 aclib.js Show response
acscdn.com/script/ 139 KB
43 KB 117ms
59ms Script
text/javascript 104.18.17.201
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://acscdn.com/script/aclib.js
Requested by: Host: www.app.apmw.shadowshadowshadow.root64.de
URL: https://www.app.apmw.shadowshadowshadow.root64.de/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.17.201 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 34a9777ffd118cee614ab974da88397fb84a09643314a4a65127a86c27eb6e6d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.app.apmw.shadowshadowshadow.root64.de/

Response headers

x-goog-metageneration: 2
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
x-goog-hash: crc32c=RBHpgQ==, md5=s/BppwRxpIZX0WW8Ld58yg==
cf-cache-status: HIT
etag: W/"b3f069a70471a48657d165bc2dde7cca"
age: 798
content-encoding: gzip
x-goog-stored-content-encoding: identity
expires: Tue, 27 May 2025 16:35:23 GMT
alt-svc: h3=":443"; ma=86400
x-goog-stored-content-length: 142655
server-timing: cfExtPri
date: Tue, 27 May 2025 15:35:23 GMT
content-type: text/javascript
last-modified: Fri, 23 May 2025 07:30:01 GMT
vary: Accept-Encoding
priority: u=1,i=?0
x-guploader-uploadid: AAO2Vwpmz42udhu8hr98FSyRoOS1K_Z-iIhvPz9RQbN9_rKVi3L4aZ0UWkkP14TMNUVMxZ4z
cache-control: public, max-age=3600
x-goog-storage-class: MULTI_REGIONAL
cf-ray: 946694f21b1c0be4-AMS
access-control-allow-origin: *
x-goog-generation: 1747985401356849
server: cloudflare

GET
H2 200 index.js Show response
www.app.apmw.shadowshadowshadow.root64.de/baremux/ 8 KB
3 KB 143ms
139ms Script
text/javascript 104.243.38.18
RELIABLESITE

General

Check archive.org

Download Go to

Full URL: https://www.app.apmw.shadowshadowshadow.root64.de/baremux/index.js
Requested by: Host: www.app.apmw.shadowshadowshadow.root64.de
URL: https://www.app.apmw.shadowshadowshadow.root64.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.243.38.18 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: / Express
Resource Hash: 74a76e5980403a11a657d3ad5f43ea97fae94b8d1cdec9886eb23bdbc645dbe1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.app.apmw.shadowshadowshadow.root64.de/

Response headers

cache-control: public, max-age=0
content-encoding: gzip
cross-origin-opener-policy: same-origin
etag: W/"2123-19420c19b61"
via: 1.1 Caddy
alt-svc: h3=":443"; ma=2592000
content-length: 3161
date: Tue, 27 May 2025 15:35:23 GMT
content-type: text/javascript; charset=utf-8
last-modified: Wed, 01 Jan 2025 07:25:46 GMT
vary: Accept-Encoding
x-powered-by: Express

GET
H2 200 search.js Show response
www.app.apmw.shadowshadowshadow.root64.de/assets/js/ 1004 B
486 B 149ms
139ms Script
text/javascript 104.243.38.18
RELIABLESITE

General

Check archive.org

Download Go to

Full URL: https://www.app.apmw.shadowshadowshadow.root64.de/assets/js/search.js
Requested by: Host: www.app.apmw.shadowshadowshadow.root64.de
URL: https://www.app.apmw.shadowshadowshadow.root64.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.243.38.18 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: / Express
Resource Hash: 217bef43e1ece84e8dc9eb6f2e6629b6d24d8738c663f47f33edc697b9a097a5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.app.apmw.shadowshadowshadow.root64.de/

Response headers

cache-control: public, max-age=86400, must-revalidate, public, max-age=604800
content-encoding: gzip
cross-origin-opener-policy: same-origin
etag: W/"3ec-19630f6df0b"
via: 1.1 Caddy
alt-svc: h3=":443"; ma=2592000
content-length: 434
date: Tue, 27 May 2025 15:35:23 GMT
content-type: text/javascript; charset=utf-8
last-modified: Sun, 13 Apr 2025 21:03:27 GMT
vary: Accept-Encoding
x-powered-by: Express

GET
H2 200 themes.js Show response
www.app.apmw.shadowshadowshadow.root64.de/assets/js/ 4 KB
1 KB 261ms
251ms Script
text/javascript 104.243.38.18
RELIABLESITE

General

Check archive.org

Download Go to

Full URL: https://www.app.apmw.shadowshadowshadow.root64.de/assets/js/themes.js
Requested by: Host: www.app.apmw.shadowshadowshadow.root64.de
URL: https://www.app.apmw.shadowshadowshadow.root64.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.243.38.18 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: / Express
Resource Hash: e3715d1fe227e6550c249faf6362adb08c08898bc88db2192ea12b39b8be0974

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin: https://www.app.apmw.shadowshadowshadow.root64.de
Referer: https://www.app.apmw.shadowshadowshadow.root64.de/

Response headers

cache-control: public, max-age=86400, must-revalidate, public, max-age=604800
content-encoding: gzip
cross-origin-opener-policy: same-origin
etag: W/"116e-19630f6df0b"
via: 1.1 Caddy
alt-svc: h3=":443"; ma=2592000
content-length: 1343
date: Tue, 27 May 2025 15:35:23 GMT
content-type: text/javascript; charset=utf-8
last-modified: Sun, 13 Apr 2025 21:03:27 GMT
vary: Accept-Encoding
x-powered-by: Express

GET
H2 200 options.js Show response
www.app.apmw.shadowshadowshadow.root64.de/assets/js/ 4 KB
1 KB 263ms
253ms Script
text/javascript 104.243.38.18
RELIABLESITE

General

Check archive.org

Download Go to

Full URL: https://www.app.apmw.shadowshadowshadow.root64.de/assets/js/options.js
Requested by: Host: www.app.apmw.shadowshadowshadow.root64.de
URL: https://www.app.apmw.shadowshadowshadow.root64.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.243.38.18 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: / Express
Resource Hash: f5f36977e96a38963c796982ed3915e49673ba0b63f3d51031a1500c1f0907bd

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.app.apmw.shadowshadowshadow.root64.de/

Response headers

cache-control: public, max-age=86400, must-revalidate, public, max-age=604800
content-encoding: gzip
cross-origin-opener-policy: same-origin
etag: W/"e89-19630f6df0b"
via: 1.1 Caddy
alt-svc: h3=":443"; ma=2592000
content-length: 1017
date: Tue, 27 May 2025 15:35:23 GMT
content-type: text/javascript; charset=utf-8
last-modified: Sun, 13 Apr 2025 21:03:27 GMT
vary: Accept-Encoding
x-powered-by: Express

GET
H2 200 uv.bundle.js Show response
www.app.apmw.shadowshadowshadow.root64.de/uv/ 370 KB
109 KB 304ms
295ms Script
text/javascript 104.243.38.18
RELIABLESITE

General

Check archive.org

Download Go to

Full URL: https://www.app.apmw.shadowshadowshadow.root64.de/uv/uv.bundle.js
Requested by: Host: www.app.apmw.shadowshadowshadow.root64.de
URL: https://www.app.apmw.shadowshadowshadow.root64.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.243.38.18 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: / Express
Resource Hash: 24c817c4fef658a57754e07c2c89b185e9de3a2bc4261d7e863b345f27df82c4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.app.apmw.shadowshadowshadow.root64.de/

Response headers

cache-control: public, max-age=0
content-encoding: gzip
cross-origin-opener-policy: same-origin
etag: W/"5c6cc-1932310d24f"
via: 1.1 Caddy
alt-svc: h3=":443"; ma=2592000
date: Tue, 27 May 2025 15:35:23 GMT
content-type: text/javascript; charset=utf-8
last-modified: Wed, 13 Nov 2024 01:08:45 GMT
vary: Accept-Encoding
x-powered-by: Express

GET
H2 200 uv.config.js Show response
www.app.apmw.shadowshadowshadow.root64.de/uv/ 2 KB
904 B 252ms
242ms Script
text/javascript 104.243.38.18
RELIABLESITE

General

Check archive.org

Download Go to

Full URL: https://www.app.apmw.shadowshadowshadow.root64.de/uv/uv.config.js
Requested by: Host: www.app.apmw.shadowshadowshadow.root64.de
URL: https://www.app.apmw.shadowshadowshadow.root64.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.243.38.18 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: / Express
Resource Hash: a07ed6c92587063c8a3f828c58ed8076071418ca3181e9f67817c8d5041b0c47

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.app.apmw.shadowshadowshadow.root64.de/

Response headers

cache-control: public, max-age=604800
content-encoding: gzip
cross-origin-opener-policy: same-origin
etag: W/"710-197045adf12"
via: 1.1 Caddy
alt-svc: h3=":443"; ma=2592000
content-length: 830
date: Tue, 27 May 2025 15:35:23 GMT
content-type: text/javascript; charset=utf-8
last-modified: Sat, 24 May 2025 22:12:33 GMT
vary: Accept-Encoding
x-powered-by: Express

GET
H2 200 uv.sw.js Show response
www.app.apmw.shadowshadowshadow.root64.de/uv/ 7 KB
3 KB 283ms
274ms Script
text/javascript 104.243.38.18
RELIABLESITE

General

Check archive.org

Download Go to

Full URL: https://www.app.apmw.shadowshadowshadow.root64.de/uv/uv.sw.js
Requested by: Host: www.app.apmw.shadowshadowshadow.root64.de
URL: https://www.app.apmw.shadowshadowshadow.root64.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.243.38.18 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: / Express
Resource Hash: bdaf47b5db2c6b13b97a28df68b67180dc0fcda656776ae345b264c2183b9ef2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.app.apmw.shadowshadowshadow.root64.de/

Response headers

cache-control: public, max-age=0
content-encoding: gzip
cross-origin-opener-policy: same-origin
etag: W/"1d3b-1932310d26f"
via: 1.1 Caddy
alt-svc: h3=":443"; ma=2592000
content-length: 2957
date: Tue, 27 May 2025 15:35:23 GMT
content-type: text/javascript; charset=utf-8
last-modified: Wed, 13 Nov 2024 01:08:45 GMT
vary: Accept-Encoding
x-powered-by: Express

GET
H2 200 tabs.js Show response
www.app.apmw.shadowshadowshadow.root64.de/assets/js/ 15 KB
4 KB 261ms
252ms Script
text/javascript 104.243.38.18
RELIABLESITE

General

Check archive.org

Download Go to

Full URL: https://www.app.apmw.shadowshadowshadow.root64.de/assets/js/tabs.js
Requested by: Host: www.app.apmw.shadowshadowshadow.root64.de
URL: https://www.app.apmw.shadowshadowshadow.root64.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.243.38.18 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: / Express
Resource Hash: 4e3e6b20f1eae4923f24bf1e3dab2dde56b255c331cdc17b9507e790a48cc36b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin: https://www.app.apmw.shadowshadowshadow.root64.de
Referer: https://www.app.apmw.shadowshadowshadow.root64.de/

Response headers

cache-control: public, max-age=86400, must-revalidate, public, max-age=604800
content-encoding: gzip
cross-origin-opener-policy: same-origin
etag: W/"3a68-196cccf5594"
via: 1.1 Caddy
alt-svc: h3=":443"; ma=2592000
date: Tue, 27 May 2025 15:35:23 GMT
content-type: text/javascript; charset=utf-8
last-modified: Wed, 14 May 2025 03:21:02 GMT
vary: Accept-Encoding
x-powered-by: Express

GET
H2 200 bookmarks.js Show response
www.app.apmw.shadowshadowshadow.root64.de/assets/js/ 4 KB
1 KB 282ms
272ms Script
text/javascript 104.243.38.18
RELIABLESITE

General

Check archive.org

Download Go to

Full URL: https://www.app.apmw.shadowshadowshadow.root64.de/assets/js/bookmarks.js
Requested by: Host: www.app.apmw.shadowshadowshadow.root64.de
URL: https://www.app.apmw.shadowshadowshadow.root64.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.243.38.18 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: / Express
Resource Hash: 8e1c63600bf52ac2101c85ecdef6f843d1d593f6c097f32591fcfea496ec4073

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin: https://www.app.apmw.shadowshadowshadow.root64.de
Referer: https://www.app.apmw.shadowshadowshadow.root64.de/

Response headers

cache-control: public, max-age=86400, must-revalidate, public, max-age=604800
content-encoding: gzip
cross-origin-opener-policy: same-origin
etag: W/"f4b-19630f6df0b"
via: 1.1 Caddy
alt-svc: h3=":443"; ma=2592000
content-length: 1252
date: Tue, 27 May 2025 15:35:23 GMT
content-type: text/javascript; charset=utf-8
last-modified: Sun, 13 Apr 2025 21:03:27 GMT
vary: Accept-Encoding
x-powered-by: Express

GET
H3 200 partner.js Show response
partner.senty.com.au/ 8 KB
3 KB 120ms
64ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://partner.senty.com.au/partner.js

Requested by

Host: www.app.apmw.shadowshadowshadow.root64.de
URL: https://www.app.apmw.shadowshadowshadow.root64.de/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3ff4e107901c810062910e50a956b5ad423cc2a6bcb69074890879f4ba3a4ede

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.app.apmw.shadowshadowshadow.root64.de/

Response headers

content-encoding: br
cf-cache-status: REVALIDATED
etag: W/"6b0cc467d5115583d90e253585cc17fe"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XcthTqSJhNy%2BP70kQM7wQZHeRPkusBaoZfo48X0yTDS0ADxHYXvz04BvhwxDTJWFvlvCrHZBWR81demapEPaDwPGNsMRmGHX7P7af0dw0OWqaxDLx%2BVXmCjtsJ5rCAfRcVs3VbL62A%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server-timing: cfExtPri
date: Tue, 27 May 2025 15:35:23 GMT
content-type: application/javascript
vary: Accept-Encoding
priority: u=1,i=?0
cache-control: public, max-age=14400, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 946694f21d908e65-AMS
access-control-allow-origin: *
server: cloudflare

GET
H3 200 settings_manager.js Show response
www.app.apmw.shadowshadowshadow.root64.de/assets/js/ 4 KB
1 KB 171ms
164ms Script
text/javascript 104.243.38.18
RELIABLESITE

General

Check archive.org

Download Go to

Full URL: https://www.app.apmw.shadowshadowshadow.root64.de/assets/js/settings_manager.js
Requested by: Host: www.app.apmw.shadowshadowshadow.root64.de
URL: https://www.app.apmw.shadowshadowshadow.root64.de/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.243.38.18 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: / Express
Resource Hash: 8b6965a87cf7118c3c59e80a39eb18dfead63c4a4b8e0a1e0134f5842cd4d8cc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin: https://www.app.apmw.shadowshadowshadow.root64.de
Referer: https://www.app.apmw.shadowshadowshadow.root64.de/assets/js/autoblank.js

Response headers

cache-control: public, max-age=86400, must-revalidate, public, max-age=604800
cross-origin-opener-policy: same-origin
content-encoding: gzip
etag: W/"f26-19630f6df0b"
via: 1.1 Caddy
content-length: 885
date: Tue, 27 May 2025 15:35:23 GMT
last-modified: Sun, 13 Apr 2025 21:03:27 GMT
vary: Accept-Encoding
x-powered-by: Express
content-type: text/javascript; charset=utf-8

GET
H2 204 czcf.php
youradexchange.com/ad/ 0
0 286ms
157ms Fetch 2606:4700::6812:1962
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://youradexchange.com/ad/czcf.php?cz=hfjbzu6ztb&atv=61.0&chmob=%3F0
Requested by: Host: acscdn.com
URL: https://acscdn.com/script/aclib.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1962 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.app.apmw.shadowshadowshadow.root64.de/

Response headers

cf-cache-status: DYNAMIC
access-control-allow-methods: GET, POST, OPTIONS
via: 1.1 google
cf-ray: 946694f45d5cd376-FRA
access-control-allow-origin: *
date: Tue, 27 May 2025 15:35:23 GMT
server: cloudflare
access-control-allow-headers: Content-Type

GET
H3 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v23/ 8 KB
8 KB 93ms
24ms Font
font/woff2 172.217.16.131
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v23/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f3.1e100.net

Software

sffe /

Resource Hash

7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin: https://www.app.apmw.shadowshadowshadow.root64.de
Referer: https://fonts.googleapis.com/

Response headers

age: 27891
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 27 May 2026 07:50:32 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 27 May 2025 07:50:32 GMT
last-modified: Wed, 23 Apr 2025 16:05:59 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 7884
x-xss-protection: 0
server: sffe

GET
H3 200 history_helper.js Show response
www.app.apmw.shadowshadowshadow.root64.de/assets/js/ 4 KB
1 KB 112ms
111ms Script
text/javascript 104.243.38.18
RELIABLESITE

General

Check archive.org

Download Go to

Full URL: https://www.app.apmw.shadowshadowshadow.root64.de/assets/js/history_helper.js
Requested by: Host: www.app.apmw.shadowshadowshadow.root64.de
URL: https://www.app.apmw.shadowshadowshadow.root64.de/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.243.38.18 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: / Express
Resource Hash: 56e70443c37648d17bb54e83ae0028731328f86afb12edd626e8584718be71e0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin: https://www.app.apmw.shadowshadowshadow.root64.de
Referer: https://www.app.apmw.shadowshadowshadow.root64.de/assets/js/tabs.js

Response headers

cache-control: public, max-age=86400, must-revalidate, public, max-age=604800
cross-origin-opener-policy: same-origin
content-encoding: gzip
etag: W/"ff4-19630f6df0b"
via: 1.1 Caddy
content-length: 960
date: Tue, 27 May 2025 15:35:23 GMT
content-type: text/javascript; charset=utf-8
x-powered-by: Express
vary: Accept-Encoding
last-modified: Sun, 13 Apr 2025 21:03:27 GMT

GET
H3 200 index.mjs Show response
www.app.apmw.shadowshadowshadow.root64.de/baremux/ 8 KB
3 KB 112ms
112ms Script
text/javascript 104.243.38.18
RELIABLESITE

General

Check archive.org

Download Go to

Full URL: https://www.app.apmw.shadowshadowshadow.root64.de/baremux/index.mjs
Requested by: Host: www.app.apmw.shadowshadowshadow.root64.de
URL: https://www.app.apmw.shadowshadowshadow.root64.de/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.243.38.18 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: / Express
Resource Hash: 731c3411d0f309309a97628ba465af31050e0866d07e116f7ea5a1c35e9b99c5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin: https://www.app.apmw.shadowshadowshadow.root64.de
Referer: https://www.app.apmw.shadowshadowshadow.root64.de/assets/js/tabs.js

Response headers

cache-control: public, max-age=0
content-encoding: gzip
cross-origin-opener-policy: same-origin
etag: W/"2019-19420c19b79"
via: 1.1 Caddy
content-length: 3022
date: Tue, 27 May 2025 15:35:23 GMT
last-modified: Wed, 01 Jan 2025 07:25:46 GMT
x-powered-by: Express
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8

GET
H2 200 script.outbound-links.pageview-props.tagged-events.js Show response
stats.senty.com.au/js/ 3 KB
2 KB 449ms
149ms Script
application/javascript 104.237.132.182
AKAMAI-LINODE-AP ...

General

Check archive.org

Download Go to

Full URL

https://stats.senty.com.au/js/script.outbound-links.pageview-props.tagged-events.js

Requested by

Host: partner.senty.com.au
URL: https://partner.senty.com.au/partner.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.237.132.182 Richardson, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),

Reverse DNS

104-237-132-182.ip.linodeusercontent.com

Software

nginx /

Resource Hash

4f6d3ce6fee0211ee389d61a9344b2f0ff30dc1f7db4e6fd9f2e9417f800afc6

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.app.apmw.shadowshadowshadow.root64.de/

Response headers

cache-control: public, max-age=86400, must-revalidate
content-encoding: gzip
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff, nosniff
access-control-allow-origin: *
date: Tue, 27 May 2025 15:35:24 GMT
x-xss-protection: 1; mode=block
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
server: nginx
x-frame-options: SAMEORIGIN

POST
H3 204 hb.php
pubtrky.com/ut/ 0
591 B 222ms
151ms Ping
text/plain 172.67.188.110
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://pubtrky.com/ut/hb.php?cb=0.2700368937273244&v=1
Requested by: Host: acscdn.com
URL: https://acscdn.com/script/aclib.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.188.110 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type: text/plain; charset=utf-8
Referer: https://www.app.apmw.shadowshadowshadow.root64.de/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QYQrw4Rcg%2FdGHtoNYtTPSp%2FsKhXvKah%2Fpu%2B88F0bdm97dil59NvhcyLbUMmistjKm2mAc7pAgTU6F9ZgfVyx9ulvTbaeL8imofVgEwmHpH4PUUmB%2FDJSfwf0kKlXJw%3D%3D"}],"group":"cf-nel","max_age":604800}
via: 1.1 google
cf-ray: 946694f5d922f5df-AMS
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=34541&min_rtt=33956&rtt_var=6196&sent=12&recv=11&lost=0&retrans=0&sent_bytes=3690&recv_bytes=4296&delivery_rate=693983&cwnd=15467&unsent_bytes=0&cid=988966df6cd98cc7&ts=197&x=92"
date: Tue, 27 May 2025 15:35:23 GMT
server: cloudflare

POST
H2 204 collect
www.google-analytics.com/g/ 0
0 126ms
32ms Fetch
text/plain 2001:4860:4802:38::178
GOOGLE

General

Check archive.org

Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-NCTSG4T1B6&gtm=45je55l1v9138172222za204&_p=1748360123321&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101509157~103116026~103130498~103130500~103200004~103233427~103252644~103252646~104481633~104481635&cid=1294925867.1748360124&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1748360123&sct=1&seg=0&dl=https%3A%2F%2Fwww.app.apmw.shadowshadowshadow.root64.de%2F&dt=Shadow&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1200
Requested by: Host: www.app.apmw.shadowshadowshadow.root64.de
URL: https://www.app.apmw.shadowshadowshadow.root64.de/ana.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.app.apmw.shadowshadowshadow.root64.de/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:99:0
report-to: {"group":"ascnsrsggc:99:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:99:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.app.apmw.shadowshadowshadow.root64.de
cross-origin-opener-policy-report-only: same-origin; report-to=ascnsrsggc:99:0
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 27 May 2025 15:35:23 GMT
content-type: text/plain
server: Golfe2

GET worker.js
www.app.apmw.shadowshadowshadow.root64.de/baremux/ 0
0

GET
H3 200 broken-sites Show response
www.app.apmw.shadowshadowshadow.root64.de/v1/api/ 94 B
246 B 108ms
108ms Fetch
application/json 104.243.38.18
RELIABLESITE

General

Check archive.org

Download Go to

Full URL: https://www.app.apmw.shadowshadowshadow.root64.de/v1/api/broken-sites
Requested by: Host: www.app.apmw.shadowshadowshadow.root64.de
URL: https://www.app.apmw.shadowshadowshadow.root64.de/assets/js/tabs.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.243.38.18 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: / Express
Resource Hash: 36ca4a42945d362bc2e3e970d6ed01c7a9f3afc4e305f862d08cf7977acd4f98

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.app.apmw.shadowshadowshadow.root64.de/

Response headers

via: 1.1 Caddy
content-length: 94
cross-origin-opener-policy: same-origin
etag: W/"5e-B60BPLBmCG9WE/qdY/DTm1kOv9g"
date: Tue, 27 May 2025 15:35:23 GMT
content-type: application/json; charset=utf-8
x-powered-by: Express

GET
H2 200 embed Show response
fontgenerator.cc/ Frame 8958 10 KB
5 KB 923ms
855ms Document
text/html 2606:4700:3035::6815:142
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://fontgenerator.cc/embed

Requested by

Host: partner.senty.com.au
URL: https://partner.senty.com.au/partner.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::6815:142 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b6edcc080295bc506745b15d215226f6a80283818ef60e1e8805992c9c06f143

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.app.apmw.shadowshadowshadow.root64.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 946694f6af831c85-FRA
content-encoding: zstd
content-type: text/html; charset=UTF-8
date: Tue, 27 May 2025 15:35:24 GMT
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=VSLpd7yORRJIa2p3Hc3zRk1w6A052%2FBQ5SkfeEDEHadC9JN7OAtmNI4msdh%2BMbwDjOzuLFIm1gpI3pY27v7zMUgJth8zSARF9ob7wK2xBQthxhyloozivFX6488%3D"}]}
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2

404

faviconV2
t2.gstatic.com/
Redirect Chain

https://www.google.com/s2/favicons/imgs/icons?domain=bnalk&sz=24
https://t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://bnalk&size=24

726 B
917 B

142ms
47ms

Image
image/png

2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://bnalk&size=24

Requested by

Host: www.app.apmw.shadowshadowshadow.root64.de
URL: https://www.app.apmw.shadowshadowshadow.root64.de/

Protocol

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

59bfe9bc385ad69f50793ce4a53397316d7a875a7148a63c16df9b674c6cda64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.app.apmw.shadowshadowshadow.root64.de/

Response headers

cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 726
date: Tue, 27 May 2025 15:35:24 GMT
x-xss-protection: 0
content-type: image/png
server: sffe

Redirect headers

cache-control: public, max-age=1800
location: https://t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://bnalk&size=24
x-content-type-options: nosniff
expires: Tue, 27 May 2025 16:05:23 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 325
date: Tue, 27 May 2025 15:35:23 GMT
x-xss-protection: 0
content-type: text/html; charset=UTF-8
server: sffe

POST
H2 202 event Show response
stats.senty.com.au/api/ 2 B
219 B 413ms
139ms XHR
text/plain 104.237.132.182
AKAMAI-LINODE-AP ...

General

Check archive.org

Download Go to

Full URL: https://stats.senty.com.au/api/event
Requested by: Host: stats.senty.com.au
URL: https://stats.senty.com.au/js/script.outbound-links.pageview-props.tagged-events.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.237.132.182 Richardson, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 104-237-132-182.ip.linodeusercontent.com
Software: nginx /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://www.app.apmw.shadowshadowshadow.root64.de/

Response headers

x-request-id: GENsRR7u3G8zxQaD06uB
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 2
date: Tue, 27 May 2025 15:35:24 GMT
content-type: text/plain; charset=utf-8
server: nginx

GET
H3 200 home.html Show response
www.app.apmw.shadowshadowshadow.root64.de/pages/ Frame 1C3A 47 B
233 B 108ms
108ms Document
text/html 104.243.38.18
RELIABLESITE

General

Check archive.org

Download Go to

Full URL: https://www.app.apmw.shadowshadowshadow.root64.de/pages/home.html
Requested by: Host: www.app.apmw.shadowshadowshadow.root64.de
URL: https://www.app.apmw.shadowshadowshadow.root64.de/assets/js/tabs.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.243.38.18 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: / Express
Resource Hash: 8a346698d1fe701441863c329bf5132a5536faeaa68ccd7751931726ad04b329

Request headers

Referer: https://www.app.apmw.shadowshadowshadow.root64.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
cache-control: public, max-age=3600, must-revalidate public, max-age=604800
content-length: 47
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin
date: Tue, 27 May 2025 15:35:24 GMT
etag: W/"2f-1924f22eefb"
last-modified: Wed, 02 Oct 2024 21:29:02 GMT
via: 1.1 Caddy
x-powered-by: Express

GET
H2 200 css2
fonts.googleapis.com/ Frame 8958 8 KB
2 KB 100ms
24ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Open+Sans&family=Ubuntu:wght@500&display=swap

Requested by

Host: fontgenerator.cc
URL: https://fontgenerator.cc/embed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2b4c449d8a2a73c9366bc59a9440b88453e346ccd82bd3607f48e3d43bfe7541

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Tue, 27 May 2025 15:35:24 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 27 May 2025 15:35:24 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Tue, 27 May 2025 15:35:24 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H3 200 mdb.min.css
cdnjs.cloudflare.com/ajax/libs/mdb-ui-kit/7.1.0/ Frame 8958 368 KB
36 KB 140ms
27ms Stylesheet
text/css 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/mdb-ui-kit/7.1.0/mdb.min.css

Requested by

Host: fontgenerator.cc
URL: https://fontgenerator.cc/embed

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1562c1b6966919f59dad5ce26d7ce05a4ecdfc4e6f7f9b8d1d6fa826508794cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "656db89f-8cd9"
age: 1116605
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tVS6nYdhGh10VtsXOG%2B8Tg0XmYiqXs92iNZ%2BRmTBVpDUZ8EYX5cNDpYwJ43duDnsgHPPAAoKHzrFVkPcNvMIzC41gfZizTKYgco%2F9TxR1h0mMlxDk5nf4gFCz0B912lTU%2BohGi8N"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Sun, 17 May 2026 15:35:24 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Tue, 27 May 2025 15:35:24 GMT
content-type: text/css; charset=utf-8
last-modified: Mon, 04 Dec 2023 11:31:43 GMT
vary: Accept-Encoding
priority: u=0,i=?0
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 946694fcce363581-AMS
accept-ranges: bytes
access-control-allow-origin: *
content-length: 36057
server: cloudflare

GET
H2 200 style.css
fontgenerator.cc/ Frame 8958 14 KB
4 KB 48ms
45ms Stylesheet
text/css 2606:4700:3035::6815:142
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://fontgenerator.cc/style.css

Requested by

Host: fontgenerator.cc
URL: https://fontgenerator.cc/embed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::6815:142 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6d35a7ee5aac9714da95d1a4f632cdb97d560a5ecf5e3908a1d229bc8c1057c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/embed

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: "68102ad2-3910"
age: 5726
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=XDxm0sXWLs0TKfXBycDUEZsAGCoSRlRdNvc%2BxNkq5r0jqBLiJy9cc8E0KeunlEk20s2qfIdYezaBWBdg2MaaCHTWMhN%2F2YBWyMiZc69qiIq2bFKBvKPpNfrV5fA%3D"}]}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Tue, 27 May 2025 15:35:24 GMT
content-type: text/css
last-modified: Tue, 29 Apr 2025 01:26:42 GMT
vary: Accept-Encoding
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cache-control: max-age=14400
cf-ray: 946694fc1d251c85-FRA
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 toastr.min.css
fontgenerator.cc/ Frame 8958 7 KB
3 KB 49ms
46ms Stylesheet
text/css 2606:4700:3035::6815:142
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://fontgenerator.cc/toastr.min.css

Requested by

Host: fontgenerator.cc
URL: https://fontgenerator.cc/embed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::6815:142 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

10d159adb573ca535b8275f1d27dc8d60fffd9678ee3b5f1a0f7b4be4a77342f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/embed

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: "67e1e2bb-1a55"
age: 5726
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=WZHSB%2BNwoCS8TT3uh2mJInV1vvuAR7i%2BjatT7FnyqrO%2FIDOQPliKR8Wnn79F9%2BVBeRaGijXQ9g0ZZ0jql2xHNCHuPFi88GesdO8b8Kbn3QfbmUloSVAtjAaWqhA%3D"}]}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Tue, 27 May 2025 15:35:24 GMT
content-type: text/css
last-modified: Mon, 24 Mar 2025 22:54:51 GMT
vary: Accept-Encoding
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cache-control: max-age=14400
cf-ray: 946694fc1d281c85-FRA
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 inview.min.js Show response
stpd.cloud/assets/libraries/ Frame 8958 5 KB
3 KB 135ms
22ms Script
application/javascript 2606:4700::6812:1f31
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://stpd.cloud/assets/libraries/inview.min.js

Requested by

Host: fontgenerator.cc
URL: https://fontgenerator.cc/embed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1f31 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ba92f31903d0ed43a15811c0506b1c357fa04ff643140a3c0e162dfc66cd37eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"23df7c2f5fe3a534a7299c9c9e923fa9"
age: 2665
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hEaEMJ5UWyUciGz5l%2BACmGeoRzXgqYPWrk0OCXT%2BqqZy4POGrgHdZhe7ZvogMRSzHWZjK%2FDOcN8IeFs7ZegTidvJHM6QrbWZfAJZX6llcJMVEYwTD8zbwNzCvnMQ"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Tue, 27 May 2025 15:55:24 GMT
date: Tue, 27 May 2025 15:35:24 GMT
content-type: application/javascript
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: public, max-age=1200
referrer-policy: strict-origin-when-cross-origin
cf-ray: 946694fcc9a2dbfe-FRA
access-control-allow-origin: *
server: cloudflare

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 8958 111 KB
34 KB 145ms
65ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: fontgenerator.cc
URL: https://fontgenerator.cc/embed

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

37c415fa0411cbabd43d43835d830fdda0951128c1e77b841fbfb104018f7388

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/

Response headers

content-encoding: br
etag: 590 / 20235 / m202505200101 / config-hash: 4677953494289217151
x-content-type-options: nosniff
expires: Tue, 27 May 2025 15:35:25 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Tue, 27 May 2025 15:35:25 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 34842
x-xss-protection: 0
server: cafe

GET
H2 200 9343 Show response
stpd.cloud/saas/ Frame 8958 426 KB
117 KB 97ms
88ms Script
text/javascript 2606:4700::6812:1f31
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://stpd.cloud/saas/9343
Requested by: Host: fontgenerator.cc
URL: https://fontgenerator.cc/embed
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1f31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 28a2e66d41b018bf27fbf4e3434b298b0b9afaf920f9e8a49dd60ded1e1ae903

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/

Response headers

cache-control: max-age=300
x-stpd-module-cache: HIT
content-encoding: br
cf-ray: 946694fd3a3cdbfe-FRA
access-control-allow-origin: *
date: Tue, 27 May 2025 15:35:25 GMT
content-type: text/javascript
vary: Accept-Encoding
server: cloudflare

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame 8958 384 KB
128 KB 159ms
77ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-1B87SF7ZHT

Requested by

Host: fontgenerator.cc
URL: https://fontgenerator.cc/embed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b7feb0e59e8ae4d9df402bcfaa2bb6bcb9753876e8604a043317f1af16461b06

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/

Response headers

content-encoding: br
report-to: {"group":"ascgcycc:1075:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1075:0"}],}
expires: Tue, 27 May 2025 15:35:25 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 27 May 2025 15:35:25 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1075:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=ascgcycc:1075:0
content-length: 130054
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 script.outbound-links.pageview-props.tagged-events.js Show response
stats.senty.com.au/js/ Frame 8958 3 KB
2 KB 460ms
139ms Script
application/javascript 104.237.132.182
AKAMAI-LINODE-AP ...

General

Check archive.org

Download Go to

Full URL

https://stats.senty.com.au/js/script.outbound-links.pageview-props.tagged-events.js

Requested by

Host: fontgenerator.cc
URL: https://fontgenerator.cc/embed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.237.132.182 Richardson, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),

Reverse DNS

104-237-132-182.ip.linodeusercontent.com

Software

nginx /

Resource Hash

4f6d3ce6fee0211ee389d61a9344b2f0ff30dc1f7db4e6fd9f2e9417f800afc6

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/

Response headers

cache-control: public, max-age=86400, must-revalidate
content-encoding: gzip
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff, nosniff
access-control-allow-origin: *
date: Tue, 27 May 2025 15:35:25 GMT
x-xss-protection: 1; mode=block
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
server: nginx
x-frame-options: SAMEORIGIN

GET
H3 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/ Frame 8958 87 KB
28 KB 152ms
41ms Script
application/javascript 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js

Requested by

Host: fontgenerator.cc
URL: https://fontgenerator.cc/embed

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "603e8adc-15d9d"
age: 958717
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2NUagiO3MjRi30P%2BKRehPxb3QheWLLXydOfUZILjDgQZq2mWsI9S2Xb74hdtooyq93CMAU7wKCiDjWYcInGOVyr8wkL%2B43cfowYaXscoxlmjKlwgXRkNOsltNVzSfvmZlftvOw6I"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Sun, 17 May 2026 15:35:24 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Tue, 27 May 2025 15:35:24 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 02 Mar 2021 18:58:36 GMT
vary: Accept-Encoding
priority: u=1,i=?0
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 946694fcce373581-AMS
accept-ranges: bytes
access-control-allow-origin: *
content-length: 27938
server: cloudflare

GET
H2 200 script.js Show response
fontgenerator.cc/js/ Frame 8958 95 KB
20 KB 46ms
43ms Script
application/javascript 2606:4700:3035::6815:142
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://fontgenerator.cc/js/script.js

Requested by

Host: fontgenerator.cc
URL: https://fontgenerator.cc/embed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::6815:142 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

19492573e99443369d3da235c38f1a430842fce993891f89054f0c7e4e4389e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/embed

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: "67e356ca-17ae7"
age: 5726
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=YdDofwBNrVpribxae8bzxZvadbrSFoferHanl4MBNlxpEbop8ac9EWauszgfvfaibl67t%2BFMYDN63lRori9LPDnefII31TwcCO5ca%2F%2FeVIHr1to5iqElfW58rx0%3D"}]}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Tue, 27 May 2025 15:35:24 GMT
content-type: application/javascript; charset=utf-8
last-modified: Wed, 26 Mar 2025 01:22:18 GMT
vary: Accept-Encoding
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cache-control: max-age=14400
cf-ray: 946694fc1d2a1c85-FRA
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 functions.js Show response
fontgenerator.cc/js/ Frame 8958 5 KB
2 KB 43ms
41ms Script
application/javascript 2606:4700:3035::6815:142
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://fontgenerator.cc/js/functions.js

Requested by

Host: fontgenerator.cc
URL: https://fontgenerator.cc/embed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::6815:142 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

69d9ac5984ab481e3a40b4b75c330920e56aa12c8d37bfaccc4ab6cedcdda50f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/embed

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: "67e34bc9-1275"
age: 5726
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=Ckdxu%2FeB4v4iTAbqBXK5hrWCWH4yb%2BMi%2BaGjGfCjGk%2FdQz1vDAcr4iNCOPzLvm48o9IMKe5cac8eJ8btMvEf8C%2B%2BctEUyBxp9xGKQD4xSU2ft0fRZHOlTUTm4ZM%3D"}]}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Tue, 27 May 2025 15:35:24 GMT
content-type: application/javascript; charset=utf-8
last-modified: Wed, 26 Mar 2025 00:35:21 GMT
vary: Accept-Encoding
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cache-control: max-age=14400
cf-ray: 946694fc1d2b1c85-FRA
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 mdb.umd.min.js Show response
cdnjs.cloudflare.com/ajax/libs/mdb-ui-kit/7.1.0/ Frame 8958 123 KB
31 KB 153ms
42ms Script
application/javascript 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/mdb-ui-kit/7.1.0/mdb.umd.min.js

Requested by

Host: fontgenerator.cc
URL: https://fontgenerator.cc/embed

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ea7fb526203a7e6eed35cc2fcdc98c76cb136dba25b23fae9e5fab3588877596

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "656db89f-7ae6"
age: 335374
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=USdQPFDnDDRCJTEkif8yh5117FKRLghbPTj0963CrH6ReRPiOrKb6SX6Lfta6Bmnps2EVlmq4Z64A0Z0dW%2FHZHosMVDlAtb87Ib86M3xnoc0Vau6OCWNv7YiYi6mEUAV%2FpjtrK4Y"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Sun, 17 May 2026 15:35:24 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Tue, 27 May 2025 15:35:24 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 04 Dec 2023 11:31:43 GMT
vary: Accept-Encoding
priority: u=1,i=?0
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 946694fcce393581-AMS
accept-ranges: bytes
access-control-allow-origin: *
content-length: 31462
server: cloudflare

GET
H2 200 toastr.min.js Show response
fontgenerator.cc/js/ Frame 8958 5 KB
2 KB 41ms
40ms Script
application/javascript 2606:4700:3035::6815:142
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://fontgenerator.cc/js/toastr.min.js

Requested by

Host: fontgenerator.cc
URL: https://fontgenerator.cc/embed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::6815:142 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ddb96c25de07962ffbc0243e6e68177ce74aee9fd950cb4f5d8d3c8e6c524a09

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/embed

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: "67e1e2bb-15a1"
age: 5726
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=xhGv9%2FwF%2BhFOw56G0i1ZrYE2zBPSg3Pki4B8cNGEQsfK%2BekfLn6s%2FATtGWZtJO8R1QZkRNrXlFb5q0ttiyrwclem9K9SpVSqkjMI1QNJbjutQA0%2F3TJV29ssLhY%3D"}]}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Tue, 27 May 2025 15:35:24 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 24 Mar 2025 22:54:51 GMT
vary: Accept-Encoding
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cache-control: max-age=14400
cf-ray: 946694fc1d2c1c85-FRA
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 ads.js Show response
app.tinyadz.com/scripts/ Frame 8958 7 KB
3 KB 186ms
76ms Script
text/javascript 172.67.205.141
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://app.tinyadz.com/scripts/ads.js?siteId=68323df081da95ab79451781
Requested by: Host: fontgenerator.cc
URL: https://fontgenerator.cc/embed
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.205.141 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4bbba479472ffa4241be401098dddafddc48cd7d1377c83d0048cc364933cbd0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin: https://fontgenerator.cc
Referer: https://fontgenerator.cc/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: max-age=14400
content-encoding: gzip
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4Z0SYG4DdWckbcEK9svMt4hu0OVVMfJhu1TpdrayMnAbWH8bTcfd3Kf3dDtU1%2Bt5H5%2FwbsCAJOZWlrdKWt%2BzJyj78reCWgxeaTTuFepeg0mg61paRlQLOFQvkH3DWSZNjNE%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 946694fcdec2c891-AMS
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=31008&min_rtt=13946&rtt_var=18168&sent=10&recv=10&lost=0&retrans=0&sent_bytes=3638&recv_bytes=3237&delivery_rate=1299692&cwnd=15463&unsent_bytes=0&cid=a357f63943fa0e14&ts=154&x=92"
date: Tue, 27 May 2025 15:35:24 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding, Origin
server: cloudflare
last-modified: Tue, 27 May 2025 15:35:24 GMT

GET
H3

200

/ Show response
www.app.apmw.shadowshadowshadow.root64.de/home/ Frame 1C3A
Redirect Chain

https://www.app.apmw.shadowshadowshadow.root64.de/home
https://www.app.apmw.shadowshadowshadow.root64.de/home/

976 B
728 B

93ms
92ms

Document
text/html

104.243.38.18
RELIABLESITE

General

Check archive.org

Download Go to

Full URL: https://www.app.apmw.shadowshadowshadow.root64.de/home/
Requested by: Host: www.app.apmw.shadowshadowshadow.root64.de
URL: https://www.app.apmw.shadowshadowshadow.root64.de/pages/home.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.243.38.18 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: / Express
Resource Hash: c0511e29e2d9e3aa83ab107e55b5e3c2ca9c90c04027a2f551fca1d403fd9cd6

Request headers

Referer: https://www.app.apmw.shadowshadowshadow.root64.de/pages/home.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

cache-control: public, max-age=604800
content-encoding: gzip
content-length: 555
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin
date: Tue, 27 May 2025 15:35:24 GMT
etag: W/"3d0-196ee8b91bb"
last-modified: Tue, 20 May 2025 16:34:06 GMT
vary: Accept-Encoding
via: 1.1 Caddy
x-powered-by: Express

Redirect headers

content-length: 154
content-security-policy: default-src 'none'
content-type: text/html; charset=UTF-8
cross-origin-opener-policy: same-origin
date: Tue, 27 May 2025 15:35:24 GMT
location: /home/
via: 1.1 Caddy
x-content-type-options: nosniff
x-powered-by: Express

GET
H2 200 fontgenerator.js Show response
cdn4.buysellads.net/pub/ Frame 8958 724 KB
186 KB 253ms
110ms Script
application/javascript 159.65.211.77
DIGITALOCEAN-ASN

General

Check archive.org

Download Go to

Full URL: https://cdn4.buysellads.net/pub/fontgenerator.js?1748359800000
Requested by: Host: fontgenerator.cc
URL: https://fontgenerator.cc/embed
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 159.65.211.77 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: srv-lon1-1 /
Resource Hash: a76799d383e84544bb37f128665c43341e94deae0101f7a8c256982f41c46f90

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/

Response headers

cache-control: public, max-age=3600, stale-while-revalidate
content-encoding: br
etag: 50300e48b650577737aed03666afbed6abeff3fb
date: Tue, 27 May 2025 15:35:25 GMT
content-type: application/javascript
vary: Accept-Encoding
server: srv-lon1-1

GET
H3 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v40/ Frame 8958 18 KB
18 KB 46ms
22ms Font
font/woff2 172.217.16.131
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans&family=Ubuntu:wght@500&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f3.1e100.net

Software

sffe /

Resource Hash

e7af9d60d875eb1c1b1037bbbfdec41fcb096d0ebcf98a48717ad8b07906ced6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin: https://fontgenerator.cc
Referer: https://fonts.googleapis.com/

Response headers

age: 22119
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 27 May 2026 09:26:46 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 27 May 2025 09:26:46 GMT
last-modified: Thu, 14 Dec 2023 02:00:39 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18668
x-xss-protection: 0
server: sffe

GET
H3 200 F.svg
fontgenerator.cc/icons/ Frame 8958 5 KB
3 KB 39ms
38ms Image
image/svg+xml 172.67.128.189
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL

https://fontgenerator.cc/icons/F.svg

Requested by

Host: fontgenerator.cc
URL: https://fontgenerator.cc/embed

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.128.189 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5d881b69841cd18f3db8831bd5f0e57149fecd4064d156cb1d3f982626903d60

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/embed

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: "67e1e2bb-1516"
age: 2343
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JfMhwxd2HC7q2pOMhkpwxsFI2stw5z6TWDkjGYf81PJ4YV01TUEmZXN448xZa%2Fz8ISagbLFwvrGy90seTf6VnIj5tpKsHHjUGAPGsiyH5GUmt16r1cjNuDZacBeqj9gsfihZ"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=27894&min_rtt=13445&rtt_var=15677&sent=11&recv=11&lost=0&retrans=0&sent_bytes=3751&recv_bytes=3309&delivery_rate=891143&cwnd=15553&unsent_bytes=0&cid=5734807b9c97bf16&ts=217&x=92"
date: Tue, 27 May 2025 15:35:25 GMT
content-type: image/svg+xml
last-modified: Mon, 24 Mar 2025 22:54:51 GMT
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 946694fd5e6f28af-AMS
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 GetSiteAdConfigAPI Show response
app.tinyadz.com/api/ Frame 8958 96 B
698 B 115ms
115ms Fetch
application/json 172.67.205.141
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://app.tinyadz.com/api/GetSiteAdConfigAPI?siteId=68323df081da95ab79451781&pageUrl=https%3A%2F%2Ffontgenerator.cc%2Fembed&refererUrl=https%3A%2F%2Fwww.app.apmw.shadowshadowshadow.root64.de%2F&width=300&height=120
Requested by: Host: app.tinyadz.com
URL: https://app.tinyadz.com/scripts/ads.js?siteId=68323df081da95ab79451781
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.205.141 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: abf9bfd998405a38e5f5f61e533e4de1298162efc4409b1f161ea04e5901c366

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: max-age=0
content-encoding: gzip
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WmSotB9HWntBnCZa%2BmTPNArPDLvA9ttiB9uuv7CoWpJN4n3KlcIDr18cEIL5ORPekVgmcwfhW51f%2FMPL7XFnh8uGuQ9njejzn0Yy%2BKfk2ha5SkFcp8n7t5kGRVuwQOUINW8%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 946694fd6edcc891-AMS
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=27778&min_rtt=13946&rtt_var=15829&sent=14&recv=13&lost=0&retrans=0&sent_bytes=6892&recv_bytes=3765&delivery_rate=1299692&cwnd=18694&unsent_bytes=0&cid=a357f63943fa0e14&ts=262&x=92"
date: Tue, 27 May 2025 15:35:25 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding, Origin
server: cloudflare

GET
H3 200 home.css
www.app.apmw.shadowshadowshadow.root64.de/css/ Frame 1C3A 1 KB
763 B 148ms
146ms Stylesheet
text/css 104.243.38.18
RELIABLESITE

General

Check archive.org

Download Go to

Full URL: https://www.app.apmw.shadowshadowshadow.root64.de/css/home.css
Requested by: Host: www.app.apmw.shadowshadowshadow.root64.de
URL: https://www.app.apmw.shadowshadowshadow.root64.de/home/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.243.38.18 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: / Express
Resource Hash: bfbf77facc0b33343150d420aa0f7e582e1657070c51895cdec89299922d96cc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.app.apmw.shadowshadowshadow.root64.de/home/

Response headers

cache-control: public, max-age=86400, must-revalidate, public, max-age=604800
content-encoding: gzip
cross-origin-opener-policy: same-origin
etag: W/"4d2-19630f6deef"
via: 1.1 Caddy
content-length: 540
date: Tue, 27 May 2025 15:35:25 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
x-powered-by: Express
last-modified: Sun, 13 Apr 2025 21:03:27 GMT

GET
H2 200 themes.css
www.app.apmw.shadowshadowshadow.root64.de/css/ Frame 1C3A 3 KB
0 2ms
2ms Stylesheet
text/css 104.243.38.18
RELIABLESITE

General

Check archive.org

Download Go to

Full URL: https://www.app.apmw.shadowshadowshadow.root64.de/css/themes.css
Requested by: Host: www.app.apmw.shadowshadowshadow.root64.de
URL: https://www.app.apmw.shadowshadowshadow.root64.de/home/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.243.38.18 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: / Express
Resource Hash: 92335a8a579ab20778ad116b2e403ac436989b7c6b760bd9e906d451483ddb24

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.app.apmw.shadowshadowshadow.root64.de/home/

Response headers

cache-control: public, max-age=86400, must-revalidate, public, max-age=604800
content-encoding: gzip
cross-origin-opener-policy: same-origin
etag: W/"b00-196c0828a31"
via: 1.1 Caddy
alt-svc: h3=":443"; ma=2592000
content-length: 734
date: Tue, 27 May 2025 15:35:23 GMT
content-type: text/css; charset=utf-8
last-modified: Sun, 11 May 2025 18:01:42 GMT
vary: Accept-Encoding
x-powered-by: Express

GET
H2 200 css2
fonts.googleapis.com/ Frame 1C3A 2 KB
619 B 48ms
41ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Poppins:wght@400;600&display=swap

Requested by

Host: www.app.apmw.shadowshadowshadow.root64.de
URL: https://www.app.apmw.shadowshadowshadow.root64.de/home/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f9d8e58b6cdcdf7831511b8a69c82bc6b71c335ade7b7efa21b634e08cf9789d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.app.apmw.shadowshadowshadow.root64.de/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Tue, 27 May 2025 15:35:25 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 27 May 2025 15:35:25 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Tue, 27 May 2025 14:21:30 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H3 200 ana.js Show response
www.app.apmw.shadowshadowshadow.root64.de/ Frame 1C3A 379 KB
0 4ms
4ms Script
application/javascript 104.243.38.18
RELIABLESITE

General

Check archive.org

Download Go to

Full URL

https://www.app.apmw.shadowshadowshadow.root64.de/ana.js

Requested by

Host: www.app.apmw.shadowshadowshadow.root64.de
URL: https://www.app.apmw.shadowshadowshadow.root64.de/home/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.243.38.18 Piscataway, United States, ASN23470 (RELIABLESITE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

115e6a31ef60c48a82c89bc6a7ef88eaaee076a2eab6595aed0072598f0f9d55

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.app.apmw.shadowshadowshadow.root64.de/home/

Response headers

content-encoding: br
report-to: {"group":"ascgcycc:1075:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1075:0"}],}
expires: Tue, 27 May 2025 15:35:23 GMT
date: Tue, 27 May 2025 15:35:23 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1075:0
via: 2.0 Caddy
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=ascgcycc:1075:0
content-length: 129726
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 themes.js Show response
www.app.apmw.shadowshadowshadow.root64.de/assets/js/ Frame 1C3A 4 KB
0 5ms
5ms Script
text/javascript 104.243.38.18
RELIABLESITE

General

Check archive.org

Download Go to

Full URL: https://www.app.apmw.shadowshadowshadow.root64.de/assets/js/themes.js
Requested by: Host: www.app.apmw.shadowshadowshadow.root64.de
URL: https://www.app.apmw.shadowshadowshadow.root64.de/home/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.243.38.18 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: / Express
Resource Hash: e3715d1fe227e6550c249faf6362adb08c08898bc88db2192ea12b39b8be0974

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin: https://www.app.apmw.shadowshadowshadow.root64.de
Referer: https://www.app.apmw.shadowshadowshadow.root64.de/home/

Response headers

cache-control: public, max-age=86400, must-revalidate, public, max-age=604800
content-encoding: gzip
cross-origin-opener-policy: same-origin
etag: W/"116e-19630f6df0b"
via: 1.1 Caddy
alt-svc: h3=":443"; ma=2592000
content-length: 1343
date: Tue, 27 May 2025 15:35:23 GMT
content-type: text/javascript; charset=utf-8
last-modified: Sun, 13 Apr 2025 21:03:27 GMT
vary: Accept-Encoding
x-powered-by: Express

GET
H3 200 plain_logo.webp
www.app.apmw.shadowshadowshadow.root64.de/assets/imgs/icons/ Frame 1C3A 11 KB
12 KB 137ms
136ms Image
image/webp 104.243.38.18
RELIABLESITE

General

Check archive.org

Download Go to Show image

Full URL: https://www.app.apmw.shadowshadowshadow.root64.de/assets/imgs/icons/plain_logo.webp
Requested by: Host: www.app.apmw.shadowshadowshadow.root64.de
URL: https://www.app.apmw.shadowshadowshadow.root64.de/home/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.243.38.18 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: / Express
Resource Hash: 042a1652e0b3d20d268a194befaea0c5841026a91a14214abac003d605e0ed65

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.app.apmw.shadowshadowshadow.root64.de/home/

Response headers

cache-control: public, max-age=86400, must-revalidate, public, max-age=604800
cross-origin-opener-policy: same-origin
etag: W/"2d9c-19630f6dee7"
via: 1.1 Caddy
accept-ranges: bytes
content-length: 11676
date: Tue, 27 May 2025 15:35:25 GMT
last-modified: Sun, 13 Apr 2025 21:03:27 GMT
content-type: image/webp
x-powered-by: Express

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202505200101/ Frame 8958 539 KB
170 KB 55ms
54ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202505200101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

638b32a4f2339ff4f58198fe56ffb89091e03c23d76a39821797c01f026e21ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/

Response headers

content-encoding: br
etag: 8367355567805738573
age: 21290
x-content-type-options: nosniff
expires: Wed, 27 May 2026 09:40:35 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Tue, 27 May 2025 09:40:35 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 173743
x-xss-protection: 0
server: cafe

GET
H3 200 manager.js Show response
app.tinyadz.com/libs/ Frame 8958 10 KB
3 KB 139ms
86ms Script
text/javascript 172.67.205.141
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://app.tinyadz.com/libs/manager.js
Requested by: Host: app.tinyadz.com
URL: https://app.tinyadz.com/scripts/ads.js?siteId=68323df081da95ab79451781
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.205.141 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cc9b3ab0470daadec08ecf223bafa041cd60ad6ddb2b0cc5ede515e16cbd95b9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: max-age=14400
content-encoding: gzip
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vT3rW3IIeXGI%2FSH5SG2OndhBG75shzq%2Ftsddg1UmxXc8plz3QFytT%2FHP7mygyDQtBT7B37tWdKoZAKDLOTqa%2FkdNYlKRqDLspKeG%2Bql6qCKCMaQSNn5tgyc4BG5B5FNaKro%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 946694fee8aa0a64-AMS
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=45875&min_rtt=36694&rtt_var=14733&sent=10&recv=9&lost=0&retrans=0&sent_bytes=3642&recv_bytes=3143&delivery_rate=5193196&cwnd=15467&unsent_bytes=0&cid=1dcf4589f15f3190&ts=117&x=92"
date: Tue, 27 May 2025 15:35:25 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding, Origin
server: cloudflare
last-modified: Tue, 27 May 2025 15:35:25 GMT

GET
H3 200 GetAvailableWidgetsAPI Show response
app.tinyadz.com/api/ Frame 8958 14 B
594 B 202ms
202ms Fetch
application/json 172.67.205.141
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://app.tinyadz.com/api/GetAvailableWidgetsAPI?siteId=68323df081da95ab79451781&pageUrl=https%3A%2F%2Ffontgenerator.cc%2Fembed&width=300&height=120
Requested by: Host: app.tinyadz.com
URL: https://app.tinyadz.com/scripts/ads.js?siteId=68323df081da95ab79451781
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.205.141 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f116ce064296bb68f5adc78f16e0298efd4a0db15077406976147f6ce69a5b8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/

Response headers

cache-control: max-age=0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GJAiniajJYqYb20qxMLYfYVjLTuTjw5RqWS3BRoWaFmc5soNFZ3aUZ9dW4YbGwbcKFl5Wk5fL6dlLjASBXZu4QzoyEN84hkQWd6XsZ1w6ofBTSCihg%2BPufdiUx4AIW1s5UA%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 946694fe9f4dc891-AMS
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 14
server-timing: cfL4;desc="?proto=QUIC&rtt=30879&min_rtt=13946&rtt_var=18074&sent=17&recv=15&lost=0&retrans=0&sent_bytes=7660&recv_bytes=4202&delivery_rate=1299692&cwnd=19439&unsent_bytes=0&cid=a357f63943fa0e14&ts=550&x=92"
date: Tue, 27 May 2025 15:35:25 GMT
content-type: application/json; charset=utf-8
vary: Origin
server: cloudflare

GET
H3 200 blue.jpg
www.app.apmw.shadowshadowshadow.root64.de/assets/imgs/backgrounds/home/ Frame 1C3A 184 KB
185 KB 108ms
108ms Image
image/jpeg 104.243.38.18
RELIABLESITE

General

Check archive.org

Download Go to Show image

Full URL: https://www.app.apmw.shadowshadowshadow.root64.de/assets/imgs/backgrounds/home/blue.jpg
Requested by: Host: www.app.apmw.shadowshadowshadow.root64.de
URL: https://www.app.apmw.shadowshadowshadow.root64.de/css/home.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.243.38.18 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: / Express
Resource Hash: 5eff7005425c542db2290b5ccdf4e0a65c4219273a665ce0425264274e536ea6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.app.apmw.shadowshadowshadow.root64.de/css/home.css

Response headers

cache-control: public, max-age=86400, must-revalidate, public, max-age=604800
cross-origin-opener-policy: same-origin
etag: W/"2e144-19630f6dedf"
via: 1.1 Caddy
accept-ranges: bytes
content-length: 188740
date: Tue, 27 May 2025 15:35:25 GMT
last-modified: Sun, 13 Apr 2025 21:03:27 GMT
x-powered-by: Express
content-type: image/jpeg

GET
H3 200 pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v23/ Frame 1C3A 8 KB
8 KB 53ms
52ms Font
font/woff2 172.217.16.131
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v23/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@400;600&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f3.1e100.net

Software

sffe /

Resource Hash

f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin: https://www.app.apmw.shadowshadowshadow.root64.de
Referer: https://fonts.googleapis.com/

Response headers

age: 22663
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 27 May 2026 09:17:42 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 27 May 2025 09:17:42 GMT
last-modified: Wed, 23 Apr 2025 16:07:17 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 8000
x-xss-protection: 0
server: sffe

GET
H3 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v23/ Frame 1C3A 8 KB
0 0ms
0ms Font
font/woff2 172.217.16.131
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v23/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@400;600&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f3.1e100.net

Software

sffe /

Resource Hash

7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin: https://www.app.apmw.shadowshadowshadow.root64.de
Referer: https://fonts.googleapis.com/

Response headers

age: 27891
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 27 May 2026 07:50:32 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 27 May 2025 07:50:32 GMT
last-modified: Wed, 23 Apr 2025 16:05:59 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 7884
x-xss-protection: 0
server: sffe

POST
H2 204 collect
www.google-analytics.com/g/ Frame 1C3A 0
0 45ms
45ms Fetch
text/plain 2001:4860:4802:38::178
GOOGLE

General

Check archive.org

Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-NCTSG4T1B6&gtm=45je55l1v9138172222za204&_p=1748360125213&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101509157~103116026~103130498~103130500~103200004~103233427~103252644~103252646~104481633~104481635&cid=1294925867.1748360124&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=1&pscdl=noapi&_eu=AAAAAAQ&_s=1&sid=1748360123&sct=1&seg=1&dl=https%3A%2F%2Fwww.app.apmw.shadowshadowshadow.root64.de%2Fhome%2F&dr=https%3A%2F%2Fwww.app.apmw.shadowshadowshadow.root64.de%2Fpages%2Fhome.html&dt=Home&en=page_view&_ee=1&tfd=428
Requested by: Host: www.app.apmw.shadowshadowshadow.root64.de
URL: https://www.app.apmw.shadowshadowshadow.root64.de/ana.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.app.apmw.shadowshadowshadow.root64.de/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:99:0
report-to: {"group":"ascnsrsggc:99:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:99:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.app.apmw.shadowshadowshadow.root64.de
cross-origin-opener-policy-report-only: same-origin; report-to=ascnsrsggc:99:0
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 27 May 2025 15:35:25 GMT
content-type: text/plain
server: Golfe2

GET
H3 200 settings_manager.js Show response
www.app.apmw.shadowshadowshadow.root64.de/assets/js/ Frame 1C3A 4 KB
0 0ms
0ms Script
text/javascript 104.243.38.18
RELIABLESITE

General

Check archive.org

Download Go to

Full URL: https://www.app.apmw.shadowshadowshadow.root64.de/assets/js/settings_manager.js
Requested by: Host: www.app.apmw.shadowshadowshadow.root64.de
URL: https://www.app.apmw.shadowshadowshadow.root64.de/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.243.38.18 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: / Express
Resource Hash: 8b6965a87cf7118c3c59e80a39eb18dfead63c4a4b8e0a1e0134f5842cd4d8cc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin: https://www.app.apmw.shadowshadowshadow.root64.de
Referer: https://www.app.apmw.shadowshadowshadow.root64.de/assets/js/themes.js

Response headers

cache-control: public, max-age=86400, must-revalidate, public, max-age=604800
cross-origin-opener-policy: same-origin
content-encoding: gzip
etag: W/"f26-19630f6df0b"
via: 1.1 Caddy
content-length: 885
date: Tue, 27 May 2025 15:35:23 GMT
last-modified: Sun, 13 Apr 2025 21:03:27 GMT
vary: Accept-Encoding
x-powered-by: Express
content-type: text/javascript; charset=utf-8

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ Frame 8958 2 KB
2 KB 137ms
17ms Fetch
application/json 2606:4700::6810:aee2
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20250527

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/saas/9343

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:aee2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bc3f7a35b8b8fdeaeb708924dc07f4234e80c827fc4d1251e0f7ed71c1514306

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://fontgenerator.cc/

Response headers

access-control-expose-headers: *
content-encoding: br
cf-cache-status: HIT
etag: W/"63f-e/17lpvJZjtyDXrkfwzc8fPrSKs"
age: 41666
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AcMMJh3JmlDfieQC0VF7aBy97TPb7GEWyiGWAygw0MS0mnCPEs5hDF4m2Ch%2FBcPZOLY%2BLr8nnv%2BEkzT1VuiWXptCNs92l5S6GBxliimhnRvQdZ6UAmdGZyTKs%2FZ1SfNsquS1mg%2BwLUCorkYd73U%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-jsd-version-type: version
alt-svc: h3=":443"; ma=86400
x-cache: HIT, HIT
date: Tue, 27 May 2025 15:35:25 GMT
content-type: application/json; charset=utf-8
x-served-by: cache-fra-eddf8230103-FRA, cache-lga21933-LGA
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 94669500dff28f27-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 819
server: cloudflare
x-jsd-version: 1.0.2433

POST
H2 200 prebid Show response
id5-sync.com/api/config/ Frame 8958 167 B
449 B 140ms
13ms Fetch
application/json 162.19.138.119
OVH OVH SAS

General

Check archive.org

Download Go to

Full URL

https://id5-sync.com/api/config/prebid

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/saas/9343

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.119 Frankfurt am Main, Germany, ASN16276 (OVH OVH SAS, FR),

Reverse DNS

ns31533570.ip-162-19-138.eu

Software

Resource Hash

3b9767e5d0bea4d284bb1e624cc6ee3244b13efedfe5424eb5140ef326511eb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://fontgenerator.cc/

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-origin: https://fontgenerator.cc
date: Tue, 27 May 2025 15:35:24 GMT
content-type: application/json;charset=UTF-8
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-credentials: true

GET
H2 200 json Show response
gum.criteo.com/sid/ Frame 8958 2 B
375 B 49ms
18ms Fetch
application/json 2a02:2638:3::c
ASN-CRITEO-EUROPE...

General

Check archive.org

Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.app.apmw.shadowshadowshadow.root64.de%2F&domain=fontgenerator.cc&cw=1&lsw=1

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/saas/9343

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
content-type: application/json
Referer: https://fontgenerator.cc/

Response headers

strict-transport-security: max-age=31536000; preload;
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
pragma: no-cache
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 216536
expires: 0
access-control-allow-origin: https://fontgenerator.cc
date: Tue, 27 May 2025 15:35:24 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
server: Kestrel

GET
H/1.1 200
OK localstore.js Show response
script.4dex.io/ Frame 8958 492 B
1 KB 153ms
31ms Script
application/javascript 2606:4700:20::ac43:4bf1
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/saas/9343
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 504460751d9d131dae7dcd29927c1cd147be3cb0651003de4ee6b0fea5fef6ae

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/

Response headers

Content-Encoding: br
CF-Cache-Status: HIT
ETag: W/"56dbef354a963eec89c1c0d552909198"
Age: 977186
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mgBmcgehmfKkD8gf42rvYfvzwH5RIj3aORz2GJWSRy56Epint485PjSUvXPNNfc2mhIpSE2UTIcewWXxN16NgS%2FrZNyZEE8%2FQoOfIfF6BnhwQ0%2B9u5ijw2%2BnVWOCTaDSWfB1Yr1NLSeJeXnM"}],"group":"cf-nel","max_age":604800}
server-timing: cfL4;desc="?proto=TCP&rtt=6024&min_rtt=5972&rtt_var=1345&sent=6&recv=9&lost=0&retrans=0&sent_bytes=3465&recv_bytes=2269&delivery_rate=628797&cwnd=253&unsent_bytes=0&cid=008d74d15172f3bd&ts=115&x=0"
Date: Tue, 27 May 2025 15:35:25 GMT
Content-Type: application/javascript
Last-Modified: Mon, 24 Mar 2025 20:04:12 GMT
Vary: Accept-Encoding
Transfer-Encoding: chunked
Cache-Control: public, max-age=1800
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
CF-RAY: 94669500ebe030e7-FRA
Server: cloudflare

GET
H3 200 rum.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 8958 68 KB
25 KB 152ms
30ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/rum.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202505200101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

69df9520e73d741f328f7a40e279710499d1e2af1a81de60b2be855802f0745c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/

Response headers

content-encoding: br
etag: 69234120874071566
age: 471
x-content-type-options: nosniff
expires: Tue, 27 May 2025 16:27:34 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Tue, 27 May 2025 15:27:34 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 25553
x-xss-protection: 0
server: cafe

POST
H2 202 event Show response
stats.senty.com.au/api/ Frame 8958 2 B
219 B 401ms
142ms XHR
text/plain 104.237.132.182
AKAMAI-LINODE-AP ...

General

Check archive.org

Download Go to

Full URL: https://stats.senty.com.au/api/event
Requested by: Host: stats.senty.com.au
URL: https://stats.senty.com.au/js/script.outbound-links.pageview-props.tagged-events.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.237.132.182 Richardson, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 104-237-132-182.ip.linodeusercontent.com
Software: nginx /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://fontgenerator.cc/

Response headers

x-request-id: GENsRW50p9SqG6KD064h
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 2
date: Tue, 27 May 2025 15:35:25 GMT
content-type: text/plain; charset=utf-8
server: nginx

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 143ms
19ms Preflight
application/json 2a02:2638:3::c
ASN-CRITEO-EUROPE...

General

Check archive.org

Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.app.apmw.shadowshadowshadow.root64.de%2F&domain=fontgenerator.cc&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://fontgenerator.cc
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://fontgenerator.cc
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Tue, 27 May 2025 15:35:24 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 217458
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

OPTIONS
H2 204 openrtb
ex.ingage.tech/v1/ Frame 0
0 148ms
107ms Preflight 2606:4700:10::ac43:5ab
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://ex.ingage.tech/v1/openrtb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:5ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://fontgenerator.cc
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://fontgenerator.cc
access-control-max-age: 86400
cf-cache-status: DYNAMIC
cf-ray: 946695013f573648-FRA
date: Tue, 27 May 2025 15:35:25 GMT
server: cloudflare
vary: Origin, Access-Control-Request-Headers

GET
H2 200 tag Show response
btloader.com/ Frame 8958 79 KB
25 KB 100ms
24ms Script
application/javascript 2606:4700:10::6816:4bd8
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://btloader.com/tag?o=5102648370397184&upapi=true
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/fontgenerator.js?1748359800000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4bd8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7a0c35a121f3e7e3f34c9d2f237b73fb5519dedd0f43b67d0a7466ce0e1473fb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/

Response headers

x-robots-tag: noindex, nofollow
cache-control: public, max-age=300, stale-if-error=3600, stale-while-revalidate=300
content-encoding: gzip
cf-cache-status: HIT
etag: "a92ca57224ea1835cfdde4bcbcdd9da1"
via: 1.1 google
cf-ray: 94669500fcbc19a0-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 25471
date: Tue, 27 May 2025 15:35:25 GMT
content-type: application/javascript
last-modified: Tue, 27 May 2025 15:09:58 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 CEADK5QI.json Show response
srv.buysellads.com/ads/ Frame 8958 0
114 B 81ms
22ms Fetch
application/json 152.42.150.143
DIGITALOCEAN-ASN

General

Check archive.org

Download Go to

Full URL: https://srv.buysellads.com/ads/CEADK5QI.json?forcebanner=586284&ignoretargeting=yes
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/fontgenerator.js?1748359800000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 152.42.150.143 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: srv-ams3-2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/

Response headers

access-control-allow-origin: *
content-length: 0
date: Tue, 27 May 2025 15:35:25 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
server: srv-ams3-2
access-control-allow-headers: *

POST
H2 200 v1 Show response
prg.smartadserver.com/prebid/ Frame 8958 196 B
441 B 318ms
64ms Fetch
application/json 81.17.55.113
LEASEWEB-NL-AMS-0...

General

Check archive.org

Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/fontgenerator.js?1748359800000
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 81.17.55.113 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 LeaseWeb Netherlands B.V., NL),
Reverse DNS
Software: /
Resource Hash: dc1293460e62d8f4d91ef29b9bac4f123837f7c2c840ef3a52763782c12bc682

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://fontgenerator.cc/

Response headers

cache-control: no-cache,no-store
content-encoding: br
pragma: no-cache
access-control-allow-credentials: true
access-control-allow-origin: https://fontgenerator.cc
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
date: Tue, 27 May 2025 15:35:25 GMT
content-type: application/json; charset=UTF-8
vary: Accept-Encoding, Origin

POST
H2 200 prebidjs Show response
rtb.openx.net/openrtbb/ Frame 8958 53 B
294 B 273ms
26ms Fetch
text/plain 35.186.253.211
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to

Full URL: https://rtb.openx.net/openrtbb/prebidjs
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/fontgenerator.js?1748359800000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: /
Resource Hash: 46f157418453cf1c1bd12b89db4a2ad62d0dffdd4700ca9c92d44592d0a071ad

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://fontgenerator.cc/

Response headers

content-encoding: gzip
x-forwarded-for: 78.159.108.38
access-control-allow-credentials: true
observe-browsing-topics: ?1
via: 1.1 google
access-control-allow-origin: https://fontgenerator.cc
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77
date: Tue, 27 May 2025 15:35:25 GMT
content-type: text/plain
vary: Origin

POST
H2 200 openrtb Show response
ex.ingage.tech/v1/ Frame 8958 80 B
478 B 182ms
100ms Fetch
application/json 2606:4700:10::ac43:5ab
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://ex.ingage.tech/v1/openrtb
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/fontgenerator.js?1748359800000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:5ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcf69f9128fcf29ee1ce8e65dbad713b2e4e80cac0817e8a856c4a1780349bb5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
content-type: application/json
Referer: https://fontgenerator.cc/

Response headers

content-encoding: br
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
cf-ray: 946695023854d36a-FRA
access-control-allow-origin: https://fontgenerator.cc
date: Tue, 27 May 2025 15:35:25 GMT
content-type: application/json; charset=utf-8
vary: Origin
server: cloudflare

POST
H2 200 prebid Show response
prebid.media.net/rtb/ Frame 8958 32 B
557 B 377ms
129ms Fetch
application/json 34.120.63.153
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CU18831I
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/fontgenerator.js?1748359800000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 153.63.120.34.bc.googleusercontent.com
Software: envoy /
Resource Hash: dbe5b7ecbb1e59ac15de1b1ea340c9540f8d1cf1764c667aeca64a1fdd3b639c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://fontgenerator.cc/

Response headers

cache-control: max-age=0, no-cache, no-store, must-revalidate
content-encoding: gzip
pragma: no-cache
accept-ch: Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
x-envoy-upstream-service-time: 104
access-control-allow-credentials: true
via: 1.1 google
expires: Tue, 27 May 2025 15:35:25 GMT
access-control-allow-origin: https://fontgenerator.cc
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52
date: Tue, 27 May 2025 15:35:25 GMT
content-type: application/json;charset=utf-8
server: envoy

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 8958 552 B
1 KB 306ms
60ms Fetch
application/json 2602:803:c003:200::21
RUBICONPROJECT

General

Check archive.org

Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18812&site_id=586072&zone_id=3741866&size_id=15&alt_size_ids=19%2C43%2C44%2C117&rp_schain=1.0,1!buysellads.com,19929,1,,,&eid_pubcid.org=1c31b825-c066-4d00-9fb5-50ec5f506145%5E1&rf=https%3A%2F%2Fwww.app.apmw.shadowshadowshadow.root64.de%2F&tg_i.domain=app.apmw.shadowshadowshadow.root64.de&tg_i.page=https%3A%2F%2Fwww.app.apmw.shadowshadowshadow.root64.de%2F&tg_i.pbadslot=%2F22960212090%2C22921845643%2FFontgenerator_S2S_Leaderboard_CarbonFallback_ROS%23bsa-zone_1742380026425-9_123456&tk_flint=pbjs_lite_v8.45.0&l_pb_bid_id=14a21a072b54c218&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F22960212090%2C22921845643%2FFontgenerator_S2S_Leaderboard_CarbonFallback_ROS%23bsa-zone_1742380026425-9_123456&m_ch_mobile=%3F0&slots=1&rand=0.1475719699927618
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/fontgenerator.js?1748359800000
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.27.2 /
Resource Hash: 8526a70a75a43b3d992ba9323002eed4599f5d1b74a95302e879a2192262b60a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://fontgenerator.cc/

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-origin: https://fontgenerator.cc
date: Tue, 27 May 2025 15:35:25 GMT
content-type: application/json
vary: Accept-Encoding
server: nginx/1.27.2

POST
H2 200 v1 Show response
hb-api.omnitagjs.com/hb-api/prebid/ Frame 8958 536 B
638 B 311ms
65ms Fetch
application/json 34.1.1.166
GOOGLE

General

Check archive.org

Download Go to

Full URL: https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwww.app.apmw.shadowshadowshadow.root64.de%2F&PageUrl=https%3A%2F%2Fwww.app.apmw.shadowshadowshadow.root64.de%2F&PageReferrer=https%3A%2F%2Fwww.app.apmw.shadowshadowshadow.root64.de%2F
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/fontgenerator.js?1748359800000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.1.1.166 Paris, France, ASN15169 (GOOGLE, US),
Reverse DNS: 166.1.1.34.bc.googleusercontent.com
Software: fasthttp /
Resource Hash: 643206d8b6dc3b578c94dcdac4b9bfc14a681e7fec87855ba56f9defd2534711

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://fontgenerator.cc/

Response headers

access-control-max-age: 3600
content-encoding: gzip
x-kong-request-id: e1896b639a4a7c2e496dd77e5cb5cd76
access-control-allow-credentials: true
access-control-allow-methods: OPTIONS, POST
via: kong/3.6.1
x-kong-upstream-latency: 47
access-control-allow-origin: https://fontgenerator.cc
content-length: 242
date: Tue, 27 May 2025 15:35:25 GMT
x-kong-proxy-latency: 0
content-type: application/json; charset=utf-8
vary: Accept-Encoding
server: fasthttp
access-control-allow-headers: Accept-Encoding, Content-Type

POST
H2 200 adreq Show response
ads.servenobid.com/ Frame 8958 394 B
629 B 487ms
243ms Fetch
application/json 143.244.197.139
DIGITALOCEAN-ASN

General

Check archive.org

Download Go to

Full URL

https://ads.servenobid.com/adreq?cb=8189

Requested by

Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/fontgenerator.js?1748359800000

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

143.244.197.139 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Resource Hash

0626a6c736b76eb7041de8495b2dd6ab199afc337f69d2f238463469a5d70362

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://fontgenerator.cc/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
content-encoding: gzip
access-control-allow-credentials: true
amp-access-control-allow-source-origin: *
access-control-allow-origin: https://fontgenerator.cc
date: Tue, 27 May 2025 15:35:26 GMT
content-type: application/json
vary: accept-encoding

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame 8958 0
223 B 266ms
23ms Fetch 2a02:2638:3::39
ASN-CRITEO-EUROPE...

General

Check archive.org

Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.45.0&cb=4792458894&lsavail=1

Requested by

Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/fontgenerator.js?1748359800000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::39 , France, ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://fontgenerator.cc/

Response headers

strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
observe-browsing-topics: ?1
access-control-allow-origin: https://fontgenerator.cc
date: Tue, 27 May 2025 15:35:25 GMT
vary: Origin
server: Kestrel

POST
H2 200 prebid-request Show response
onetag-sys.com/ Frame 8958 15 B
413 B 60ms
18ms Fetch
application/json 51.38.120.206
OVH OVH SAS

General

Check archive.org

Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/fontgenerator.js?1748359800000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.38.120.206 Hessen, Germany, ASN16276 (OVH OVH SAS, FR),

Reverse DNS

ip206.ip-51-38-120.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://fontgenerator.cc/

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-encoding: gzip
access-control-allow-credentials: true
access-control-allow-origin: https://fontgenerator.cc
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
content-length: 41
content-type: application/json
access-control-allow-headers: content-type, origin, referer, user-agent

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ Frame 8958 2 B
247 B 278ms
40ms Fetch
application/json 34.252.183.237
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?displaymanager=Prebid.js%20-%20gumgum&displaymanagerver=8.45.0&lt=1748360125597&to=-120&aun=bsa-zone_1742380026425-9_123456&pubcid=1c31b825-c066-4d00-9fb5-50ec5f506145&gpid=%2F22960212090%2C22921845643%2FFontgenerator_S2S_Leaderboard_CarbonFallback_ROS%23bsa-zone_1742380026425-9_123456&t=6dhpqjyv&pi=3&maxw=320&maxh=100&si=1296514&bf=320x50%2C320x100%2C300x50%2C300x100%2C300x75%2C300x250&schain=1.0%2C1!buysellads.com%2C19929%2C1%2C%2C%2C
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/fontgenerator.js?1748359800000
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.252.183.237 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-252-183-237.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://fontgenerator.cc/

Response headers

cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
pragma: no-cache
access-control-allow-credentials: true
expires: 0
access-control-allow-origin: https://fontgenerator.cc
content-length: 2
date: Tue, 27 May 2025 15:35:25 GMT
content-type: application/json;charset=UTF-8
server: nginx

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ Frame 8958 2 B
246 B 274ms
36ms Fetch
application/json 34.252.183.237
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?displaymanager=Prebid.js%20-%20gumgum&displaymanagerver=8.45.0&lt=1748360125598&to=-120&aun=bsa-zone_1742380026425-9_123456&pubcid=1c31b825-c066-4d00-9fb5-50ec5f506145&gpid=%2F22960212090%2C22921845643%2FFontgenerator_S2S_Leaderboard_CarbonFallback_ROS%23bsa-zone_1742380026425-9_123456&t=6dhpqjyv&pi=3&maxw=320&maxh=100&si=1296516&bf=320x50%2C320x100%2C300x50%2C300x100%2C300x75%2C300x250&schain=1.0%2C1!buysellads.com%2C19929%2C1%2C%2C%2C
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/fontgenerator.js?1748359800000
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.252.183.237 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-252-183-237.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://fontgenerator.cc/

Response headers

cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
pragma: no-cache
access-control-allow-credentials: true
expires: 0
access-control-allow-origin: https://fontgenerator.cc
content-length: 2
date: Tue, 27 May 2025 15:35:25 GMT
content-type: application/json;charset=UTF-8
server: nginx

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ Frame 8958 2 B
246 B 276ms
38ms Fetch
application/json 34.252.183.237
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?displaymanager=Prebid.js%20-%20gumgum&displaymanagerver=8.45.0&lt=1748360125598&to=-120&aun=bsa-zone_1742380026425-9_123456&pubcid=1c31b825-c066-4d00-9fb5-50ec5f506145&gpid=%2F22960212090%2C22921845643%2FFontgenerator_S2S_Leaderboard_CarbonFallback_ROS%23bsa-zone_1742380026425-9_123456&t=6dhpqjyv&pi=3&maxw=320&maxh=100&si=1296517&bf=320x50%2C320x100%2C300x50%2C300x100%2C300x75%2C300x250&schain=1.0%2C1!buysellads.com%2C19929%2C1%2C%2C%2C
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/fontgenerator.js?1748359800000
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.252.183.237 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-252-183-237.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://fontgenerator.cc/

Response headers

cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
pragma: no-cache
access-control-allow-credentials: true
expires: 0
access-control-allow-origin: https://fontgenerator.cc
content-length: 2
date: Tue, 27 May 2025 15:35:25 GMT
content-type: application/json;charset=UTF-8
server: nginx

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ Frame 8958 2 B
246 B 279ms
41ms Fetch
application/json 34.252.183.237
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?displaymanager=Prebid.js%20-%20gumgum&displaymanagerver=8.45.0&lt=1748360125598&to=-120&aun=bsa-zone_1742380026425-9_123456&pubcid=1c31b825-c066-4d00-9fb5-50ec5f506145&gpid=%2F22960212090%2C22921845643%2FFontgenerator_S2S_Leaderboard_CarbonFallback_ROS%23bsa-zone_1742380026425-9_123456&t=6dhpqjyv&pi=3&maxw=320&maxh=100&si=1296518&bf=320x50%2C320x100%2C300x50%2C300x100%2C300x75%2C300x250&schain=1.0%2C1!buysellads.com%2C19929%2C1%2C%2C%2C
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/fontgenerator.js?1748359800000
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.252.183.237 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-252-183-237.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://fontgenerator.cc/

Response headers

cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
pragma: no-cache
access-control-allow-credentials: true
expires: 0
access-control-allow-origin: https://fontgenerator.cc
content-length: 2
date: Tue, 27 May 2025 15:35:25 GMT
content-type: application/json;charset=UTF-8
server: nginx

POST
H/1.1 204
No Content 65e9e879eab3382166f737dc Show response
exchange.cootlogix.com/prebid/multi/ Frame 8958 0
439 B 402ms
168ms Fetch 209.38.60.16
DIGITALOCEAN-ASN

General

Check archive.org

Download Go to

Full URL: https://exchange.cootlogix.com/prebid/multi/65e9e879eab3382166f737dc
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/fontgenerator.js?1748359800000
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 209.38.60.16 , United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://fontgenerator.cc/

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Content-Range, Cache-Control
access-control-allow-origin: https://fontgenerator.cc
cache-control: max-age=0, no-cache, must-revalidate, proxy-revalidate
date: Tue, 27 May 2025 15:35:25 GMT
vary: Accept-Encoding
access-control-allow-credentials: true
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE

POST
H2 200 hb-multi Show response
hb.yellowblue.io/ Frame 8958 84 B
629 B 198ms
40ms Fetch
application/json 52.222.236.4
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://hb.yellowblue.io/hb-multi
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/fontgenerator.js?1748359800000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-4.fra56.r.cloudfront.net
Software: istio-envoy /
Resource Hash: b4a9fb47a4149eab570201764dbea5d43675a6ff2ed506694504060c01fecbb1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://fontgenerator.cc/

Response headers

content-encoding: gzip
x-envoy-upstream-service-time: 3
access-control-allow-credentials: true
access-control-allow-methods: GET, OPTIONS
via: 1.1 d9bcd0a29e17b9290f8c9f1617335954.cloudfront.net (CloudFront)
access-control-allow-origin: https://fontgenerator.cc
x-cache: Miss from cloudfront
content-length: 109
x-amz-cf-id: C3PZEqPFjXhd1UMx03RXaIVZ4BEAlS9IlsttVH4u0l1NhegxH4GF3A==
date: Tue, 27 May 2025 15:35:25 GMT
content-type: application/json
x-amz-cf-pop: FRA56-P4
server: istio-envoy
x-reason: maxmind hosting provider
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With

GET
H2 200 trinity.json Show response
apex.go.sonobi.com/ Frame 8958 647 B
1 KB 610ms
118ms Fetch
application/json 2607:f350:3:2569:0:10:0:a
AS-XFERNET

General

Check archive.org

Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker=%7B%2237ba3fe8dfaece98%22%3A%22fa87082a6d5773189466%7C320x50%2C320x100%2C300x50%2C300x100%2C300x75%2C300x250%7Cgpid%3D%2F22960212090%2C22921845643%2FFontgenerator_S2S_Leaderboard_CarbonFallback_ROS%23bsa-zone_1742380026425-9_123456%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fwww.app.apmw.shadowshadowshadow.root64.de%2F&s=c2639380-b386-4ef1-b2b4-df3991319e11&pv=f16f2a70-b9b3-4b05-98cd-c02b5ff5dd62&vp=mobile&lib_name=prebid&lib_v=8.45.0&us=8&iqid=%7B%22pcid%22%3A%229b5b9c6d-0d29-4c7a-95c4-58d3e6c2358d%22%2C%22pcidDate%22%3A1748360125603%7D&fpd=%7B%22source%22%3A%7B%7D%2C%22site%22%3A%7B%22domain%22%3A%22app.apmw.shadowshadowshadow.root64.de%22%2C%22publisher%22%3A%7B%22domain%22%3A%22app.apmw.shadowshadowshadow.root64.de%22%7D%2C%22page%22%3A%22https%3A%2F%2Fwww.app.apmw.shadowshadowshadow.root64.de%2F%22%7D%2C%22device%22%3A%7B%22w%22%3A300%2C%22h%22%3A120%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F136.0.0.0%20Safari%2F537.36%22%2C%22language%22%3A%22de%22%2C%22sua%22%3A%7B%22source%22%3A1%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%7D%7D%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22buysellads.com%22%2C%22sid%22%3A%2219929%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%221c31b825-c066-4d00-9fb5-50ec5f506145%22%2C%22atype%22%3A1%7D%5D%7D%5D&coppa=0

Requested by

Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/fontgenerator.js?1748359800000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f350:3:2569:0:10:0:a , United States, ASN27630 (AS-XFERNET, US),

Reverse DNS

Software

sonobi-go /

Resource Hash

ef7de83dec1df07b65786c4ec7cfa78f0e38674af3b69fda65216c3e17e4aa25

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://fontgenerator.cc/

Response headers

cache-control: no-cache, no-store, private
content-encoding: gzip
pragma: no-cache
access-control-allow-credentials: true
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: https://fontgenerator.cc
content-length: 384
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
date: Tue, 27 May 2025 15:35:26 GMT
tcn: Choice
content-type: application/json
vary: negotiate,Accept-Encoding
server: sonobi-go
x-go-server: go-iad-2-5-84
x-xss-protection: 0

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ Frame 8958 139 B
705 B 334ms
115ms Fetch
application/json 37.252.171.52
ASN-APPNEX

General

Check archive.org

Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/fontgenerator.js?1748359800000

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

9dbbfd607954db1e035ccd5815f90953710e69af3db35241e906caf68de56336

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://fontgenerator.cc/

Response headers

cache-control: no-store, no-cache, private
pragma: no-cache
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials: true
x-proxy-origin: 78.159.108.38; 78.159.108.38; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; *.adnxs.com
expires: Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin: https://fontgenerator.cc
an-x-request-uuid: 129f8483-c9cb-4201-88de-d98fd9511317
content-length: 139
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date: Tue, 27 May 2025 15:35:25 GMT
x-xss-protection: 0
content-type: application/json; charset=utf-8
server: nginx/1.23.4

POST
H/1.1 200
OK buysellads Show response
direct.adsrvr.org/bid/bidder/ Frame 8958 0
420 B 280ms
51ms Fetch
application/json 35.71.170.66
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://direct.adsrvr.org/bid/bidder/buysellads
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/fontgenerator.js?1748359800000
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.71.170.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a8c33d2b6751b365d.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://fontgenerator.cc/

Response headers

x-openrtb-version: 2.3
cache-control: private
access-control-allow-credentials: true
access-control-allow-origin: https://fontgenerator.cc
content-length: 0
date: Tue, 27 May 2025 15:35:25 GMT
content-type: application/json
server: Kestrel
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept, x-integration-type

GET
H/1.1 200
OK adagio.js Show response
script.4dex.io/a/latest/ Frame 8958 61 KB
19 KB 39ms
19ms Fetch
application/javascript 2606:4700:20::ac43:4bf1
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://script.4dex.io/a/latest/adagio.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9de56ba22416192d18869051fdaa33876a9b6b3c7ed326abc7c8cc8503027797

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/

Response headers

Access-Control-Expose-Headers
Content-Encoding: br
CF-Cache-Status: HIT
ETag: W/"4ebf7042f3ba84fbe39534d4fa8c5c86"
Age: 1021985
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IdmcgSbOqvUK3PAj0wqEES8u65%2BY3gDg%2F5Qv8kVkZv%2FCdIyjNhGukoJ7n%2FR3f%2F%2F%2Fmm8XAl9EX9a00qT4QZdfrJVyLm8GHI%2B8xnwa2wdNSntIZu5f2f3UYV5CGXHtxQHbTIaulKG3EYKv3kWu"}],"group":"cf-nel","max_age":604800}
server-timing: cfL4;desc="?proto=TCP&rtt=6562&min_rtt=6336&rtt_var=1681&sent=6&recv=9&lost=0&retrans=0&sent_bytes=3466&recv_bytes=2334&delivery_rate=550899&cwnd=252&unsent_bytes=0&cid=baf08387be115d9a&ts=22&x=0"
Date: Tue, 27 May 2025 15:35:25 GMT
Content-Type: application/javascript
Last-Modified: Mon, 24 Mar 2025 20:04:09 GMT
Vary: Origin, Accept-Encoding
Transfer-Encoding: chunked
Cache-Control: public, max-age=1800
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
CF-RAY: 9466950168b1b10b-FRA
Access-Control-Allow-Origin: *
Server: cloudflare

GET
H/1.1 200
OK adagio.js Show response
script.4dex.io/a/latest/ Frame 8958 61 KB
953 B 57ms
15ms Fetch
application/javascript 2606:4700:20::ac43:4bf1
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://script.4dex.io/a/latest/adagio.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9de56ba22416192d18869051fdaa33876a9b6b3c7ed326abc7c8cc8503027797

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/

Response headers

Access-Control-Expose-Headers
Content-Encoding: br
CF-Cache-Status: HIT
ETag: W/"4ebf7042f3ba84fbe39534d4fa8c5c86"
Age: 1021985
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=miNXsD7kg%2FvRFp8bWLctP2xam9zOopSLY7rSFvh79vZLszeW5%2FmE6ISF3CzYImBjzEbUdQhmUUS3BuH8aDvcJQzYvJE4PpF42my5EMQ4NKPlvb9%2BF5iZNUqIUnZlDMHfBTBsUtmRBjt%2F1Gb%2B"}],"group":"cf-nel","max_age":604800}
server-timing: cfL4;desc="?proto=TCP&rtt=7452&min_rtt=6336&rtt_var=2215&sent=31&recv=13&lost=0&retrans=0&sent_bytes=24166&recv_bytes=2887&delivery_rate=2961457&cwnd=256&unsent_bytes=0&cid=baf08387be115d9a&ts=42&x=0"
Date: Tue, 27 May 2025 15:35:25 GMT
Last-Modified: Mon, 24 Mar 2025 20:04:09 GMT
Vary: Origin, Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, max-age=1800
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
CF-RAY: 9466950188edb10b-FRA
Access-Control-Allow-Origin: *
Server: cloudflare

GET
H2 200 dns Show response
ag.dns-finder.com/meta/ Frame 8958 2 B
233 B 306ms
124ms Fetch
text/plain 34.36.200.111
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to

Full URL: https://ag.dns-finder.com/meta/dns
Requested by: Host: btloader.com
URL: https://btloader.com/tag?o=5102648370397184&upapi=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.36.200.111 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 111.200.36.34.bc.googleusercontent.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/

Response headers

cache-control: private, max-age=180, stale-if-error=180, stale-while-revalidate=180
access-control-expose-headers: X-Resolver
x-resolver: default
via: 1.1 google
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
date: Tue, 27 May 2025 15:35:25 GMT
content-type: text/plain; charset=utf-8
vary: Origin

GET
H2 200 px.gif
ad-delivery.net/ Frame 8958 43 B
110 B 203ms
22ms Image
image/gif 2606:4700:10::ac43:b78
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=2
Requested by: Host: fontgenerator.cc
URL: https://fontgenerator.cc/embed
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:b78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/

Response headers

x-goog-metageneration: 5
access-control-expose-headers: *
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
cf-cache-status: HIT
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
age: 988875
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 43
date: Tue, 27 May 2025 15:35:25 GMT
content-type: image/gif
last-modified: Wed, 05 May 2021 19:25:32 GMT
vary: Accept-Encoding
x-guploader-uploadid: AKDAyIuUlQaOHLtCB-ZhVeUIxo8YppZ5V2nDXoWlR3n49vLY7JYsgnOhtyEo5TMX7D7YdL2l
cache-control: public, max-age=86400
x-goog-storage-class: MULTI_REGIONAL
via: 1.1 google
cf-ray: 946695028d8a0ad6-FRA
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1620242732037093
content-length: 43
server: cloudflare

GET
H3 200 favicon.ico
ad.doubleclick.net/ Frame 8958 1 KB
130 B 196ms
26ms Image
image/x-icon 142.250.184.198
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250

Requested by

Host: fontgenerator.cc
URL: https://fontgenerator.cc/embed

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f6.1e100.net

Software

sffe /

Resource Hash

d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/

Response headers

content-encoding: gzip
age: 40210
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
x-content-type-options: nosniff
expires: Wed, 28 May 2025 04:25:15 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 27 May 2025 04:25:15 GMT
last-modified: Tue, 08 May 2012 13:08:06 GMT
content-type: image/x-icon
vary: Accept-Encoding
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
content-length: 104
x-xss-protection: 0
server: sffe

GET
H2 200 px.gif
ad-delivery.net/ Frame 8958 43 B
542 B 208ms
28ms Image
image/gif 2606:4700:10::ac43:b78
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=1&e=0.26739749231631205
Requested by: Host: fontgenerator.cc
URL: https://fontgenerator.cc/embed
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:b78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/

Response headers

x-goog-metageneration: 5
access-control-expose-headers: *
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
cf-cache-status: HIT
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
age: 988875
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 43
date: Tue, 27 May 2025 15:35:25 GMT
content-type: image/gif
last-modified: Wed, 05 May 2021 19:25:32 GMT
vary: Accept-Encoding
x-guploader-uploadid: AKDAyIuUlQaOHLtCB-ZhVeUIxo8YppZ5V2nDXoWlR3n49vLY7JYsgnOhtyEo5TMX7D7YdL2l
cache-control: public, max-age=86400
x-goog-storage-class: MULTI_REGIONAL
via: 1.1 google
cf-ray: 946695028d880ad6-FRA
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1620242732037093
content-length: 43
server: cloudflare

GET
H2 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ Frame 8958 56 B
299 B 192ms
12ms Fetch
application/json 162.19.138.82
OVH OVH SAS

General

Check archive.org

Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/saas/9343

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.82 Frankfurt am Main, Germany, ASN16276 (OVH OVH SAS, FR),

Reverse DNS

ns31532337.ip-162-19-138.eu

Software

Resource Hash

4bf7c1544e9eeb9e8df9205ae2c222d5390b06c31b13582c5a42f2420c8e6f77

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://fontgenerator.cc/

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-origin: https://fontgenerator.cc
date: Tue, 27 May 2025 15:35:24 GMT
content-type: application/json;charset=UTF-8
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

GET
H3 200 gpt
securepubads.g.doubleclick.net/pagead/managed/dict/m202505270101/ Frame 8958 63 KB
23 KB 26ms
25ms Other
text/plain 142.250.186.162
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/dict/m202505270101/gpt

Requested by

Host: fontgenerator.cc
URL: https://fontgenerator.cc/embed

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

9b502c40cea58eb57328f78cf48c787ab82d46606203a135bbb813ee19fb6c6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: br
etag: 8651680878418282224
age: 2042
x-content-type-options: nosniff
expires: Tue, 03 Jun 2025 15:01:23 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Tue, 27 May 2025 15:01:23 GMT
content-type: text/plain; charset=UTF-8
vary: Accept-Encoding
cache-control: public, immutable, max-age=604800, stale-while-revalidate=7200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 23432
x-xss-protection: 0
server: cafe
use-as-dictionary: match="/gampad/ads", id="m202505270101"

POST
H2 200 481.json Show response
id5-sync.com/g/v2/ Frame 8958 385 B
582 B 61ms
10ms Fetch
application/json 162.19.138.119
OVH OVH SAS

General

Check archive.org

Download Go to

Full URL

https://id5-sync.com/g/v2/481.json

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/saas/9343

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.119 Frankfurt am Main, Germany, ASN16276 (OVH OVH SAS, FR),

Reverse DNS

ns31533570.ip-162-19-138.eu

Software

Resource Hash

94cc1bb96ffbc75839cafa808badfaf6f972f184edfba255a215dd8da66ad39a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://fontgenerator.cc/

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-origin: https://fontgenerator.cc
date: Tue, 27 May 2025 15:35:25 GMT
content-type: application/json
vary: Origin
access-control-allow-credentials: true

GET
H2 200 eruda Show response
cdn.jsdelivr.net/npm/ 464 KB
115 KB 73ms
25ms Script
application/javascript 2606:4700::6810:afe2
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://cdn.jsdelivr.net/npm/eruda

Requested by

Host: www.app.apmw.shadowshadowshadow.root64.de
URL: https://www.app.apmw.shadowshadowshadow.root64.de/uv/uv.config.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:afe2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6df3805da066f2dbaeaa547b4ca83fa5c7c10ca8b6ba4357b0897bf3cc3b9a1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.app.apmw.shadowshadowshadow.root64.de/

Response headers

access-control-expose-headers: *
content-encoding: br
cf-cache-status: HIT
etag: W/"73eb0-Dx06OqDSMQPOVX/f6nBmzvwreY0"
age: 6908
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Lue%2B%2Bc1je%2FhaxrDABo5fvWRRrg6BxYcokTkTSPPJhOW866D11U14%2FxS1MlCuB6BODSH3nJfi55QEIm5IJpk4%2B5RSmaPiGuVYI7VU1EQAPFK9d9%2F%2B3EnRRLjHK6CaHQ6aePC5sMjr7pLh1GdhJRc%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-jsd-version-type: version
alt-svc: h3=":443"; ma=86400
x-cache: HIT, HIT
date: Tue, 27 May 2025 15:35:25 GMT
content-type: application/javascript; charset=utf-8
x-served-by: cache-fra-eddf8230066-FRA, cache-lga21974-LGA
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 9466950319148ed5-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 116465
server: cloudflare
x-jsd-version: 3.4.1

GET
H3 200 home.png
www.app.apmw.shadowshadowshadow.root64.de/assets/imgs/icons/pages/ 13 KB
13 KB 118ms
114ms Image
image/png 104.243.38.18
RELIABLESITE

General

Check archive.org

Download Go to Show image

Full URL: https://www.app.apmw.shadowshadowshadow.root64.de/assets/imgs/icons/pages/home.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.243.38.18 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: / Express
Resource Hash: 33c90221403fec4c268cf866ea954a740331d68ef1255c628a386093225ee109

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.app.apmw.shadowshadowshadow.root64.de/

Response headers

cache-control: public, max-age=86400, must-revalidate, public, max-age=604800
cross-origin-opener-policy: same-origin
etag: W/"32de-19630f6df13"
via: 1.1 Caddy
accept-ranges: bytes
content-length: 13022
date: Tue, 27 May 2025 15:35:25 GMT
last-modified: Sun, 13 Apr 2025 21:03:27 GMT
x-powered-by: Express
content-type: image/png

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8958 0
20 B 53ms
49ms Image
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_stats&su=fontgenerator.cc&doc=complete&pg_h=405&pg_w=300&pg_hs=405&c=1&aa_c=0&av_h=40&av_w=240&av_a=9600&b=139.953&all_b=139.953&d=0.099&all_d=0.099&ard=0.079&all_ard=0.079&dt=d

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Tue, 27 May 2025 15:35:25 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 favicon.ico
www.app.apmw.shadowshadowshadow.root64.de/ 15 KB
3 KB 103ms
102ms Other
image/vnd.microsoft.icon 104.243.38.18
RELIABLESITE

General

Check archive.org

Download Go to

Full URL: https://www.app.apmw.shadowshadowshadow.root64.de/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.243.38.18 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: / Express
Resource Hash: 17121520efdb21823ea10bdc2115a34f772f78c0bea04cfdff41d615c520616e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.app.apmw.shadowshadowshadow.root64.de/

Response headers

cache-control: public, max-age=604800
content-encoding: gzip
cross-origin-opener-policy: same-origin
etag: W/"3c2e-191c2e4c57b"
via: 1.1 Caddy
content-length: 2990
date: Tue, 27 May 2025 15:35:25 GMT
content-type: image/vnd.microsoft.icon
x-powered-by: Express
vary: Accept-Encoding
last-modified: Thu, 05 Sep 2024 15:54:18 GMT

GET
H2 200 country Show response
api.btloader.com/ Frame 8958 37 B
215 B 263ms
133ms Fetch
application/json 130.211.23.194
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to

Full URL: https://api.btloader.com/country?o=5102648370397184
Requested by: Host: btloader.com
URL: https://btloader.com/tag?o=5102648370397184&upapi=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 04fcb3b36a8a7bdccb4d6d19f659416dbea46e4599303c362b95cc36b079c1ce

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/

Response headers

cache-control: private, max-age=300, stale-while-revalidate=600, stale-if-error=600
via: 1.1 google
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37
date: Tue, 27 May 2025 15:35:26 GMT
content-type: application/json
vary: Origin

POST
H2 204 pv
api.btloader.com/ Frame 8958 0
0 137ms
136ms Fetch 130.211.23.194
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to

Full URL: https://api.btloader.com/pv?nlf=false&tid=cegJHfOx-6uxdgqWrR-9712625cd5&sid=8DV7GGLbC3-dKuWdJO5i-9712625cd5&cv=2.1.102-1-g48599ff&upapi=true
Requested by: Host: btloader.com
URL: https://btloader.com/tag?o=5102648370397184&upapi=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/

Response headers

via: 1.1 google
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 27 May 2025 15:35:26 GMT
vary: Origin

GET
H3 200 sodar Show response
ep1.adtrafficquality.google/getconfig/ Frame 8958 17 KB
13 KB 158ms
32ms XHR
application/json 142.250.184.226
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://ep1.adtrafficquality.google/getconfig/sodar?sv=200&tid=gpt&tv=m202505200101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202505200101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

8b5947b6e7dee00ba35a912f5a28a501c11f012a7f60e483ea8aada5589c595e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/

Response headers

timing-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 13013
date: Tue, 27 May 2025 15:35:26 GMT
x-xss-protection: 0
content-type: application/json; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H3 200 ads Show response
pagead2.googlesyndication.com/gampad/ Frame 8958 654 B
353 B 60ms
59ms Fetch
text/plain 142.250.185.130
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/gampad/ads?pvsid=7749828810531478&correlator=342785215212328&eid=31092621%2C31092678%2C95353384%2C83321443%2C31061691%2C31061693&output=ldjh&gdfp_req=1&vrg=202505200101&ptt=17&impl=fifs&iu_parts=22960212090%3A22921845643%2CFontgenerator_S2S_Leaderboard_CarbonFallback_ROS&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C320x50%7C320x100%7C300x50%7C300x100%7C300x75%7C300x250&fluid=height&ifi=1&didk=1335524158&dids=bsa-zone_1742380026425-9_12345&adfs=4189537219&sfv=1-0-45&eri=1&sc=1&cdm=fontgenerator.cc&abxe=1&dt=1748360126242&lmt=1748360126&adxs=30&adys=225&biw=-12245933&bih=-12245933&isw=300&ish=120&scr_x=-12245933&scr_y=-12245933&ucis=xumml0tjk7yr&oid=2&u_his=1&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&nhd=1&url=https%3A%2F%2Ffontgenerator.cc%2Fembed&ref=https%3A%2F%2Fwww.app.apmw.shadowshadowshadow.root64.de%2F&top=https%3A%2F%2Fwww.app.apmw.shadowshadowshadow.root64.de%2F&rumc=7749828810531478&rume=1&vis=1&psz=233x224&msz=240x40&fws=260&ohw=300&topics=5&tps=5&htps=5&a3p=EhMKDGlkNS1zeW5jLmNvbRIBMFgBEjQKCnB1YmNpZC5vcmcSJDk0M2Q4OGI4LTU2NjktNGNjYy05ZmIwLWZjMGVhZDkyMzk4NFgB&nt=1&psd=WzMxLFtdLG51bGwsM10.&dlt=1748360124803&idt=577&ppid=943d88b856694ccc9fb0fc0ead923984&prev_scp=optimize_auction_id%3D1%26optimize_upstreams%3DPrebid%26optimize_ad_unit_id%3Dbsa-zone_1742380026425-9_123456%26optimize_imp_id%3D1748360126224-3e2adf33%26optimize_inview%3Dfalse%26optimize_refresh_int%3D0&cust_params=origin%3Dunknown%26ECT%3D4g%26hb_rf%3D0%26optimize_acceptable%3Dfalse%26optimize_adl_debug%3Dfalse%26optimize_ctv_debug%3Dfalse%26optimize_debug%3Dfalse%26optimize%3Dtrue%26optimize_adl_id%3D%26optimize_amp%3Dfalse%26optimize_audience%3Ddesign%26optimize_env%3Dprod%26optimize_pub%3Dfontgenerator%26optimize_xp%3Da%26optimize_refreshed%3Dfalse%26optimize_pathname%3D%252Fembed%26optimize_pv_id%3D1748360125636-1d28521f&adks=400283343&frm=24&eoidce=1&pbbce=1&td=1&egid=10490&tan=45548d95-ad2b-492b-912d-f9f0a6e75f4d&tdf=2

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202505200101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

79a7c63d9c877bdf7e701ba9cc8cfc2ec877c53e5033c54afa3a4bd481581a65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/

Response headers

content-encoding: br
google-lineitem-id: -2
x-content-type-options: nosniff
google-mediationtag-id: -2
google-mediationgroup-id: -2
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Tue, 27 May 2025 15:35:26 GMT
content-type: text/plain; charset=UTF-8
google-creative-id: -2
cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: https://fontgenerator.cc
content-length: 324
x-xss-protection: 0
server: cafe

GET
H3 200 container.html Show response
0cdfc820b56b772b88acb99a44f98aba.safeframe.googlesyndication.com/safeframe/1-0-45/html/ Frame 4D0F 7 KB
3 KB 86ms
21ms Document
text/html 172.217.18.1
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://0cdfc820b56b772b88acb99a44f98aba.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202505200101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f1.1e100.net

Software

sffe /

Resource Hash

f1a68bf826c55985468304f4284a09cb8a68e82503d764166e611a7c58a85a4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fontgenerator.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: br
content-length: 3121
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 27 May 2025 15:35:26 GMT
expires: Tue, 27 May 2025 15:35:26 GMT
last-modified: Thu, 08 May 2025 23:15:48 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
ep2.adtrafficquality.google/sodar/ Frame 8958 20 KB
7 KB 70ms
21ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://ep2.adtrafficquality.google/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202505200101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a7f65c0446b6cac3175458f6388304d0c23e70d11fa0db20920a619f1bc18623

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/

Response headers

content-encoding: gzip
etag: "1747411493688989"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
x-content-type-options: nosniff
expires: Tue, 27 May 2025 15:35:26 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 27 May 2025 15:35:26 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: private, max-age=3000
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 7188
x-xss-protection: 0
server: sffe

POST
H3 204 ping
pagead2.googlesyndication.com/pagead/ Frame 8958 0
0 46ms
44ms Fetch
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Download Go to

Full URL: https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202505200101/pubads_impl.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s50-in-f2.1e100.net
Software: /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://fontgenerator.cc/

Response headers

GET
H2 200 runner.html Show response
ep2.adtrafficquality.google/sodar/sodar2/237/ Frame C4D1 13 KB
5 KB 15ms
14ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://ep2.adtrafficquality.google/sodar/sodar2/237/runner.html

Requested by

Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

14b660a511e14a9a481c6fe43c576f36c61b656cfd379728c54f1128e1855966

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fontgenerator.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 1424
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3000
content-encoding: gzip
content-length: 5044
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 27 May 2025 15:11:42 GMT
expires: Tue, 27 May 2025 16:01:42 GMT
last-modified: Tue, 13 May 2025 23:17:50 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 99lcxn2YvEFuFPB90BzYKtdfgSsvSUIzwZpxI2siobo.js Show response
pagead2.googlesyndication.com/bg/ Frame C4D1 54 KB
20 KB 18ms
18ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/99lcxn2YvEFuFPB90BzYKtdfgSsvSUIzwZpxI2siobo.js

Requested by

Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2/237/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

sffe /

Resource Hash

f7d95cc67d98bc416e14f07dd01cd82ad75f812b2f494233c19a71236b22a1ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://ep2.adtrafficquality.google/

Response headers

content-encoding: br
age: 22752
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
x-content-type-options: nosniff
expires: Wed, 27 May 2026 09:16:14 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 27 May 2025 09:16:14 GMT
last-modified: Mon, 19 May 2025 09:28:00 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
accept-ranges: bytes
content-length: 20818
x-xss-protection: 0
server: sffe

GET
H3 204 generate_204
ep2.adtrafficquality.google/ Frame C4D1 0
10 B 14ms
13ms Image
text/plain 142.250.185.161
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL: https://ep2.adtrafficquality.google/generate_204?qF_7Aw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s51-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://ep2.adtrafficquality.google/sodar/sodar2/237/runner.html

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Tue, 27 May 2025 15:35:26 GMT
cross-origin-resource-policy: cross-origin

POST
H2 204 csi
csi.gstatic.com/ Frame 8958 0
534 B 312ms
20ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~mb6oh6ts&c=7749828810531478&e=31092621%2C31092678%2C95353384%2C83321443%2C31061691%2C31061693&ctx=1&met.9=1.106~2.161~9.0~3_3.1ub~7_3.0~4_3.1yd~5_3.1yf&met.10=1_1.CIBLEAAY____________ASDNDSgA~1_1.CAAQABgAILcSKAA~1_3.CIBLEAAY____________ASC5EigA&met.3=112.1dh_1~113.1jw_2&met.7=CBsQCMABg861_gs~CBIQBxgBIK0HKK0HMJMIOGdArQdIsAdQsAdY-Qdg1gdo-QdwkAh4zA-AAaANiAGIQKoBCwoJT3BlbitTYW5zsAEBuAEDwAGxoLupCg~CBsQByCtBzirAcAB2f_PtQ4~CBsQByCtBzg1wAG_jNecDQ~CBsQByCtBzg1wAGNje7uAQ~CBsQCiCtBziMAcABt5CqoAg~CDsQChgBIK0HKK0HMIUKONgCQN8ISOMIUOMIWKsJYOMIaK8JcO8JeMaSAoABmpACiAGl-QawAQG4AQPAAeLN6pYJ~CBsQCiCtBzjZAsAB257YvQs~CBsQChgBIK0HKK0HMPcKOMkDwAGM1djrBA~CBsQCiCtBziABcAB0sylmg8~CBsQCiCtBzg1wAHr2fHaBQ~CBsQCiCtBzixAcABk8HAqAo~CBsQCiCtBzgvwAHLzIL9CA~CBsQCiCtBzgxwAGtoeyaBQ~CBsQCiCtBzjAAcAB1s_V2Qk~CBsQCiCtBzjCAcAB_JnNuwc~CBsQCiDeCDi0A8ABuPa9ggo~CBsQBiD1CDgswAGE2aicCQ~CEMQChgBIJcKKJcKMJoLOIIBaJgKcM4KeNvPCoABr80KiAGx1yGwAQG4AQPAAaqZ74sK~CBsQCiC8CjiVAcAB5Pj7qgw~CBsQCiC3DDibAcABztyHyAM~CBkQChgBILgMKLgMMNoNOKMBQLgMSL4MUL4MWLENYL4MaLINcM8NeP3JAYAB0ccBiAGhnQSwAQG4AQPAAZTdwNgF~CBsQCiDtDDhvwAH9-5jkBQ~~~CFIQBxgBIIUOKIUOMKoOOCZQhQ5YnQ5ghQ5ohQ5wng54tLkBgAGItwGIAeX7A7ABAbgBA8AB5cGGTQ~~~~CBsQBhgBIP0NKP0NMMwPOM8BwAHehf-GDQ~~CBsQBiD9DTjVAcAB2vqzNw~CBsQBiD9DTjXAcAB2vqzNw~CBsQCDjWD8ABg861_gs~CBsQDSDVDDiZA8ABiJfIgws~~~CBwQBhgBIN0PKN0PMJcQODpo5Q9wlRB4rAKwAQG4AQPAAZSE4rUO~~~~~~~~~~~~CBsQDSC_EjihAcAByOnstQ8~CCcQBBgBINQSKNQSMOUTOJEBUKYTWLsTYKYTaKcTcOATePAEgAHEAogBjgWwAQG4AQPAAZLotdkF~CBsQBRgBINcSKNcSMIAUOKkBQKkTSM8TUM8TWOgTYM8TaOoTcP4TeN0agAGxGIgB7DmwAQG4AQPAAbmsuaIN~CBsQCiDiEzhNwAGSirvlAw~CBwQBBgBIJAUKJAUMMMUODPAAfWUnY4L~CBsQBSC0FDj0AcABxvmU6As&met.1=1.mb6oh5gb~6.4~7.5~8.l~9.m~10.20~11.u~12.21~13.ps~14.pu~15.q0~16.w0~17.191~18.192~19.1jq~20.1jq~21.1jq~22.wc~23.wc&qqid.1=CN2nloL9w40DFZolBgAdb1skEA
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
report-to: {"group":"ascnsrsgcc:41:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgcc:41:0"}],}
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgcc:41:0
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=ascnsrsgcc:41:0
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 27 May 2025 15:35:27 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
content-type: image/gif
server: Golfe2

GET
H3 204 sodar
ep1.adtrafficquality.google/pagead/ Frame 8958 0
17 B 58ms
57ms Image
image/ 142.250.184.226
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://ep1.adtrafficquality.google/pagead/sodar?id=sodar2&v=237&t=2&li=gpt_m202505200101&jk=7749828810531478&bg=!k5ClkN_NAAYA59AtIOc7ADQBe5WfOIwEC7V_Ot0Qsq-NAopyOT86aJJBUqBiMaM7DSTxtHnZUJdOu4-q8pCzzuiZYTUMAgAAAEdSAAAAA2gBB34ANhtU8CZSQqW1sJR0HU2jOSzwY4aW1ZEPN0UpIR4UvyHwV2zfb-OSwhfRwL5t1laLu9xKZ2x3yJkCjGG27VLEGuOV6J0khBKsYc7ZwFjduFD1xsHnrhDjY5MchkOO3cMBqoHMxeoJxZIXAfzIOtwAxt_1hBUzezYRQE5MPlEkKnLGE8OyVuCkqvk3W80K4Oh39tylWkxKwTYpsT_vuo7RZ0IlKbYsbZy2FqVK6HAtE97duVMAFdzhOiTsXhJ57NOf5NK7CIzr8y2ruQmSe7DIVboT2Htjih5UlZUvAGQWJB9OEap3zgfKbP0Jy7Haml5oc8WQ7tfBwcgUNKcIPptS2m3SPoS-FVZZo8yyh_VNB6-BhGIjv2RhvoP2RYrKRCcMrTGAqvmdb4Gh_H1B9eMaeYe0ufk1O4HludXTpojXzanhuyoiP6rAF7wANKzDR7TcBIsNXaUvk9E5K3a94c3C_pi-UavdoJ4Z73TWEnjMSboO0W2Js_X-fYzOEDFSxbMpGQFqoZ_L8imkWyeEildkDjnQu3_krt40qtIOVpZdxYj0rfct3-Xp25n4DGW8XVfEKUJU-TmsXXH8nwM4COZnj5rcJhq1fIHJS5EBBbOgqWd2L1latV68KYs5HGW_gQ7pb-1w7pnqoRZkaUTd8pm1a6wWGNa27659ANCrbTVEGuTKGOYVUEv3KY2xzPofjj6dnmhhGOc-MP30_AN1skW9rN1UY7_nBBzllbaKXaGjLd-A4SK88Zbn1biB_uIddWK6xrH5Y90N5bqcGzLo-FNY6OHcpKPZ23a9Hd_MuePrEut4yyMXvTNGRtBnt58_JPFq7pJcJJnhZeSwLcxagpNV-9BJYjLcV4G6pAPScwpzGkaDC42v__ZVCX3cxAaZWIgstKSEs0_USMzOqVdjj1zL6CG70qG6Koe36CmG8BnIVf6LwDl7vlA

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/

Response headers

timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Tue, 27 May 2025 15:35:27 GMT
x-xss-protection: 0
content-type: image/
server: cafe

POST
H3 204 ping
pagead2.googlesyndication.com/pagead/ Frame 8958 0
0 46ms
44ms Fetch
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Download Go to

Full URL: https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202505200101/pubads_impl.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s50-in-f2.1e100.net
Software: /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://fontgenerator.cc/

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.app.apmw.shadowshadowshadow.root64.de
URL: https://www.app.apmw.shadowshadowshadow.root64.de/baremux/worker.js

Verdicts & Comments Add Verdict or Comment

43 JavaScript Window variables

These are the non-standard variables defined on the window object. These include var declarations and global functions and can be helpful in identifying possible client-side frameworks and code.

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.root64.de/	1970-01-21 15:15:20	Name: _ga Value: GA1.1.1294925867.1748360124
.root64.de/	1970-01-21 15:15:20	Name: _ga_NCTSG4T1B6 Value: GS2.1.s1748360123$o1$g1$t1748360125$j0$l0$h0
.rubiconproject.com/	1970-01-21 14:24:56	Name: khaos Value: MB6OH6ZN-1R-I00W
.rubiconproject.com/	1970-01-21 14:24:56	Name: audit Value: 1\|yQuirGeEF6ASUmukT2u6fb3dDCC+ZXywNKDLFkebH7rI6LsXhGpVck2qJ9UMKL4hK7+rkKfFPvCvS0AeRSFplx0kfLSjtbQdX6y57In8oPTAJNEkSoA2Zkgcdj94p/MzayvbO09yC6wijy0RC4Zd8SKPLRELhl3xIo8tEQuGXfHQD5U7tEfUTQ==
.ingage.tech/	1970-01-21 07:48:56	Name: instUid Value: fdb3ca24-ac9c-4389-8602-9db85be6fca1
.ingage.tech/	1970-01-21 07:48:56	Name: cookieRegion Value: wdc
prebid.media.net/	1970-01-21 09:58:32	Name: receive-cookie-deprecation Value: 1
.go.sonobi.com/	1970-01-21 14:24:56	Name: __uis Value: 05defcb2-3518-4c58-b311-c8ff625898fe
.go.sonobi.com/	1970-01-21 05:40:46	Name: _usd_app.apmw.shadowshadowshadow.root64.de Value: f16f2a70-b9b3-4b05-98cd-c02b5ff5dd62
apex.go.sonobi.com/	1969-12-31 23:59:59	Name: Value: receive-cookie-deprecation: 1
.go.sonobi.com/	1970-01-21 05:39:20	Name: __uih Value: 1
.go.sonobi.com/	1969-12-31 23:59:59	Name: HAPLB8G Value: s8584\|aDXbw
fontgenerator.cc/	1970-01-21 05:39:20	Name: TESTCOOKIESENABLED Value: 1
.fontgenerator.cc/	1970-01-21 09:58:32	Name: __eoi Value: ID=2c7b49e6774fa76c:T=1748360126:RT=1748360126:S=AA-AfjZ83euEM0A6Rw9mzIe6TX5l

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://bnalk&size=24 Message: Failed to load resource: the server responded with a status of 404 ()
rendering	warning	URL: https://ep2.adtrafficquality.google/sodar/sodar2/237/runner.html Message: [GroupMarkerNotSet(crbug.com/242999)!:A0101D00442D0000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0cdfc820b56b772b88acb99a44f98aba.safeframe.googlesyndication.com
acscdn.com
ad-delivery.net
ad.doubleclick.net
ads.servenobid.com
ag.dns-finder.com
apex.go.sonobi.com
api.btloader.com
app.tinyadz.com
bidder.criteo.com
btloader.com
cdn.jsdelivr.net
cdn4.buysellads.net
cdnjs.cloudflare.com
csi.gstatic.com
direct.adsrvr.org
ep1.adtrafficquality.google
ep2.adtrafficquality.google
ex.ingage.tech
exchange.cootlogix.com
fastlane.rubiconproject.com
fontgenerator.cc
fonts.googleapis.com
fonts.gstatic.com
g2.gumgum.com
gum.criteo.com
hb-api.omnitagjs.com
hb.yellowblue.io
ib.adnxs.com
id5-sync.com
lb.eu-1-id5-sync.com
onetag-sys.com
pagead2.googlesyndication.com
partner.senty.com.au
prebid.media.net
prg.smartadserver.com
pubtrky.com
rtb.openx.net
script.4dex.io
securepubads.g.doubleclick.net
srv.buysellads.com
stats.senty.com.au
stpd.cloud
t2.gstatic.com
www.app.apmw.shadowshadowshadow.root64.de
www.google-analytics.com
www.google.com
www.googletagmanager.com
youradexchange.com
www.app.apmw.shadowshadowshadow.root64.de
104.17.25.14
104.18.17.201
104.237.132.182
104.243.38.18
130.211.23.194
142.250.184.198
142.250.184.226
142.250.185.130
142.250.185.161
142.250.186.162
143.244.197.139
152.42.150.143
159.65.211.77
162.19.138.119
162.19.138.82
172.217.16.131
172.217.18.1
172.67.128.189
172.67.188.110
172.67.205.141
188.114.96.3
2001:4860:4802:32::3
2001:4860:4802:38::178
209.38.60.16
216.58.206.68
2602:803:c003:200::21
2606:4700:10::6816:4bd8
2606:4700:10::ac43:5ab
2606:4700:10::ac43:b78
2606:4700:20::ac43:4bf1
2606:4700:3035::6815:142
2606:4700::6810:aee2
2606:4700::6810:afe2
2606:4700::6812:1962
2606:4700::6812:1f31
2607:f350:3:2569:0:10:0:a
2a00:1450:4001:80b::200a
2a00:1450:4001:829::2004
2a00:1450:4001:82b::2001
2a00:1450:4001:82b::2008
2a02:2638:3::39
2a02:2638:3::c
34.1.1.166
34.120.63.153
34.252.183.237
34.36.200.111
35.186.253.211
35.71.170.66
37.252.171.52
51.38.120.206
52.222.236.4
81.17.55.113
042a1652e0b3d20d268a194befaea0c5841026a91a14214abac003d605e0ed65
04fcb3b36a8a7bdccb4d6d19f659416dbea46e4599303c362b95cc36b079c1ce
0626a6c736b76eb7041de8495b2dd6ab199afc337f69d2f238463469a5d70362
0b11eecfa382b1f2092d94e727a0145c9f6c2866e04419eef89e9bc381c7a787
10d159adb573ca535b8275f1d27dc8d60fffd9678ee3b5f1a0f7b4be4a77342f
115e6a31ef60c48a82c89bc6a7ef88eaaee076a2eab6595aed0072598f0f9d55
14b660a511e14a9a481c6fe43c576f36c61b656cfd379728c54f1128e1855966
1562c1b6966919f59dad5ce26d7ce05a4ecdfc4e6f7f9b8d1d6fa826508794cc
17121520efdb21823ea10bdc2115a34f772f78c0bea04cfdff41d615c520616e
19492573e99443369d3da235c38f1a430842fce993891f89054f0c7e4e4389e7
217bef43e1ece84e8dc9eb6f2e6629b6d24d8738c663f47f33edc697b9a097a5
24c817c4fef658a57754e07c2c89b185e9de3a2bc4261d7e863b345f27df82c4
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
28a2e66d41b018bf27fbf4e3434b298b0b9afaf920f9e8a49dd60ded1e1ae903
2b4c449d8a2a73c9366bc59a9440b88453e346ccd82bd3607f48e3d43bfe7541
33c90221403fec4c268cf866ea954a740331d68ef1255c628a386093225ee109
34a9777ffd118cee614ab974da88397fb84a09643314a4a65127a86c27eb6e6d
36ca4a42945d362bc2e3e970d6ed01c7a9f3afc4e305f862d08cf7977acd4f98
37c415fa0411cbabd43d43835d830fdda0951128c1e77b841fbfb104018f7388
3b9767e5d0bea4d284bb1e624cc6ee3244b13efedfe5424eb5140ef326511eb7
3ff4e107901c810062910e50a956b5ad423cc2a6bcb69074890879f4ba3a4ede
40847f04a0b4dbacd513872a0472555bf0dd89cfcd4c7d905a0166469f80b438
41e9e0b7ccf8d3af68bcbb38488e18d48198ee131b2df9ff128e4e6e911099c6
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
46f157418453cf1c1bd12b89db4a2ad62d0dffdd4700ca9c92d44592d0a071ad
4bbba479472ffa4241be401098dddafddc48cd7d1377c83d0048cc364933cbd0
4bf7c1544e9eeb9e8df9205ae2c222d5390b06c31b13582c5a42f2420c8e6f77
4e3e6b20f1eae4923f24bf1e3dab2dde56b255c331cdc17b9507e790a48cc36b
4f6d3ce6fee0211ee389d61a9344b2f0ff30dc1f7db4e6fd9f2e9417f800afc6
504460751d9d131dae7dcd29927c1cd147be3cb0651003de4ee6b0fea5fef6ae
56e70443c37648d17bb54e83ae0028731328f86afb12edd626e8584718be71e0
59bfe9bc385ad69f50793ce4a53397316d7a875a7148a63c16df9b674c6cda64
5bcae56fb9334fe8446c36552a142eab9929fe2a2c91732072dd20818c9c17dc
5d881b69841cd18f3db8831bd5f0e57149fecd4064d156cb1d3f982626903d60
5eff7005425c542db2290b5ccdf4e0a65c4219273a665ce0425264274e536ea6
638b32a4f2339ff4f58198fe56ffb89091e03c23d76a39821797c01f026e21ef
643206d8b6dc3b578c94dcdac4b9bfc14a681e7fec87855ba56f9defd2534711
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
69d9ac5984ab481e3a40b4b75c330920e56aa12c8d37bfaccc4ab6cedcdda50f
69df9520e73d741f328f7a40e279710499d1e2af1a81de60b2be855802f0745c
6d35a7ee5aac9714da95d1a4f632cdb97d560a5ecf5e3908a1d229bc8c1057c0
6df3805da066f2dbaeaa547b4ca83fa5c7c10ca8b6ba4357b0897bf3cc3b9a1f
731c3411d0f309309a97628ba465af31050e0866d07e116f7ea5a1c35e9b99c5
74a76e5980403a11a657d3ad5f43ea97fae94b8d1cdec9886eb23bdbc645dbe1
79a7c63d9c877bdf7e701ba9cc8cfc2ec877c53e5033c54afa3a4bd481581a65
7a0c35a121f3e7e3f34c9d2f237b73fb5519dedd0f43b67d0a7466ce0e1473fb
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
7f116ce064296bb68f5adc78f16e0298efd4a0db15077406976147f6ce69a5b8
8526a70a75a43b3d992ba9323002eed4599f5d1b74a95302e879a2192262b60a
8a346698d1fe701441863c329bf5132a5536faeaa68ccd7751931726ad04b329
8b5947b6e7dee00ba35a912f5a28a501c11f012a7f60e483ea8aada5589c595e
8b6965a87cf7118c3c59e80a39eb18dfead63c4a4b8e0a1e0134f5842cd4d8cc
8e1c63600bf52ac2101c85ecdef6f843d1d593f6c097f32591fcfea496ec4073
92335a8a579ab20778ad116b2e403ac436989b7c6b760bd9e906d451483ddb24
94cc1bb96ffbc75839cafa808badfaf6f972f184edfba255a215dd8da66ad39a
9b502c40cea58eb57328f78cf48c787ab82d46606203a135bbb813ee19fb6c6d
9dbbfd607954db1e035ccd5815f90953710e69af3db35241e906caf68de56336
9de56ba22416192d18869051fdaa33876a9b6b3c7ed326abc7c8cc8503027797
a07ed6c92587063c8a3f828c58ed8076071418ca3181e9f67817c8d5041b0c47
a76799d383e84544bb37f128665c43341e94deae0101f7a8c256982f41c46f90
a7f65c0446b6cac3175458f6388304d0c23e70d11fa0db20920a619f1bc18623
abf9bfd998405a38e5f5f61e533e4de1298162efc4409b1f161ea04e5901c366
b4a9fb47a4149eab570201764dbea5d43675a6ff2ed506694504060c01fecbb1
b6edcc080295bc506745b15d215226f6a80283818ef60e1e8805992c9c06f143
b7feb0e59e8ae4d9df402bcfaa2bb6bcb9753876e8604a043317f1af16461b06
ba92f31903d0ed43a15811c0506b1c357fa04ff643140a3c0e162dfc66cd37eb
bc3f7a35b8b8fdeaeb708924dc07f4234e80c827fc4d1251e0f7ed71c1514306
bdaf47b5db2c6b13b97a28df68b67180dc0fcda656776ae345b264c2183b9ef2
bfbf77facc0b33343150d420aa0f7e582e1657070c51895cdec89299922d96cc
c0511e29e2d9e3aa83ab107e55b5e3c2ca9c90c04027a2f551fca1d403fd9cd6
cc9b3ab0470daadec08ecf223bafa041cd60ad6ddb2b0cc5ede515e16cbd95b9
cc9b971ceaa6d18611d87707cbe276f96e878309cfe7e41e5084928e665df224
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d4be4824499330afdd7139a22d7ad59bd2146bc17565e9ac961461388245b0dc
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
dbe5b7ecbb1e59ac15de1b1ea340c9540f8d1cf1764c667aeca64a1fdd3b639c
dc1293460e62d8f4d91ef29b9bac4f123837f7c2c840ef3a52763782c12bc682
dcf69f9128fcf29ee1ce8e65dbad713b2e4e80cac0817e8a856c4a1780349bb5
ddb96c25de07962ffbc0243e6e68177ce74aee9fd950cb4f5d8d3c8e6c524a09
e3715d1fe227e6550c249faf6362adb08c08898bc88db2192ea12b39b8be0974
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7af9d60d875eb1c1b1037bbbfdec41fcb096d0ebcf98a48717ad8b07906ced6
e970bdd269198fc1bf6183c389d2d299cf05c1e7b2076cee4fcf6ba7ac01be02
ea7fb526203a7e6eed35cc2fcdc98c76cb136dba25b23fae9e5fab3588877596
ef7de83dec1df07b65786c4ec7cfa78f0e38674af3b69fda65216c3e17e4aa25
f1a68bf826c55985468304f4284a09cb8a68e82503d764166e611a7c58a85a4b
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
f5f36977e96a38963c796982ed3915e49673ba0b63f3d51031a1500c1f0907bd
f7d95cc67d98bc416e14f07dd01cd82ad75f812b2f494233c19a71236b22a1ba
f9d8e58b6cdcdf7831511b8a69c82bc6b71c335ade7b7efa21b634e08cf9789d
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

www.app.apmw.shadowshadowshadow.root64.de Open in urlscan Pro 104.243.38.18 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

122 Requests

98 %HTTPS

37 %IPv6

41 Domains

49 Subdomains

52 IPs

7 Countries

1627 kBTransfer

5537 kBSize

14 Cookies

1 Outgoing links

Redirected requests

122 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.app.apmw.shadowshadowshadow.root64.de Open in urlscan Pro
104.243.38.18 Public Scan

Screenshot
Live screenshot

Full Image

122
Requests

98 %
HTTPS

37 %
IPv6

41
Domains

49
Subdomains

52
IPs

7
Countries

1627 kB
Transfer

5537 kB
Size

14
Cookies

122 HTTP transactions
0 data transactions