portal.fuafajihja.shadowshark.ipv64.net Open in urlscan Pro
104.243.38.18 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://portal.fuafajihja.shadowshark.ipv64.net/
Submission: On May 28 via api (May 28th 2025, 1:31:16 am UTC) from US — Scanned from DE

Summary HTTP 235 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 66 IPs in 6 countries across 83 domains to perform 235 HTTP transactions. The main IP is 104.243.38.18, located in Piscataway, United States and belongs to RELIABLESITE, US. The main domain is portal.fuafajihja.shadowshark.ipv64.net.
TLS certificate: Issued by E5 on May 27th 2025. Valid for: 3 months.

This is the only time portal.fuafajihja.shadowshark.ipv64.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 32	104.243.38.18 104.243.38.18	23470 (RELIABLESITE) (RELIABLESITE)
4	2a00:1450:400... 2a00:1450:4001:808::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:10c9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:1962	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
4	104.237.132.182 104.237.132.182	63949 (AKAMAI-LI...) (AKAMAI-LINODE-AP Akamai Connected Cloud)
1	2606:4700:303... 2606:4700:3034::6815:86c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
7	2606:4700:303... 2606:4700:3035::6815:142	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2a00:1450:400... 2a00:1450:4001:812::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::2004	15169 (GOOGLE) (GOOGLE)
3	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6812:1e31	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
4	2606:4700:303... 2606:4700:3033::ac43:cd8d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	159.65.211.77 159.65.211.77	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
2	2606:4700:10:... 2606:4700:10::6816:bc7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:10:... 2606:4700:10::ac43:293c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700:20:... 2606:4700:20::681a:9a9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	185.89.210.141 185.89.210.141	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2607:f350:3:2... 2607:f350:3:2569:0:10:0:a	27630 (AS-XFERNET) (AS-XFERNET)
1	2a02:2638:3::39 2a02:2638:3::39	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE Criteo Technology SAS)
1	2602:803:c003... 2602:803:c003:200::21	26667 (RUBICONPR...) (RUBICONPROJECT)
4	51.75.86.98 51.75.86.98	16276 (OVH OVH SAS) (OVH OVH SAS)
4	34.1.1.166 34.1.1.166	15169 (GOOGLE) (GOOGLE)
5	143.244.197.139 143.244.197.139	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	35.186.253.211 35.186.253.211	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	34.120.63.153 34.120.63.153	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	52.222.236.4 52.222.236.4	16509 (AMAZON-02) (AMAZON-02)
1	81.17.55.99 81.17.55.99	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 LeaseWeb Netherlands B.V.)
5	52.50.66.111 52.50.66.111	16509 (AMAZON-02) (AMAZON-02)
1	35.71.170.66 35.71.170.66	16509 (AMAZON-02) (AMAZON-02)
1	45.55.100.180 45.55.100.180	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	34.36.200.111 34.36.200.111	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2606:4700:10:... 2606:4700:10::6816:541	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.184.230 142.250.184.230	15169 (GOOGLE) (GOOGLE)
2	130.211.23.194 130.211.23.194	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
2	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE Criteo Technology SAS)
1	2a04:4e42:200... 2a04:4e42:200::485	54113 (FASTLY) (FASTLY)
2	162.19.138.83 162.19.138.83	16276 (OVH OVH SAS) (OVH OVH SAS)
2	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42:600... 2a04:4e42:600::485	54113 (FASTLY) (FASTLY)
1	57.129.85.132 57.129.85.132	16276 (OVH OVH SAS) (OVH OVH SAS)
3	2a00:1450:400... 2a00:1450:4001:81d::2001	15169 (GOOGLE) (GOOGLE)
1	18.245.31.78 18.245.31.78	() ()
3	35.244.159.8 35.244.159.8	() ()
1	151.101.193.108 151.101.193.108	() ()
1	34.36.216.150 34.36.216.150	() ()
2	35.214.136.108 35.214.136.108	() ()
1 4	172.217.16.194 172.217.16.194	() ()
3	3.33.220.150 3.33.220.150	() ()
1	18.244.18.5 18.244.18.5	() ()
1 1	46.228.174.117 46.228.174.117	() ()
2 2	185.184.8.90 185.184.8.90	() ()
1	168.119.146.39 168.119.146.39	() ()
1	76.223.111.18 76.223.111.18	() ()
2	103.231.98.106 103.231.98.106	() ()
2	3.72.38.170 3.72.38.170	() ()
3	89.149.192.196 89.149.192.196	() ()
1 2	104.18.26.193 104.18.26.193	() ()
2	95.100.185.43 95.100.185.43	() ()
1 1	193.0.160.131 193.0.160.131	() ()
1 1	163.5.194.34 163.5.194.34	() ()
1	2a02:26f0:480... 2a02:26f0:480:33::212:40d3	() ()
2	103.67.200.72 103.67.200.72	() ()
1	188.40.16.220 188.40.16.220	() ()
235	66

32 104.243.38.18 (Piscataway, United States) 1 redirects

ASN23470 (RELIABLESITE, US)

portal.fuafajihja.shadowshark.ipv64.net	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

4 2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 2606:4700::6812:10c9 (United States)

ASN13335 (CLOUDFLARENET, US)

acscdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

partner.senty.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 2606:4700::6812:1962 (United States)

ASN13335 (CLOUDFLARENET, US)

youradexchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

4 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

4 104.237.132.182 (Richardson, United States)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: 104-237-132-182.ip.linodeusercontent.com

stats.senty.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 2606:4700:3034::6815:86c (United States)

ASN13335 (CLOUDFLARENET, US)

pubtrky.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

7 2606:4700:3035::6815:142 (United States)

ASN13335 (CLOUDFLARENET, US)

fontgenerator.cc	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 2a00:1450:4001:812::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 2a00:1450:4001:80b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

t0.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

3 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 2606:4700::6812:1e31 (United States)

ASN13335 (CLOUDFLARENET, US)

stpd.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

3 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

4 2606:4700:3033::ac43:cd8d (United States)

ASN13335 (CLOUDFLARENET, US)

app.tinyadz.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 159.65.211.77 (Slough, United Kingdom)

ASN14061 (DIGITALOCEAN-ASN, US)

cdn4.buysellads.net	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools
srv.buysellads.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 2606:4700:10::6816:bc7 (United States)

ASN13335 (CLOUDFLARENET, US)

ex.ingage.tech	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 2606:4700:10::ac43:293c (United States)

ASN13335 (CLOUDFLARENET, US)

btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

4 2606:4700:20::681a:9a9 (United States)

ASN13335 (CLOUDFLARENET, US)

script.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 185.89.210.141 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 2607:f350:3:2569:0:10:0:a (United States)

ASN27630 (AS-XFERNET, US)

apex.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 2a02:2638:3::39 (France)

ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 2602:803:c003:200::21 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

4 51.75.86.98 (France)

ASN16276 (OVH OVH SAS, FR)
PTR: ip98.ip-51-75-86.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

4 34.1.1.166 (Paris, France)

ASN15169 (GOOGLE, US)
PTR: 166.1.1.34.bc.googleusercontent.com

hb-api.omnitagjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools
visitor.omnitagjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

5 143.244.197.139 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)

ads.servenobid.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 35.186.253.211 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 34.120.63.153 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 153.63.120.34.bc.googleusercontent.com

prebid.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 52.222.236.4 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-4.fra56.r.cloudfront.net

hb.yellowblue.io	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 81.17.55.99 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 LeaseWeb Netherlands B.V., NL)

prg.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

5 52.50.66.111 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-50-66-111.eu-west-1.compute.amazonaws.com

g2.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 35.71.170.66 (United States)

ASN16509 (AMAZON-02, US)
PTR: a8c33d2b6751b365d.awsglobalaccelerator.com

direct.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 45.55.100.180 (New York, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

exchange.cootlogix.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 34.36.200.111 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 111.200.36.34.bc.googleusercontent.com

ag.dns-finder.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 2606:4700:10::6816:541 (United States)

ASN13335 (CLOUDFLARENET, US)

ad-delivery.net	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 142.250.184.230 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 130.211.23.194 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 194.23.211.130.bc.googleusercontent.com

api.btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

3 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

1229385e80c45377fcc07028f790d551.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 2a02:2638:3::c (France)

ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 2a04:4e42:200::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 162.19.138.83 (Frankfurt am Main, Germany)

ASN16276 (OVH OVH SAS, FR)
PTR: ns31532338.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ep1.adtrafficquality.google	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 2a04:4e42:600::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 57.129.85.132 (France)

ASN16276 (OVH OVH SAS, FR)
PTR: ns3249663.ip-57-129-85.eu

lb.eu-1-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

3 2a00:1450:4001:81d::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ep2.adtrafficquality.google	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 18.245.31.78 (None, )

ASN- ()

public.servenobid.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

3 35.244.159.8 (None, )

ASN- ()

buysellads-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools
u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools
us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 151.101.193.108 (None, )

ASN- ()

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 34.36.216.150 (None, )

ASN- ()

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 35.214.136.108 (None, )

ASN- ()

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

4 172.217.16.194 (None, ) 1 redirects

ASN- ()

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

3 3.33.220.150 (None, )

ASN- ()

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 18.244.18.5 (None, )

ASN- ()

api-ssp.spot.im	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 46.228.174.117 (None, ) 1 redirects

ASN- ()

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 185.184.8.90 (None, ) 2 redirects

ASN- ()

creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 168.119.146.39 (None, )

ASN- ()

sync.richaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 76.223.111.18 (None, )

ASN- ()

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 103.231.98.106 (None, )

ASN- ()

image8.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 3.72.38.170 (None, )

ASN- ()

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

3 89.149.192.196 (None, )

ASN- ()

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 104.18.26.193 (None, ) 1 redirects

ASN- ()

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 95.100.185.43 (None, )

ASN- ()

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 193.0.160.131 (None, ) 1 redirects

ASN- ()

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 163.5.194.34 (None, ) 1 redirects

ASN- ()

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 2a02:26f0:480:33::212:40d3 (None, )

ASN- ()

player.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 103.67.200.72 (None, )

ASN- ()

sync.adkernel.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 188.40.16.220 (None, )

ASN- ()

ittpx.eskimi.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

	Apex Domain Subdomains	Transfer
32	ipv64.net 1 redirects portal.fuafajihja.shadowshark.ipv64.net	485 KB
8	doubleclick.net 1 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 269 ad.doubleclick.net — Cisco Umbrella Rank: 229 cm.g.doubleclick.net	228 KB
7	fontgenerator.cc fontgenerator.cc — Cisco Umbrella Rank: 918538	41 KB
6	servenobid.com ads.servenobid.com — Cisco Umbrella Rank: 4200 public.servenobid.com	6 KB
5	adtrafficquality.google ep1.adtrafficquality.google — Cisco Umbrella Rank: 473 ep2.adtrafficquality.google — Cisco Umbrella Rank: 478	25 KB
5	gumgum.com g2.gumgum.com — Cisco Umbrella Rank: 1843 rtb.gumgum.com Failed usersync.gumgum.com Failed	2 KB
5	gstatic.com fonts.gstatic.com t0.gstatic.com	35 KB
5	senty.com.au partner.senty.com.au — Cisco Umbrella Rank: 889487 stats.senty.com.au — Cisco Umbrella Rank: 511131	7 KB
4	pubmatic.com image8.pubmatic.com ads.pubmatic.com image6.pubmatic.com Failed	14 KB
4	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 151 1229385e80c45377fcc07028f790d551.safeframe.googlesyndication.com	24 KB
4	adsrvr.org direct.adsrvr.org — Cisco Umbrella Rank: 1708 match.adsrvr.org	865 B
4	smartadserver.com prg.smartadserver.com — Cisco Umbrella Rank: 2304 ssbsync.smartadserver.com	441 B
4	openx.net rtb.openx.net — Cisco Umbrella Rank: 838 buysellads-d.openx.net u.openx.net us-u.openx.net	921 B
4	omnitagjs.com hb-api.omnitagjs.com — Cisco Umbrella Rank: 5899 visitor.omnitagjs.com	4 KB
4	onetag-sys.com onetag-sys.com — Cisco Umbrella Rank: 935	413 B
4	4dex.io script.4dex.io — Cisco Umbrella Rank: 3744	22 KB
4	tinyadz.com app.tinyadz.com — Cisco Umbrella Rank: 273903	8 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 107	6 KB
3	criteo.com bidder.criteo.com — Cisco Umbrella Rank: 1735 gum.criteo.com — Cisco Umbrella Rank: 524	598 B
3	adnxs.com ib.adnxs.com — Cisco Umbrella Rank: 392 acdn.adnxs.com secure.adnxs.com Failed	18 KB
3	btloader.com btloader.com — Cisco Umbrella Rank: 1318 api.btloader.com — Cisco Umbrella Rank: 1648	25 KB
3	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 296	95 KB
2	adkernel.com sync.adkernel.com	268 B
2	casalemedia.com ssum-sec.casalemedia.com Failed dsum-sec.casalemedia.com Failed	2 KB
2	sharethrough.com match.sharethrough.com	115 B
2	creativecdn.com 2 redirects creativecdn.com	1 KB
2	bidswitch.net x.bidswitch.net	275 B
2	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 560	1 KB
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 360	115 KB
2	ad-delivery.net ad-delivery.net — Cisco Umbrella Rank: 1632	652 B
2	ingage.tech ex.ingage.tech — Cisco Umbrella Rank: 5387	471 B
2	stpd.cloud stpd.cloud — Cisco Umbrella Rank: 47187	120 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 118
1	eskimi.com ittpx.eskimi.com	160 B
1	aniview.com player.aniview.com sync.aniview.com Failed	3 KB
1	rfihub.com 1 redirects p.rfihub.com	735 B
1	a-mo.net prebid.a-mo.net Failed	169 B
1	3lift.com eb2.3lift.com	140 B
1	richaudience.com sync.richaudience.com	129 B
1	1rx.io 1 redirects sync.1rx.io	247 B
1	spot.im api-ssp.spot.im	190 B
1	sitescout.com pixel-sync.sitescout.com	210 B
1	eu-1-id5-sync.com lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1148	299 B
1	dns-finder.com ag.dns-finder.com — Cisco Umbrella Rank: 1834	233 B
1	cootlogix.com exchange.cootlogix.com — Cisco Umbrella Rank: 6064 sync.cootlogix.com Failed	439 B
1	yellowblue.io hb.yellowblue.io — Cisco Umbrella Rank: 3097 cs-server-s2s.yellowblue.io Failed	630 B
1	media.net prebid.media.net — Cisco Umbrella Rank: 1481 hbx.media.net Failed	556 B
1	rubiconproject.com fastlane.rubiconproject.com — Cisco Umbrella Rank: 710 eus.rubiconproject.com Failed	1 KB
1	sonobi.com apex.go.sonobi.com — Cisco Umbrella Rank: 5823 sync.go.sonobi.com Failed	1 KB
1	buysellads.com srv.buysellads.com — Cisco Umbrella Rank: 33644	114 B
1	buysellads.net cdn4.buysellads.net — Cisco Umbrella Rank: 35165	186 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 100	128 KB
1	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 9	19 B
1	pubtrky.com pubtrky.com — Cisco Umbrella Rank: 14444	603 B
1	youradexchange.com youradexchange.com — Cisco Umbrella Rank: 16048
1	acscdn.com acscdn.com — Cisco Umbrella Rank: 21399	43 KB
0	adentifi.com Failed rtb.adentifi.com Failed
0	amazon-adsystem.com Failed s.amazon-adsystem.com Failed
0	liadm.com Failed i.liadm.com Failed
0	criteo.net Failed static.criteo.net Failed
0	socdm.com Failed tg.socdm.com Failed
0	deepintent.com Failed match.deepintent.com Failed
0	ipredictive.com Failed sync.ipredictive.com Failed
0	yahoo.com Failed pr-bh.ybp.yahoo.com Failed
0	quantserve.com Failed cms.quantserve.com Failed
0	audienceexposure.com Failed audienceexposure.com Failed
0	aidemsrv.com Failed gum.aidemsrv.com Failed
0	servedxk.com Failed ads.servedxk.com Failed
0	disqus.com Failed ssp.disqus.com Failed
0	turn.com Failed ad.turn.com Failed
0	33across.com Failed pixel.33across.com Failed ssc-cms.33across.com Failed
0	rlcdn.com Failed id.rlcdn.com Failed
0	bttrack.com Failed bttrack.com Failed
0	yieldmo.com Failed ads.yieldmo.com Failed
0	copper6.com Failed csync.copper6.com Failed
0	postrelease.com Failed jadserve.postrelease.com Failed
0	bid.com Failed rtb.bid.com Failed
0	contextualadv.com Failed sync.contextualadv.com Failed
0	lijit.com Failed ap.lijit.com Failed ce.lijit.com Failed
0	smxconv.com Failed usync.smxconv.com Failed
0	trustedstack.com Failed hb.trustedstack.com Failed
0	zemanta.com Failed b1sync.zemanta.com Failed
0	stackadapt.com Failed sync.srv.stackadapt.com Failed
235	83

	Domain	Requested by
32	portal.fuafajihja.shadowshark.ipv64.net	1 redirects portal.fuafajihja.shadowshark.ipv64.net
7	fontgenerator.cc	partner.senty.com.au fontgenerator.cc
5	g2.gumgum.com	cdn4.buysellads.net public.servenobid.com
5	ads.servenobid.com	cdn4.buysellads.net public.servenobid.com g2.gumgum.com ssum-sec.casalemedia.com
4	cm.g.doubleclick.net	1 redirects g2.gumgum.com ssum-sec.casalemedia.com
4	onetag-sys.com	cdn4.buysellads.net public.servenobid.com visitor.omnitagjs.com
4	script.4dex.io	cdn4.buysellads.net script.4dex.io stpd.cloud
4	app.tinyadz.com	fontgenerator.cc app.tinyadz.com
4	stats.senty.com.au	partner.senty.com.au stats.senty.com.au fontgenerator.cc
4	fonts.gstatic.com	fonts.googleapis.com
4	fonts.googleapis.com	portal.fuafajihja.shadowshark.ipv64.net fontgenerator.cc
3	ssbsync.smartadserver.com	public.servenobid.com visitor.omnitagjs.com
3	match.adsrvr.org	visitor.omnitagjs.com g2.gumgum.com
3	visitor.omnitagjs.com	cdn4.buysellads.net visitor.omnitagjs.com
3	ep2.adtrafficquality.google	securepubads.g.doubleclick.net ep2.adtrafficquality.google
3	pagead2.googlesyndication.com	securepubads.g.doubleclick.net ep2.adtrafficquality.google
3	securepubads.g.doubleclick.net	fontgenerator.cc securepubads.g.doubleclick.net
3	cdnjs.cloudflare.com	fontgenerator.cc
2	sync.adkernel.com	visitor.omnitagjs.com
2	ads.pubmatic.com	public.servenobid.com g2.gumgum.com
2	ssum-sec.casalemedia.com	visitor.omnitagjs.com public.servenobid.com
2	match.sharethrough.com	visitor.omnitagjs.com public.servenobid.com
2	image8.pubmatic.com	visitor.omnitagjs.com
2	creativecdn.com	2 redirects
2	x.bidswitch.net	visitor.omnitagjs.com
2	ep1.adtrafficquality.google	securepubads.g.doubleclick.net
2	id5-sync.com	stpd.cloud
2	cdn.jsdelivr.net	stpd.cloud portal.fuafajihja.shadowshark.ipv64.net
2	gum.criteo.com	stpd.cloud
2	api.btloader.com	btloader.com
2	ad-delivery.net	fontgenerator.cc
2	ib.adnxs.com	cdn4.buysellads.net public.servenobid.com acdn.adnxs.com
2	ex.ingage.tech	cdn4.buysellads.net
2	stpd.cloud	fontgenerator.cc
2	www.google-analytics.com	portal.fuafajihja.shadowshark.ipv64.net
1	us-u.openx.net	g2.gumgum.com
1	ittpx.eskimi.com	visitor.omnitagjs.com
1	player.aniview.com	visitor.omnitagjs.com
1	p.rfihub.com	1 redirects
1	prebid.a-mo.net	visitor.omnitagjs.com
1	u.openx.net	visitor.omnitagjs.com
1	eb2.3lift.com	visitor.omnitagjs.com
1	sync.richaudience.com	visitor.omnitagjs.com
1	sync.1rx.io	1 redirects
1	api-ssp.spot.im	visitor.omnitagjs.com
1	pixel-sync.sitescout.com
1	acdn.adnxs.com	cdn4.buysellads.net
1	buysellads-d.openx.net	cdn4.buysellads.net
1	public.servenobid.com	cdn4.buysellads.net
1	lb.eu-1-id5-sync.com	stpd.cloud
1	1229385e80c45377fcc07028f790d551.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	ad.doubleclick.net	fontgenerator.cc
1	ag.dns-finder.com	btloader.com
1	exchange.cootlogix.com	cdn4.buysellads.net
1	direct.adsrvr.org	cdn4.buysellads.net
1	prg.smartadserver.com	cdn4.buysellads.net
1	hb.yellowblue.io	cdn4.buysellads.net
1	prebid.media.net	cdn4.buysellads.net
1	rtb.openx.net	cdn4.buysellads.net
1	hb-api.omnitagjs.com	cdn4.buysellads.net
1	fastlane.rubiconproject.com	cdn4.buysellads.net
1	bidder.criteo.com	cdn4.buysellads.net
1	apex.go.sonobi.com	cdn4.buysellads.net
1	srv.buysellads.com	cdn4.buysellads.net
1	btloader.com	cdn4.buysellads.net
1	cdn4.buysellads.net	fontgenerator.cc
1	www.googletagmanager.com	fontgenerator.cc
1	t0.gstatic.com	portal.fuafajihja.shadowshark.ipv64.net
1	www.google.com	1 redirects
1	pubtrky.com	acscdn.com
1	youradexchange.com	acscdn.com
1	partner.senty.com.au	portal.fuafajihja.shadowshark.ipv64.net
1	acscdn.com	portal.fuafajihja.shadowshark.ipv64.net
0	rtb.adentifi.com Failed	ssum-sec.casalemedia.com
0	dsum-sec.casalemedia.com Failed	ssum-sec.casalemedia.com
0	s.amazon-adsystem.com Failed	ssum-sec.casalemedia.com
0	i.liadm.com Failed	ssum-sec.casalemedia.com
0	image6.pubmatic.com Failed	ads.pubmatic.com
0	sync.aniview.com Failed	player.aniview.com
0	static.criteo.net Failed	cdn4.buysellads.net
0	tg.socdm.com Failed	g2.gumgum.com
0	usersync.gumgum.com Failed	g2.gumgum.com
0	rtb.gumgum.com Failed	g2.gumgum.com
0	match.deepintent.com Failed	g2.gumgum.com
0	sync.ipredictive.com Failed	g2.gumgum.com
0	pr-bh.ybp.yahoo.com Failed	g2.gumgum.com
0	cms.quantserve.com Failed	g2.gumgum.com
0	audienceexposure.com Failed	visitor.omnitagjs.com
0	ssc-cms.33across.com Failed	visitor.omnitagjs.com
0	gum.aidemsrv.com Failed	visitor.omnitagjs.com
0	ads.servedxk.com Failed	public.servenobid.com
0	hbx.media.net Failed	public.servenobid.com
0	ssp.disqus.com Failed	public.servenobid.com
0	ad.turn.com Failed	public.servenobid.com ssum-sec.casalemedia.com
0	ce.lijit.com Failed	public.servenobid.com
0	cs-server-s2s.yellowblue.io Failed	public.servenobid.com visitor.omnitagjs.com
0	pixel.33across.com Failed	public.servenobid.com
0	id.rlcdn.com Failed	visitor.omnitagjs.com
0	bttrack.com Failed	visitor.omnitagjs.com
0	ads.yieldmo.com Failed	visitor.omnitagjs.com
0	csync.copper6.com Failed	visitor.omnitagjs.com
0	jadserve.postrelease.com Failed	visitor.omnitagjs.com
0	rtb.bid.com Failed	visitor.omnitagjs.com
0	sync.contextualadv.com Failed	visitor.omnitagjs.com
0	ap.lijit.com Failed	visitor.omnitagjs.com public.servenobid.com
0	usync.smxconv.com Failed	visitor.omnitagjs.com
0	hb.trustedstack.com Failed	visitor.omnitagjs.com
0	b1sync.zemanta.com Failed	visitor.omnitagjs.com g2.gumgum.com
0	secure.adnxs.com Failed	visitor.omnitagjs.com g2.gumgum.com
0	sync.srv.stackadapt.com Failed	visitor.omnitagjs.com g2.gumgum.com
0	sync.go.sonobi.com Failed	public.servenobid.com
0	sync.cootlogix.com Failed	cdn4.buysellads.net
0	eus.rubiconproject.com Failed	cdn4.buysellads.net public.servenobid.com visitor.omnitagjs.com g2.gumgum.com
235	113

This site contains links to these domains. Also see Links.

Domain
youradexchange.com

Subject Issuer	Validity	Valid
portal.fuafajihja.shadowshark.ipv64.net E5	`2025-05-27` - `2025-08-25`	3 months	crt.sh
upload.video.google.com WE2	`2025-05-12` - `2025-08-04`	3 months	crt.sh
acscdn.com WE1	`2025-05-13` - `2025-08-11`	3 months	crt.sh
partner.senty.com.au WE1	`2025-04-17` - `2025-07-16`	3 months	crt.sh
youradexchange.com WE1	`2025-04-03` - `2025-07-02`	3 months	crt.sh
*.gstatic.com WE2	`2025-05-12` - `2025-08-04`	3 months	crt.sh
stats.senty.com.au E6	`2025-05-15` - `2025-08-13`	3 months	crt.sh
pubtrky.com WE1	`2025-05-05` - `2025-08-03`	3 months	crt.sh
*.google-analytics.com WE2	`2025-05-12` - `2025-08-04`	3 months	crt.sh
fontgenerator.cc WE1	`2025-04-14` - `2025-07-13`	3 months	crt.sh
cdnjs.cloudflare.com WE1	`2025-05-22` - `2025-08-20`	3 months	crt.sh
stpd.cloud WE1	`2025-04-30` - `2025-07-29`	3 months	crt.sh
*.g.doubleclick.net WE2	`2025-05-12` - `2025-08-04`	3 months	crt.sh
tinyadz.com WE1	`2025-05-08` - `2025-08-07`	3 months	crt.sh
*.cdn4.buysellads.net E5	`2025-05-14` - `2025-08-12`	3 months	crt.sh
*.ingage.tech Sectigo RSA Organization Validation Secure Server CA	`2024-08-01` - `2025-08-11`	a year	crt.sh
btloader.com WE1	`2025-04-03` - `2025-07-02`	3 months	crt.sh
*.buysellads.com E5	`2025-05-14` - `2025-08-12`	3 months	crt.sh
script.4dex.io WE1	`2025-05-16` - `2025-08-14`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2025-02-21` - `2026-03-23`	a year	crt.sh
*.go.sonobi.com Go Daddy Secure Certificate Authority - G2	`2024-12-06` - `2026-01-07`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2025-04-18` - `2025-07-17`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2025-03-04` - `2026-04-03`	a year	crt.sh
*.onetag-sys.com DigiCert Global G3 TLS ECC SHA384 2020 CA1	`2025-01-21` - `2025-12-27`	a year	crt.sh
omnitagjs.com Sectigo RSA Domain Validation Secure Server CA	`2024-07-02` - `2025-08-01`	a year	crt.sh
ads.servenobid.com R11	`2025-05-27` - `2025-08-25`	3 months	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2024-08-14` - `2025-08-18`	a year	crt.sh
prebid.media.net WR3	`2025-05-22` - `2025-08-21`	3 months	crt.sh
*.yellowblue.io Amazon RSA 2048 M02	`2025-02-16` - `2026-03-17`	a year	crt.sh
*.smartadserver.com DigiCert Global G3 TLS ECC SHA384 2020 CA1	`2025-01-09` - `2026-02-09`	a year	crt.sh
ie-ad-exch-prd-two-eks.prd.eks.ie.adexchange.gumgum.com Amazon RSA 2048 M03	`2024-07-02` - `2025-08-01`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2025-03-19` - `2026-04-02`	a year	crt.sh
*.cootlogix.com Starfield Secure Certificate Authority - G2	`2024-10-13` - `2025-10-13`	a year	crt.sh
dns-finder.com WR3	`2025-05-12` - `2025-08-10`	3 months	crt.sh
ad-delivery.net WE1	`2025-05-06` - `2025-08-04`	3 months	crt.sh
*.doubleclick.net WE2	`2025-05-12` - `2025-08-04`	3 months	crt.sh
api.btloader.com WR3	`2025-05-27` - `2025-08-25`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2024 Q3	`2024-07-30` - `2025-08-31`	a year	crt.sh
id5-sync.com E6	`2025-05-01` - `2025-07-30`	3 months	crt.sh
adtrafficquality.google WE2	`2025-05-12` - `2025-08-04`	3 months	crt.sh
eu-1-id5-sync.com R11	`2025-05-01` - `2025-07-30`	3 months	crt.sh
*.servenobid.com Amazon RSA 2048 M02	`2024-11-07` - `2025-12-06`	a year	crt.sh
cdn.adnxs.com GeoTrust TLS RSA CA G1	`2025-04-28` - `2026-05-29`	a year	crt.sh
*.sitescout.com GeoTrust TLS RSA CA G1	`2025-01-16` - `2026-02-01`	a year	crt.sh
*.bidswitch.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2025-04-06` - `2025-07-01`	3 months	crt.sh
*.spot.im Amazon RSA 2048 M03	`2025-03-10` - `2026-04-08`	a year	crt.sh
*.richaudience.com RapidSSL TLS RSA CA G1	`2025-02-20` - `2026-02-25`	a year	crt.sh
*.3lift.com Amazon RSA 2048 M03	`2025-02-11` - `2026-03-12`	a year	crt.sh
*.pubmatic.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2025-02-19` - `2026-03-22`	a year	crt.sh
*.sharethrough.com DigiCert Global G3 TLS ECC SHA384 2020 CA1	`2024-07-15` - `2025-08-15`	a year	crt.sh
casalemedia.com E6	`2025-04-08` - `2025-07-07`	3 months	crt.sh
*.aniview.com DigiCert TLS RSA SHA256 2020 CA1	`2024-08-17` - `2025-08-20`	a year	crt.sh
*.adkernel.com GlobalSign GCC R6 AlphaSSL CA 2023	`2025-01-22` - `2026-02-23`	a year	crt.sh
*.eskimi.com GeoTrust TLS RSA CA G1	`2025-02-18` - `2026-03-21`	a year	crt.sh

This page contains 44 frames:

Primary Page: https://portal.fuafajihja.shadowshark.ipv64.net/
Frame ID: 393AFE032D6EB283D4035439E028E237
Requests: 35 HTTP requests in this frame

Frame: https://fontgenerator.cc/embed
Frame ID: C6C85EEF48FED9BD6F6248A1595C22D0
Requests: 73 HTTP requests in this frame

Frame: https://portal.fuafajihja.shadowshark.ipv64.net/home/
Frame ID: 13787167476E1E6CE4D399254974036B
Requests: 13 HTTP requests in this frame

Frame: https://1229385e80c45377fcc07028f790d551.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html?n=1
Frame ID: DB7AED4CD8527BA08B0C5911B0B2B974
Requests: 1 HTTP requests in this frame

Frame: https://ep2.adtrafficquality.google/sodar/sodar2/237/runner.html
Frame ID: 4E2A93079DE733EB1DA1DE5614627A15
Requests: 3 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1748395878832
Frame ID: 43EE820A8A7959B67EEA84D750424F3A
Requests: 1 HTTP requests in this frame

Frame: https://public.servenobid.com/sync.html
Frame ID: F9382E7E4371B67AE1BD96B8329B1F95
Requests: 13 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 608FDA2D58B9CF1F7819B577183D0F9A
Requests: 1 HTTP requests in this frame

Frame: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4
Frame ID: 41D99D7E2EB4EC151C43CC2FE2B9BCD4
Requests: 35 HTTP requests in this frame

Frame: https://buysellads-d.openx.net/w/1.0/pd
Frame ID: A3C421A1438DA3BF8F3809FB5AE10CD2
Requests: 1 HTTP requests in this frame

Frame: https://sync.cootlogix.com/api/sync/iframe/?cid=&gdpr=0&gdpr_consent=&us_privacy=
Frame ID: 937BEBAF64A703C22950AE64FEDFE6A6
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: BE5EF0132BC02DFB496149F65ED82985
Requests: 2 HTTP requests in this frame

Frame: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Frame ID: 7DD3BBD02F836C9CD8BB148B5B58EBA2
Requests: 12 HTTP requests in this frame

Frame: https://pixel.33across.com/ps?m=xch&rt=html&id=0010b00002Mq2FYAAZ&ru=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D304%26uid%3D33XUSERID33X
Frame ID: C0FA754DDCADCE629E464971D351E845
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Frame ID: 11AF189EA734ECCC55F337C4D3542B1A
Requests: 1 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Frame ID: D480FE8B291DFFB53DDA1AC3920D345A
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Frame ID: F58312B440216A05283DA771DC82268F
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Frame ID: 6B7A21C66F222437E5702B7EECE63616
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Frame ID: A3069B3B77F8B85DF0E67FBC6C2E421C
Requests: 1 HTTP requests in this frame

Frame: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Frame ID: 7EAC8C123ECED6BE0CF74FE8B157683C
Requests: 1 HTTP requests in this frame

Frame: https://gum.aidemsrv.com/ortb_sync?gdpr={GDPR}&consent={GDPR_CONSENT}&us_privacy={US_PRIVACY}&redirect=https%3A%2F%2Fvisitor.europe-west9.gcp.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DAIDEM%26ttl%3D720%26uid%3Db2f604635d0b9abde52139fc8a8034be%26visitor%3D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent=
Frame ID: C7A0F213E53D4886E1ACFD25FF6AB484
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=1&gdpr_consent=
Frame ID: E4D86AB782731CC8807AB63885C79B28
Requests: 1 HTTP requests in this frame

Frame: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fvisitor.europe-west9.gcp.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DRISE_CODES%26ttl%3D720%26uid%3D48b439bcf2930e6408d6e795f7f1cdd2%26visitor%3D%7BpartnerId%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent=
Frame ID: 1AC296528EA1BD74864CC7C8388D859B
Requests: 1 HTTP requests in this frame

Frame: https://player.aniview.com/ssync/62f53b2c7850d0786f227f64/ssync.html?pid=62f53b2c7850d0786f227f64&r=https%3A%2F%2Fvisitor.europe-west9.gcp.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DANIVIEW%26ttl%3D720%26uid%3De8ecb87ff2ef3a3b16ba16c51e7986ac%26visitor%3D%5BAV_UID%5D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent=
Frame ID: 915095016B29DE8A87CAFE4876C870A0
Requests: 2 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0015a00003HljHyAAJ&ru=https%3A%2F%2Fvisitor.europe-west9.gcp.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DOW_33ACROSS%26ttl%3D720%26uid%3D25492590fe216b332ae998485e25beb4%26visitor%3D33XUSERID33X%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent=
Frame ID: A9E601E7CCA47BD2D85A2F850DDE14C5
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=adyoulike_2&endpoint=eu&gdpr=1&gdpr_consent=
Frame ID: FCB45F3C821577904B0F3AE270BA3271
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=7a07370227fc000&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&us_privacy=${US_PRIVACY}
Frame ID: 56373DA65DBCB7A611BB6999F3D3C65E
Requests: 1 HTTP requests in this frame

Frame: https://sync.adkernel.com/user-sync?zone=261976&r=https%3A%2F%2Fvisitor.europe-west9.gcp.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DADSOLUT%26ttl%3D720%26uid%3D1914a28ad9f7cf23695694b8008de71e%26visitor%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent=
Frame ID: 4B5047D141D42A93F3832DE1D0437CED
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=1&gdpr_consent=
Frame ID: D156FA513F4C2846F955F9D8F9219751
Requests: 1 HTTP requests in this frame

Frame: https://audienceexposure.com/iframe?redirect=https%3A%2F%2Fvisitor.europe-west9.gcp.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DBRAVE_IO%26ttl%3D720%26uid%3D1dd849eac6b255853660ea3ed55cb2b4%26visitor%3D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent=
Frame ID: 469A076013B1D1C4C206C3EC2C14DBFF
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=1&gdpr_consent=
Frame ID: 4D49C1F80E777AF92C93F074559C4DC6
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0015a00003HljHyAAJ&ru=https%3A%2F%2Fvisitor.europe-west9.gcp.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3D33ACROSS_VIDEO%26ttl%3D720%26uid%3D0e36e8655c40248fb8d2e311b5db1153%26visitor%3D33XUSERID33X%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent=
Frame ID: E1A8874491DC653E6D44952A9044CACA
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0015a00003HljHyAAJ&ru=https%3A%2F%2Fvisitor.europe-west9.gcp.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3D33ACROSS%26ttl%3D720%26uid%3D2f9442d7df2189f76c8b593d5f54ce95%26visitor%3D33XUSERID33X%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent=
Frame ID: B26574167386579CDDAB36161A07064C
Requests: 1 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=22&gdpr=1&gdpr_consent=
Frame ID: E7AB6526D217EC41DF5EAC1545FF3216
Requests: 1 HTTP requests in this frame

Frame: https://ittpx.eskimi.com/sync?sp_id=14&gdpr=1&gdpr_consent=
Frame ID: 2BA28D70586548C85BC8FE1BB77901F5
Requests: 1 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=132&gdpr=1&gdpr_consent=
Frame ID: 087DE0AC0119F07CF26A7AF0B595909B
Requests: 1 HTTP requests in this frame

Frame: https://sync.adkernel.com/user-sync?zone=260835&r=https%3A%2F%2Fvisitor.europe-west9.gcp.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DSTRONGMETRICS%26ttl%3D720%26uid%3D84e758200d24051d4c62795c5b9604bd%26visitor%3D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent=
Frame ID: 7C580228DCD55DCD204CD49561643D5C
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=adf&i=4101396363679815974&gdpr=0&gdpr_consent=
Frame ID: 7D8AF597CA4BC293B0C991890509C0E9
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV85ODg5NzE4Yi1kNDc0LTRmZDktYjI0Mi1hZTUyNjk1MTIxMGE=&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv&google_tc=
Frame ID: A98A7590AC2B92B7DEDBBA106050C73D
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Frame ID: F3E04671883E92F353566BF4B016700C
Requests: 2 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
Frame ID: 9C79A1F7499F2EEF188BBF07D6F34BC9
Requests: 1 HTTP requests in this frame

Frame: https://tg.socdm.com/aux/idsync?proto=gumgum
Frame ID: D75A2FE32EE3CA6ED5B70108C1AAC72E
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=NUK4nMGXd--Jflk2mvU68ObVwaI8QYCzpnvxraLHstA&pi=gumgum&tc=1
Frame ID: BA53C3BD747BB20809D66D2EC5EFEA68
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: E3DB5FBA934F5858CAF024A73A0B67DE
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Shadow

Detected technologies

AppNexus (Advertising) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Google AdSense (Advertising) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OpenX (Advertising) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

235
Requests

66 %
HTTPS

43 %
IPv6

83
Domains

113
Subdomains

66
IPs

6
Countries

1654 kB
Transfer

5606 kB
Size

14
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://youradexchange.com/ad/visit.php?al=1

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 30

https://www.google.com/s2/favicons/imgs/icons?domain=bnalk&sz=24 HTTP 301
https://t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://bnalk&size=24

Request Chain 33

https://portal.fuafajihja.shadowshark.ipv64.net/home HTTP 301
https://portal.fuafajihja.shadowshark.ipv64.net/home/

Request Chain 126

https://p.rfihub.com/cm?pub=35683&in=1 HTTP 302
https://sync.go.sonobi.com/us.gif?nw=zt&nuid=5144588534754715122

Request Chain 137

https://sync.1rx.io/usersync2/rmpssp?sub=adyoulike&gdpr=1&gdpr_consent= HTTP 302
https://visitor.omnitagjs.com/visitor/sync?name=NEXXEN&ttl=720&uid=146e9da1fca8f0ce5e1ef0b5909cc4cd&visitor=OPTOUT

Request Chain 138

https://creativecdn.com/cm-notify?pi=adyoulike&gdpr=1&gdpr_consent= HTTP 302
https://creativecdn.com/cm-notify?pi=adyoulike&gdpr=1&gdpr_consent=&tc=1 HTTP 302
https://visitor.omnitagjs.com/visitor/sync?uid=094e13e3a08b6f25e4d4f7b1fba0b26b&visitor=ohStSamIbKVpsrajCORHfv-cXreL-nENZT5tetitTDM&name=RTB_HOUSE&pi=adyoulike&gdpr=1&gdpr_consent=&tc=1

Request Chain 142

https://csync.loopme.me/?pubid=11480&redirect=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3D68c72dd412a8d0f3f6d2276db2509939%26name%3DLOOPME%26visitor%3D%7Bdevice_id%7D&gdpr=1&gdpr_consent= HTTP 307
https://visitor.omnitagjs.com/visitor/sync?uid=68c72dd412a8d0f3f6d2276db2509939&name=LOOPME&visitor=359fca30-d421-4e93-bca6-d0afd328a9a4&gdpr_consent=null&gdpr=1

Request Chain 170

https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D HTTP 302
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1

Request Chain 171

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east HTTP 301
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east

Request Chain 177

https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D HTTP 302
https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1748395882305 HTTP 302
https://ad.turn.com/r/cs?pid=45&id=RX-62a79f92-c1c7-4741-9790-93f3fcf72e45-003&rndcb=3776403558

Request Chain 178

https://p.rfihub.com/cm?pub=44007&in=1 HTTP 302
https://ads.servenobid.com/sync?pid=324&uid=5133329536030236595

Request Chain 180

https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D HTTP 302
https://ads.servenobid.com/sync?pid=327&uid=&us_privacy=1YN-&gdpr=0

Request Chain 187

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adyoulike&endpoint=eu&gdpr=1&gdpr_consent= HTTP 301
https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=1&gdpr_consent=

Request Chain 194

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adyoulike&endpoint=eu&gdpr=1&gdpr_consent= HTTP 301
https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=1&gdpr_consent=

Request Chain 196

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adyoulike&endpoint=eu&gdpr=1&gdpr_consent= HTTP 301
https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=1&gdpr_consent=

Request Chain 205

https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_9889718b-d474-4fd9-b242-ae526951210a&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=e_9889718b-d474-4fd9-b242-ae526951210a&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
https://cms.quantserve.com/pixel/p-zLwwakwy-hZw3.gif?idmatch=0&ssp=gumgum2&gdpr=0&gdpr_consent=

Request Chain 212

https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&us_privacy=1---&gpp=&gpp_sid=&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
https://rtb.gumgum.com/usersync?b=pln&i=S0h2bEDID85Y&ev=1&gpp_sid=&gpp=&us_privacy=1---&pid=558355

Request Chain 213

https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent= HTTP 302
https://usersync.gumgum.com/usersync?b=sad&i=5619135272049449859

Request Chain 215

https://c1.adform.net/serving/cookie/match?party=1301&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=1301&gdpr=0&gdpr_consent= HTTP 302
https://usersync.gumgum.com/usersync?b=adf&i=4101396363679815974&gdpr=0&gdpr_consent=

Request Chain 216

https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV85ODg5NzE4Yi1kNDc0LTRmZDktYjI0Mi1hZTUyNjk1MTIxMGE=&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV85ODg5NzE4Yi1kNDc0LTRmZDktYjI0Mi1hZTUyNjk1MTIxMGE=&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv&google_tc=

Request Chain 220

https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
https://usersync.gumgum.com/usersync?b=rth&i=NUK4nMGXd--Jflk2mvU68ObVwaI8QYCzpnvxraLHstA&pi=gumgum&tc=1

Request Chain 221

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
https://eus.rubiconproject.com/usync.html?p=gumgum

Request Chain 227

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=aDZnarmqPJcALu3eApxTfwAA

Request Chain 231

https://creativecdn.com/cm-notify?pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=aDZnarmqPJcALu3eApxTfwAA%261220 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=133&external_user_id=ohStSamIbKVpsrajCORHfv-cXreL-nENZT5tetitTDM&pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=aDZnarmqPJcALu3eApxTfwAA%261220

Request Chain 233

https://csync.loopme.me/?pubid=11466&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 307
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=058e93e4-c622-4420-a53a-7703f497c06c&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null

235 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
portal.fuafajihja.shadowshark.ipv64.net/ 23 KB
7 KB 292ms
97ms Document
text/html 104.243.38.18
RELIABLESITE

General

Check archive.org

Download Go to

Full URL: https://portal.fuafajihja.shadowshark.ipv64.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.243.38.18 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: / Express
Resource Hash: 5bcae56fb9334fe8446c36552a142eab9929fe2a2c91732072dd20818c9c17dc

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000
cache-control: public, max-age=604800
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin
date: Wed, 28 May 2025 01:31:17 GMT
etag: W/"5de0-196ee8b91bb"
last-modified: Tue, 20 May 2025 16:34:06 GMT
vary: Accept-Encoding
via: 1.1 Caddy
x-powered-by: Express

GET
H2 200 autoblank.js Show response
portal.fuafajihja.shadowshark.ipv64.net/assets/js/ 1 KB
646 B 108ms
104ms Script
text/javascript 104.243.38.18
RELIABLESITE

General

Check archive.org

Download Go to

Full URL: https://portal.fuafajihja.shadowshark.ipv64.net/assets/js/autoblank.js
Requested by: Host: portal.fuafajihja.shadowshark.ipv64.net
URL: https://portal.fuafajihja.shadowshark.ipv64.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.243.38.18 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: / Express
Resource Hash: 41e9e0b7ccf8d3af68bcbb38488e18d48198ee131b2df9ff128e4e6e911099c6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin: https://portal.fuafajihja.shadowshark.ipv64.net
Referer: https://portal.fuafajihja.shadowshark.ipv64.net/

Response headers

cache-control: public, max-age=86400, must-revalidate, public, max-age=604800
content-encoding: gzip
cross-origin-opener-policy: same-origin
etag: W/"553-19630f6df0b"
via: 1.1 Caddy
alt-svc: h3=":443"; ma=2592000
content-length: 594
date: Wed, 28 May 2025 01:31:17 GMT
content-type: text/javascript; charset=utf-8
last-modified: Sun, 13 Apr 2025 21:03:27 GMT
vary: Accept-Encoding
x-powered-by: Express

GET
H2 200 index.css
portal.fuafajihja.shadowshark.ipv64.net/css/ 12 KB
3 KB 100ms
97ms Stylesheet
text/css 104.243.38.18
RELIABLESITE

General

Check archive.org

Download Go to

Full URL: https://portal.fuafajihja.shadowshark.ipv64.net/css/index.css
Requested by: Host: portal.fuafajihja.shadowshark.ipv64.net
URL: https://portal.fuafajihja.shadowshark.ipv64.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.243.38.18 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: / Express
Resource Hash: d4be4824499330afdd7139a22d7ad59bd2146bc17565e9ac961461388245b0dc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://portal.fuafajihja.shadowshark.ipv64.net/

Response headers

cache-control: public, max-age=86400, must-revalidate, public, max-age=604800
content-encoding: gzip
cross-origin-opener-policy: same-origin
etag: W/"2e4a-196eb5befff"
via: 1.1 Caddy
alt-svc: h3=":443"; ma=2592000
content-length: 2514
date: Wed, 28 May 2025 01:31:17 GMT
content-type: text/css; charset=utf-8
last-modified: Tue, 20 May 2025 01:43:13 GMT
vary: Accept-Encoding
x-powered-by: Express

GET
H2 200 themes.css
portal.fuafajihja.shadowshark.ipv64.net/css/ 3 KB
809 B 104ms
101ms Stylesheet
text/css 104.243.38.18
RELIABLESITE

General

Check archive.org

Download Go to

Full URL: https://portal.fuafajihja.shadowshark.ipv64.net/css/themes.css
Requested by: Host: portal.fuafajihja.shadowshark.ipv64.net
URL: https://portal.fuafajihja.shadowshark.ipv64.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.243.38.18 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: / Express
Resource Hash: 92335a8a579ab20778ad116b2e403ac436989b7c6b760bd9e906d451483ddb24

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://portal.fuafajihja.shadowshark.ipv64.net/

Response headers

cache-control: public, max-age=86400, must-revalidate, public, max-age=604800
content-encoding: gzip
cross-origin-opener-policy: same-origin
etag: W/"b00-196c0828a31"
via: 1.1 Caddy
alt-svc: h3=":443"; ma=2592000
content-length: 734
date: Wed, 28 May 2025 01:31:17 GMT
content-type: text/css; charset=utf-8
last-modified: Sun, 11 May 2025 18:01:42 GMT
vary: Accept-Encoding
x-powered-by: Express

GET
H2 200 css2
fonts.googleapis.com/ 23 KB
2 KB 41ms
18ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&family=Open+Sans:wght@400;700&display=swap

Requested by

Host: portal.fuafajihja.shadowshark.ipv64.net
URL: https://portal.fuafajihja.shadowshark.ipv64.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cc9b971ceaa6d18611d87707cbe276f96e878309cfe7e41e5084928e665df224

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://portal.fuafajihja.shadowshark.ipv64.net/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Wed, 28 May 2025 01:31:17 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 28 May 2025 01:31:17 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Wed, 28 May 2025 01:27:08 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 css2
fonts.googleapis.com/ 1 KB
919 B 40ms
17ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Poppins&display=swap

Requested by

Host: portal.fuafajihja.shadowshark.ipv64.net
URL: https://portal.fuafajihja.shadowshark.ipv64.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e970bdd269198fc1bf6183c389d2d299cf05c1e7b2076cee4fcf6ba7ac01be02

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://portal.fuafajihja.shadowshark.ipv64.net/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Wed, 28 May 2025 01:31:17 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 28 May 2025 01:31:17 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Tue, 27 May 2025 23:43:59 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 settings.js Show response
portal.fuafajihja.shadowshark.ipv64.net/assets/js/ 4 KB
1 KB 100ms
97ms Script
text/javascript 104.243.38.18
RELIABLESITE

General

Check archive.org

Download Go to

Full URL: https://portal.fuafajihja.shadowshark.ipv64.net/assets/js/settings.js
Requested by: Host: portal.fuafajihja.shadowshark.ipv64.net
URL: https://portal.fuafajihja.shadowshark.ipv64.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.243.38.18 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: / Express
Resource Hash: 40847f04a0b4dbacd513872a0472555bf0dd89cfcd4c7d905a0166469f80b438

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin: https://portal.fuafajihja.shadowshark.ipv64.net
Referer: https://portal.fuafajihja.shadowshark.ipv64.net/

Response headers

cache-control: public, max-age=86400, must-revalidate, public, max-age=604800
content-encoding: gzip
cross-origin-opener-policy: same-origin
etag: W/"1028-196bc7a5607"
via: 1.1 Caddy
alt-svc: h3=":443"; ma=2592000
content-length: 997
date: Wed, 28 May 2025 01:31:17 GMT
content-type: text/javascript; charset=utf-8
last-modified: Sat, 10 May 2025 23:14:16 GMT
vary: Accept-Encoding
x-powered-by: Express

GET
H2 200 debugger.js Show response
portal.fuafajihja.shadowshark.ipv64.net/assets/js/ 1 KB
498 B 105ms
103ms Script
text/javascript 104.243.38.18
RELIABLESITE

General

Check archive.org

Download Go to

Full URL: https://portal.fuafajihja.shadowshark.ipv64.net/assets/js/debugger.js
Requested by: Host: portal.fuafajihja.shadowshark.ipv64.net
URL: https://portal.fuafajihja.shadowshark.ipv64.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.243.38.18 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: / Express
Resource Hash: 0b11eecfa382b1f2092d94e727a0145c9f6c2866e04419eef89e9bc381c7a787

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://portal.fuafajihja.shadowshark.ipv64.net/

Response headers

cache-control: public, max-age=86400, must-revalidate, public, max-age=604800
content-encoding: gzip
cross-origin-opener-policy: same-origin
etag: W/"464-19630f6df0b"
via: 1.1 Caddy
alt-svc: h3=":443"; ma=2592000
content-length: 446
date: Wed, 28 May 2025 01:31:17 GMT
content-type: text/javascript; charset=utf-8
last-modified: Sun, 13 Apr 2025 21:03:27 GMT
vary: Accept-Encoding
x-powered-by: Express

GET
H3 200 ana.js Show response
portal.fuafajihja.shadowshark.ipv64.net/ 380 KB
128 KB 109ms
109ms Script
application/javascript 104.243.38.18
RELIABLESITE

General

Check archive.org

Download Go to

Full URL

https://portal.fuafajihja.shadowshark.ipv64.net/ana.js

Requested by

Host: portal.fuafajihja.shadowshark.ipv64.net
URL: https://portal.fuafajihja.shadowshark.ipv64.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.243.38.18 Piscataway, United States, ASN23470 (RELIABLESITE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1775d6d7278247af0e4e409092d75152b4dd04f873cb46dbb5482c73eb60e7a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://portal.fuafajihja.shadowshark.ipv64.net/

Response headers

content-encoding: br
report-to: {"group":"ascgcycc:1077:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1077:0"}],}
expires: Wed, 28 May 2025 01:31:17 GMT
date: Wed, 28 May 2025 01:31:17 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1077:0
via: 2.0 Caddy
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=ascgcycc:1077:0
content-length: 130395
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 aclib.js Show response
acscdn.com/script/ 139 KB
43 KB 37ms
18ms Script
text/javascript 2606:4700::6812:10c9
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://acscdn.com/script/aclib.js
Requested by: Host: portal.fuafajihja.shadowshark.ipv64.net
URL: https://portal.fuafajihja.shadowshark.ipv64.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:10c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 34a9777ffd118cee614ab974da88397fb84a09643314a4a65127a86c27eb6e6d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://portal.fuafajihja.shadowshark.ipv64.net/

Response headers

x-goog-metageneration: 2
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
x-goog-hash: crc32c=RBHpgQ==, md5=s/BppwRxpIZX0WW8Ld58yg==
cf-cache-status: HIT
etag: W/"b3f069a70471a48657d165bc2dde7cca"
age: 2731
content-encoding: gzip
x-goog-stored-content-encoding: identity
expires: Wed, 28 May 2025 02:31:17 GMT
alt-svc: h3=":443"; ma=86400
x-goog-stored-content-length: 142655
server-timing: cfExtPri
date: Wed, 28 May 2025 01:31:17 GMT
content-type: text/javascript
last-modified: Fri, 23 May 2025 07:30:01 GMT
vary: Accept-Encoding
priority: u=1,i=?0
x-guploader-uploadid: AAO2Vwqit8uklB5ct4i716L6jwq05Ah_LrJoeiJAGBA53byqZcz8IlQiJQ-Dz-j2L-Y3rsR2
cache-control: public, max-age=3600
x-goog-storage-class: MULTI_REGIONAL
cf-ray: 9469fdd7eff2d25c-FRA
access-control-allow-origin: *
x-goog-generation: 1747985401356849
server: cloudflare

GET
H2 200 index.js Show response
portal.fuafajihja.shadowshark.ipv64.net/baremux/ 8 KB
3 KB 102ms
100ms Script
text/javascript 104.243.38.18
RELIABLESITE

General

Check archive.org

Download Go to

Full URL: https://portal.fuafajihja.shadowshark.ipv64.net/baremux/index.js
Requested by: Host: portal.fuafajihja.shadowshark.ipv64.net
URL: https://portal.fuafajihja.shadowshark.ipv64.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.243.38.18 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: / Express
Resource Hash: 74a76e5980403a11a657d3ad5f43ea97fae94b8d1cdec9886eb23bdbc645dbe1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://portal.fuafajihja.shadowshark.ipv64.net/

Response headers

cache-control: public, max-age=0
content-encoding: gzip
cross-origin-opener-policy: same-origin
etag: W/"2123-19420c19b61"
via: 1.1 Caddy
alt-svc: h3=":443"; ma=2592000
content-length: 3161
date: Wed, 28 May 2025 01:31:17 GMT
content-type: text/javascript; charset=utf-8
last-modified: Wed, 01 Jan 2025 07:25:46 GMT
vary: Accept-Encoding
x-powered-by: Express

GET
H2 200 search.js Show response
portal.fuafajihja.shadowshark.ipv64.net/assets/js/ 1004 B
509 B 102ms
101ms Script
text/javascript 104.243.38.18
RELIABLESITE

General

Check archive.org

Download Go to

Full URL: https://portal.fuafajihja.shadowshark.ipv64.net/assets/js/search.js
Requested by: Host: portal.fuafajihja.shadowshark.ipv64.net
URL: https://portal.fuafajihja.shadowshark.ipv64.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.243.38.18 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: / Express
Resource Hash: 217bef43e1ece84e8dc9eb6f2e6629b6d24d8738c663f47f33edc697b9a097a5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://portal.fuafajihja.shadowshark.ipv64.net/

Response headers

cache-control: public, max-age=86400, must-revalidate, public, max-age=604800
content-encoding: gzip
cross-origin-opener-policy: same-origin
etag: W/"3ec-19630f6df0b"
via: 1.1 Caddy
alt-svc: h3=":443"; ma=2592000
content-length: 434
date: Wed, 28 May 2025 01:31:17 GMT
content-type: text/javascript; charset=utf-8
last-modified: Sun, 13 Apr 2025 21:03:27 GMT
vary: Accept-Encoding
x-powered-by: Express

GET
H2 200 themes.js Show response
portal.fuafajihja.shadowshark.ipv64.net/assets/js/ 4 KB
1 KB 105ms
104ms Script
text/javascript 104.243.38.18
RELIABLESITE

General

Check archive.org

Download Go to

Full URL: https://portal.fuafajihja.shadowshark.ipv64.net/assets/js/themes.js
Requested by: Host: portal.fuafajihja.shadowshark.ipv64.net
URL: https://portal.fuafajihja.shadowshark.ipv64.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.243.38.18 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: / Express
Resource Hash: e3715d1fe227e6550c249faf6362adb08c08898bc88db2192ea12b39b8be0974

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin: https://portal.fuafajihja.shadowshark.ipv64.net
Referer: https://portal.fuafajihja.shadowshark.ipv64.net/

Response headers

cache-control: public, max-age=86400, must-revalidate, public, max-age=604800
content-encoding: gzip
cross-origin-opener-policy: same-origin
etag: W/"116e-19630f6df0b"
via: 1.1 Caddy
alt-svc: h3=":443"; ma=2592000
content-length: 1343
date: Wed, 28 May 2025 01:31:17 GMT
content-type: text/javascript; charset=utf-8
last-modified: Sun, 13 Apr 2025 21:03:27 GMT
vary: Accept-Encoding
x-powered-by: Express

GET
H2 200 options.js Show response
portal.fuafajihja.shadowshark.ipv64.net/assets/js/ 4 KB
1 KB 108ms
107ms Script
text/javascript 104.243.38.18
RELIABLESITE

General

Check archive.org

Download Go to

Full URL: https://portal.fuafajihja.shadowshark.ipv64.net/assets/js/options.js
Requested by: Host: portal.fuafajihja.shadowshark.ipv64.net
URL: https://portal.fuafajihja.shadowshark.ipv64.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.243.38.18 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: / Express
Resource Hash: f5f36977e96a38963c796982ed3915e49673ba0b63f3d51031a1500c1f0907bd

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://portal.fuafajihja.shadowshark.ipv64.net/

Response headers

cache-control: public, max-age=86400, must-revalidate, public, max-age=604800
content-encoding: gzip
cross-origin-opener-policy: same-origin
etag: W/"e89-19630f6df0b"
via: 1.1 Caddy
alt-svc: h3=":443"; ma=2592000
content-length: 1017
date: Wed, 28 May 2025 01:31:17 GMT
content-type: text/javascript; charset=utf-8
last-modified: Sun, 13 Apr 2025 21:03:27 GMT
vary: Accept-Encoding
x-powered-by: Express

GET
H2 200 uv.bundle.js Show response
portal.fuafajihja.shadowshark.ipv64.net/uv/ 370 KB
109 KB 190ms
189ms Script
text/javascript 104.243.38.18
RELIABLESITE

General

Check archive.org

Download Go to

Full URL: https://portal.fuafajihja.shadowshark.ipv64.net/uv/uv.bundle.js
Requested by: Host: portal.fuafajihja.shadowshark.ipv64.net
URL: https://portal.fuafajihja.shadowshark.ipv64.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.243.38.18 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: / Express
Resource Hash: 24c817c4fef658a57754e07c2c89b185e9de3a2bc4261d7e863b345f27df82c4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://portal.fuafajihja.shadowshark.ipv64.net/

Response headers

cache-control: public, max-age=0
content-encoding: gzip
cross-origin-opener-policy: same-origin
etag: W/"5c6cc-1932310d24f"
via: 1.1 Caddy
alt-svc: h3=":443"; ma=2592000
date: Wed, 28 May 2025 01:31:17 GMT
content-type: text/javascript; charset=utf-8
last-modified: Wed, 13 Nov 2024 01:08:45 GMT
vary: Accept-Encoding
x-powered-by: Express

GET
H2 200 uv.config.js Show response
portal.fuafajihja.shadowshark.ipv64.net/uv/ 2 KB
904 B 184ms
183ms Script
text/javascript 104.243.38.18
RELIABLESITE

General

Check archive.org

Download Go to

Full URL: https://portal.fuafajihja.shadowshark.ipv64.net/uv/uv.config.js
Requested by: Host: portal.fuafajihja.shadowshark.ipv64.net
URL: https://portal.fuafajihja.shadowshark.ipv64.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.243.38.18 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: / Express
Resource Hash: a07ed6c92587063c8a3f828c58ed8076071418ca3181e9f67817c8d5041b0c47

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://portal.fuafajihja.shadowshark.ipv64.net/

Response headers

cache-control: public, max-age=604800
content-encoding: gzip
cross-origin-opener-policy: same-origin
etag: W/"710-197045adf12"
via: 1.1 Caddy
alt-svc: h3=":443"; ma=2592000
content-length: 830
date: Wed, 28 May 2025 01:31:17 GMT
content-type: text/javascript; charset=utf-8
last-modified: Sat, 24 May 2025 22:12:33 GMT
vary: Accept-Encoding
x-powered-by: Express

GET
H2 200 uv.sw.js Show response
portal.fuafajihja.shadowshark.ipv64.net/uv/ 7 KB
3 KB 186ms
184ms Script
text/javascript 104.243.38.18
RELIABLESITE

General

Check archive.org

Download Go to

Full URL: https://portal.fuafajihja.shadowshark.ipv64.net/uv/uv.sw.js
Requested by: Host: portal.fuafajihja.shadowshark.ipv64.net
URL: https://portal.fuafajihja.shadowshark.ipv64.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.243.38.18 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: / Express
Resource Hash: bdaf47b5db2c6b13b97a28df68b67180dc0fcda656776ae345b264c2183b9ef2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://portal.fuafajihja.shadowshark.ipv64.net/

Response headers

cache-control: public, max-age=0
content-encoding: gzip
cross-origin-opener-policy: same-origin
etag: W/"1d3b-1932310d26f"
via: 1.1 Caddy
alt-svc: h3=":443"; ma=2592000
content-length: 2957
date: Wed, 28 May 2025 01:31:17 GMT
content-type: text/javascript; charset=utf-8
last-modified: Wed, 13 Nov 2024 01:08:45 GMT
vary: Accept-Encoding
x-powered-by: Express

GET
H2 200 tabs.js Show response
portal.fuafajihja.shadowshark.ipv64.net/assets/js/ 15 KB
4 KB 185ms
184ms Script
text/javascript 104.243.38.18
RELIABLESITE

General

Check archive.org

Download Go to

Full URL: https://portal.fuafajihja.shadowshark.ipv64.net/assets/js/tabs.js
Requested by: Host: portal.fuafajihja.shadowshark.ipv64.net
URL: https://portal.fuafajihja.shadowshark.ipv64.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.243.38.18 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: / Express
Resource Hash: 4e3e6b20f1eae4923f24bf1e3dab2dde56b255c331cdc17b9507e790a48cc36b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin: https://portal.fuafajihja.shadowshark.ipv64.net
Referer: https://portal.fuafajihja.shadowshark.ipv64.net/

Response headers

cache-control: public, max-age=86400, must-revalidate, public, max-age=604800
content-encoding: gzip
cross-origin-opener-policy: same-origin
etag: W/"3a68-196cccf5594"
via: 1.1 Caddy
alt-svc: h3=":443"; ma=2592000
date: Wed, 28 May 2025 01:31:17 GMT
content-type: text/javascript; charset=utf-8
last-modified: Wed, 14 May 2025 03:21:02 GMT
vary: Accept-Encoding
x-powered-by: Express

GET
H2 200 bookmarks.js Show response
portal.fuafajihja.shadowshark.ipv64.net/assets/js/ 4 KB
1 KB 187ms
186ms Script
text/javascript 104.243.38.18
RELIABLESITE

General

Check archive.org

Download Go to

Full URL: https://portal.fuafajihja.shadowshark.ipv64.net/assets/js/bookmarks.js
Requested by: Host: portal.fuafajihja.shadowshark.ipv64.net
URL: https://portal.fuafajihja.shadowshark.ipv64.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.243.38.18 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: / Express
Resource Hash: 8e1c63600bf52ac2101c85ecdef6f843d1d593f6c097f32591fcfea496ec4073

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin: https://portal.fuafajihja.shadowshark.ipv64.net
Referer: https://portal.fuafajihja.shadowshark.ipv64.net/

Response headers

cache-control: public, max-age=86400, must-revalidate, public, max-age=604800
content-encoding: gzip
cross-origin-opener-policy: same-origin
etag: W/"f4b-19630f6df0b"
via: 1.1 Caddy
alt-svc: h3=":443"; ma=2592000
content-length: 1252
date: Wed, 28 May 2025 01:31:17 GMT
content-type: text/javascript; charset=utf-8
last-modified: Sun, 13 Apr 2025 21:03:27 GMT
vary: Accept-Encoding
x-powered-by: Express

GET
H3 200 partner.js Show response
partner.senty.com.au/ 8 KB
3 KB 78ms
55ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://partner.senty.com.au/partner.js

Requested by

Host: portal.fuafajihja.shadowshark.ipv64.net
URL: https://portal.fuafajihja.shadowshark.ipv64.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3ff4e107901c810062910e50a956b5ad423cc2a6bcb69074890879f4ba3a4ede

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://portal.fuafajihja.shadowshark.ipv64.net/

Response headers

content-encoding: br
cf-cache-status: MISS
etag: W/"6b0cc467d5115583d90e253585cc17fe"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qAetoHYaXAQqTfJuxsxMsrq79%2B2Mb%2FlJDhCwOi1X6uDux4%2BYvnVU78Lz2nTJBJ7Ct4KPbvknzvYARjmLuyvhvh6cNzeKKvVH8bCMOrcgfR7ZCC%2BTrLd%2FUzFsmeByDyEc1zIBmu6PzZtC00BDwzX8TwFy4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server-timing: cfExtPri
date: Wed, 28 May 2025 01:31:17 GMT
content-type: application/javascript
vary: Accept-Encoding
priority: u=1,i=?0
cache-control: public, max-age=14400, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 9469fdd7ec40dcbc-FRA
access-control-allow-origin: *
server: cloudflare

GET
H3 200 settings_manager.js Show response
portal.fuafajihja.shadowshark.ipv64.net/assets/js/ 4 KB
1 KB 94ms
94ms Script
text/javascript 104.243.38.18
RELIABLESITE

General

Check archive.org

Download Go to

Full URL: https://portal.fuafajihja.shadowshark.ipv64.net/assets/js/settings_manager.js
Requested by: Host: portal.fuafajihja.shadowshark.ipv64.net
URL: https://portal.fuafajihja.shadowshark.ipv64.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.243.38.18 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: / Express
Resource Hash: 8b6965a87cf7118c3c59e80a39eb18dfead63c4a4b8e0a1e0134f5842cd4d8cc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin: https://portal.fuafajihja.shadowshark.ipv64.net
Referer: https://portal.fuafajihja.shadowshark.ipv64.net/assets/js/settings.js

Response headers

cache-control: public, max-age=86400, must-revalidate, public, max-age=604800
content-encoding: gzip
cross-origin-opener-policy: same-origin
etag: W/"f26-19630f6df0b"
via: 1.1 Caddy
content-length: 885
date: Wed, 28 May 2025 01:31:17 GMT
last-modified: Sun, 13 Apr 2025 21:03:27 GMT
vary: Accept-Encoding
x-powered-by: Express
content-type: text/javascript; charset=utf-8

GET
H2 204 czcf.php
youradexchange.com/ad/ 0
0 168ms
143ms Fetch 2606:4700::6812:1962
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://youradexchange.com/ad/czcf.php?cz=hfjbzu6ztb&atv=61.0&chmob=%3F0
Requested by: Host: acscdn.com
URL: https://acscdn.com/script/aclib.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1962 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://portal.fuafajihja.shadowshark.ipv64.net/

Response headers

cf-cache-status: DYNAMIC
access-control-allow-methods: GET, POST, OPTIONS
via: 1.1 google
cf-ray: 9469fdd8bd11f4e5-FRA
access-control-allow-origin: *
date: Wed, 28 May 2025 01:31:17 GMT
server: cloudflare
access-control-allow-headers: Content-Type

GET
H3 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v23/ 8 KB
8 KB 22ms
6ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v23/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin: https://portal.fuafajihja.shadowshark.ipv64.net
Referer: https://fonts.googleapis.com/

Response headers

age: 58071
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 27 May 2026 09:23:26 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 27 May 2025 09:23:26 GMT
last-modified: Wed, 23 Apr 2025 16:05:59 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 7884
x-xss-protection: 0
server: sffe

GET
H2 200 script.outbound-links.pageview-props.tagged-events.js Show response
stats.senty.com.au/js/ 3 KB
2 KB 407ms
129ms Script
application/javascript 104.237.132.182
AKAMAI-LINODE-AP ...

General

Check archive.org

Download Go to

Full URL

https://stats.senty.com.au/js/script.outbound-links.pageview-props.tagged-events.js

Requested by

Host: partner.senty.com.au
URL: https://partner.senty.com.au/partner.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.237.132.182 Richardson, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),

Reverse DNS

104-237-132-182.ip.linodeusercontent.com

Software

nginx /

Resource Hash

4f6d3ce6fee0211ee389d61a9344b2f0ff30dc1f7db4e6fd9f2e9417f800afc6

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://portal.fuafajihja.shadowshark.ipv64.net/

Response headers

cache-control: public, max-age=86400, must-revalidate
content-encoding: gzip
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff, nosniff
access-control-allow-origin: *
date: Wed, 28 May 2025 01:31:17 GMT
x-xss-protection: 1; mode=block
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
server: nginx
x-frame-options: SAMEORIGIN

GET
H3 200 history_helper.js Show response
portal.fuafajihja.shadowshark.ipv64.net/assets/js/ 4 KB
1 KB 103ms
103ms Script
text/javascript 104.243.38.18
RELIABLESITE

General

Check archive.org

Download Go to

Full URL: https://portal.fuafajihja.shadowshark.ipv64.net/assets/js/history_helper.js
Requested by: Host: portal.fuafajihja.shadowshark.ipv64.net
URL: https://portal.fuafajihja.shadowshark.ipv64.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.243.38.18 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: / Express
Resource Hash: 56e70443c37648d17bb54e83ae0028731328f86afb12edd626e8584718be71e0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin: https://portal.fuafajihja.shadowshark.ipv64.net
Referer: https://portal.fuafajihja.shadowshark.ipv64.net/assets/js/tabs.js

Response headers

cache-control: public, max-age=86400, must-revalidate, public, max-age=604800
content-encoding: gzip
cross-origin-opener-policy: same-origin
etag: W/"ff4-19630f6df0b"
via: 1.1 Caddy
content-length: 960
date: Wed, 28 May 2025 01:31:17 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
x-powered-by: Express
last-modified: Sun, 13 Apr 2025 21:03:27 GMT

GET
H3 200 index.mjs Show response
portal.fuafajihja.shadowshark.ipv64.net/baremux/ 8 KB
3 KB 99ms
99ms Script
text/javascript 104.243.38.18
RELIABLESITE

General

Check archive.org

Download Go to

Full URL: https://portal.fuafajihja.shadowshark.ipv64.net/baremux/index.mjs
Requested by: Host: portal.fuafajihja.shadowshark.ipv64.net
URL: https://portal.fuafajihja.shadowshark.ipv64.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.243.38.18 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: / Express
Resource Hash: 731c3411d0f309309a97628ba465af31050e0866d07e116f7ea5a1c35e9b99c5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin: https://portal.fuafajihja.shadowshark.ipv64.net
Referer: https://portal.fuafajihja.shadowshark.ipv64.net/assets/js/tabs.js

Response headers

cache-control: public, max-age=0
cross-origin-opener-policy: same-origin
content-encoding: gzip
etag: W/"2019-19420c19b79"
via: 1.1 Caddy
content-length: 3022
date: Wed, 28 May 2025 01:31:17 GMT
last-modified: Wed, 01 Jan 2025 07:25:46 GMT
vary: Accept-Encoding
x-powered-by: Express
content-type: text/javascript; charset=utf-8

POST
H3 204 hb.php
pubtrky.com/ut/ 0
603 B 160ms
127ms Ping
text/plain 2606:4700:3034::6815:86c
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://pubtrky.com/ut/hb.php?cb=0.6201429424500299&v=1
Requested by: Host: acscdn.com
URL: https://acscdn.com/script/aclib.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:86c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type: text/plain; charset=utf-8
Referer: https://portal.fuafajihja.shadowshark.ipv64.net/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CiQ%2FvnIGprZWUdtzwSPf5Ja8PjXc6asEVUEiwhoBITRvBvMkF1BxgNzz1s%2BNV2Pk5nUMpwY8zIErx%2FoTWgyFqTVpKzUCZFq7DdqtAFGVeZFHpCmkK2Xvd4xw71Tg3mtXqiqVDT9q1V0%2Bcg%3D%3D"}],"group":"cf-nel","max_age":604800}
via: 1.1 google
cf-ray: 9469fdda0e8a9abb-FRA
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6765&min_rtt=6085&rtt_var=1654&sent=11&recv=11&lost=0&retrans=0&sent_bytes=3664&recv_bytes=4250&delivery_rate=362780&cwnd=12000&unsent_bytes=0&cid=cf3ab4806ed3bda9&ts=144&x=80"
date: Wed, 28 May 2025 01:31:17 GMT
server: cloudflare

POST
H2 204 collect
www.google-analytics.com/g/ 0
0 74ms
15ms Fetch
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-NCTSG4T1B6&gtm=45je55q0v9138172222za204&_p=1748395877190&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101509157~103116026~103130495~103130497~103200004~103233427~103252644~103252646~104481633~104481635&cid=2016712112.1748395878&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1748395877&sct=1&seg=0&dl=https%3A%2F%2Fportal.fuafajihja.shadowshark.ipv64.net%2F&dt=Shadow&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=732
Requested by: Host: portal.fuafajihja.shadowshark.ipv64.net
URL: https://portal.fuafajihja.shadowshark.ipv64.net/ana.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://portal.fuafajihja.shadowshark.ipv64.net/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:100:0
report-to: {"group":"ascnsrsggc:100:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:100:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://portal.fuafajihja.shadowshark.ipv64.net
cross-origin-opener-policy-report-only: same-origin; report-to=ascnsrsggc:100:0
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 28 May 2025 01:31:17 GMT
content-type: text/plain
server: Golfe2

GET worker.js
portal.fuafajihja.shadowshark.ipv64.net/baremux/ 0
0

GET
H3 200 broken-sites Show response
portal.fuafajihja.shadowshark.ipv64.net/v1/api/ 94 B
246 B 98ms
98ms Fetch
application/json 104.243.38.18
RELIABLESITE

General

Check archive.org

Download Go to

Full URL: https://portal.fuafajihja.shadowshark.ipv64.net/v1/api/broken-sites
Requested by: Host: portal.fuafajihja.shadowshark.ipv64.net
URL: https://portal.fuafajihja.shadowshark.ipv64.net/assets/js/tabs.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.243.38.18 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: / Express
Resource Hash: f8415ecc026ead4d0710273922c8b92976697e8fb92d743cfdaed5ea934fdce1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://portal.fuafajihja.shadowshark.ipv64.net/

Response headers

via: 1.1 Caddy
content-length: 94
cross-origin-opener-policy: same-origin
etag: W/"5e-dMwTXpF+JQQiCGiO9ERks2BwHNA"
date: Wed, 28 May 2025 01:31:17 GMT
content-type: application/json; charset=utf-8
x-powered-by: Express

GET
H3 200 embed Show response
fontgenerator.cc/ Frame C6C8 10 KB
5 KB 882ms
832ms Document
text/html 2606:4700:3035::6815:142
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://fontgenerator.cc/embed

Requested by

Host: partner.senty.com.au
URL: https://partner.senty.com.au/partner.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:142 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b6edcc080295bc506745b15d215226f6a80283818ef60e1e8805992c9c06f143

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://portal.fuafajihja.shadowshark.ipv64.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 9469fddad87dd9d3-FRA
content-encoding: zstd
content-type: text/html; charset=UTF-8
date: Wed, 28 May 2025 01:31:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nAR%2FeuX5KZNyZFPETR%2FERmHOPQm4lU%2FlmdXI5PFAIiRcVCpMV0N86%2BlkrTF23cGrxKTwJI%2FtU7nyWLtc1%2FleuFm5SkjVdy3AVTfPIxDz%2BxvYL5y9ewhTmECMfGcJPVRn7sV6f5vsuWmEyNdofcft"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=6358&min_rtt=6005&rtt_var=1188&sent=12&recv=12&lost=0&retrans=0&sent_bytes=3757&recv_bytes=3390&delivery_rate=392106&cwnd=12000&unsent_bytes=0&cid=c01b26404b296283&ts=864&x=80"
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2

404

faviconV2
t0.gstatic.com/
Redirect Chain

https://www.google.com/s2/favicons/imgs/icons?domain=bnalk&sz=24
https://t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://bnalk&size=24

726 B
917 B

73ms
14ms

Image
image/png

2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://bnalk&size=24

Requested by

Host: portal.fuafajihja.shadowshark.ipv64.net
URL: https://portal.fuafajihja.shadowshark.ipv64.net/

Protocol

Server

2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

59bfe9bc385ad69f50793ce4a53397316d7a875a7148a63c16df9b674c6cda64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://portal.fuafajihja.shadowshark.ipv64.net/

Response headers

cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 726
date: Wed, 28 May 2025 01:31:17 GMT
x-xss-protection: 0
content-type: image/png
server: sffe

Redirect headers

cache-control: public, max-age=1800
location: https://t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://bnalk&size=24
age: 1191
x-content-type-options: nosniff
expires: Wed, 28 May 2025 01:41:26 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 325
x-xss-protection: 0
date: Wed, 28 May 2025 01:11:26 GMT
content-type: text/html; charset=UTF-8
server: sffe

POST
H2 202 event Show response
stats.senty.com.au/api/ 2 B
219 B 385ms
129ms XHR
text/plain 104.237.132.182
AKAMAI-LINODE-AP ...

General

Check archive.org

Download Go to

Full URL: https://stats.senty.com.au/api/event
Requested by: Host: stats.senty.com.au
URL: https://stats.senty.com.au/js/script.outbound-links.pageview-props.tagged-events.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.237.132.182 Richardson, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 104-237-132-182.ip.linodeusercontent.com
Software: nginx /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://portal.fuafajihja.shadowshark.ipv64.net/

Response headers

x-request-id: GEOMyapAieJ_7hWEVWtB
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 2
date: Wed, 28 May 2025 01:31:18 GMT
content-type: text/plain; charset=utf-8
server: nginx

GET
H3 200 home.html Show response
portal.fuafajihja.shadowshark.ipv64.net/pages/ Frame 1378 47 B
233 B 90ms
90ms Document
text/html 104.243.38.18
RELIABLESITE

General

Check archive.org

Download Go to

Full URL: https://portal.fuafajihja.shadowshark.ipv64.net/pages/home.html
Requested by: Host: portal.fuafajihja.shadowshark.ipv64.net
URL: https://portal.fuafajihja.shadowshark.ipv64.net/assets/js/tabs.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.243.38.18 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: / Express
Resource Hash: 8a346698d1fe701441863c329bf5132a5536faeaa68ccd7751931726ad04b329

Request headers

Referer: https://portal.fuafajihja.shadowshark.ipv64.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
cache-control: public, max-age=3600, must-revalidate public, max-age=604800
content-length: 47
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin
date: Wed, 28 May 2025 01:31:18 GMT
etag: W/"2f-1924f22eefb"
last-modified: Wed, 02 Oct 2024 21:29:02 GMT
via: 1.1 Caddy
x-powered-by: Express

GET
H3

200

/ Show response
portal.fuafajihja.shadowshark.ipv64.net/home/ Frame 1378
Redirect Chain

https://portal.fuafajihja.shadowshark.ipv64.net/home
https://portal.fuafajihja.shadowshark.ipv64.net/home/

976 B
728 B

92ms
92ms

Document
text/html

104.243.38.18
RELIABLESITE

General

Check archive.org

Download Go to

Full URL: https://portal.fuafajihja.shadowshark.ipv64.net/home/
Requested by: Host: portal.fuafajihja.shadowshark.ipv64.net
URL: https://portal.fuafajihja.shadowshark.ipv64.net/pages/home.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.243.38.18 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: / Express
Resource Hash: c0511e29e2d9e3aa83ab107e55b5e3c2ca9c90c04027a2f551fca1d403fd9cd6

Request headers

Referer: https://portal.fuafajihja.shadowshark.ipv64.net/pages/home.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

cache-control: public, max-age=604800
content-encoding: gzip
content-length: 555
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin
date: Wed, 28 May 2025 01:31:18 GMT
etag: W/"3d0-196ee8b91bb"
last-modified: Tue, 20 May 2025 16:34:06 GMT
vary: Accept-Encoding
via: 1.1 Caddy
x-powered-by: Express

Redirect headers

content-length: 154
content-security-policy: default-src 'none'
content-type: text/html; charset=UTF-8
cross-origin-opener-policy: same-origin
date: Wed, 28 May 2025 01:31:18 GMT
location: /home/
via: 1.1 Caddy
x-content-type-options: nosniff
x-powered-by: Express

GET
H2 200 css2
fonts.googleapis.com/ Frame C6C8 8 KB
2 KB 38ms
15ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Open+Sans&family=Ubuntu:wght@500&display=swap

Requested by

Host: fontgenerator.cc
URL: https://fontgenerator.cc/embed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2b4c449d8a2a73c9366bc59a9440b88453e346ccd82bd3607f48e3d43bfe7541

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Wed, 28 May 2025 01:31:18 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 28 May 2025 01:31:18 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Wed, 28 May 2025 01:31:18 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H3 200 mdb.min.css
cdnjs.cloudflare.com/ajax/libs/mdb-ui-kit/7.1.0/ Frame C6C8 368 KB
36 KB 27ms
16ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/mdb-ui-kit/7.1.0/mdb.min.css

Requested by

Host: fontgenerator.cc
URL: https://fontgenerator.cc/embed

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1562c1b6966919f59dad5ce26d7ce05a4ecdfc4e6f7f9b8d1d6fa826508794cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "656db89f-8cd9"
age: 532474
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=S98M81tVxJLUVyHbMJuB20Egw9h9y6Wk8clCme4SuL4C4jWlffhxuRu%2BZ%2FruR9DMWoUfjR4sznKlE60%2Bf81mKhtoAYiRQR3muGTFe2YxFZqjr2ty4PLCHUBhxQ4CllFOHH6QLEW5Ungn6nNfPk7quzOi"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Mon, 18 May 2026 01:31:18 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Wed, 28 May 2025 01:31:18 GMT
content-type: text/css; charset=utf-8
last-modified: Mon, 04 Dec 2023 11:31:43 GMT
vary: Accept-Encoding
priority: u=0,i=?0
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 9469fde02a78d2cf-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 36057
server: cloudflare

GET
H3 200 style.css
fontgenerator.cc/ Frame C6C8 14 KB
4 KB 15ms
14ms Stylesheet
text/css 2606:4700:3035::6815:142
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://fontgenerator.cc/style.css

Requested by

Host: fontgenerator.cc
URL: https://fontgenerator.cc/embed

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:142 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6d35a7ee5aac9714da95d1a4f632cdb97d560a5ecf5e3908a1d229bc8c1057c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/embed

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: "68102ad2-3910"
age: 4996
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=77GqU6Frv2AqCz%2FohVB7w%2FN16X83jNRUe0aAkQLlG9SA13GB4ODsmkOmPWauobBlPlGSIxP1p4f9Ub9Y45cx3Iy6gObo3RSnMgOHfVc7c4D5f%2Bkjh7t4NovsDwHfnFaRhCYlfpMsdqe1PvR5R2CN"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6443&min_rtt=6005&rtt_var=588&sent=24&recv=20&lost=0&retrans=0&sent_bytes=11313&recv_bytes=5137&delivery_rate=770810&cwnd=12000&unsent_bytes=0&cid=c01b26404b296283&ts=891&x=80"
date: Wed, 28 May 2025 01:31:18 GMT
content-type: text/css
last-modified: Tue, 29 Apr 2025 01:26:42 GMT
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 9469fde01890d9d3-FRA
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 toastr.min.css
fontgenerator.cc/ Frame C6C8 7 KB
4 KB 18ms
17ms Stylesheet
text/css 2606:4700:3035::6815:142
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://fontgenerator.cc/toastr.min.css

Requested by

Host: fontgenerator.cc
URL: https://fontgenerator.cc/embed

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:142 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

10d159adb573ca535b8275f1d27dc8d60fffd9678ee3b5f1a0f7b4be4a77342f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/embed

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: "67e1e2bb-1a55"
age: 4996
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SJwgrX2h0uHxPOYw%2F6b9BmtGIX8NftGQRUGWAiQsIUJc%2F2vGEs%2Fpl%2F2176cypgRcWD7aE2oHmZYm0L1ouaZ3GaMoa1J%2BiVbEXfDZ54THj9eBUntohrtx7Vhprfvpj2Lb2pxqnH7FLhFgDqpycWoz"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6443&min_rtt=6005&rtt_var=588&sent=28&recv=20&lost=0&retrans=0&sent_bytes=15911&recv_bytes=5137&delivery_rate=770810&cwnd=12000&unsent_bytes=0&cid=c01b26404b296283&ts=891&x=80"
date: Wed, 28 May 2025 01:31:18 GMT
content-type: text/css
last-modified: Mon, 24 Mar 2025 22:54:51 GMT
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 9469fde01892d9d3-FRA
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 inview.min.js Show response
stpd.cloud/assets/libraries/ Frame C6C8 5 KB
3 KB 55ms
18ms Script
application/javascript 2606:4700::6812:1e31
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://stpd.cloud/assets/libraries/inview.min.js

Requested by

Host: fontgenerator.cc
URL: https://fontgenerator.cc/embed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1e31 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ba92f31903d0ed43a15811c0506b1c357fa04ff643140a3c0e162dfc66cd37eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"23df7c2f5fe3a534a7299c9c9e923fa9"
age: 2412
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hEaEMJ5UWyUciGz5l%2BACmGeoRzXgqYPWrk0OCXT%2BqqZy4POGrgHdZhe7ZvogMRSzHWZjK%2FDOcN8IeFs7ZegTidvJHM6QrbWZfAJZX6llcJMVEYwTD8zbwNzCvnMQ"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Wed, 28 May 2025 01:51:18 GMT
date: Wed, 28 May 2025 01:31:18 GMT
content-type: application/javascript
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: public, max-age=1200
referrer-policy: strict-origin-when-cross-origin
cf-ray: 9469fde05ddf1d9e-FRA
access-control-allow-origin: *
server: cloudflare

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame C6C8 111 KB
34 KB 39ms
23ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: fontgenerator.cc
URL: https://fontgenerator.cc/embed

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7af99a549a1293b42c5b9321cbef3a1220e62e9aada04cba32af58f6583b050f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/

Response headers

content-encoding: br
etag: 440 / 20236 / m202505200101 / config-hash: 17886797544696259832
x-content-type-options: nosniff
expires: Wed, 28 May 2025 01:31:18 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Wed, 28 May 2025 01:31:18 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 34863
x-xss-protection: 0
server: cafe

GET
H2 200 9343 Show response
stpd.cloud/saas/ Frame C6C8 426 KB
117 KB 833ms
832ms Script
text/javascript 2606:4700::6812:1e31
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://stpd.cloud/saas/9343
Requested by: Host: fontgenerator.cc
URL: https://fontgenerator.cc/embed
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1e31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 28a2e66d41b018bf27fbf4e3434b298b0b9afaf920f9e8a49dd60ded1e1ae903

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/

Response headers

cache-control: max-age=300
x-stpd-module-cache: HIT
content-encoding: br
cf-ray: 9469fde07dfa1d9e-FRA
access-control-allow-origin: *
date: Wed, 28 May 2025 01:31:19 GMT
content-type: text/javascript
vary: Accept-Encoding
server: cloudflare

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame C6C8 385 KB
128 KB 51ms
26ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-1B87SF7ZHT

Requested by

Host: fontgenerator.cc
URL: https://fontgenerator.cc/embed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

bc7f1c92e6e52e299752bc574e1b04603fc94100e8c03ac600082fcff14c604b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/

Response headers

content-encoding: br
report-to: {"group":"ascgcycc:1077:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1077:0"}],}
expires: Wed, 28 May 2025 01:31:18 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 28 May 2025 01:31:18 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1077:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=ascgcycc:1077:0
content-length: 130708
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 script.outbound-links.pageview-props.tagged-events.js Show response
stats.senty.com.au/js/ Frame C6C8 3 KB
2 KB 382ms
128ms Script
application/javascript 104.237.132.182
AKAMAI-LINODE-AP ...

General

Check archive.org

Download Go to

Full URL

https://stats.senty.com.au/js/script.outbound-links.pageview-props.tagged-events.js

Requested by

Host: fontgenerator.cc
URL: https://fontgenerator.cc/embed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.237.132.182 Richardson, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),

Reverse DNS

104-237-132-182.ip.linodeusercontent.com

Software

nginx /

Resource Hash

4f6d3ce6fee0211ee389d61a9344b2f0ff30dc1f7db4e6fd9f2e9417f800afc6

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/

Response headers

cache-control: public, max-age=86400, must-revalidate
content-encoding: gzip
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff, nosniff
access-control-allow-origin: *
date: Wed, 28 May 2025 01:31:18 GMT
x-xss-protection: 1; mode=block
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
server: nginx
x-frame-options: SAMEORIGIN

GET
H3 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/ Frame C6C8 87 KB
28 KB 33ms
22ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js

Requested by

Host: fontgenerator.cc
URL: https://fontgenerator.cc/embed

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "603e8adc-15d9d"
age: 1197458
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Bc0RM69%2BKAXTq8CKkKmFY5YodxOWNfLG8bi86m1Bft9z%2F85iucsO%2Bk65z%2BBJRKsDnNCv1d%2F5Z6jVxsj%2FAPeTIiMVrWmdgcdTir428eX1UwH839BqRUqtwWibupUvu4gFcyN9UXrO2ZM%2BWh1PQG%2BCcXBp"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Mon, 18 May 2026 01:31:18 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Wed, 28 May 2025 01:31:18 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 02 Mar 2021 18:58:36 GMT
vary: Accept-Encoding
priority: u=1,i=?0
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 9469fde02a7ad2cf-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 27938
server: cloudflare

GET
H3 200 script.js Show response
fontgenerator.cc/js/ Frame C6C8 95 KB
20 KB 22ms
21ms Script
application/javascript 2606:4700:3035::6815:142
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://fontgenerator.cc/js/script.js

Requested by

Host: fontgenerator.cc
URL: https://fontgenerator.cc/embed

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:142 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

19492573e99443369d3da235c38f1a430842fce993891f89054f0c7e4e4389e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/embed

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: "67e356ca-17ae7"
age: 4996
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cAYcvrkgpH9y1d2oDQTBHL4ZIsfONJE5sQ6ozvVtmEpuFevCj%2BWETkeFeu4Okj8WAnVo4BrNXuQuuKuwebFURtMDMzGWhJ2d%2B0CZJOv16KYDut8lqjkaSm%2F%2BnBgqJxsJdQcrfMaiXNXsigC155jd"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6443&min_rtt=6005&rtt_var=588&sent=34&recv=20&lost=0&retrans=0&sent_bytes=20979&recv_bytes=5137&delivery_rate=770810&cwnd=12000&unsent_bytes=0&cid=c01b26404b296283&ts=894&x=80"
date: Wed, 28 May 2025 01:31:18 GMT
content-type: application/javascript; charset=utf-8
last-modified: Wed, 26 Mar 2025 01:22:18 GMT
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 9469fde01891d9d3-FRA
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 functions.js Show response
fontgenerator.cc/js/ Frame C6C8 5 KB
2 KB 14ms
13ms Script
application/javascript 2606:4700:3035::6815:142
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://fontgenerator.cc/js/functions.js

Requested by

Host: fontgenerator.cc
URL: https://fontgenerator.cc/embed

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:142 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

69d9ac5984ab481e3a40b4b75c330920e56aa12c8d37bfaccc4ab6cedcdda50f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/embed

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: "67e34bc9-1275"
age: 4996
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=t8DCtIjI5uLKCYVGaFkMcNe7wvCTPdGJZCqsRmoFpS1pd6tbKl%2FStg675jUSPHM%2FHa6RkFbDmqz%2Bj0fHcF4uW2rhlm5jH8AHhJsSaPzz6ZNDPIPawmqxdiVcOPPuSP0gpF%2BcKs0ldGhahDT2ZIIP"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6443&min_rtt=6005&rtt_var=588&sent=21&recv=20&lost=0&retrans=0&sent_bytes=8979&recv_bytes=5137&delivery_rate=770810&cwnd=12000&unsent_bytes=0&cid=c01b26404b296283&ts=890&x=80"
date: Wed, 28 May 2025 01:31:18 GMT
content-type: application/javascript; charset=utf-8
last-modified: Wed, 26 Mar 2025 00:35:21 GMT
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 9469fde01893d9d3-FRA
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 mdb.umd.min.js Show response
cdnjs.cloudflare.com/ajax/libs/mdb-ui-kit/7.1.0/ Frame C6C8 123 KB
31 KB 32ms
21ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/mdb-ui-kit/7.1.0/mdb.umd.min.js

Requested by

Host: fontgenerator.cc
URL: https://fontgenerator.cc/embed

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ea7fb526203a7e6eed35cc2fcdc98c76cb136dba25b23fae9e5fab3588877596

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "656db89f-7ae6"
age: 524615
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eVCZAljPwkamgvAPRIqwwobBhTG%2FTQ9v1b2VhtLbyZhXH0JJgs5bQNHivy7IvK%2F4S58CxNOMTUJm4taDBfpFcJHS1W%2FWSh%2BO%2Fm7H5SQiPSkqKTr7%2B84GL2VRpG2PtDzaThKHzJD0xK%2BNN%2BD330%2Fka0Io"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Mon, 18 May 2026 01:31:18 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Wed, 28 May 2025 01:31:18 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 04 Dec 2023 11:31:43 GMT
vary: Accept-Encoding
priority: u=1,i=?0
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 9469fde02a79d2cf-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 31462
server: cloudflare

GET
H3 200 toastr.min.js Show response
fontgenerator.cc/js/ Frame C6C8 5 KB
3 KB 19ms
19ms Script
application/javascript 2606:4700:3035::6815:142
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://fontgenerator.cc/js/toastr.min.js

Requested by

Host: fontgenerator.cc
URL: https://fontgenerator.cc/embed

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:142 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ddb96c25de07962ffbc0243e6e68177ce74aee9fd950cb4f5d8d3c8e6c524a09

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/embed

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: "67e1e2bb-15a1"
age: 4996
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dcRtImwPdTIjpgrHPObnKLAX82uAk52%2FLHCWpyMSW2LIW0vLFEN0vDiOUzpr4Lk7%2Biv9ZhMSKtiBX%2B7wGU4nc%2Bl%2F8Aie3IZRUEUapV%2BqpoJQUo13jATXlhQchf35yinHpp%2F%2B2RGEF%2FUYxDZY50Vo"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6443&min_rtt=6005&rtt_var=588&sent=32&recv=20&lost=0&retrans=0&sent_bytes=19663&recv_bytes=5137&delivery_rate=770810&cwnd=12000&unsent_bytes=0&cid=c01b26404b296283&ts=893&x=80"
date: Wed, 28 May 2025 01:31:18 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 24 Mar 2025 22:54:51 GMT
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 9469fde01894d9d3-FRA
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 ads.js Show response
app.tinyadz.com/scripts/ Frame C6C8 7 KB
3 KB 74ms
55ms Script
text/javascript 2606:4700:3033::ac43:cd8d
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://app.tinyadz.com/scripts/ads.js?siteId=68323df081da95ab79451781
Requested by: Host: fontgenerator.cc
URL: https://fontgenerator.cc/embed
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:cd8d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4bbba479472ffa4241be401098dddafddc48cd7d1377c83d0048cc364933cbd0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin: https://fontgenerator.cc
Referer: https://fontgenerator.cc/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: max-age=14400
content-encoding: gzip
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZpxewQc3KatswtT6QRtd26pX3pcni49osTd3UoO6QTSK5v6ykRNKOYHj8Y9cqcnToSFIWmXZh2acM6REPFBlE7RDOY0S63JALy0uBth7RYK%2FUoYJUmFdrZMtpU7CHVt%2B0wGqQ4qWmcbEq5G0ua4%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 9469fde039ced2ba-FRA
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6327&min_rtt=6089&rtt_var=957&sent=10&recv=10&lost=0&retrans=0&sent_bytes=3643&recv_bytes=3194&delivery_rate=364294&cwnd=12000&unsent_bytes=0&cid=cb1301abf0a9dd5a&ts=57&x=80"
date: Wed, 28 May 2025 01:31:18 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding, Origin
server: cloudflare
last-modified: Wed, 28 May 2025 01:31:18 GMT

GET
H2 200 fontgenerator.js Show response
cdn4.buysellads.net/pub/ Frame C6C8 724 KB
186 KB 194ms
66ms Script
application/javascript 159.65.211.77
DIGITALOCEAN-ASN

General

Check archive.org

Download Go to

Full URL: https://cdn4.buysellads.net/pub/fontgenerator.js?1748395800000
Requested by: Host: fontgenerator.cc
URL: https://fontgenerator.cc/embed
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 159.65.211.77 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: srv-lon1-2 /
Resource Hash: a76799d383e84544bb37f128665c43341e94deae0101f7a8c256982f41c46f90

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/

Response headers

cache-control: public, max-age=3600, stale-while-revalidate
content-encoding: br
etag: 50300e48b650577737aed03666afbed6abeff3fb
date: Wed, 28 May 2025 01:31:18 GMT
content-type: application/javascript
vary: Accept-Encoding
server: srv-lon1-2

GET
H3 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v40/ Frame C6C8 18 KB
18 KB 20ms
6ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans&family=Ubuntu:wght@500&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e7af9d60d875eb1c1b1037bbbfdec41fcb096d0ebcf98a48717ad8b07906ced6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin: https://fontgenerator.cc
Referer: https://fonts.googleapis.com/

Response headers

age: 58395
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 27 May 2026 09:18:03 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 27 May 2025 09:18:03 GMT
last-modified: Thu, 14 Dec 2023 02:00:39 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18668
x-xss-protection: 0
server: sffe

GET
H3 200 home.css
portal.fuafajihja.shadowshark.ipv64.net/css/ Frame 1378 1 KB
763 B 99ms
98ms Stylesheet
text/css 104.243.38.18
RELIABLESITE

General

Check archive.org

Download Go to

Full URL: https://portal.fuafajihja.shadowshark.ipv64.net/css/home.css
Requested by: Host: portal.fuafajihja.shadowshark.ipv64.net
URL: https://portal.fuafajihja.shadowshark.ipv64.net/home/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.243.38.18 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: / Express
Resource Hash: bfbf77facc0b33343150d420aa0f7e582e1657070c51895cdec89299922d96cc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://portal.fuafajihja.shadowshark.ipv64.net/home/

Response headers

cache-control: public, max-age=86400, must-revalidate, public, max-age=604800
content-encoding: gzip
cross-origin-opener-policy: same-origin
etag: W/"4d2-19630f6deef"
via: 1.1 Caddy
content-length: 540
date: Wed, 28 May 2025 01:31:18 GMT
last-modified: Sun, 13 Apr 2025 21:03:27 GMT
vary: Accept-Encoding
x-powered-by: Express
content-type: text/css; charset=utf-8

GET
H2 200 themes.css
portal.fuafajihja.shadowshark.ipv64.net/css/ Frame 1378 3 KB
0 1ms
1ms Stylesheet
text/css 104.243.38.18
RELIABLESITE

General

Check archive.org

Download Go to

Full URL: https://portal.fuafajihja.shadowshark.ipv64.net/css/themes.css
Requested by: Host: portal.fuafajihja.shadowshark.ipv64.net
URL: https://portal.fuafajihja.shadowshark.ipv64.net/home/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.243.38.18 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: / Express
Resource Hash: 92335a8a579ab20778ad116b2e403ac436989b7c6b760bd9e906d451483ddb24

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://portal.fuafajihja.shadowshark.ipv64.net/home/

Response headers

cache-control: public, max-age=86400, must-revalidate, public, max-age=604800
content-encoding: gzip
cross-origin-opener-policy: same-origin
etag: W/"b00-196c0828a31"
via: 1.1 Caddy
alt-svc: h3=":443"; ma=2592000
content-length: 734
date: Wed, 28 May 2025 01:31:17 GMT
content-type: text/css; charset=utf-8
last-modified: Sun, 11 May 2025 18:01:42 GMT
vary: Accept-Encoding
x-powered-by: Express

GET
H2 200 css2
fonts.googleapis.com/ Frame 1378 2 KB
619 B 19ms
14ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Poppins:wght@400;600&display=swap

Requested by

Host: portal.fuafajihja.shadowshark.ipv64.net
URL: https://portal.fuafajihja.shadowshark.ipv64.net/home/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f9d8e58b6cdcdf7831511b8a69c82bc6b71c335ade7b7efa21b634e08cf9789d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://portal.fuafajihja.shadowshark.ipv64.net/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Wed, 28 May 2025 01:31:18 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 28 May 2025 01:31:18 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Tue, 27 May 2025 23:40:29 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H3 200 ana.js Show response
portal.fuafajihja.shadowshark.ipv64.net/ Frame 1378 380 KB
0 2ms
2ms Script
application/javascript 104.243.38.18
RELIABLESITE

General

Check archive.org

Download Go to

Full URL

https://portal.fuafajihja.shadowshark.ipv64.net/ana.js

Requested by

Host: portal.fuafajihja.shadowshark.ipv64.net
URL: https://portal.fuafajihja.shadowshark.ipv64.net/home/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.243.38.18 Piscataway, United States, ASN23470 (RELIABLESITE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1775d6d7278247af0e4e409092d75152b4dd04f873cb46dbb5482c73eb60e7a0

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://portal.fuafajihja.shadowshark.ipv64.net/home/

Response headers

content-encoding: br
report-to: {"group":"ascgcycc:1077:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1077:0"}],}
expires: Wed, 28 May 2025 01:31:17 GMT
date: Wed, 28 May 2025 01:31:17 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1077:0
via: 2.0 Caddy
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=ascgcycc:1077:0
content-length: 130395
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 themes.js Show response
portal.fuafajihja.shadowshark.ipv64.net/assets/js/ Frame 1378 4 KB
0 4ms
4ms Script
text/javascript 104.243.38.18
RELIABLESITE

General

Check archive.org

Download Go to

Full URL: https://portal.fuafajihja.shadowshark.ipv64.net/assets/js/themes.js
Requested by: Host: portal.fuafajihja.shadowshark.ipv64.net
URL: https://portal.fuafajihja.shadowshark.ipv64.net/home/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.243.38.18 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: / Express
Resource Hash: e3715d1fe227e6550c249faf6362adb08c08898bc88db2192ea12b39b8be0974

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin: https://portal.fuafajihja.shadowshark.ipv64.net
Referer: https://portal.fuafajihja.shadowshark.ipv64.net/home/

Response headers

cache-control: public, max-age=86400, must-revalidate, public, max-age=604800
content-encoding: gzip
cross-origin-opener-policy: same-origin
etag: W/"116e-19630f6df0b"
via: 1.1 Caddy
alt-svc: h3=":443"; ma=2592000
content-length: 1343
date: Wed, 28 May 2025 01:31:17 GMT
content-type: text/javascript; charset=utf-8
last-modified: Sun, 13 Apr 2025 21:03:27 GMT
vary: Accept-Encoding
x-powered-by: Express

GET
H3 200 plain_logo.webp
portal.fuafajihja.shadowshark.ipv64.net/assets/imgs/icons/ Frame 1378 11 KB
12 KB 99ms
98ms Image
image/webp 104.243.38.18
RELIABLESITE

General

Check archive.org

Download Go to Show image

Full URL: https://portal.fuafajihja.shadowshark.ipv64.net/assets/imgs/icons/plain_logo.webp
Requested by: Host: portal.fuafajihja.shadowshark.ipv64.net
URL: https://portal.fuafajihja.shadowshark.ipv64.net/home/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.243.38.18 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: / Express
Resource Hash: 042a1652e0b3d20d268a194befaea0c5841026a91a14214abac003d605e0ed65

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://portal.fuafajihja.shadowshark.ipv64.net/home/

Response headers

cache-control: public, max-age=86400, must-revalidate, public, max-age=604800
cross-origin-opener-policy: same-origin
etag: W/"2d9c-19630f6dee7"
via: 1.1 Caddy
accept-ranges: bytes
content-length: 11676
date: Wed, 28 May 2025 01:31:18 GMT
content-type: image/webp
x-powered-by: Express
last-modified: Sun, 13 Apr 2025 21:03:27 GMT

GET
H3 200 GetSiteAdConfigAPI Show response
app.tinyadz.com/api/ Frame C6C8 96 B
706 B 44ms
42ms Fetch
application/json 2606:4700:3033::ac43:cd8d
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://app.tinyadz.com/api/GetSiteAdConfigAPI?siteId=68323df081da95ab79451781&pageUrl=https%3A%2F%2Ffontgenerator.cc%2Fembed&refererUrl=https%3A%2F%2Fportal.fuafajihja.shadowshark.ipv64.net%2F&width=300&height=120
Requested by: Host: app.tinyadz.com
URL: https://app.tinyadz.com/scripts/ads.js?siteId=68323df081da95ab79451781
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:cd8d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: abf9bfd998405a38e5f5f61e533e4de1298162efc4409b1f161ea04e5901c366

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: max-age=0
content-encoding: gzip
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pW8Du10TWduYqzVT7W9u%2Fetwi0oW5nL1PasawlkFLJjE%2FhT6ahqm6FvsgLsr7UuO8Kqrxi5b5nQOzbkQ%2BnrSJKSILHn8NHFpXn8T81tjS2cH4cMwRWoiNF4IuvdCSrLLrtkf9eE4WWkAlrtFnuk%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 9469fde099d1d2ba-FRA
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6246&min_rtt=5947&rtt_var=676&sent=14&recv=12&lost=0&retrans=0&sent_bytes=6905&recv_bytes=3684&delivery_rate=403546&cwnd=12000&unsent_bytes=0&cid=cb1301abf0a9dd5a&ts=107&x=80"
date: Wed, 28 May 2025 01:31:18 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding, Origin
server: cloudflare

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202505200101/ Frame C6C8 539 KB
170 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202505200101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

638b32a4f2339ff4f58198fe56ffb89091e03c23d76a39821797c01f026e21ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/

Response headers

content-encoding: br
etag: 8367355567805738573
age: 50404
x-content-type-options: nosniff
expires: Wed, 27 May 2026 11:31:14 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Tue, 27 May 2025 11:31:14 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 173743
x-xss-protection: 0
server: cafe

GET
H3 200 gpt
securepubads.g.doubleclick.net/pagead/managed/dict/m202505270101/ Frame C6C8 63 KB
23 KB 15ms
14ms Other
text/plain 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/dict/m202505270101/gpt

Requested by

Host: fontgenerator.cc
URL: https://fontgenerator.cc/embed

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9b502c40cea58eb57328f78cf48c787ab82d46606203a135bbb813ee19fb6c6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: br
etag: 8651680878418282224
age: 37794
x-content-type-options: nosniff
expires: Tue, 03 Jun 2025 15:01:24 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Tue, 27 May 2025 15:01:24 GMT
content-type: text/plain; charset=UTF-8
vary: Accept-Encoding
cache-control: public, immutable, max-age=604800, stale-while-revalidate=7200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 23432
x-xss-protection: 0
server: cafe
use-as-dictionary: match="/gampad/ads", id="m202505270101"

GET
H3 200 manager.js Show response
app.tinyadz.com/libs/ Frame C6C8 10 KB
4 KB 63ms
55ms Script
text/javascript 2606:4700:3033::ac43:cd8d
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://app.tinyadz.com/libs/manager.js
Requested by: Host: app.tinyadz.com
URL: https://app.tinyadz.com/scripts/ads.js?siteId=68323df081da95ab79451781
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:cd8d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cc9b3ab0470daadec08ecf223bafa041cd60ad6ddb2b0cc5ede515e16cbd95b9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: max-age=14400
content-encoding: gzip
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=t3R%2Bz4duCNLsOxxd9ac7pbi%2FDCl6ImNMbAztTddpTijyBR%2FoOmbd%2BOVnzi7xpivDcMwag4VNRZe2P4%2FgUfnblMAWKs6q0j8kPrgEhIjHsUk%2FKl%2BYyQO%2F9quh3GWfCV7ijeToBu443JcDjhbKH7I%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 9469fde19f86196a-FRA
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6587&min_rtt=6249&rtt_var=1129&sent=10&recv=10&lost=0&retrans=0&sent_bytes=3643&recv_bytes=3151&delivery_rate=429206&cwnd=12000&unsent_bytes=0&cid=a784009aaf71487e&ts=55&x=80"
date: Wed, 28 May 2025 01:31:18 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding, Origin
server: cloudflare
last-modified: Wed, 28 May 2025 01:31:18 GMT

GET
H3 200 GetAvailableWidgetsAPI Show response
app.tinyadz.com/api/ Frame C6C8 14 B
608 B 150ms
150ms Fetch
application/json 2606:4700:3033::ac43:cd8d
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://app.tinyadz.com/api/GetAvailableWidgetsAPI?siteId=68323df081da95ab79451781&pageUrl=https%3A%2F%2Ffontgenerator.cc%2Fembed&width=300&height=120
Requested by: Host: app.tinyadz.com
URL: https://app.tinyadz.com/scripts/ads.js?siteId=68323df081da95ab79451781
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:cd8d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f116ce064296bb68f5adc78f16e0298efd4a0db15077406976147f6ce69a5b8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/

Response headers

cache-control: max-age=0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JT6qtwMT0TS85Ai%2BUyPZ9kDJ577yZsc26PSzjU%2BOa%2Fkc3cubi5nRf%2FLuAsqzaIZzdhXNQMht8y2fo87Runqga6UYYPIWTbkBDpSqRgD%2B9l89SKWuJkuaiwaIADgwLDRm1lH6ubLRfeREq8flQto%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 9469fde189d6d2ba-FRA
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 14
server-timing: cfL4;desc="?proto=QUIC&rtt=6222&min_rtt=5947&rtt_var=554&sent=16&recv=14&lost=0&retrans=0&sent_bytes=7657&recv_bytes=4122&delivery_rate=403546&cwnd=12000&unsent_bytes=0&cid=cb1301abf0a9dd5a&ts=367&x=80"
date: Wed, 28 May 2025 01:31:18 GMT
content-type: application/json; charset=utf-8
vary: Origin
server: cloudflare

GET
H3 200 blue.jpg
portal.fuafajihja.shadowshark.ipv64.net/assets/imgs/backgrounds/home/ Frame 1378 184 KB
185 KB 88ms
88ms Image
image/jpeg 104.243.38.18
RELIABLESITE

General

Check archive.org

Download Go to Show image

Full URL: https://portal.fuafajihja.shadowshark.ipv64.net/assets/imgs/backgrounds/home/blue.jpg
Requested by: Host: portal.fuafajihja.shadowshark.ipv64.net
URL: https://portal.fuafajihja.shadowshark.ipv64.net/css/home.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.243.38.18 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: / Express
Resource Hash: 5eff7005425c542db2290b5ccdf4e0a65c4219273a665ce0425264274e536ea6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://portal.fuafajihja.shadowshark.ipv64.net/css/home.css

Response headers

cache-control: public, max-age=86400, must-revalidate, public, max-age=604800
cross-origin-opener-policy: same-origin
etag: W/"2e144-19630f6dedf"
via: 1.1 Caddy
accept-ranges: bytes
content-length: 188740
date: Wed, 28 May 2025 01:31:18 GMT
last-modified: Sun, 13 Apr 2025 21:03:27 GMT
x-powered-by: Express
content-type: image/jpeg

GET
H3 200 pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v23/ Frame 1378 8 KB
8 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v23/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@400;600&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin: https://portal.fuafajihja.shadowshark.ipv64.net
Referer: https://fonts.googleapis.com/

Response headers

age: 57271
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 27 May 2026 09:36:47 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 27 May 2025 09:36:47 GMT
last-modified: Wed, 23 Apr 2025 16:07:17 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 8000
x-xss-protection: 0
server: sffe

GET
H3 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v23/ Frame 1378 8 KB
0 0ms
0ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v23/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@400;600&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin: https://portal.fuafajihja.shadowshark.ipv64.net
Referer: https://fonts.googleapis.com/

Response headers

age: 58071
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 27 May 2026 09:23:26 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 27 May 2025 09:23:26 GMT
last-modified: Wed, 23 Apr 2025 16:05:59 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 7884
x-xss-protection: 0
server: sffe

GET
H3 200 F.svg
fontgenerator.cc/icons/ Frame C6C8 5 KB
3 KB 23ms
22ms Image
image/svg+xml 2606:4700:3035::6815:142
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL

https://fontgenerator.cc/icons/F.svg

Requested by

Host: fontgenerator.cc
URL: https://fontgenerator.cc/embed

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:142 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5d881b69841cd18f3db8831bd5f0e57149fecd4064d156cb1d3f982626903d60

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/embed

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: "67e1e2bb-1516"
age: 4174
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0a8jX8EGaaNlHOuJLtaN1uddb3mcA%2FJWd3v%2B%2Bhe0HHpUZRvBihOtDmL4wnSCjGzs6AWeHFCECAHlQs7%2FtXexRxQkAlcgz14SNYdT0hk58BiwLtiH02WRJVy%2B73ioS5Qqossdfv1GiS95sXEtMfcZ"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=7402&min_rtt=5890&rtt_var=1377&sent=59&recv=41&lost=0&retrans=0&sent_bytes=44045&recv_bytes=6390&delivery_rate=3532586&cwnd=25200&unsent_bytes=0&cid=c01b26404b296283&ts=1146&x=80"
date: Wed, 28 May 2025 01:31:18 GMT
content-type: image/svg+xml
last-modified: Mon, 24 Mar 2025 22:54:51 GMT
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 9469fde1a897d9d3-FRA
x-xss-protection: 1; mode=block
server: cloudflare

POST
H2 204 collect
www.google-analytics.com/g/ Frame 1378 0
0 15ms
14ms Fetch
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-NCTSG4T1B6&gtm=45je55q0v9138172222za204&_p=1748395878651&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101509157~103116026~103130495~103130497~103200004~103233427~103252644~103252646~104481633~104481635&cid=2016712112.1748395878&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=1&pscdl=noapi&_eu=AAAAAAQ&_s=1&sid=1748395877&sct=1&seg=1&dl=https%3A%2F%2Fportal.fuafajihja.shadowshark.ipv64.net%2Fhome%2F&dr=https%3A%2F%2Fportal.fuafajihja.shadowshark.ipv64.net%2Fpages%2Fhome.html&dt=Home&en=page_view&_ee=1&tfd=375
Requested by: Host: portal.fuafajihja.shadowshark.ipv64.net
URL: https://portal.fuafajihja.shadowshark.ipv64.net/ana.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://portal.fuafajihja.shadowshark.ipv64.net/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:100:0
report-to: {"group":"ascnsrsggc:100:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:100:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://portal.fuafajihja.shadowshark.ipv64.net
cross-origin-opener-policy-report-only: same-origin; report-to=ascnsrsggc:100:0
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 28 May 2025 01:31:18 GMT
content-type: text/plain
server: Golfe2

GET
H3 200 settings_manager.js Show response
portal.fuafajihja.shadowshark.ipv64.net/assets/js/ Frame 1378 4 KB
0 0ms
0ms Script
text/javascript 104.243.38.18
RELIABLESITE

General

Check archive.org

Download Go to

Full URL: https://portal.fuafajihja.shadowshark.ipv64.net/assets/js/settings_manager.js
Requested by: Host: portal.fuafajihja.shadowshark.ipv64.net
URL: https://portal.fuafajihja.shadowshark.ipv64.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.243.38.18 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: / Express
Resource Hash: 8b6965a87cf7118c3c59e80a39eb18dfead63c4a4b8e0a1e0134f5842cd4d8cc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin: https://portal.fuafajihja.shadowshark.ipv64.net
Referer: https://portal.fuafajihja.shadowshark.ipv64.net/assets/js/themes.js

Response headers

cache-control: public, max-age=86400, must-revalidate, public, max-age=604800
content-encoding: gzip
cross-origin-opener-policy: same-origin
etag: W/"f26-19630f6df0b"
via: 1.1 Caddy
content-length: 885
date: Wed, 28 May 2025 01:31:17 GMT
last-modified: Sun, 13 Apr 2025 21:03:27 GMT
vary: Accept-Encoding
x-powered-by: Express
content-type: text/javascript; charset=utf-8

OPTIONS
H2 204 openrtb
ex.ingage.tech/v1/ Frame 0
0 142ms
111ms Preflight 2606:4700:10::6816:bc7
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://ex.ingage.tech/v1/openrtb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:bc7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://fontgenerator.cc
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://fontgenerator.cc
access-control-max-age: 86400
cf-cache-status: DYNAMIC
cf-ray: 9469fde2bbb85d7f-FRA
date: Wed, 28 May 2025 01:31:18 GMT
server: cloudflare
vary: Origin, Access-Control-Request-Headers

GET
H2 200 tag Show response
btloader.com/ Frame C6C8 78 KB
25 KB 42ms
18ms Script
application/javascript 2606:4700:10::ac43:293c
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://btloader.com/tag?o=5102648370397184&upapi=true
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/fontgenerator.js?1748395800000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:293c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9aaa2304af081bb7f93a8c1fdd65839652c39ae00606d774f01262c2a4c7718d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/

Response headers

x-robots-tag: noindex, nofollow
cache-control: public, max-age=300, stale-if-error=3600, stale-while-revalidate=300
content-encoding: gzip
cf-cache-status: HIT
etag: "10d72f2595b2fc42fbfe36f6a7fe3d2e"
via: 1.1 google
cf-ray: 9469fde25ec89256-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 25358
date: Wed, 28 May 2025 01:31:18 GMT
content-type: application/javascript
last-modified: Wed, 28 May 2025 00:40:22 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 CEADK5QI.json Show response
srv.buysellads.com/ads/ Frame C6C8 0
114 B 83ms
22ms Fetch
application/json 159.65.211.77
DIGITALOCEAN-ASN

General

Check archive.org

Download Go to

Full URL: https://srv.buysellads.com/ads/CEADK5QI.json?forcebanner=586284&ignoretargeting=yes
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/fontgenerator.js?1748395800000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 159.65.211.77 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: srv-lon1-1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/

Response headers

access-control-allow-origin: *
content-length: 0
date: Wed, 28 May 2025 01:31:18 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
server: srv-lon1-1
access-control-allow-headers: *

GET
H/1.1 200
OK localstore.js Show response
script.4dex.io/ Frame C6C8 492 B
1 KB 43ms
18ms Script
application/javascript 2606:4700:20::681a:9a9
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/fontgenerator.js?1748395800000
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 504460751d9d131dae7dcd29927c1cd147be3cb0651003de4ee6b0fea5fef6ae

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/

Response headers

Content-Encoding: br
CF-Cache-Status: HIT
ETag: W/"56dbef354a963eec89c1c0d552909198"
Age: 1012939
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bklZahnDcda%2FnJAfYQmeV5XZVBPZqbvOfysqlaWwDj6ZVj5bSTnaXNq77kMp1aPCDECbNgR1vhrC%2FX%2BQmMaYXsNwdTFLGvLR0%2F3wNtcAONdQyKWJXhjfdQU50F0jrXd6w4w2U%2Bhn9NwMINsE"}],"group":"cf-nel","max_age":604800}
server-timing: cfL4;desc="?proto=TCP&rtt=5776&min_rtt=5757&rtt_var=1241&sent=6&recv=9&lost=0&retrans=0&sent_bytes=3465&recv_bytes=2269&delivery_rate=683948&cwnd=252&unsent_bytes=0&cid=8ee13a09d06697a0&ts=21&x=0"
Date: Wed, 28 May 2025 01:31:18 GMT
Content-Type: application/javascript
Last-Modified: Mon, 24 Mar 2025 20:04:12 GMT
Vary: Accept-Encoding
Transfer-Encoding: chunked
Cache-Control: public, max-age=1800
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
CF-RAY: 9469fde29948dca5-FRA
Server: cloudflare

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ Frame C6C8 19 B
584 B 63ms
21ms Fetch
application/json 185.89.210.141
ASN-APPNEX

General

Check archive.org

Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/fontgenerator.js?1748395800000

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://fontgenerator.cc/

Response headers

cache-control: no-store, no-cache, private
pragma: no-cache
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials: true
x-proxy-origin: 45.141.152.74; 45.141.152.74; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; *.adnxs.com
expires: Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin: https://fontgenerator.cc
an-x-request-uuid: 97fdde9f-f73b-4e34-8717-166a7d107953
content-length: 19
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date: Wed, 28 May 2025 01:31:18 GMT
x-xss-protection: 0
content-type: application/json; charset=utf-8
server: nginx/1.23.4

GET
H2 200 trinity.json Show response
apex.go.sonobi.com/ Frame C6C8 645 B
1 KB 340ms
116ms Fetch
application/json 2607:f350:3:2569:0:10:0:a
AS-XFERNET

General

Check archive.org

Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker=%7B%2246ff96d980933a%22%3A%22fa87082a6d5773189466%7C320x50%2C320x100%2C300x50%2C300x100%2C300x75%2C300x250%7Cgpid%3D%2F22960212090%2C22921845643%2FFontgenerator_S2S_Leaderboard_CarbonFallback_ROS%23bsa-zone_1742380026425-9_123456%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fportal.fuafajihja.shadowshark.ipv64.net%2F&s=ed8383e9-92e5-413c-9a82-69bbc5014f47&pv=1658d16f-42f9-4efa-9aa0-504cfd97738c&vp=mobile&lib_name=prebid&lib_v=8.45.0&us=8&iqid=%7B%22pcid%22%3A%22462c26d6-58a8-4dd8-9181-86a256ffe38a%22%2C%22pcidDate%22%3A1748395878795%7D&fpd=%7B%22source%22%3A%7B%7D%2C%22site%22%3A%7B%22domain%22%3A%22portal.fuafajihja.shadowshark.ipv64.net%22%2C%22publisher%22%3A%7B%22domain%22%3A%22portal.fuafajihja.shadowshark.ipv64.net%22%7D%2C%22page%22%3A%22https%3A%2F%2Fportal.fuafajihja.shadowshark.ipv64.net%2F%22%7D%2C%22device%22%3A%7B%22w%22%3A300%2C%22h%22%3A120%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F136.0.0.0%20Safari%2F537.36%22%2C%22language%22%3A%22de%22%2C%22sua%22%3A%7B%22source%22%3A1%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%7D%7D%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22buysellads.com%22%2C%22sid%22%3A%2219929%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22c53598f9-8da3-4bf2-a235-4dc62113f52d%22%2C%22atype%22%3A1%7D%5D%7D%5D&coppa=0

Requested by

Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/fontgenerator.js?1748395800000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f350:3:2569:0:10:0:a , United States, ASN27630 (AS-XFERNET, US),

Reverse DNS

Software

sonobi-go /

Resource Hash

a0d28f81842088d588dc865d4fefd4003829a2dbc2cba7f22ae656e6e6bd6bda

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://fontgenerator.cc/

Response headers

cache-control: no-cache, no-store, private
content-encoding: gzip
pragma: no-cache
access-control-allow-credentials: true
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: https://fontgenerator.cc
content-length: 379
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
date: Wed, 28 May 2025 01:31:19 GMT
tcn: Choice
content-type: application/json
vary: negotiate,Accept-Encoding
server: sonobi-go
x-go-server: go-iad-2-5-103
x-xss-protection: 0

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame C6C8 0
223 B 60ms
14ms Fetch 2a02:2638:3::39
ASN-CRITEO-EUROPE...

General

Check archive.org

Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.45.0&cb=83068653824&lsavail=1

Requested by

Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/fontgenerator.js?1748395800000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::39 , France, ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://fontgenerator.cc/

Response headers

strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
observe-browsing-topics: ?1
access-control-allow-origin: https://fontgenerator.cc
date: Wed, 28 May 2025 01:31:18 GMT
vary: Origin
server: Kestrel

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame C6C8 552 B
1 KB 76ms
16ms Fetch
application/json 2602:803:c003:200::21
RUBICONPROJECT

General

Check archive.org

Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18812&site_id=586072&zone_id=3741866&size_id=15&alt_size_ids=19%2C43%2C44%2C117&rp_schain=1.0,1!buysellads.com,19929,1,,,&eid_pubcid.org=c53598f9-8da3-4bf2-a235-4dc62113f52d%5E1&rf=https%3A%2F%2Fportal.fuafajihja.shadowshark.ipv64.net%2F&tg_i.domain=portal.fuafajihja.shadowshark.ipv64.net&tg_i.page=https%3A%2F%2Fportal.fuafajihja.shadowshark.ipv64.net%2F&tg_i.pbadslot=%2F22960212090%2C22921845643%2FFontgenerator_S2S_Leaderboard_CarbonFallback_ROS%23bsa-zone_1742380026425-9_123456&tk_flint=pbjs_lite_v8.45.0&l_pb_bid_id=855c2ea6cb596c&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F22960212090%2C22921845643%2FFontgenerator_S2S_Leaderboard_CarbonFallback_ROS%23bsa-zone_1742380026425-9_123456&m_ch_mobile=%3F0&slots=1&rand=0.5450465976083033
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/fontgenerator.js?1748395800000
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.27.2 /
Resource Hash: a6e05433a8a00bdc373490fa6619c40453a4277ec87c614156a1ad0b3af69778

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://fontgenerator.cc/

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-origin: https://fontgenerator.cc
date: Wed, 28 May 2025 01:31:18 GMT
content-type: application/json
vary: Accept-Encoding
server: nginx/1.27.2

POST
H2 200 prebid-request Show response
onetag-sys.com/ Frame C6C8 15 B
413 B 31ms
8ms Fetch
application/json 51.75.86.98
OVH OVH SAS

General

Check archive.org

Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/fontgenerator.js?1748395800000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.75.86.98 , France, ASN16276 (OVH OVH SAS, FR),

Reverse DNS

ip98.ip-51-75-86.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://fontgenerator.cc/

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-encoding: gzip
access-control-allow-credentials: true
access-control-allow-origin: https://fontgenerator.cc
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
content-length: 41
content-type: application/json
access-control-allow-headers: content-type, origin, referer, user-agent

POST
H2 200 v1 Show response
hb-api.omnitagjs.com/hb-api/prebid/ Frame C6C8 537 B
638 B 98ms
46ms Fetch
application/json 34.1.1.166
GOOGLE

General

Check archive.org

Download Go to

Full URL: https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fportal.fuafajihja.shadowshark.ipv64.net%2F&PageUrl=https%3A%2F%2Fportal.fuafajihja.shadowshark.ipv64.net%2F&PageReferrer=https%3A%2F%2Fportal.fuafajihja.shadowshark.ipv64.net%2F
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/fontgenerator.js?1748395800000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.1.1.166 Paris, France, ASN15169 (GOOGLE, US),
Reverse DNS: 166.1.1.34.bc.googleusercontent.com
Software: fasthttp /
Resource Hash: 35739c97fca499e8dc083be59a85f4000cdf8c97427ea2182bb9fdaefc27e6cc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://fontgenerator.cc/

Response headers

access-control-max-age: 3600
content-encoding: gzip
x-kong-request-id: eac4d67a0cdd05174a4dc25b98d14455
access-control-allow-credentials: true
access-control-allow-methods: OPTIONS, POST
via: kong/3.6.1
x-kong-upstream-latency: 31
access-control-allow-origin: https://fontgenerator.cc
content-length: 242
date: Wed, 28 May 2025 01:31:18 GMT
x-kong-proxy-latency: 0
content-type: application/json; charset=utf-8
vary: Accept-Encoding
server: fasthttp
access-control-allow-headers: Accept-Encoding, Content-Type

POST
H2 200 adreq Show response
ads.servenobid.com/ Frame C6C8 394 B
628 B 207ms
149ms Fetch
application/json 143.244.197.139
DIGITALOCEAN-ASN

General

Check archive.org

Download Go to

Full URL

https://ads.servenobid.com/adreq?cb=5229

Requested by

Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/fontgenerator.js?1748395800000

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

143.244.197.139 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Resource Hash

d1505dbe33ff28f18b84904568522d81d9146da67cf306ad5e97353407984812

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://fontgenerator.cc/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
content-encoding: gzip
access-control-allow-credentials: true
amp-access-control-allow-source-origin: *
access-control-allow-origin: https://fontgenerator.cc
date: Wed, 28 May 2025 01:31:19 GMT
content-type: application/json
vary: accept-encoding

POST
H2 200 openrtb Show response
ex.ingage.tech/v1/ Frame C6C8 82 B
471 B 216ms
198ms Fetch
application/json 2606:4700:10::6816:bc7
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://ex.ingage.tech/v1/openrtb
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/fontgenerator.js?1748395800000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:bc7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ee5c94e0595688414e7496ea756b280ca32426ea57ae1dab7e55842cc082330

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
content-type: application/json
Referer: https://fontgenerator.cc/

Response headers

content-encoding: br
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
cf-ray: 9469fde38d69dcba-FRA
access-control-allow-origin: https://fontgenerator.cc
date: Wed, 28 May 2025 01:31:19 GMT
content-type: application/json; charset=utf-8
vary: Origin
server: cloudflare

POST
H2 200 prebidjs Show response
rtb.openx.net/openrtbb/ Frame C6C8 53 B
294 B 40ms
15ms Fetch
text/plain 35.186.253.211
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to

Full URL: https://rtb.openx.net/openrtbb/prebidjs
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/fontgenerator.js?1748395800000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: /
Resource Hash: 928047c3a25fb3acd3197ecf904d8b10f96be71b512be4ffacca0bf14a8033a8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://fontgenerator.cc/

Response headers

content-encoding: gzip
x-forwarded-for: 45.141.152.74
access-control-allow-credentials: true
observe-browsing-topics: ?1
via: 1.1 google
access-control-allow-origin: https://fontgenerator.cc
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77
date: Wed, 28 May 2025 01:31:18 GMT
content-type: text/plain
vary: Origin

POST
H2 200 prebid Show response
prebid.media.net/rtb/ Frame C6C8 32 B
556 B 140ms
106ms Fetch
application/json 34.120.63.153
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CU18831I
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/fontgenerator.js?1748395800000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 153.63.120.34.bc.googleusercontent.com
Software: envoy /
Resource Hash: dbe5b7ecbb1e59ac15de1b1ea340c9540f8d1cf1764c667aeca64a1fdd3b639c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://fontgenerator.cc/

Response headers

cache-control: max-age=0, no-cache, no-store, must-revalidate
content-encoding: gzip
pragma: no-cache
accept-ch: Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
x-envoy-upstream-service-time: 91
access-control-allow-credentials: true
via: 1.1 google
expires: Wed, 28 May 2025 01:31:18 GMT
access-control-allow-origin: https://fontgenerator.cc
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52
date: Wed, 28 May 2025 01:31:18 GMT
content-type: application/json;charset=utf-8
server: envoy

POST
H2 200 hb-multi Show response
hb.yellowblue.io/ Frame C6C8 84 B
630 B 58ms
35ms Fetch
application/json 52.222.236.4
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://hb.yellowblue.io/hb-multi
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/fontgenerator.js?1748395800000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-4.fra56.r.cloudfront.net
Software: istio-envoy /
Resource Hash: 9783d85d8b66f652af8851f97de2d59b7cd0940244147ed9b24e0142db132eff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://fontgenerator.cc/

Response headers

content-encoding: gzip
x-envoy-upstream-service-time: 1
access-control-allow-credentials: true
access-control-allow-methods: GET, OPTIONS
via: 1.1 30e954298424aa69c035e25834574742.cloudfront.net (CloudFront)
access-control-allow-origin: https://fontgenerator.cc
x-cache: Miss from cloudfront
content-length: 109
x-amz-cf-id: F_dJWWAcUguOG16jQgW2XobxcTxeyzfOOERxZImWS5xslH95_IiZOw==
date: Wed, 28 May 2025 01:31:18 GMT
content-type: application/json
x-amz-cf-pop: FRA56-P4
server: istio-envoy
x-reason: maxmind hosting provider
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With

POST
H2 200 v1 Show response
prg.smartadserver.com/prebid/ Frame C6C8 196 B
441 B 132ms
19ms Fetch
application/json 81.17.55.99
LEASEWEB-NL-AMS-0...

General

Check archive.org

Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/fontgenerator.js?1748395800000
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 81.17.55.99 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 LeaseWeb Netherlands B.V., NL),
Reverse DNS
Software: /
Resource Hash: dc1293460e62d8f4d91ef29b9bac4f123837f7c2c840ef3a52763782c12bc682

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://fontgenerator.cc/

Response headers

cache-control: no-cache,no-store
content-encoding: br
pragma: no-cache
access-control-allow-credentials: true
access-control-allow-origin: https://fontgenerator.cc
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
date: Wed, 28 May 2025 01:31:18 GMT
content-type: application/json; charset=UTF-8
vary: Accept-Encoding, Origin

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ Frame C6C8 2 B
247 B 95ms
28ms Fetch
application/json 52.50.66.111
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?displaymanager=Prebid.js%20-%20gumgum&displaymanagerver=8.45.0&lt=1748395878805&to=-120&aun=bsa-zone_1742380026425-9_123456&pubcid=c53598f9-8da3-4bf2-a235-4dc62113f52d&gpid=%2F22960212090%2C22921845643%2FFontgenerator_S2S_Leaderboard_CarbonFallback_ROS%23bsa-zone_1742380026425-9_123456&t=6dhpqjyv&pi=3&maxw=320&maxh=100&si=1296514&bf=320x50%2C320x100%2C300x50%2C300x100%2C300x75%2C300x250&schain=1.0%2C1!buysellads.com%2C19929%2C1%2C%2C%2C
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/fontgenerator.js?1748395800000
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.50.66.111 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-50-66-111.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://fontgenerator.cc/

Response headers

cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
pragma: no-cache
access-control-allow-credentials: true
expires: 0
access-control-allow-origin: https://fontgenerator.cc
content-length: 2
date: Wed, 28 May 2025 01:31:18 GMT
content-type: application/json;charset=UTF-8
server: nginx

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ Frame C6C8 2 B
246 B 98ms
31ms Fetch
application/json 52.50.66.111
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?displaymanager=Prebid.js%20-%20gumgum&displaymanagerver=8.45.0&lt=1748395878805&to=-120&aun=bsa-zone_1742380026425-9_123456&pubcid=c53598f9-8da3-4bf2-a235-4dc62113f52d&gpid=%2F22960212090%2C22921845643%2FFontgenerator_S2S_Leaderboard_CarbonFallback_ROS%23bsa-zone_1742380026425-9_123456&t=6dhpqjyv&pi=3&maxw=320&maxh=100&si=1296516&bf=320x50%2C320x100%2C300x50%2C300x100%2C300x75%2C300x250&schain=1.0%2C1!buysellads.com%2C19929%2C1%2C%2C%2C
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/fontgenerator.js?1748395800000
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.50.66.111 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-50-66-111.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://fontgenerator.cc/

Response headers

cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
pragma: no-cache
access-control-allow-credentials: true
expires: 0
access-control-allow-origin: https://fontgenerator.cc
content-length: 2
date: Wed, 28 May 2025 01:31:18 GMT
content-type: application/json;charset=UTF-8
server: nginx

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ Frame C6C8 2 B
246 B 99ms
32ms Fetch
application/json 52.50.66.111
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?displaymanager=Prebid.js%20-%20gumgum&displaymanagerver=8.45.0&lt=1748395878805&to=-120&aun=bsa-zone_1742380026425-9_123456&pubcid=c53598f9-8da3-4bf2-a235-4dc62113f52d&gpid=%2F22960212090%2C22921845643%2FFontgenerator_S2S_Leaderboard_CarbonFallback_ROS%23bsa-zone_1742380026425-9_123456&t=6dhpqjyv&pi=3&maxw=320&maxh=100&si=1296517&bf=320x50%2C320x100%2C300x50%2C300x100%2C300x75%2C300x250&schain=1.0%2C1!buysellads.com%2C19929%2C1%2C%2C%2C
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/fontgenerator.js?1748395800000
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.50.66.111 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-50-66-111.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://fontgenerator.cc/

Response headers

cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
pragma: no-cache
access-control-allow-credentials: true
expires: 0
access-control-allow-origin: https://fontgenerator.cc
content-length: 2
date: Wed, 28 May 2025 01:31:18 GMT
content-type: application/json;charset=UTF-8
server: nginx

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ Frame C6C8 2 B
246 B 97ms
30ms Fetch
application/json 52.50.66.111
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?displaymanager=Prebid.js%20-%20gumgum&displaymanagerver=8.45.0&lt=1748395878805&to=-120&aun=bsa-zone_1742380026425-9_123456&pubcid=c53598f9-8da3-4bf2-a235-4dc62113f52d&gpid=%2F22960212090%2C22921845643%2FFontgenerator_S2S_Leaderboard_CarbonFallback_ROS%23bsa-zone_1742380026425-9_123456&t=6dhpqjyv&pi=3&maxw=320&maxh=100&si=1296518&bf=320x50%2C320x100%2C300x50%2C300x100%2C300x75%2C300x250&schain=1.0%2C1!buysellads.com%2C19929%2C1%2C%2C%2C
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/fontgenerator.js?1748395800000
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.50.66.111 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-50-66-111.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://fontgenerator.cc/

Response headers

cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
pragma: no-cache
access-control-allow-credentials: true
expires: 0
access-control-allow-origin: https://fontgenerator.cc
content-length: 2
date: Wed, 28 May 2025 01:31:18 GMT
content-type: application/json;charset=UTF-8
server: nginx

POST
H/1.1 200
OK buysellads Show response
direct.adsrvr.org/bid/bidder/ Frame C6C8 0
420 B 125ms
32ms Fetch
application/json 35.71.170.66
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://direct.adsrvr.org/bid/bidder/buysellads
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/fontgenerator.js?1748395800000
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.71.170.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a8c33d2b6751b365d.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://fontgenerator.cc/

Response headers

x-openrtb-version: 2.3
cache-control: private
access-control-allow-credentials: true
access-control-allow-origin: https://fontgenerator.cc
content-length: 0
date: Wed, 28 May 2025 01:31:18 GMT
content-type: application/json
server: Kestrel
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept, x-integration-type

POST
H/1.1 204
No Content 65e9e879eab3382166f737dc Show response
exchange.cootlogix.com/prebid/multi/ Frame C6C8 0
439 B 309ms
98ms Fetch 45.55.100.180
DIGITALOCEAN-ASN

General

Check archive.org

Download Go to

Full URL: https://exchange.cootlogix.com/prebid/multi/65e9e879eab3382166f737dc
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/fontgenerator.js?1748395800000
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.55.100.180 New York, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://fontgenerator.cc/

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Content-Range, Cache-Control
access-control-allow-origin: https://fontgenerator.cc
cache-control: max-age=0, no-cache, must-revalidate, proxy-revalidate
date: Wed, 28 May 2025 01:31:19 GMT
vary: Accept-Encoding
access-control-allow-credentials: true
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE

GET
H2 200 dns Show response
ag.dns-finder.com/meta/ Frame C6C8 2 B
233 B 144ms
118ms Fetch
text/plain 34.36.200.111
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to

Full URL: https://ag.dns-finder.com/meta/dns
Requested by: Host: btloader.com
URL: https://btloader.com/tag?o=5102648370397184&upapi=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.36.200.111 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 111.200.36.34.bc.googleusercontent.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/

Response headers

cache-control: private, max-age=180, stale-if-error=180, stale-while-revalidate=180
access-control-expose-headers: X-Resolver
x-resolver: default
via: 1.1 google
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
date: Wed, 28 May 2025 01:31:18 GMT
content-type: text/plain; charset=utf-8
vary: Origin

GET
H2 200 px.gif
ad-delivery.net/ Frame C6C8 43 B
110 B 42ms
17ms Image
image/gif 2606:4700:10::6816:541
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=2
Requested by: Host: fontgenerator.cc
URL: https://fontgenerator.cc/embed
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:541 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/

Response headers

x-goog-metageneration: 5
access-control-expose-headers: *
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
cf-cache-status: HIT
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
age: 1024628
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 43
date: Wed, 28 May 2025 01:31:18 GMT
content-type: image/gif
last-modified: Wed, 05 May 2021 19:25:32 GMT
vary: Accept-Encoding
x-guploader-uploadid: AKDAyIuUlQaOHLtCB-ZhVeUIxo8YppZ5V2nDXoWlR3n49vLY7JYsgnOhtyEo5TMX7D7YdL2l
cache-control: public, max-age=86400
x-goog-storage-class: MULTI_REGIONAL
via: 1.1 google
cf-ray: 9469fde2d937bb8b-FRA
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1620242732037093
content-length: 43
server: cloudflare

GET
H3 200 favicon.ico
ad.doubleclick.net/ Frame C6C8 1 KB
130 B 31ms
7ms Image
image/x-icon 142.250.184.230
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250

Requested by

Host: fontgenerator.cc
URL: https://fontgenerator.cc/embed

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f6.1e100.net

Software

sffe /

Resource Hash

d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/

Response headers

content-encoding: gzip
age: 75963
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
x-content-type-options: nosniff
expires: Wed, 28 May 2025 04:25:15 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 27 May 2025 04:25:15 GMT
last-modified: Tue, 08 May 2012 13:08:06 GMT
content-type: image/x-icon
vary: Accept-Encoding
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
content-length: 104
x-xss-protection: 0
server: sffe

GET
H2 200 px.gif
ad-delivery.net/ Frame C6C8 43 B
542 B 40ms
16ms Image
image/gif 2606:4700:10::6816:541
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=1&e=0.039547772952025495
Requested by: Host: fontgenerator.cc
URL: https://fontgenerator.cc/embed
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:541 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/

Response headers

x-goog-metageneration: 5
access-control-expose-headers: *
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
cf-cache-status: HIT
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
age: 1024628
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 43
date: Wed, 28 May 2025 01:31:18 GMT
content-type: image/gif
last-modified: Wed, 05 May 2021 19:25:32 GMT
vary: Accept-Encoding
x-guploader-uploadid: AKDAyIuUlQaOHLtCB-ZhVeUIxo8YppZ5V2nDXoWlR3n49vLY7JYsgnOhtyEo5TMX7D7YdL2l
cache-control: public, max-age=86400
x-goog-storage-class: MULTI_REGIONAL
via: 1.1 google
cf-ray: 9469fde2d935bb8b-FRA
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1620242732037093
content-length: 43
server: cloudflare

GET
H/1.1 200
OK adagio.js Show response
script.4dex.io/a/latest/ Frame C6C8 61 KB
19 KB 34ms
20ms Fetch
application/javascript 2606:4700:20::681a:9a9
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://script.4dex.io/a/latest/adagio.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9de56ba22416192d18869051fdaa33876a9b6b3c7ed326abc7c8cc8503027797

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/

Response headers

Access-Control-Expose-Headers
Content-Encoding: br
CF-Cache-Status: HIT
ETag: W/"4ebf7042f3ba84fbe39534d4fa8c5c86"
Age: 1057738
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RDnVFnS0rMFJF%2FR3fv89xM4ckzw430oexhNpLMHsi%2FhivGURCzMoybF7JrBCzMdpy5IMCp%2BmM7a6eZDCqZxKdvolsxVjwv%2FrBjZzqBNDLRHRn4d%2B%2F0giK17zNrEuGKOJcJlwNCNhhUHa7XB%2F"}],"group":"cf-nel","max_age":604800}
server-timing: cfL4;desc="?proto=TCP&rtt=5838&min_rtt=5766&rtt_var=1339&sent=6&recv=9&lost=0&retrans=0&sent_bytes=3465&recv_bytes=2334&delivery_rate=653221&cwnd=252&unsent_bytes=0&cid=e09de20d3fb585be&ts=21&x=0"
Date: Wed, 28 May 2025 01:31:18 GMT
Content-Type: application/javascript
Last-Modified: Mon, 24 Mar 2025 20:04:09 GMT
Vary: Origin, Accept-Encoding
Transfer-Encoding: chunked
Cache-Control: public, max-age=1800
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
CF-RAY: 9469fde2c982dcc2-FRA
Access-Control-Allow-Origin: *
Server: cloudflare

POST
H2 202 event Show response
stats.senty.com.au/api/ Frame C6C8 2 B
220 B 383ms
129ms XHR
text/plain 104.237.132.182
AKAMAI-LINODE-AP ...

General

Check archive.org

Download Go to

Full URL: https://stats.senty.com.au/api/event
Requested by: Host: stats.senty.com.au
URL: https://stats.senty.com.au/js/script.outbound-links.pageview-props.tagged-events.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.237.132.182 Richardson, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 104-237-132-182.ip.linodeusercontent.com
Software: nginx /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://fontgenerator.cc/

Response headers

x-request-id: GEOMyejXmSUZw0uEVWxB
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 2
date: Wed, 28 May 2025 01:31:19 GMT
content-type: text/plain; charset=utf-8
server: nginx

GET
H2 200 country Show response
api.btloader.com/ Frame C6C8 37 B
153 B 144ms
120ms Fetch
application/json 130.211.23.194
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to

Full URL: https://api.btloader.com/country?o=5102648370397184
Requested by: Host: btloader.com
URL: https://btloader.com/tag?o=5102648370397184&upapi=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 04fcb3b36a8a7bdccb4d6d19f659416dbea46e4599303c362b95cc36b079c1ce

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/

Response headers

cache-control: private, max-age=300, stale-while-revalidate=600, stale-if-error=600
via: 1.1 google
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37
date: Wed, 28 May 2025 01:31:19 GMT
content-type: application/json
vary: Origin

POST
H2 204 pv
api.btloader.com/ Frame C6C8 0
0 141ms
118ms Fetch 130.211.23.194
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to

Full URL: https://api.btloader.com/pv?nlf=false&tid=6WQQoSD9-bH2ooqVjJ-971483e9a6&sid=eHzLBouP-ZCyRfjkg4f-971483e9a6&cv=2.1.102-1-g48599ff&upapi=true
Requested by: Host: btloader.com
URL: https://btloader.com/tag?o=5102648370397184&upapi=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/

Response headers

via: 1.1 google
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 28 May 2025 01:31:19 GMT
vary: Origin

GET
H3 200 ads Show response
pagead2.googlesyndication.com/gampad/ Frame C6C8 654 B
355 B 48ms
32ms Fetch
text/plain 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/gampad/ads?pvsid=4885369709847671&correlator=1867428215379609&eid=31091881%2C95353384%2C83321072&output=ldjh&gdfp_req=1&vrg=202505200101&ptt=17&impl=fifs&iu_parts=22960212090%3A22921845643%2CFontgenerator_S2S_Leaderboard_CarbonFallback_ROS&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C320x50%7C320x100%7C300x50%7C300x100%7C300x75%7C300x250&fluid=height&ifi=1&didk=1335524158&dids=bsa-zone_1742380026425-9_12345&adfs=4189537219&sfv=1-0-45&eri=1&sc=1&cdm=fontgenerator.cc&abxe=1&dt=1748395879170&lmt=1748395879&adxs=30&adys=225&biw=-12245933&bih=-12245933&isw=300&ish=120&scr_x=-12245933&scr_y=-12245933&ucis=6q08x7ebnztj&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&nhd=1&url=https%3A%2F%2Ffontgenerator.cc%2Fembed&ref=https%3A%2F%2Fportal.fuafajihja.shadowshark.ipv64.net%2F&top=https%3A%2F%2Fportal.fuafajihja.shadowshark.ipv64.net%2F&vis=1&psz=233x224&msz=240x40&fws=260&ohw=300&topics=5&tps=5&htps=5&nt=1&psd=WzMxLFtdLG51bGwsM10.&dlt=1748395878408&idt=198&prev_scp=optimize_auction_id%3D1%26optimize_upstreams%3DPrebid%26optimize_ad_unit_id%3Dbsa-zone_1742380026425-9_123456%26optimize_imp_id%3D1748395879164-2a5f0128%26optimize_inview%3Dfalse%26optimize_refresh_int%3D0&cust_params=optimize_acceptable%3Dfalse%26optimize_adl_debug%3Dfalse%26optimize_ctv_debug%3Dfalse%26optimize_debug%3Dfalse%26optimize%3Dtrue%26optimize_adl_id%3D%26optimize_amp%3Dfalse%26optimize_audience%3Ddesign%26optimize_env%3Dprod%26optimize_pub%3Dfontgenerator%26optimize_xp%3Da%26optimize_refreshed%3Dfalse%26optimize_pathname%3D%252Fembed%26optimize_pv_id%3D1748395879164-4969932b&adks=400283343&frm=24&eoidce=1&td=1&egid=56761&tan=32ea5b30-6db8-4318-b864-391788b97531&tdf=2

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202505200101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4db7edd1881be80b90686e3dce61a869a9665d3921a690842c91633050cc14d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/

Response headers

content-encoding: br
google-lineitem-id: -2
x-content-type-options: nosniff
google-mediationtag-id: -2
google-mediationgroup-id: -2
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Wed, 28 May 2025 01:31:19 GMT
content-type: text/plain; charset=UTF-8
google-creative-id: -2
cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: https://fontgenerator.cc
content-length: 326
x-xss-protection: 0
server: cafe

GET
H3 200 container.html Show response
1229385e80c45377fcc07028f790d551.safeframe.googlesyndication.com/safeframe/1-0-45/html/ Frame DB7A 7 KB
3 KB 50ms
14ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://1229385e80c45377fcc07028f790d551.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202505200101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f1a68bf826c55985468304f4284a09cb8a68e82503d764166e611a7c58a85a4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fontgenerator.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: br
content-length: 3121
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 28 May 2025 01:31:19 GMT
expires: Wed, 28 May 2025 01:31:19 GMT
last-modified: Thu, 08 May 2025 23:15:48 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 46ms
13ms Preflight
application/json 2a02:2638:3::c
ASN-CRITEO-EUROPE...

General

Check archive.org

Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fportal.fuafajihja.shadowshark.ipv64.net%2F&domain=fontgenerator.cc&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://fontgenerator.cc
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://fontgenerator.cc
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Wed, 28 May 2025 01:31:18 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 197901
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ Frame C6C8 2 KB
1 KB 25ms
7ms Fetch
application/json 2a04:4e42:200::485
FASTLY

General

Check archive.org

Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20250528

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/saas/9343

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e72de2be6c9ad189d4bc6776c4cf62e2df3ee72d274d96c4bc56226f6a58a489

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://fontgenerator.cc/

Response headers

access-control-expose-headers: *
content-encoding: br
etag: W/"638-n0U/Ur68vjgmXWLpj2KyKyhB9cI"
age: 34225
x-content-type-options: nosniff
x-jsd-version-type: version
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT
date: Wed, 28 May 2025 01:31:19 GMT
content-type: application/json; charset=utf-8
x-served-by: cache-fra-eddf8230025-FRA
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 826
x-jsd-version: 1.0.2434

POST
H2 200 prebid Show response
id5-sync.com/api/config/ Frame C6C8 167 B
449 B 42ms
7ms Fetch
application/json 162.19.138.83
OVH OVH SAS

General

Check archive.org

Download Go to

Full URL

https://id5-sync.com/api/config/prebid

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/saas/9343

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.83 Frankfurt am Main, Germany, ASN16276 (OVH OVH SAS, FR),

Reverse DNS

ns31532338.ip-162-19-138.eu

Software

Resource Hash

3b9767e5d0bea4d284bb1e624cc6ee3244b13efedfe5424eb5140ef326511eb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://fontgenerator.cc/

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-origin: https://fontgenerator.cc
date: Wed, 28 May 2025 01:31:18 GMT
content-type: application/json;charset=UTF-8
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-credentials: true

GET
H2 200 json Show response
gum.criteo.com/sid/ Frame C6C8 2 B
375 B 40ms
14ms Fetch
application/json 2a02:2638:3::c
ASN-CRITEO-EUROPE...

General

Check archive.org

Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fportal.fuafajihja.shadowshark.ipv64.net%2F&domain=fontgenerator.cc&cw=1&lsw=1

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/saas/9343

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
content-type: application/json
Referer: https://fontgenerator.cc/

Response headers

strict-transport-security: max-age=31536000; preload;
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
pragma: no-cache
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 241582
expires: 0
access-control-allow-origin: https://fontgenerator.cc
date: Wed, 28 May 2025 01:31:18 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
server: Kestrel

GET
H/1.1 200
OK localstore.js Show response
script.4dex.io/ Frame C6C8 492 B
880 B 14ms
14ms Script
application/javascript 2606:4700:20::681a:9a9
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/saas/9343
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 504460751d9d131dae7dcd29927c1cd147be3cb0651003de4ee6b0fea5fef6ae

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/

Response headers

Cache-Control: public, max-age=1800
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Content-Encoding: br
CF-Cache-Status: HIT
ETag: W/"56dbef354a963eec89c1c0d552909198"
Age: 1012940
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SH%2BbCRcP9bR2i4amaoM8Szke8OTwffhBWXX11beOHTnoGCkP5mL3jzQtELgsbblR0eJK6B7GT6lSo4FMmto1R5c%2F7vHYHxJeJhIdd4m%2BxggXYe4XICMcdIwrmEozW%2FqGwwjy21%2FXla7V02wS"}],"group":"cf-nel","max_age":604800}
CF-RAY: 9469fde60c5ddca5-FRA
server-timing: cfL4;desc="?proto=TCP&rtt=11003&min_rtt=5757&rtt_var=11147&sent=9&recv=12&lost=0&retrans=0&sent_bytes=5201&recv_bytes=2821&delivery_rate=683948&cwnd=255&unsent_bytes=0&cid=8ee13a09d06697a0&ts=564&x=0"
Date: Wed, 28 May 2025 01:31:19 GMT
Last-Modified: Mon, 24 Mar 2025 20:04:12 GMT
Vary: Accept-Encoding
Server: cloudflare
Content-Type: application/javascript

GET
H/1.1 200
OK adagio.js Show response
script.4dex.io/a/latest/ Frame C6C8 61 KB
953 B 15ms
15ms Fetch
application/javascript 2606:4700:20::681a:9a9
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://script.4dex.io/a/latest/adagio.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9de56ba22416192d18869051fdaa33876a9b6b3c7ed326abc7c8cc8503027797

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/

Response headers

Access-Control-Expose-Headers
Content-Encoding: br
CF-Cache-Status: HIT
ETag: W/"4ebf7042f3ba84fbe39534d4fa8c5c86"
Age: 1057739
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LTiErle6iyj06msJat1Ghh%2FGESgZjZyc9A7Zg4G3djIu7DHNWd2S83pbkVPlDlRoMkDb%2FXpgAiyO%2BZWu1QrYXiqxKNGqln1jBTqe7fuNEwji6wQYUvHFFFXK5zu2%2FLo3LqsGlev3BxnT8r%2Bq"}],"group":"cf-nel","max_age":604800}
server-timing: cfL4;desc="?proto=TCP&rtt=6036&min_rtt=5766&rtt_var=499&sent=26&recv=16&lost=0&retrans=0&sent_bytes=24163&recv_bytes=2887&delivery_rate=4128711&cwnd=256&unsent_bytes=0&cid=e09de20d3fb585be&ts=545&x=0"
Date: Wed, 28 May 2025 01:31:19 GMT
Last-Modified: Mon, 24 Mar 2025 20:04:09 GMT
Vary: Origin, Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, max-age=1800
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
CF-RAY: 9469fde61d6ddcc2-FRA
Access-Control-Allow-Origin: *
Server: cloudflare

GET
H3 200 sodar Show response
ep1.adtrafficquality.google/getconfig/ Frame C6C8 17 KB
13 KB 51ms
27ms XHR
application/json 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://ep1.adtrafficquality.google/getconfig/sodar?sv=200&tid=gpt&tv=m202505200101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202505200101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

575219d680c952919123d5f5ad36df78cfbe9b9c9972af5fe20f92f5bf8f2e85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/

Response headers

timing-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 13088
date: Wed, 28 May 2025 01:31:19 GMT
x-xss-protection: 0
content-type: application/json; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H2 200 eruda Show response
cdn.jsdelivr.net/npm/ 464 KB
114 KB 22ms
7ms Script
application/javascript 2a04:4e42:600::485
FASTLY

General

Check archive.org

Download Go to

Full URL

https://cdn.jsdelivr.net/npm/eruda

Requested by

Host: portal.fuafajihja.shadowshark.ipv64.net
URL: https://portal.fuafajihja.shadowshark.ipv64.net/uv/uv.config.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6df3805da066f2dbaeaa547b4ca83fa5c7c10ca8b6ba4357b0897bf3cc3b9a1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://portal.fuafajihja.shadowshark.ipv64.net/

Response headers

access-control-expose-headers: *
content-encoding: br
etag: W/"73eb0-Dx06OqDSMQPOVX/f6nBmzvwreY0"
age: 8626
x-content-type-options: nosniff
x-jsd-version-type: version
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT
date: Wed, 28 May 2025 01:31:19 GMT
content-type: application/javascript; charset=utf-8
x-served-by: cache-fra-eddf8230098-FRA
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 116465
x-jsd-version: 3.4.1

GET
H3 200 home.png
portal.fuafajihja.shadowshark.ipv64.net/assets/imgs/icons/pages/ 13 KB
13 KB 88ms
87ms Image
image/png 104.243.38.18
RELIABLESITE

General

Check archive.org

Download Go to Show image

Full URL: https://portal.fuafajihja.shadowshark.ipv64.net/assets/imgs/icons/pages/home.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.243.38.18 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: / Express
Resource Hash: 33c90221403fec4c268cf866ea954a740331d68ef1255c628a386093225ee109

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://portal.fuafajihja.shadowshark.ipv64.net/

Response headers

cache-control: public, max-age=86400, must-revalidate, public, max-age=604800
cross-origin-opener-policy: same-origin
etag: W/"32de-19630f6df13"
via: 1.1 Caddy
accept-ranges: bytes
content-length: 13022
date: Wed, 28 May 2025 01:31:19 GMT
last-modified: Sun, 13 Apr 2025 21:03:27 GMT
x-powered-by: Express
content-type: image/png

GET
H3 200 favicon.ico
portal.fuafajihja.shadowshark.ipv64.net/ 15 KB
3 KB 88ms
88ms Other
image/vnd.microsoft.icon 104.243.38.18
RELIABLESITE

General

Check archive.org

Download Go to

Full URL: https://portal.fuafajihja.shadowshark.ipv64.net/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.243.38.18 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: / Express
Resource Hash: 17121520efdb21823ea10bdc2115a34f772f78c0bea04cfdff41d615c520616e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://portal.fuafajihja.shadowshark.ipv64.net/

Response headers

cache-control: public, max-age=604800
content-encoding: gzip
cross-origin-opener-policy: same-origin
etag: W/"3c2e-191c2e4c57b"
via: 1.1 Caddy
content-length: 2990
date: Wed, 28 May 2025 01:31:19 GMT
last-modified: Thu, 05 Sep 2024 15:54:18 GMT
vary: Accept-Encoding
x-powered-by: Express
content-type: image/vnd.microsoft.icon

GET
H2 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ Frame C6C8 56 B
299 B 33ms
8ms Fetch
application/json 57.129.85.132
OVH OVH SAS

General

Check archive.org

Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/saas/9343

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

57.129.85.132 , France, ASN16276 (OVH OVH SAS, FR),

Reverse DNS

ns3249663.ip-57-129-85.eu

Software

Resource Hash

cdd0eac25e4ccf70ec457edc17de5c30e6d0c5341376b86e03189e2744c5854f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://fontgenerator.cc/

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-origin: https://fontgenerator.cc
date: Wed, 28 May 2025 01:31:18 GMT
content-type: application/json;charset=UTF-8
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

GET
H2 200 sodar2.js Show response
ep2.adtrafficquality.google/sodar/ Frame C6C8 20 KB
7 KB 45ms
14ms Script
text/javascript 2a00:1450:4001:81d::2001
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://ep2.adtrafficquality.google/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202505200101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a7f65c0446b6cac3175458f6388304d0c23e70d11fa0db20920a619f1bc18623

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/

Response headers

content-encoding: gzip
etag: "1747411493688989"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
x-content-type-options: nosniff
expires: Wed, 28 May 2025 01:31:19 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 28 May 2025 01:31:19 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: private, max-age=3000
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 7188
x-xss-protection: 0
server: sffe

POST
H2 200 481.json Show response
id5-sync.com/g/v2/ Frame C6C8 385 B
582 B 24ms
9ms Fetch
application/json 162.19.138.83
OVH OVH SAS

General

Check archive.org

Download Go to

Full URL

https://id5-sync.com/g/v2/481.json

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/saas/9343

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.83 Frankfurt am Main, Germany, ASN16276 (OVH OVH SAS, FR),

Reverse DNS

ns31532338.ip-162-19-138.eu

Software

Resource Hash

02af156515fa9dcd5eb0341409e450847ee099a0b58a5fb31984be2c59743521

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://fontgenerator.cc/

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-origin: https://fontgenerator.cc
date: Wed, 28 May 2025 01:31:19 GMT
content-type: application/json
vary: Origin
access-control-allow-credentials: true

GET
H2 200 runner.html Show response
ep2.adtrafficquality.google/sodar/sodar2/237/ Frame 4E2A 13 KB
5 KB 7ms
6ms Document
text/html 2a00:1450:4001:81d::2001
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://ep2.adtrafficquality.google/sodar/sodar2/237/runner.html

Requested by

Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

14b660a511e14a9a481c6fe43c576f36c61b656cfd379728c54f1128e1855966

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fontgenerator.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 1177
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3000
content-encoding: gzip
content-length: 5044
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 28 May 2025 01:11:42 GMT
expires: Wed, 28 May 2025 02:01:42 GMT
last-modified: Tue, 13 May 2025 23:17:50 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ey-QR3J2UncfBqAOEewEsMcayF4fMLjNO63hNasZd9I.js Show response
pagead2.googlesyndication.com/bg/ Frame 4E2A 54 KB
21 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/ey-QR3J2UncfBqAOEewEsMcayF4fMLjNO63hNasZd9I.js

Requested by

Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2/237/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b2f9047727652771f06a00e11ec04b0c71ac85e1f30b8cd3bade135ab1977d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://ep2.adtrafficquality.google/

Response headers

content-encoding: br
age: 57838
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
x-content-type-options: nosniff
expires: Wed, 27 May 2026 09:27:21 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 27 May 2025 09:27:21 GMT
last-modified: Mon, 19 May 2025 09:28:00 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
accept-ranges: bytes
content-length: 21149
x-xss-protection: 0
server: sffe

GET
H3 204 generate_204
ep2.adtrafficquality.google/ Frame 4E2A 0
10 B 7ms
7ms Image
text/plain 2a00:1450:4001:81d::2001
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL: https://ep2.adtrafficquality.google/generate_204?1YYWVQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://ep2.adtrafficquality.google/sodar/sodar2/237/runner.html

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Wed, 28 May 2025 01:31:19 GMT
cross-origin-resource-policy: cross-origin

GET
H3 204 sodar
ep1.adtrafficquality.google/pagead/ Frame C6C8 0
17 B 47ms
46ms Image
image/ 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://ep1.adtrafficquality.google/pagead/sodar?id=sodar2&v=237&t=2&li=gpt_m202505200101&jk=4885369709847671&bg=!nZ6lntHNAAYA59AtIOc7ADQBe5WfOBkHn_vNNNgVuLbvFPK-L9pMem_ZjMSq4YCnGypvx7ViLEQmbe8nP2Cu65Gu4TPwAgAAACtSAAAAA2gBB34ANpPijdNaUrHwQJEMlA6pEP2cQlXLdI5fgTSdyHYookK9amA5DVYbg7qleM0tBGqN8t7SEj_2tZkCjRkIXgywqnQ6pO0AsiKqocy9oouq88gMWTtW6pAQB6aLcbPl2Yl1rFzC7K1zvfytrFECGVD6_zCC4oT2UsSeizk6uIHdGBmXI4phNMPVjX524qurPmGnBieafe2MLiRSwWNOZkXhRgRSuzng-JUe7PchW_bbQ9VvitBYJA-NieHZJljdMc-ifoSNrc01NOuzJPMuO8ELTUgZFNbdW-5A5gjLSL7DtZPaICX3LISMhB7OAcna4cJfIPLojIWAITxVc7LHWSlK5Tq6AD0Pi5iV4RbfoHgDlbycpsgdw-EQZ8yc4SrllkuAunoWmJnSzjhReUsUp7r6wMlLzoHvVOI7lATerGFVOvNsi0vVx95mh2w_4SN1uB8U9AAHoNvmUxlNcN71oLpGPpP-RGyktMMUmcORzYUDKj_uGcK7VhV70mc3gib8zO_1uHWrBB8q0q3yQ1r_I2mZt-4Qg93VnuB7-fIgDzkZNQYIBWp9AQ0KevkgVw7WPWjiZP9xv2Mjd1tYKTQxaqOtTYUP4pDhhRx02nQoVDn4zgaMfZb7di_PfuNGm153y2ipkjZDvj4PR79oyxvCTvHAfWnngeR2166Eau7kK-VVhh8XUdL7URL-fPo9qPnhCV1nPArMgGYQrmqO-EmlwEbHJ2Wy06Q5mW2ajrFoB_mgRVFLWtdBijuiz6OOGN018ItqWwqm0JA0KGc2nvdTqJtVhDtVMlH7DHd6kHQawtqYxxZWcpOjDEL1RopodDXNIVI4rNBjmjeG_p92_W4KVoaXMqfn0PAXD-LgT6zcrAD6UHmrcF4ieOoRsbkz5ZsU7dTh67Vr8JzqayrpAY6cHMgPF88UM5D8if0IQaN7wv0t9oE3cmPzveow

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/

Response headers

timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Wed, 28 May 2025 01:31:20 GMT
x-xss-protection: 0
content-type: image/
server: cafe

GET
H3 200 ads Show response
pagead2.googlesyndication.com/gampad/ Frame C6C8 358 B
195 B 32ms
31ms Fetch
text/plain 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/gampad/ads?pvsid=4885369709847671&correlator=2860463790596575&eid=31091881%2C95353384%2C83321072&output=ldjh&gdfp_req=1&vrg=202505200101&ptt=17&impl=fifs&iu_parts=22960212090%3A22921845643%2CFontgenerator_S2S_Leaderboard_CarbonFallback_ROS&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C320x50%7C320x100%7C300x50%7C300x100%7C300x75%7C300x250&fluid=height&ifi=2&didk=1335524158&dids=bsa-zone_1742380026425-9_12345&adfs=4189537219&sfv=1-0-45&rcs=1&eri=1&sc=1&cdm=fontgenerator.cc&abxe=1&dt=1748395880170&lmt=1748395880&adxs=30&adys=225&biw=-12245933&bih=-12245933&isw=300&ish=120&scr_x=-12245933&scr_y=-12245933&ucis=6q08x7ebnztj&oid=2&u_his=1&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&nhd=1&url=https%3A%2F%2Ffontgenerator.cc%2Fembed&ref=https%3A%2F%2Fportal.fuafajihja.shadowshark.ipv64.net%2F&top=https%3A%2F%2Fportal.fuafajihja.shadowshark.ipv64.net%2F&vis=1&psz=233x224&msz=256x40&fws=388&ohw=300&topics=5&tps=5&htps=5&a3p=EjQKCnB1YmNpZC5vcmcSJGM1MzU5OGY5LThkYTMtNGJmMi1hMjM1LTRkYzYyMTEzZjUyZFgB&cbidsp=CsYFCAESGgoIYXBwbmV4dXMQViACOAFSCGFwcG5leHVzEhcKBnNvbm9iaRDXAiACOAFSBnNvbm9iaRIWCgZjcml0ZW8QPiACOAFSBmNyaXRlbxIYCgdydWJpY29uEFYgAjgBUgdydWJpY29uEhYKBm9uZXRhZxAjIAI4AVIGb25ldGFnEhwKCWFkeW91bGlrZRBkIAI4AVIJYWR5b3VsaWtlEhwKCWFkeW91bGlrZRBkIAI4AVIJYWR5b3VsaWtlEhwKCWFkeW91bGlrZRBkIAI4AVIJYWR5b3VsaWtlEhQKBW9ndXJ5EAAgAjgBUgVvZ3VyeRIVCgVub2JpZBDSASACOAFSBW5vYmlkEh8KCmluc3RpY2F0b3IQ6gIgAjgBUgppbnN0aWNhdG9yEhQKBW9wZW54ECwgAjgBUgVvcGVueBIUCgVvcGVueBAsIAI4AVIFb3BlbngSFAoFb3BlbngQLCACOAFSBW9wZW54EhsKCG1lZGlhbmV0EI4BIAI4AVIIbWVkaWFuZXQSGwoIbWVkaWFuZXQQjgEgAjgBUghtZWRpYW5ldBIbCghtZWRpYW5ldBCOASACOAFSCG1lZGlhbmV0EhIKBHJpc2UQSyACOAFSBHJpc2USJQoNc21hcnRhZHNlcnZlchCGASACOAFSDXNtYXJ0YWRzZXJ2ZXISFgoGZ3VtZ3VtEGYgAjgBUgZndW1ndW0SFgoGZ3VtZ3VtEGYgAjgBUgZndW1ndW0SFgoGZ3VtZ3VtEGYgAjgBUgZndW1ndW0SFgoGZ3VtZ3VtEGYgAjgBUgZndW1ndW0SEAoDdHRkEH8gAjgBUgN0dGQSGQoHdmlkYXpvbxC2AiACOAFSB3ZpZGF6b28YAiIkYzc2NjdkYWUtZWYxNy00ZjdkLThlODYtYzZmNThlMDIwNWQ3KgQIAyAAMgd2OC40NS4wQKwbSgA.&nt=1&psd=WzMxLFtdLG51bGwsM10.&dlt=1748395878408&idt=198&prev_scp=optimize_ad_unit_id%3Dbsa-zone_1742380026425-9_123456%26optimize_imp_id%3D1748395879412-588a4101%26optimize_inview%3Dfalse%26optimize_refresh_int%3D0&cust_params=optimize_acceptable%3Dfalse%26optimize_adl_debug%3Dfalse%26optimize_ctv_debug%3Dfalse%26optimize_debug%3Dfalse%26optimize%3Dtrue%26optimize_adl_id%3D%26optimize_amp%3Dfalse%26optimize_audience%3Ddesign%26optimize_env%3Dprod%26optimize_pub%3Dfontgenerator%26optimize_xp%3Da%26optimize_refreshed%3Dfalse%26optimize_pathname%3D%252Fembed%26optimize_pv_id%3D1748395879164-4969932b%26origin%3Dunknown%26ECT%3D4g%26hb_rf%3D0&adks=400283343&frm=24&eo_id_str=ID%3Da2989ef37694a6bc%3AT%3D1748395879%3ART%3D1748395879%3AS%3DAA-AfjYqWtCiMxrrpBhx93_n-pXq&gblpids=%2F22960212090%2C22921845643%2FFontgenerator_S2S_Leaderboard_CarbonFallback_ROS%23bsa-zone_1742380026425-9_1&td=1&egid=56761&tan=32ea5b30-6db8-4318-b864-391788b97532&tdf=2

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202505200101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bec79807db57a446ef06f60cbace8024994b8ab4100ded518f17090c100eaa08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/

Response headers

content-encoding: br
google-lineitem-id: -2
x-content-type-options: nosniff
google-mediationtag-id: -2
google-mediationgroup-id: -2
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Wed, 28 May 2025 01:31:20 GMT
content-type: text/plain; charset=UTF-8
google-creative-id: -2
cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: https://fontgenerator.cc
content-length: 166
x-xss-protection: 0
server: cafe

POST ping
pagead2.googlesyndication.com/pagead/ Frame C6C8 0
0

GET
H2 204 /
onetag-sys.com/usync/ Frame 43EE 0
0 7ms
7ms Document
text/plain 51.75.86.98
OVH OVH SAS

General

Check archive.org

Download Go to

Full URL

https://onetag-sys.com/usync/?cb=1748395878832

Requested by

Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/fontgenerator.js?1748395800000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.75.86.98 , France, ASN16276 (OVH OVH SAS, FR),

Reverse DNS

ip98.ip-51-75-86.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://fontgenerator.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control: no-store
strict-transport-security: max-age=15552000

GET
H2 200 sync.html Show response
public.servenobid.com/ Frame F938 9 KB
4 KB 40ms
6ms Document
text/html 18.245.31.78

General

Check archive.org

Download Go to

Full URL: https://public.servenobid.com/sync.html
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/fontgenerator.js?1748395800000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.31.78 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d1f0cd63b4d32aa9ea0975c70ec80a51afc78227e121f2e3994ef8c9ce7d06d3

Request headers

Referer: https://fontgenerator.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

age: 70112
cache-control: max-age=86400
content-encoding: br
content-type: text/html
date: Tue, 27 May 2025 06:34:24 GMT
etag: W/"ee5a228ed26b25eba533061e372a78de"
last-modified: Mon, 10 Mar 2025 17:55:26 GMT
server: AmazonS3
vary: accept-encoding Origin
via: 1.1 2146d75cb402f16f98928cb19acf5ff6.cloudfront.net (CloudFront)
x-amz-cf-id: 9RQDFbASI8FkhchB5AZXyXM2EV-XmhuaO4rwaSMl9FewWddgnTY0Sw==
x-amz-cf-pop: FRA56-P8
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-1:559734745816:build/adserver-public-prod:12c7a56c-3d1e-4c7b-99b7-ff02ea3f2d40
x-amz-meta-codebuild-content-md5: 7e54bf2818360b18921c120b0820c006
x-amz-meta-codebuild-content-sha256: 1a888b321ba7e7f4a8dfcc92ee11e2b63c55a3e583d8282cfbf800057fef3637
x-amz-server-side-encryption: AES256
x-amz-version-id: null
x-cache: Hit from cloudfront

GET usync.html
eus.rubiconproject.com/ Frame 608F 0
0

GET
H2 200 isync Show response
visitor.omnitagjs.com/visitor/ Frame 41D9 11 KB
3 KB 40ms
18ms Document
text/html 34.1.1.166
GOOGLE

General

Check archive.org

Download Go to

Full URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/fontgenerator.js?1748395800000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.1.1.166 Paris, France, ASN15169 (GOOGLE, US),
Reverse DNS: 166.1.1.34.bc.googleusercontent.com
Software: fasthttp /
Resource Hash: 402b6f2a5e4b3988895b937db91eff48f511e4fcf5674a94fd08af1b9bbc2ef3

Request headers

Referer: https://fontgenerator.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

content-encoding: gzip
content-length: 2726
content-type: text/html; charset=UTF-8
date: Wed, 28 May 2025 01:31:21 GMT
p3p: CP="CAO PSA OUR"
server: fasthttp
vary: Accept-Encoding
via: kong/3.6.1
x-kong-proxy-latency: 0
x-kong-request-id: ab7d683030740d762829de2a29cce817
x-kong-upstream-latency: 3

GET
H2 200 pd Show response
buysellads-d.openx.net/w/1.0/ Frame A3C4 199 B
424 B 58ms
17ms Document
text/html 35.244.159.8

General

Check archive.org

Download Go to

Full URL: https://buysellads-d.openx.net/w/1.0/pd
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/fontgenerator.js?1748395800000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: de259eb7ba7a0e45575deb33946f1fbc695c97c33145ae4e49af0069d010868e

Request headers

Referer: https://fontgenerator.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0, no-cache
content-length: 199
content-type: text/html
date: Wed, 28 May 2025 01:31:22 GMT
p3p: CP="CUR ADM OUR NOR STA NID"
pragma: no-cache
vary: Accept, Accept-Encoding
via: 1.1 google
x-forwarded-for: 45.141.152.74

GET /
sync.cootlogix.com/api/sync/iframe/ Frame 937B 0
0

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame BE5E 52 KB
17 KB 48ms
6ms Document
text/html 151.101.193.108

General

Check archive.org

Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/fontgenerator.js?1748395800000
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.108 -, , ASN (),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://fontgenerator.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 62731
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Wed, 28 May 2025 01:31:22 GMT
ETag: W/"623de86a-cf34"
Expires: Thu, 23 Jan 2025 21:34:45 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 1359529, 877288
X-Served-By: cache-lga21993-LGA, cache-fra-eddf8230165-FRA
X-Timer: S1748395882.222676,VS0,VE0

GET

us.gif
sync.go.sonobi.com/ Frame C6C8
Redirect Chain

https://p.rfihub.com/cm?pub=35683&in=1
https://sync.go.sonobi.com/us.gif?nw=zt&nuid=5144588534754715122

0
0

GET
H2 204 pixelSync
pixel-sync.sitescout.com/dmp/ Frame C6C8 0
210 B 50ms
16ms Image
text/plain 34.36.216.150

General

Check archive.org

Download Go to Show image

Full URL: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=140&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.36.216.150 -, , ASN (),
Reverse DNS
Software: A /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/

Response headers

cache-control: max-age=0,no-cache,no-store
pragma: no-cache
via: 1.1 google
expires: Tue, 11 Oct 1977 12:34:56 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
date: Wed, 28 May 2025 01:31:22 GMT
server: A

GET
H2 200 sync
x.bidswitch.net/ Frame C6C8 43 B
92 B 157ms
24ms Image
image/gif 35.214.136.108

General

Check archive.org

Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=sonobi&gdpr=0&gdpr_consent=&expires=365
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.214.136.108 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/

Response headers

via: 1.1 google
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
date: Wed, 28 May 2025 01:31:22 GMT
content-type: image/gif

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame C6C8 170 B
409 B 44ms
16ms Image
image/png 172.217.16.194

General

Check archive.org

Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_cm&google_hm=Mzk2NTlhYzMtNWM5MS00MjM1LTg5YTktYjcwZTE1NDY1ZjVk

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/

Response headers

cache-control: no-cache, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
date: Wed, 28 May 2025 01:31:22 GMT
x-xss-protection: 0
content-type: image/png
server: HTTP server (unknown)

GET sync
sync.srv.stackadapt.com/ Frame C6C8 0
0

GET
H2 200 usersync
match.adsrvr.org/track/ Frame C6C8 70 B
149 B 123ms
36ms Image
image/gif 3.33.220.150

General

Check archive.org

Download Go to Show image

Full URL: https://match.adsrvr.org/track/usersync?us_privacy=&gdpr=0&gdpr_consent=undefined&ust=image
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 -, , ASN (),
Reverse DNS
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/

Response headers

content-length: 70
date: Wed, 28 May 2025 01:31:22 GMT
content-type: image/gif
server: Kestrel

GET getuid
secure.adnxs.com/ Frame 41D9 0
0

GET
H2 200 sync
x.bidswitch.net/ Frame 41D9 43 B
183 B 86ms
21ms Image
image/gif 35.214.136.108

General

Check archive.org

Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=adyoulike&gdpr=1&gdpr_consent=
Requested by: Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.214.136.108 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://visitor.omnitagjs.com/

Response headers

via: 1.1 google
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
date: Wed, 28 May 2025 01:31:22 GMT
content-type: image/gif

GET
H2 204 ayl_pixel
api-ssp.spot.im/pixels/ Frame 41D9 0
190 B 129ms
98ms Image
text/plain 18.244.18.5

General

Check archive.org

Download Go to Show image

Full URL: https://api-ssp.spot.im/pixels/ayl_pixel?ayl_id=f530a1b3b6046b2234ebea689177bd35
Requested by: Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.244.18.5 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://visitor.omnitagjs.com/

Response headers

via: 1.1 5d328d2e734cff11e41c897ec72f465e.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
x-amz-cf-id: nr6tslcd0k5u4cCA_QHNTSJqEdjv_6Gsp1bcAMNXOwIm4q0jRB_0sg==
date: Wed, 28 May 2025 01:31:22 GMT
x-amz-cf-pop: FRA56-P11

GET
H2

200

sync
visitor.omnitagjs.com/visitor/ Frame 41D9
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=adyoulike&gdpr=1&gdpr_consent=
https://visitor.omnitagjs.com/visitor/sync?name=NEXXEN&ttl=720&uid=146e9da1fca8f0ce5e1ef0b5909cc4cd&visitor=OPTOUT

49 B
339 B

23ms
22ms

Image
image/gif

34.1.1.166
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL: https://visitor.omnitagjs.com/visitor/sync?name=NEXXEN&ttl=720&uid=146e9da1fca8f0ce5e1ef0b5909cc4cd&visitor=OPTOUT
Requested by: Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4
Protocol: H2
Server: 34.1.1.166 Paris, France, ASN15169 (GOOGLE, US),
Reverse DNS: 166.1.1.34.bc.googleusercontent.com
Software: fasthttp /
Resource Hash: d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://visitor.omnitagjs.com/

Response headers

x-kong-request-id: c8efd609f9755855b65520713121787c
via: kong/3.6.1
x-kong-upstream-latency: 6
x-kong-proxy-latency: 0
content-length: 49
p3p: CP="CAO PSA OUR"
date: Wed, 28 May 2025 01:31:21 GMT
content-type: image/gif
server: fasthttp

Redirect headers

expires: 0
cache-control: no-store, no-cache, must-revalidate
location: https://visitor.omnitagjs.com/visitor/sync?name=NEXXEN&ttl=720&uid=146e9da1fca8f0ce5e1ef0b5909cc4cd&visitor=OPTOUT
date: Wed, 28 May 2025 01:31:22 GMT
pragma: no-cache
content-type: text/html
etag: OPTOUT

GET
H2

200

sync
visitor.omnitagjs.com/visitor/ Frame 41D9
Redirect Chain

https://creativecdn.com/cm-notify?pi=adyoulike&gdpr=1&gdpr_consent=
https://creativecdn.com/cm-notify?pi=adyoulike&gdpr=1&gdpr_consent=&tc=1
https://visitor.omnitagjs.com/visitor/sync?uid=094e13e3a08b6f25e4d4f7b1fba0b26b&visitor=ohStSamIbKVpsrajCORHfv-cXreL-nENZT5tetitTDM&name=RTB_HOUSE&pi=adyoulike&gdpr=1&gdpr_consent=&tc=1

49 B
339 B

22ms
22ms

Image
image/gif

34.1.1.166
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL: https://visitor.omnitagjs.com/visitor/sync?uid=094e13e3a08b6f25e4d4f7b1fba0b26b&visitor=ohStSamIbKVpsrajCORHfv-cXreL-nENZT5tetitTDM&name=RTB_HOUSE&pi=adyoulike&gdpr=1&gdpr_consent=&tc=1
Requested by: Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4
Protocol: H2
Server: 34.1.1.166 Paris, France, ASN15169 (GOOGLE, US),
Reverse DNS: 166.1.1.34.bc.googleusercontent.com
Software: fasthttp /
Resource Hash: d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://visitor.omnitagjs.com/

Response headers

x-kong-request-id: 6a64165530ce4e758707473410f6d733
via: kong/3.6.1
x-kong-upstream-latency: 5
x-kong-proxy-latency: 1
content-length: 49
p3p: CP="CAO PSA OUR"
date: Wed, 28 May 2025 01:31:21 GMT
content-type: image/gif
server: fasthttp

Redirect headers

expires: Thu, 01 Jan 1970 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
location: https://visitor.omnitagjs.com/visitor/sync?uid=094e13e3a08b6f25e4d4f7b1fba0b26b&visitor=ohStSamIbKVpsrajCORHfv-cXreL-nENZT5tetitTDM&name=RTB_HOUSE&pi=adyoulike&gdpr=1&gdpr_consent=&tc=1
content-length: 0
date: Wed, 28 May 2025 01:31:22 GMT, Wed, 28 May 2025 01:31:22 GMT
pragma: no-cache
vary: Accept-Encoding

GET
H2 204 /
sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/ Frame 41D9 0
129 B 82ms
21ms Image
text/plain 168.119.146.39

General

Check archive.org

Download Go to Show image

Full URL: https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=JAHJ4YZq4O&r=https%3A%2F%2Fvisitor.europe-west9.gcp.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DRichAudience%26ttl%3D720%26uid%3De33590f6de70f789c6aa5ba72b5e547c%26visitor%3D%5BPDID%5D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent=
Requested by: Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 168.119.146.39 -, , ASN (),
Reverse DNS
Software: nginx/1.14.1 / PHP/8.2.4
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://visitor.omnitagjs.com/

Response headers

p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
date: Wed, 28 May 2025 01:30:28 GMT
x-powered-by: PHP/8.2.4
server: nginx/1.14.1

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 41D9 70 B
148 B 51ms
34ms Image
image/gif 3.33.220.150

General

Check archive.org

Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=k2j3gqp&ttd_tpi=1&gdpr=1&gdpr_consent=
Requested by: Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 -, , ASN (),
Reverse DNS
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://visitor.omnitagjs.com/

Response headers

content-length: 70
date: Wed, 28 May 2025 01:31:22 GMT
content-type: image/gif
server: Kestrel

GET
H2 200 getuid
eb2.3lift.com/ Frame 41D9 37 B
140 B 46ms
7ms Image
image/gif 76.223.111.18

General

Check archive.org

Download Go to Show image

Full URL: https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fvisitor.europe-west9.gcp.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DOW_TRIPLELIFT%26ttl%3D720%26uid%3De217d8a485cb4bc1c2854b511ca26ae8%26visitor%3D%24UID%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent=
Requested by: Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 76.223.111.18 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://visitor.omnitagjs.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
content-length: 37
date: Wed, 28 May 2025 01:31:22 GMT
content-type: image/gif

GET

sync
visitor.omnitagjs.com/visitor/ Frame 41D9
Redirect Chain

https://csync.loopme.me/?pubid=11480&redirect=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3D68c72dd412a8d0f3f6d2276db2509939%26name%3DLOOPME%26visitor%3D%7Bdevice_id%7D&gdpr=1&gdpr_c...
https://visitor.omnitagjs.com/visitor/sync?uid=68c72dd412a8d0f3f6d2276db2509939&name=LOOPME&visitor=359fca30-d421-4e93-bca6-d0afd328a9a4&gdpr_consent=null&gdpr=1

0
0

GET /
b1sync.zemanta.com/usersync/adyoulike/ Frame 41D9 0
0

GET
H2 200 ImgSync
image8.pubmatic.com/AdServer/ Frame 41D9 0
39 B 63ms
7ms Image
text/plain 103.231.98.106

General

Check archive.org

Download Go to Show image

Full URL: https://image8.pubmatic.com/AdServer/ImgSync?p=156813&pu=https%3A%2F%2Fvisitor.europe-west9.gcp.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DOW_PUBMATIC%26ttl%3D720%26uid%3D873f14ee249cfcabb9bfa17d23686d63%26visitor%3D%23PMUID%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent=
Requested by: Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.231.98.106 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://visitor.omnitagjs.com/

Response headers

date: Wed, 28 May 2025 01:31:22 GMT
content-length: 0

GET
H2 204 v1
match.sharethrough.com/universal/ Frame 41D9 0
58 B 32ms
17ms Image
text/plain 3.72.38.170

General

Check archive.org

Download Go to Show image

Full URL

https://match.sharethrough.com/universal/v1?supply_id=wldemn0V&gdpr=1&gdpr_consent=

Requested by

Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.72.38.170 -, , ASN (),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://visitor.omnitagjs.com/

Response headers

strict-transport-security: max-age=16000000; includeSubDomains; preload;

GET
H2 200 ImgSync
image8.pubmatic.com/AdServer/ Frame 41D9 0
42 B 41ms
8ms Image
text/plain 103.231.98.106

General

Check archive.org

Download Go to Show image

Full URL: https://image8.pubmatic.com/AdServer/ImgSync?p=159706&pu=https%3A%2F%2Fvisitor.europe-west9.gcp.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DPUBMATIC%26ttl%3D720%26uid%3D2fe1084ffe44c28350116ec0a0a1c2d1%26visitor%3D%23PMUID%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent=
Requested by: Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.231.98.106 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://visitor.omnitagjs.com/

Response headers

date: Wed, 28 May 2025 01:31:22 GMT
content-length: 0

GET cksync.php
hb.trustedstack.com/ Frame 41D9 0
0

GET sync
sync.srv.stackadapt.com/ Frame 41D9 0
0

GET 9933ca8fbb5437507921373139bb00a0.gif
usync.smxconv.com/ Frame 41D9 0
0

GET
H2 200 cm
u.openx.net/w/1.0/ Frame 41D9 43 B
96 B 28ms
16ms Image
image/gif 35.244.159.8

General

Check archive.org

Download Go to Show image

Full URL: https://u.openx.net/w/1.0/cm?id=5c25ba01-8014-471d-b115-9488b0bab07b&ph=bb3dfa1e-28f2-4379-aa01-73e27cdce2ee&r=https%3A%2F%2Fvisitor.europe-west9.gcp.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DOW_OPENX%26ttl%3D720%26uid%3Dfbb8afe8eeaca30016588a1cebad4210%26visitor%3D%7BOPENX_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent=
Requested by: Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://visitor.omnitagjs.com/

Response headers

cache-control: private, max-age=0, no-cache
pragma: no-cache
x-forwarded-for: 45.141.152.74
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
p3p: CP="CUR ADM OUR NOR STA NID"
date: Wed, 28 May 2025 01:31:22 GMT
content-type: image/gif
vary: Accept, Accept-Encoding

GET pixel
ap.lijit.com/ Frame 41D9 0
0

GET sync.html
sync.contextualadv.com/ Frame 41D9 0
0

GET pixel
ap.lijit.com/ Frame 41D9 0
0

GET sync
rtb.bid.com/ Frame 41D9 0
0

GET 101967
jadserve.postrelease.com/suid/ Frame 41D9 0
0

GET 3ccb4268afab0c2b1373a8a8fdc5011f.gif
csync.copper6.com/ Frame 41D9 0
0

GET pixel
ap.lijit.com/ Frame 41D9 0
0

GET pbsync
ads.yieldmo.com/ Frame 41D9 0
0

GET usermatchredir
ssum-sec.casalemedia.com/ Frame 41D9 0
0

GET 0
prebid.a-mo.net/cchain/ Frame 41D9 0
0

GET cookiesync
bttrack.com/pixel/ Frame 41D9 0
0

GET f3c49daf592d06bab39258cac72c0de9.gif
csync.copper6.com/ Frame 41D9 0
0

GET 711333.gif
id.rlcdn.com/ Frame 41D9 0
0

GET 0
prebid.a-mo.net/cchain/ Frame 41D9 0
0

GET
H2 200 13926 Show response
g2.gumgum.com/usync/ Frame 7DD3 3 KB
1 KB 29ms
29ms Document
text/html 52.50.66.111
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.50.66.111 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-50-66-111.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6fecd89f00d81658eb0b3b9a0a3a324fe677c1a570213c5ac3553cb395621530

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

content-encoding: gzip
content-type: text/html;charset=UTF-8
date: Wed, 28 May 2025 01:31:22 GMT
etag: W/"0eabdbbb0da766c02a5fd97e00ef4864a"
server: nginx
timing-allow-origin: *

GET ps
pixel.33across.com/ Frame C0FA 0
0

GET
H2 204 /
onetag-sys.com/usync/ Frame 11AF 0
0 8ms
8ms Document
text/plain 51.75.86.98
OVH OVH SAS

General

Check archive.org

Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D

Requested by

Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.75.86.98 , France, ASN16276 (OVH OVH SAS, FR),

Reverse DNS

ip98.ip-51-75-86.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control: no-store
strict-transport-security: max-age=15552000

GET
H2 200 sync
ssbsync.smartadserver.com/api/ Frame D480 0
0 160ms
13ms Document
text/html 89.149.192.196

General

Check archive.org

Download Go to

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.149.192.196 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

cache-control: no-cache,no-store
content-length: 818
content-type: text/html
date: Wed, 28 May 2025 01:31:22 GMT
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
pragma: no-cache

GET
H3

200

usermatch Show response
ssum-sec.casalemedia.com/ Frame F583
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1

2 KB
1 KB

30ms
29ms

Document
text/html

104.18.26.193

General

Check archive.org

Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.26.193 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 75d736d3fbd7c5cf59502bb2b8b4ab8bfc1730431bc84353d08309ce1df1a53e

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 9469fdf869fc1e64-FRA
content-encoding: br
content-type: text/html
date: Wed, 28 May 2025 01:31:22 GMT
expires: 0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
priority: u=0,i
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LUI90ENLaLJr76utU3KmSMVotOlhCvxncC%2BdLT9Rb%2B%2B%2BiZDfAUS6OTwHV6YtHdPAJ6%2F1Zu6qAmOnnXy4IUtPmIGCCCCjrO4TO0phjTs8Vg97w4bOUFzER9RB%2BBSkx5nqA8OI9Nd1fWbtsQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfExtPri
vary: Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 9469fdf829e81e64-FRA
content-length: 0
date: Wed, 28 May 2025 01:31:22 GMT
expires: 0
location: /usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
priority: u=0,i
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gmCLe5fzMgPbaSM1Ii1QL%2F2im7VWBoN4hsbFN6o%2F3kMN2QM0tOQJU1QrnBQrVcujqnnv9bJbzo9GpuEzZLM09gAJoZf2EfEbb50L00dX9m0f8UPR2cp0Lt1IH3GvlCDTBVySCFrW2mO2pA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfExtPri
vary: Accept-Encoding

GET

usync.html
eus.rubiconproject.com/ Frame 6B7A
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east

0
0

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame A306 20 KB
7 KB 79ms
13ms Document
text/html 95.100.185.43

General

Check archive.org

Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.100.185.43 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: a88123f7890e58349e3a64226c716be9d346a42ba76e542a8ebdd30026a89604

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
cache-control: max-age=118431
content-encoding: gzip
content-length: 6694
content-type: text/html
date: Wed, 28 May 2025 01:31:22 GMT
expires: Thu, 29 May 2025 10:25:13 GMT
last-modified: Wed, 13 Nov 2024 05:14:24 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET sync-iframe
cs-server-s2s.yellowblue.io/ Frame 7EAC 0
0

GET getuid
ib.adnxs.com/ Frame F938 0
0

GET merge
ce.lijit.com/ Frame F938 0
0

GET pixel
ap.lijit.com/ Frame F938 0
0

GET

cs
ad.turn.com/r/ Frame F938
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D
https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1748395882305
https://ad.turn.com/r/cs?pid=45&id=RX-62a79f92-c1c7-4741-9790-93f3fcf72e45-003&rndcb=3776403558

0
0

GET
H2

200

sync
ads.servenobid.com/ Frame F938
Redirect Chain

https://p.rfihub.com/cm?pub=44007&in=1
https://ads.servenobid.com/sync?pid=324&uid=5133329536030236595

0
390 B

22ms
19ms

Image
image/avif

143.244.197.139
DIGITALOCEAN-ASN

General

Check archive.org

Download Go to Show image

Full URL

https://ads.servenobid.com/sync?pid=324&uid=5133329536030236595

Requested by

Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html

Protocol

Server

143.244.197.139 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://public.servenobid.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
amp-access-control-allow-source-origin: *
access-control-allow-origin: *
content-length: 0
date: Wed, 28 May 2025 01:31:22 GMT
content-type: image/avif;charset=ISO-8859-1

Redirect headers

Location: https://ads.servenobid.com/sync?pid=324&uid=5133329536030236595
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Date: Wed, 28 May 2025 01:31:22 GMT
Server: Jetty(9.4.51.v20230217)

GET usa
sync.go.sonobi.com/ Frame F938 0
0

GET
H2

200

sync
ads.servenobid.com/ Frame F938
Redirect Chain

https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D
https://ads.servenobid.com/sync?pid=327&uid=&us_privacy=1YN-&gdpr=0

0
298 B

22ms
21ms

Image
image/avif

143.244.197.139
DIGITALOCEAN-ASN

General

Check archive.org

Download Go to Show image

Full URL

https://ads.servenobid.com/sync?pid=327&uid=&us_privacy=1YN-&gdpr=0

Requested by

Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html

Protocol

Server

143.244.197.139 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://public.servenobid.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
amp-access-control-allow-source-origin: *
access-control-allow-origin: *
content-length: 0
date: Wed, 28 May 2025 01:31:22 GMT
content-type: image/avif;charset=ISO-8859-1

Redirect headers

cache-control: max-age=0, private, must-revalidate
location: https://ads.servenobid.com/sync?pid=327&uid=&us_privacy=1YN-&gdpr=0
content-length: 0
date: Wed, 28 May 2025 01:31:21 GMT
x-envoy-upstream-service-time: 0
vary: accept-encoding
server: envoy

GET redirectuser
ssp.disqus.com/ Frame F938 0
0

GET
H2 204 v1
match.sharethrough.com/universal/ Frame F938 0
57 B 87ms
17ms Image
text/plain 3.72.38.170

General

Check archive.org

Download Go to Show image

Full URL

https://match.sharethrough.com/universal/v1?supply_id=KW3eSFMR&gdpr=0&gdpr_consent=&us_privacy=1YN-&

Requested by

Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.72.38.170 -, , ASN (),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://public.servenobid.com/

Response headers

strict-transport-security: max-age=16000000; includeSubDomains; preload;

GET cksync.php
hbx.media.net/ Frame F938 0
0

GET rsync
ads.servedxk.com/ Frame F938 0
0

GET ortb_sync
gum.aidemsrv.com/ Frame C7A0 0
0

GET

usync.html
eus.rubiconproject.com/ Frame E4D8
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adyoulike&endpoint=eu&gdpr=1&gdpr_consent=
https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=1&gdpr_consent=

0
0

GET sync-iframe
cs-server-s2s.yellowblue.io/ Frame 1AC2 0
0

GET
H/1.1 200
OK ssync.html Show response
player.aniview.com/ssync/62f53b2c7850d0786f227f64/ Frame 9150 5 KB
3 KB 64ms
6ms Document
text/html 2a02:26f0:480:33::212:40d3

General

Check archive.org

Download Go to

Full URL: https://player.aniview.com/ssync/62f53b2c7850d0786f227f64/ssync.html?pid=62f53b2c7850d0786f227f64&r=https%3A%2F%2Fvisitor.europe-west9.gcp.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DANIVIEW%26ttl%3D720%26uid%3De8ecb87ff2ef3a3b16ba16c51e7986ac%26visitor%3D%5BAV_UID%5D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent=
Requested by: Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:33::212:40d3 -, , ASN (),
Reverse DNS
Software: UploadServer /
Resource Hash: 8cecad7988c322f2c35c14e99a4b936bd643cdaaa9216e9174bb1a442ff841dd

Request headers

Referer: https://visitor.omnitagjs.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type
Alt-Svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,quic=":443"; ma=93600; v="43"
Cache-Control: public, max-age=900
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1683
Content-Type: text/html
Date: Wed, 28 May 2025 01:31:22 GMT
ETag: "15a46f2f4450880eb635e62a551bbd04"
Expires: Wed, 28 May 2025 01:46:22 GMT
Last-Modified: Thu, 25 Jul 2024 11:37:12 GMT
Server: UploadServer
Vary: Accept-Encoding
X-GUploader-UploadID: AHxI1nPPBsD_AtAlthh9UYN7S1D7ZmtBA3T4JpVyFE1oJjNMpZJA0VFk64G2vIfykIn1IjPqzdg
x-goog-generation: 1721907432551634
x-goog-hash: crc32c=X7Uy+Q== md5=FaRvL0RQiA62NeYqVRu9BA==
x-goog-metageneration: 1
x-goog-storage-class: MULTI_REGIONAL
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 5380

GET /
ssc-cms.33across.com/ps/ Frame A9E6 0
0

GET usync.html
eus.rubiconproject.com/ Frame FCB4 0
0

GET
H2 204 /
onetag-sys.com/usync/ Frame 5637 0
0 10ms
7ms Document
text/plain 51.75.86.98
OVH OVH SAS

General

Check archive.org

Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=7a07370227fc000&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&us_privacy=${US_PRIVACY}

Requested by

Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.75.86.98 , France, ASN16276 (OVH OVH SAS, FR),

Reverse DNS

ip98.ip-51-75-86.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://visitor.omnitagjs.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control: no-store
strict-transport-security: max-age=15552000

GET
H/1.1 200
OK user-sync Show response
sync.adkernel.com/ Frame 4B50 0
134 B 118ms
30ms Document
text/plain 103.67.200.72

General

Check archive.org

Download Go to

Full URL: https://sync.adkernel.com/user-sync?zone=261976&r=https%3A%2F%2Fvisitor.europe-west9.gcp.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DADSOLUT%26ttl%3D720%26uid%3D1914a28ad9f7cf23695694b8008de71e%26visitor%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent=
Requested by: Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 103.67.200.72 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://visitor.omnitagjs.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

Cache-Control: no-store
Connection: close
Content-Length: 0
Date: Wed, 28 May 2025 01:31:22 GMT
Server: nginx

GET

usync.html
eus.rubiconproject.com/ Frame D156
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adyoulike&endpoint=eu&gdpr=1&gdpr_consent=
https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=1&gdpr_consent=

0
0

GET iframe
audienceexposure.com/ Frame 469A 0
0

GET

usync.html
eus.rubiconproject.com/ Frame 4D49
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adyoulike&endpoint=eu&gdpr=1&gdpr_consent=
https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=1&gdpr_consent=

0
0

GET /
ssc-cms.33across.com/ps/ Frame E1A8 0
0

GET /
ssc-cms.33across.com/ps/ Frame B265 0
0

GET
H2 200 sync
ssbsync.smartadserver.com/api/ Frame E7AB 0
0 142ms
12ms Document
text/plain 89.149.192.196

General

Check archive.org

Download Go to

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=22&gdpr=1&gdpr_consent=
Requested by: Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.149.192.196 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://visitor.omnitagjs.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

content-length: 0
date: Wed, 28 May 2025 01:31:21 GMT

GET
H2 200 sync Show response
ittpx.eskimi.com/ Frame 2BA2 13 B
160 B 60ms
11ms Document
text/html 188.40.16.220

General

Check archive.org

Download Go to

Full URL: https://ittpx.eskimi.com/sync?sp_id=14&gdpr=1&gdpr_consent=
Requested by: Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.40.16.220 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b633a587c652d02386c4f16f8c6f6aab7352d97f16367c3c40576214372dd628

Request headers

Referer: https://visitor.omnitagjs.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

content-type: text/html; charset=UTF-8
date: Wed, 28 May 2025 01:31:21 GMT
x-empty-response-reason: No GDPR consent (de: 45.141.152.74)

GET
H2 200 sync
ssbsync.smartadserver.com/api/ Frame 087D 0
0 141ms
12ms Document
text/plain 89.149.192.196

General

Check archive.org

Download Go to

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=132&gdpr=1&gdpr_consent=
Requested by: Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.149.192.196 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://visitor.omnitagjs.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

content-length: 0
date: Wed, 28 May 2025 01:31:21 GMT

GET
H/1.1 200
OK user-sync Show response
sync.adkernel.com/ Frame 7C58 0
134 B 107ms
28ms Document
text/plain 103.67.200.72

General

Check archive.org

Download Go to

Full URL: https://sync.adkernel.com/user-sync?zone=260835&r=https%3A%2F%2Fvisitor.europe-west9.gcp.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DSTRONGMETRICS%26ttl%3D720%26uid%3D84e758200d24051d4c62795c5b9604bd%26visitor%3D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent=
Requested by: Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 103.67.200.72 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://visitor.omnitagjs.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

Cache-Control: no-store
Connection: close
Content-Length: 0
Date: Wed, 28 May 2025 01:31:22 GMT
Server: nginx

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame BE5E 0
482 B 15ms
12ms Script
text/html 185.89.210.141
ASN-APPNEX

General

Check archive.org

Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://acdn.adnxs.com/

Response headers

cache-control: no-store, no-cache, private
pragma: no-cache
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
x-proxy-origin: 45.141.152.74; 45.141.152.74; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; *.adnxs.com
expires: Sat, 15 Nov 2008 16:00:00 GMT
an-x-request-uuid: 75142b16-32f7-4e87-9639-4b0a0daf4291
content-length: 0
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date: Wed, 28 May 2025 01:31:22 GMT
x-xss-protection: 0
content-type: text/html; charset=utf-8
server: nginx/1.23.4

GET getuid
secure.adnxs.com/ Frame 7DD3 0
0

GET

p-zLwwakwy-hZw3.gif
cms.quantserve.com/pixel/ Frame 7DD3
Redirect Chain

https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_9889718b-d474-4fd9-b242-ae526951210a&gdpr=0&gdpr_consent=&us_privacy=1---
https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=e_9889718b-d474-4fd9-b242-ae526951210a&gdpr=0&gdpr_consent=&us_privacy=1---
https://cms.quantserve.com/pixel/p-zLwwakwy-hZw3.gif?idmatch=0&ssp=gumgum2&gdpr=0&gdpr_consent=

0
0

GET
H2 200 cm
us-u.openx.net/w/1.0/ Frame 7DD3 43 B
107 B 51ms
22ms Image
image/gif 35.244.159.8

General

Check archive.org

Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://g2.gumgum.com/

Response headers

cache-control: private, max-age=0, no-cache
pragma: no-cache
x-forwarded-for: 45.141.152.74
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
p3p: CP="CUR ADM OUR NOR STA NID"
date: Wed, 28 May 2025 01:31:22 GMT
content-type: image/gif
vary: Accept, Accept-Encoding

GET sync
sync.srv.stackadapt.com/ Frame 7DD3 0
0

GET gumgum
pr-bh.ybp.yahoo.com/sync/ Frame 7DD3 0
0

GET generic
sync.ipredictive.com/d/sync/cookie/ Frame 7DD3 0
0

GET 142
match.deepintent.com/usersync/ Frame 7DD3 0
0

GET /
b1sync.zemanta.com/usersync/gumgum/ Frame 7DD3 0
0

GET

usersync
rtb.gumgum.com/ Frame 7DD3
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&us_privacy=1---&gpp=&gpp_sid=&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
https://rtb.gumgum.com/usersync?b=pln&i=S0h2bEDID85Y&ev=1&gpp_sid=&gpp=&us_privacy=1---&pid=558355

0
0

GET

usersync
usersync.gumgum.com/ Frame 7DD3
Redirect Chain

https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=
https://usersync.gumgum.com/usersync?b=sad&i=5619135272049449859

0
0

GET
H2 200 sync
ads.servenobid.com/ Frame 7DD3 0
404 B 22ms
20ms Image
image/avif 143.244.197.139
DIGITALOCEAN-ASN

General

Check archive.org

Download Go to Show image

Full URL

https://ads.servenobid.com/sync?pid=309&uid=e_9889718b-d474-4fd9-b242-ae526951210a

Requested by

Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

143.244.197.139 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://g2.gumgum.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
amp-access-control-allow-source-origin: *
access-control-allow-origin: *
content-length: 0
date: Wed, 28 May 2025 01:31:22 GMT
content-type: image/avif;charset=ISO-8859-1

GET

usersync
usersync.gumgum.com/ Frame 7D8A
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=1301&gdpr=0&gdpr_consent=
https://c1.adform.net/serving/cookie/match?CC=1&party=1301&gdpr=0&gdpr_consent=
https://usersync.gumgum.com/usersync?b=adf&i=4101396363679815974&gdpr=0&gdpr_consent=

0
0

GET
H3

200

pixel Show response
cm.g.doubleclick.net/ Frame A98A
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV85ODg5NzE4Yi1kNDc0LTRmZDktYjI0Mi1hZTUyNjk1MTIxMGE=&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersyn...
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV85ODg5NzE4Yi1kNDc0LTRmZDktYjI0Mi1hZTUyNjk1MTIxMGE=&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersyn...

170 B
188 B

21ms
19ms

Document
image/png

172.217.16.194

General

Check archive.org

Download Go to

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV85ODg5NzE4Yi1kNDc0LTRmZDktYjI0Mi1hZTUyNjk1MTIxMGE=&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv&google_tc=

Requested by

Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 170
content-type: image/png
cross-origin-resource-policy: cross-origin
date: Wed, 28 May 2025 01:31:22 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
server: HTTP server (unknown)
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 436
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 28 May 2025 01:31:22 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
location: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV85ODg5NzE4Yi1kNDc0LTRmZDktYjI0Mi1hZTUyNjk1MTIxMGE=&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv&google_tc=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: HTTP server (unknown)
x-xss-protection: 0

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame F3E0 20 KB
7 KB 37ms
12ms Document
text/html 95.100.185.43

General

Check archive.org

Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.100.185.43 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: a88123f7890e58349e3a64226c716be9d346a42ba76e542a8ebdd30026a89604

Request headers

Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
cache-control: max-age=118431
content-encoding: gzip
content-length: 6694
content-type: text/html
date: Wed, 28 May 2025 01:31:22 GMT
expires: Thu, 29 May 2025 10:25:13 GMT
last-modified: Wed, 13 Nov 2024 05:14:24 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 generic Show response
match.adsrvr.org/track/cmf/ Frame 9C79 70 B
148 B 33ms
32ms Document
image/gif 3.33.220.150

General

Check archive.org

Download Go to

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 -, , ASN (),
Reverse DNS
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

content-length: 70
content-type: image/gif
date: Wed, 28 May 2025 01:31:22 GMT
server: Kestrel

GET idsync
tg.socdm.com/aux/ Frame D75A 0
0

GET

usersync
usersync.gumgum.com/ Frame BA53
Redirect Chain

https://creativecdn.com/cm-notify?pi=gumgum
https://creativecdn.com/cm-notify?pi=gumgum&tc=1
https://usersync.gumgum.com/usersync?b=rth&i=NUK4nMGXd--Jflk2mvU68ObVwaI8QYCzpnvxraLHstA&pi=gumgum&tc=1

0
0

GET

usync.html
eus.rubiconproject.com/ Frame E3DB
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
https://eus.rubiconproject.com/usync.html?p=gumgum

0
0

GET
DATA 200
OK truncated
/ Frame C7A0 3 KB
0 Image
image/png

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 04d05978fdb111358073ab0524e5c1fafc0826615c206987618416b8bd8a4747

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame C7A0 5 KB
0 Image
image/png

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e4222715b556e7d99622c83e620d2f8e090047e56adb07923047f95828d561f2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET publishertag.prebid.144.js
static.criteo.net/js/ld/ Frame C6C8 0
0

GET ssync
sync.aniview.com/ Frame 9150 0
0

GET PugMaster
image6.pubmatic.com/AdServer/ Frame F3E0 0
0

GET

pixel
cm.g.doubleclick.net/ Frame F583
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=aDZnarmqPJcALu3eApxTfwAA

0
0

GET 31327
i.liadm.com/s/ Frame F583 0
0

GET
H3 200 pixel
cm.g.doubleclick.net/ Frame F583 170 B
188 B 24ms
21ms Image
image/png 172.217.16.194

General

Check archive.org

Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=aDZnarmqPJcALu3eApxTfwAABMQAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://ssum-sec.casalemedia.com/

Response headers

cache-control: no-cache, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
date: Wed, 28 May 2025 01:31:22 GMT
x-xss-protection: 0
content-type: image/png
server: HTTP server (unknown)

GET dcm
s.amazon-adsystem.com/ Frame F583 0
0

GET

crum
dsum-sec.casalemedia.com/ Frame F583
Redirect Chain

https://creativecdn.com/cm-notify?pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=aDZnarmqPJcALu3eApxTfwAA%261220
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=133&external_user_id=ohStSamIbKVpsrajCORHfv-cXreL-nENZT5tetitTDM&pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=aDZnarmqPJcALu3eApxTfwAA%261220

0
0

GET CookieIndex
rtb.adentifi.com/ Frame F583 0
0

GET

rum
dsum-sec.casalemedia.com/ Frame F583
Redirect Chain

https://csync.loopme.me/?pubid=11466&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=058e93e4-c622-4420-a53a-7703f497c06c&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null

0
0

GET cs
ad.turn.com/r/ Frame F583 0
0

GET
H2 200 sync
ads.servenobid.com/ Frame F583 0
402 B 29ms
20ms Image
image/avif 143.244.197.139
DIGITALOCEAN-ASN

General

Check archive.org

Download Go to Show image

Full URL

https://ads.servenobid.com/sync?pid=333&uid=aDZnarmqPJcALu3eApxTfwAABMQAAAIB

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

143.244.197.139 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://ssum-sec.casalemedia.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
amp-access-control-allow-source-origin: *
access-control-allow-origin: *
content-length: 0
date: Wed, 28 May 2025 01:31:22 GMT
content-type: image/avif;charset=ISO-8859-1

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: portal.fuafajihja.shadowshark.ipv64.net
URL: https://portal.fuafajihja.shadowshark.ipv64.net/baremux/worker.js

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/ping?e=1

Domain: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html

Domain: sync.cootlogix.com
URL: https://sync.cootlogix.com/api/sync/iframe/?cid=&gdpr=0&gdpr_consent=&us_privacy=

Domain: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/us.gif?nw=zt&nuid=5144588534754715122

Domain: sync.srv.stackadapt.com
URL: https://sync.srv.stackadapt.com/sync?nid=286

Domain: secure.adnxs.com
URL: https://secure.adnxs.com/getuid?https%3A%2F%2Fvisitor.europe-west9.gcp.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DXandr%2B%25E2%2580%2593%2BInvest%2BDSP%26ttl%3D720%26uid%3D48d5713d5c563cba2049f505b2d944b6%26visitor%3D%24UID%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent=

Domain: secure.adnxs.com
URL: https://secure.adnxs.com/getuid?https%3A%2F%2Fvisitor.europe-west9.gcp.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DXandr%2B%25E2%2580%2593%2BInvest%2BDSP%2B-%2BBanner%26ttl%3D720%26uid%3D75d56568a11564bfb79a01d2fa9fdb29%26visitor%3D%24UID%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent=

Domain: secure.adnxs.com
URL: https://secure.adnxs.com/getuid?https%3A%2F%2Fvisitor.europe-west9.gcp.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DOW_XANDR%26ttl%3D720%26uid%3Dfc1c60cd86bc9d21889d1f9cc47ab50f%26visitor%3D%24UID%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent=

Domain: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/sync?uid=68c72dd412a8d0f3f6d2276db2509939&name=LOOPME&visitor=359fca30-d421-4e93-bca6-d0afd328a9a4&gdpr_consent=null&gdpr=1

Domain: b1sync.zemanta.com
URL: https://b1sync.zemanta.com/usersync/adyoulike/?cb=https%3A%2F%2Fvisitor.europe-west9.gcp.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DZEMANTA_NATIVE_1_2%26ttl%3D720%26uid%3Df2d9136cf53dede7f83ba16171a37fdd%26visitor%3D__ZUID__%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent=

Domain: hb.trustedstack.com
URL: https://hb.trustedstack.com/cksync.php?cs=66&type=opw&redirect=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3F%26uid%3D6a4186b759e18e574be0648ddd5e766a%26visitor%3D%3Cvsid%3E&gdpr=1&gdpr_consent=

Domain: sync.srv.stackadapt.com
URL: https://sync.srv.stackadapt.com/sync?nid=33&gdpr=1&gdpr_consent=

Domain: usync.smxconv.com
URL: https://usync.smxconv.com/9933ca8fbb5437507921373139bb00a0.gif?redir=https%3A%2F%2Fvisitor.europe-west9.gcp.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DSMOOT_AI%26ttl%3D720%26uid%3De53a38d880e1279a98bf1a6cf9d7d373%26visitor%3D%5BUID%5D

Domain: ap.lijit.com
URL: https://ap.lijit.com/pixel?redir=https%3A%2F%2Fvisitor.europe-west9.gcp.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DSOVRN%26ttl%3D720%26uid%3D4b30a0b1f289a261ab592e1e53c126eb%26visitor%3D%24UID%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent=

Domain: ap.lijit.com
URL: https://ap.lijit.com/pixel?redir=https%3A%2F%2Fvisitor.europe-west9.gcp.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DSOVRN_VIDEO%26ttl%3D720%26uid%3D14b8487cccb69ed1c7083f34af9c9c7f%26visitor%3D%24UID%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent=

Domain: sync.contextualadv.com
URL: https://sync.contextualadv.com/sync.html?pubid=197&pubuid=${UID}&gdpr=1&gdpr_consent=

Domain: ap.lijit.com
URL: https://ap.lijit.com/pixel?redir=https%3A%2F%2Fvisitor.europe-west9.gcp.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DSOVRN_APP%26ttl%3D720%26uid%3Dcf7670e1d20b737804cf859fa1318914%26visitor%3D%24UID%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent=

Domain: rtb.bid.com
URL: https://rtb.bid.com/sync?ssp=adyoulike&gdpr=1&gdpr_consent=

Domain: jadserve.postrelease.com
URL: https://jadserve.postrelease.com/suid/101967?ntv_r=https%3A%2F%2Fvisitor.europe-west9.gcp.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DNATIVO%26ttl%3D720%26uid%3D0544850a0778385701c6899403bef718%26visitor%3DNTV_USER_ID%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent=

Domain: csync.copper6.com
URL: https://csync.copper6.com/3ccb4268afab0c2b1373a8a8fdc5011f.gif?redir=https%3A%2F%2Fvisitor.europe-west9.gcp.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DOW_COPPER6%26ttl%3D720%26uid%3D28acaf13e408a52aee4358368b1d9f0b%26visitor%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent=

Domain: ap.lijit.com
URL: https://ap.lijit.com/pixel?redir=https%3A%2F%2Fvisitor.europe-west9.gcp.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DOW_SOVRN%26ttl%3D720%26uid%3D27349c3c4b4c5a48c7c7f4938ab918e6%26visitor%3D%24UID%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent=

Domain: ads.yieldmo.com
URL: https://ads.yieldmo.com/pbsync?is=adyl&redirectUri=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DYIELDMO%26ttl%3D720%26uid%3D3ee5cefc896f9db66dd131a32a91d57f%26visitor%3D%24UID&gdpr=1&gdpr_consent=

Domain: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatchredir?s=190532&cb=https%3A%2F%2Fvisitor.europe-west9.gcp.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DOW_INDEX%26ttl%3D720%26uid%3D6b882ebc903fbdf00a60398f542a5c35%26visitor%3D%7BuserId%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent=

Domain: prebid.a-mo.net
URL: https://prebid.a-mo.net/cchain/0?cb=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3Dcc74a90418053c5e5c118472fd8c7507%26visitor%3D

Domain: bttrack.com
URL: https://bttrack.com/pixel/cookiesync?source=6b2595d5-cf4e-4298-a4ac-bcc34433eaad&secure=1&gdpr=1&gdpr_consent=

Domain: csync.copper6.com
URL: https://csync.copper6.com/f3c49daf592d06bab39258cac72c0de9.gif?redir=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3D0fccaa3ff6e0f9ec339e7eb753458ab3%26visitor%3D%5BUID%5D&gdpr=1&gdpr_consent=

Domain: id.rlcdn.com
URL: https://id.rlcdn.com/711333.gif?

Domain: prebid.a-mo.net
URL: https://prebid.a-mo.net/cchain/0?cb=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3D642b2fc65afcd5ddddcf2d0e96254052%26visitor%3D

Domain: pixel.33across.com
URL: https://pixel.33across.com/ps?m=xch&rt=html&id=0010b00002Mq2FYAAZ&ru=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D304%26uid%3D33XUSERID33X

Domain: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east

Domain: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D

Domain: ib.adnxs.com
URL: https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID

Domain: ce.lijit.com
URL: https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D

Domain: ap.lijit.com
URL: https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID

Domain: ad.turn.com
URL: https://ad.turn.com/r/cs?pid=45&id=RX-62a79f92-c1c7-4741-9790-93f3fcf72e45-003&rndcb=3776403558

Domain: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D

Domain: ssp.disqus.com
URL: https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID

Domain: hbx.media.net
URL: https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D353%26uid%3D%3Cvsid%3E

Domain: ads.servedxk.com
URL: https://ads.servedxk.com/rsync?redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D369%26uid%3D%24UID

Domain: ads.servedxk.com
URL: https://ads.servedxk.com/rsync?redirect=https%3A%2F%2Fidsync.rlcdn.com%2F712910.gif%3Fpartner_uid%3D%24UID

Domain: gum.aidemsrv.com
URL: https://gum.aidemsrv.com/ortb_sync?gdpr={GDPR}&consent={GDPR_CONSENT}&us_privacy={US_PRIVACY}&redirect=https%3A%2F%2Fvisitor.europe-west9.gcp.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DAIDEM%26ttl%3D720%26uid%3Db2f604635d0b9abde52139fc8a8034be%26visitor%3D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent=

Domain: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=1&gdpr_consent=

Domain: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fvisitor.europe-west9.gcp.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DRISE_CODES%26ttl%3D720%26uid%3D48b439bcf2930e6408d6e795f7f1cdd2%26visitor%3D%7BpartnerId%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent=

Domain: ssc-cms.33across.com
URL: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0015a00003HljHyAAJ&ru=https%3A%2F%2Fvisitor.europe-west9.gcp.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DOW_33ACROSS%26ttl%3D720%26uid%3D25492590fe216b332ae998485e25beb4%26visitor%3D33XUSERID33X%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent=

Domain: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adyoulike_2&endpoint=eu&gdpr=1&gdpr_consent=

Domain: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=1&gdpr_consent=

Domain: audienceexposure.com
URL: https://audienceexposure.com/iframe?redirect=https%3A%2F%2Fvisitor.europe-west9.gcp.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DBRAVE_IO%26ttl%3D720%26uid%3D1dd849eac6b255853660ea3ed55cb2b4%26visitor%3D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent=

Domain: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=1&gdpr_consent=

Domain: ssc-cms.33across.com
URL: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0015a00003HljHyAAJ&ru=https%3A%2F%2Fvisitor.europe-west9.gcp.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3D33ACROSS_VIDEO%26ttl%3D720%26uid%3D0e36e8655c40248fb8d2e311b5db1153%26visitor%3D33XUSERID33X%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent=

Domain: ssc-cms.33across.com
URL: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0015a00003HljHyAAJ&ru=https%3A%2F%2Fvisitor.europe-west9.gcp.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3D33ACROSS%26ttl%3D720%26uid%3D2f9442d7df2189f76c8b593d5f54ce95%26visitor%3D33XUSERID33X%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent=

Domain: secure.adnxs.com
URL: https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID

Domain: cms.quantserve.com
URL: https://cms.quantserve.com/pixel/p-zLwwakwy-hZw3.gif?idmatch=0&ssp=gumgum2&gdpr=0&gdpr_consent=

Domain: sync.srv.stackadapt.com
URL: https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=

Domain: pr-bh.ybp.yahoo.com
URL: https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=

Domain: sync.ipredictive.com
URL: https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D

Domain: match.deepintent.com
URL: https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D

Domain: b1sync.zemanta.com
URL: https://b1sync.zemanta.com/usersync/gumgum/?puid=e_9889718b-d474-4fd9-b242-ae526951210a&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__

Domain: rtb.gumgum.com
URL: https://rtb.gumgum.com/usersync?b=pln&i=S0h2bEDID85Y&ev=1&gpp_sid=&gpp=&us_privacy=1---&pid=558355

Domain: usersync.gumgum.com
URL: https://usersync.gumgum.com/usersync?b=sad&i=5619135272049449859

Domain: usersync.gumgum.com
URL: https://usersync.gumgum.com/usersync?b=adf&i=4101396363679815974&gdpr=0&gdpr_consent=

Domain: tg.socdm.com
URL: https://tg.socdm.com/aux/idsync?proto=gumgum

Domain: usersync.gumgum.com
URL: https://usersync.gumgum.com/usersync?b=rth&i=NUK4nMGXd--Jflk2mvU68ObVwaI8QYCzpnvxraLHstA&pi=gumgum&tc=1

Domain: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum

Domain: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.144.js

Domain: sync.aniview.com
URL: https://sync.aniview.com/ssync?pid=62f53b2c7850d0786f227f64&r=https%3A%2F%2Fvisitor.europe-west9.gcp.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DANIVIEW%26ttl%3D720%26uid%3De8ecb87ff2ef3a3b16ba16c51e7986ac%26visitor%3D%5BAV_UID%5D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent=

Domain: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=23062478&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&gpp=&gpp_sid=

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=aDZnarmqPJcALu3eApxTfwAA

Domain: i.liadm.com
URL: https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=aDZnarmqPJcALu3eApxTfwAA%261220&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=

Domain: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=aDZnarmqPJcALu3eApxTfwAABMQAAAIB&gpp=&gpp_sid=

Domain: dsum-sec.casalemedia.com
URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=133&external_user_id=ohStSamIbKVpsrajCORHfv-cXreL-nENZT5tetitTDM&pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=aDZnarmqPJcALu3eApxTfwAA%261220

Domain: rtb.adentifi.com
URL: https://rtb.adentifi.com/CookieIndex

Domain: dsum-sec.casalemedia.com
URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=058e93e4-c622-4420-a53a-7703f497c06c&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null

Domain: ad.turn.com
URL: https://ad.turn.com/r/cs?pid=21

Verdicts & Comments Add Verdict or Comment

43 JavaScript Window variables

These are the non-standard variables defined on the window object. These include var declarations and global functions and can be helpful in identifying possible client-side frameworks and code.

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.ipv64.net/	1970-01-21 15:15:55	Name: _ga Value: GA1.1.2016712112.1748395878
.ipv64.net/	1970-01-21 15:15:55	Name: _ga_NCTSG4T1B6 Value: GS2.1.s1748395877$o1$g1$t1748395878$j59$l0$h0
.rubiconproject.com/	1970-01-21 14:25:31	Name: khaos Value: MB79RI6O-1V-CESM
.rubiconproject.com/	1970-01-21 14:25:31	Name: audit Value: 1\|SDziDG3X/EgWi2rle2wP42WQ0NNjmqbPd94gXYLevqLI6LsXhGpVcnUk7aADAxKYiEQX8BhfSmRgrTHCeAvtfYK82FGGaWSkZTsffuh2iFUdvC8niHzOQCYbB5SW5XQ3mePgyV9QG0Uijy0RC4Zd8SKPLRELhl3xIo8tEQuGXfGma+WVcS1g3g==
prebid.media.net/	1970-01-21 09:59:07	Name: receive-cookie-deprecation Value: 1
.go.sonobi.com/	1970-01-21 14:25:31	Name: __uis Value: 39659ac3-5c91-4235-89a9-b70e15465f5d
.go.sonobi.com/	1970-01-21 05:41:22	Name: _usd_portal.fuafajihja.shadowshark.ipv64.net Value: 1658d16f-42f9-4efa-9aa0-504cfd97738c
apex.go.sonobi.com/	1969-12-31 23:59:59	Name: Value: receive-cookie-deprecation: 1
.go.sonobi.com/	1970-01-21 05:39:56	Name: __uih Value: 1
.go.sonobi.com/	1969-12-31 23:59:59	Name: HAPLB8G Value: s85103\|aDZna
.ingage.tech/	1970-01-21 07:49:31	Name: instUid Value: 8bbfb53c-33d9-454f-8fa4-83752f9f8135
.ingage.tech/	1970-01-21 07:49:31	Name: cookieRegion Value: wdc
fontgenerator.cc/	1970-01-21 05:39:55	Name: TESTCOOKIESENABLED Value: 1
.fontgenerator.cc/	1970-01-21 09:59:07	Name: __eoi Value: ID=a2989ef37694a6bc:T=1748395879:RT=1748395879:S=AA-AfjYqWtCiMxrrpBhx93_n-pXq

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://bnalk&size=24 Message: Failed to load resource: the server responded with a status of 404 ()
rendering	warning	URL: https://ep2.adtrafficquality.google/sodar/sodar2/237/runner.html Message: [GroupMarkerNotSet(crbug.com/242999)!:A0504902440B0000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
network	error	URL: https://rtb.bid.com/sync?ssp=adyoulike&gdpr=1&gdpr_consent= Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1229385e80c45377fcc07028f790d551.safeframe.googlesyndication.com
acdn.adnxs.com
acscdn.com
ad-delivery.net
ad.doubleclick.net
ad.turn.com
ads.pubmatic.com
ads.servedxk.com
ads.servenobid.com
ads.yieldmo.com
ag.dns-finder.com
ap.lijit.com
apex.go.sonobi.com
api-ssp.spot.im
api.btloader.com
app.tinyadz.com
audienceexposure.com
b1sync.zemanta.com
bidder.criteo.com
btloader.com
bttrack.com
buysellads-d.openx.net
cdn.jsdelivr.net
cdn4.buysellads.net
cdnjs.cloudflare.com
ce.lijit.com
cm.g.doubleclick.net
cms.quantserve.com
creativecdn.com
cs-server-s2s.yellowblue.io
csync.copper6.com
direct.adsrvr.org
dsum-sec.casalemedia.com
eb2.3lift.com
ep1.adtrafficquality.google
ep2.adtrafficquality.google
eus.rubiconproject.com
ex.ingage.tech
exchange.cootlogix.com
fastlane.rubiconproject.com
fontgenerator.cc
fonts.googleapis.com
fonts.gstatic.com
g2.gumgum.com
gum.aidemsrv.com
gum.criteo.com
hb-api.omnitagjs.com
hb.trustedstack.com
hb.yellowblue.io
hbx.media.net
i.liadm.com
ib.adnxs.com
id.rlcdn.com
id5-sync.com
image6.pubmatic.com
image8.pubmatic.com
ittpx.eskimi.com
jadserve.postrelease.com
lb.eu-1-id5-sync.com
match.adsrvr.org
match.deepintent.com
match.sharethrough.com
onetag-sys.com
p.rfihub.com
pagead2.googlesyndication.com
partner.senty.com.au
pixel-sync.sitescout.com
pixel.33across.com
player.aniview.com
portal.fuafajihja.shadowshark.ipv64.net
pr-bh.ybp.yahoo.com
prebid.a-mo.net
prebid.media.net
prg.smartadserver.com
public.servenobid.com
pubtrky.com
rtb.adentifi.com
rtb.bid.com
rtb.gumgum.com
rtb.openx.net
s.amazon-adsystem.com
script.4dex.io
secure.adnxs.com
securepubads.g.doubleclick.net
srv.buysellads.com
ssbsync.smartadserver.com
ssc-cms.33across.com
ssp.disqus.com
ssum-sec.casalemedia.com
static.criteo.net
stats.senty.com.au
stpd.cloud
sync.1rx.io
sync.adkernel.com
sync.aniview.com
sync.contextualadv.com
sync.cootlogix.com
sync.go.sonobi.com
sync.ipredictive.com
sync.richaudience.com
sync.srv.stackadapt.com
t0.gstatic.com
tg.socdm.com
u.openx.net
us-u.openx.net
usersync.gumgum.com
usync.smxconv.com
visitor.omnitagjs.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
x.bidswitch.net
youradexchange.com
ad.turn.com
ads.servedxk.com
ads.yieldmo.com
ap.lijit.com
audienceexposure.com
b1sync.zemanta.com
bttrack.com
ce.lijit.com
cm.g.doubleclick.net
cms.quantserve.com
cs-server-s2s.yellowblue.io
csync.copper6.com
dsum-sec.casalemedia.com
eus.rubiconproject.com
gum.aidemsrv.com
hb.trustedstack.com
hbx.media.net
i.liadm.com
ib.adnxs.com
id.rlcdn.com
image6.pubmatic.com
jadserve.postrelease.com
match.deepintent.com
pagead2.googlesyndication.com
pixel.33across.com
portal.fuafajihja.shadowshark.ipv64.net
pr-bh.ybp.yahoo.com
prebid.a-mo.net
rtb.adentifi.com
rtb.bid.com
rtb.gumgum.com
s.amazon-adsystem.com
secure.adnxs.com
ssc-cms.33across.com
ssp.disqus.com
ssum-sec.casalemedia.com
static.criteo.net
sync.aniview.com
sync.contextualadv.com
sync.cootlogix.com
sync.go.sonobi.com
sync.ipredictive.com
sync.srv.stackadapt.com
tg.socdm.com
usersync.gumgum.com
usync.smxconv.com
visitor.omnitagjs.com
103.231.98.106
103.67.200.72
104.18.26.193
104.237.132.182
104.243.38.18
130.211.23.194
142.250.184.230
143.244.197.139
151.101.193.108
159.65.211.77
162.19.138.83
163.5.194.34
168.119.146.39
172.217.16.194
18.244.18.5
18.245.31.78
185.184.8.90
185.89.210.141
188.40.16.220
193.0.160.131
2602:803:c003:200::21
2606:4700:10::6816:541
2606:4700:10::6816:bc7
2606:4700:10::ac43:293c
2606:4700:20::681a:9a9
2606:4700:3033::ac43:cd8d
2606:4700:3034::6815:86c
2606:4700:3035::6815:142
2606:4700::6811:190e
2606:4700::6812:10c9
2606:4700::6812:1962
2606:4700::6812:1e31
2607:f350:3:2569:0:10:0:a
2a00:1450:4001:808::200a
2a00:1450:4001:80b::2004
2a00:1450:4001:810::2002
2a00:1450:4001:811::2002
2a00:1450:4001:812::2004
2a00:1450:4001:81d::2001
2a00:1450:4001:82b::2008
2a00:1450:4001:82f::2003
2a00:1450:4001:830::200e
2a00:1450:4001:831::2001
2a00:1450:4001:831::2002
2a02:2638:3::39
2a02:2638:3::c
2a02:26f0:480:33::212:40d3
2a04:4e42:200::485
2a04:4e42:600::485
2a06:98c1:3120::3
3.33.220.150
3.72.38.170
34.1.1.166
34.120.63.153
34.36.200.111
34.36.216.150
35.186.253.211
35.214.136.108
35.244.159.8
35.71.170.66
45.55.100.180
46.228.174.117
51.75.86.98
52.222.236.4
52.50.66.111
57.129.85.132
76.223.111.18
81.17.55.99
89.149.192.196
95.100.185.43
02af156515fa9dcd5eb0341409e450847ee099a0b58a5fb31984be2c59743521
042a1652e0b3d20d268a194befaea0c5841026a91a14214abac003d605e0ed65
04d05978fdb111358073ab0524e5c1fafc0826615c206987618416b8bd8a4747
04fcb3b36a8a7bdccb4d6d19f659416dbea46e4599303c362b95cc36b079c1ce
0b11eecfa382b1f2092d94e727a0145c9f6c2866e04419eef89e9bc381c7a787
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
10d159adb573ca535b8275f1d27dc8d60fffd9678ee3b5f1a0f7b4be4a77342f
14b660a511e14a9a481c6fe43c576f36c61b656cfd379728c54f1128e1855966
1562c1b6966919f59dad5ce26d7ce05a4ecdfc4e6f7f9b8d1d6fa826508794cc
17121520efdb21823ea10bdc2115a34f772f78c0bea04cfdff41d615c520616e
1775d6d7278247af0e4e409092d75152b4dd04f873cb46dbb5482c73eb60e7a0
19492573e99443369d3da235c38f1a430842fce993891f89054f0c7e4e4389e7
217bef43e1ece84e8dc9eb6f2e6629b6d24d8738c663f47f33edc697b9a097a5
24c817c4fef658a57754e07c2c89b185e9de3a2bc4261d7e863b345f27df82c4
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
28a2e66d41b018bf27fbf4e3434b298b0b9afaf920f9e8a49dd60ded1e1ae903
2b4c449d8a2a73c9366bc59a9440b88453e346ccd82bd3607f48e3d43bfe7541
33c90221403fec4c268cf866ea954a740331d68ef1255c628a386093225ee109
34a9777ffd118cee614ab974da88397fb84a09643314a4a65127a86c27eb6e6d
35739c97fca499e8dc083be59a85f4000cdf8c97427ea2182bb9fdaefc27e6cc
3b9767e5d0bea4d284bb1e624cc6ee3244b13efedfe5424eb5140ef326511eb7
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3ff4e107901c810062910e50a956b5ad423cc2a6bcb69074890879f4ba3a4ede
402b6f2a5e4b3988895b937db91eff48f511e4fcf5674a94fd08af1b9bbc2ef3
40847f04a0b4dbacd513872a0472555bf0dd89cfcd4c7d905a0166469f80b438
41e9e0b7ccf8d3af68bcbb38488e18d48198ee131b2df9ff128e4e6e911099c6
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4bbba479472ffa4241be401098dddafddc48cd7d1377c83d0048cc364933cbd0
4db7edd1881be80b90686e3dce61a869a9665d3921a690842c91633050cc14d9
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e3e6b20f1eae4923f24bf1e3dab2dde56b255c331cdc17b9507e790a48cc36b
4ee5c94e0595688414e7496ea756b280ca32426ea57ae1dab7e55842cc082330
4f6d3ce6fee0211ee389d61a9344b2f0ff30dc1f7db4e6fd9f2e9417f800afc6
504460751d9d131dae7dcd29927c1cd147be3cb0651003de4ee6b0fea5fef6ae
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
56e70443c37648d17bb54e83ae0028731328f86afb12edd626e8584718be71e0
575219d680c952919123d5f5ad36df78cfbe9b9c9972af5fe20f92f5bf8f2e85
59bfe9bc385ad69f50793ce4a53397316d7a875a7148a63c16df9b674c6cda64
5bcae56fb9334fe8446c36552a142eab9929fe2a2c91732072dd20818c9c17dc
5d881b69841cd18f3db8831bd5f0e57149fecd4064d156cb1d3f982626903d60
5eff7005425c542db2290b5ccdf4e0a65c4219273a665ce0425264274e536ea6
638b32a4f2339ff4f58198fe56ffb89091e03c23d76a39821797c01f026e21ef
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
69d9ac5984ab481e3a40b4b75c330920e56aa12c8d37bfaccc4ab6cedcdda50f
6d35a7ee5aac9714da95d1a4f632cdb97d560a5ecf5e3908a1d229bc8c1057c0
6df3805da066f2dbaeaa547b4ca83fa5c7c10ca8b6ba4357b0897bf3cc3b9a1f
6fecd89f00d81658eb0b3b9a0a3a324fe677c1a570213c5ac3553cb395621530
731c3411d0f309309a97628ba465af31050e0866d07e116f7ea5a1c35e9b99c5
74a76e5980403a11a657d3ad5f43ea97fae94b8d1cdec9886eb23bdbc645dbe1
75d736d3fbd7c5cf59502bb2b8b4ab8bfc1730431bc84353d08309ce1df1a53e
7af99a549a1293b42c5b9321cbef3a1220e62e9aada04cba32af58f6583b050f
7b2f9047727652771f06a00e11ec04b0c71ac85e1f30b8cd3bade135ab1977d2
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
7f116ce064296bb68f5adc78f16e0298efd4a0db15077406976147f6ce69a5b8
8a346698d1fe701441863c329bf5132a5536faeaa68ccd7751931726ad04b329
8b6965a87cf7118c3c59e80a39eb18dfead63c4a4b8e0a1e0134f5842cd4d8cc
8cecad7988c322f2c35c14e99a4b936bd643cdaaa9216e9174bb1a442ff841dd
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e1c63600bf52ac2101c85ecdef6f843d1d593f6c097f32591fcfea496ec4073
92335a8a579ab20778ad116b2e403ac436989b7c6b760bd9e906d451483ddb24
928047c3a25fb3acd3197ecf904d8b10f96be71b512be4ffacca0bf14a8033a8
9783d85d8b66f652af8851f97de2d59b7cd0940244147ed9b24e0142db132eff
9aaa2304af081bb7f93a8c1fdd65839652c39ae00606d774f01262c2a4c7718d
9b502c40cea58eb57328f78cf48c787ab82d46606203a135bbb813ee19fb6c6d
9de56ba22416192d18869051fdaa33876a9b6b3c7ed326abc7c8cc8503027797
a07ed6c92587063c8a3f828c58ed8076071418ca3181e9f67817c8d5041b0c47
a0d28f81842088d588dc865d4fefd4003829a2dbc2cba7f22ae656e6e6bd6bda
a6e05433a8a00bdc373490fa6619c40453a4277ec87c614156a1ad0b3af69778
a76799d383e84544bb37f128665c43341e94deae0101f7a8c256982f41c46f90
a7f65c0446b6cac3175458f6388304d0c23e70d11fa0db20920a619f1bc18623
a88123f7890e58349e3a64226c716be9d346a42ba76e542a8ebdd30026a89604
abf9bfd998405a38e5f5f61e533e4de1298162efc4409b1f161ea04e5901c366
b633a587c652d02386c4f16f8c6f6aab7352d97f16367c3c40576214372dd628
b6edcc080295bc506745b15d215226f6a80283818ef60e1e8805992c9c06f143
ba92f31903d0ed43a15811c0506b1c357fa04ff643140a3c0e162dfc66cd37eb
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bc7f1c92e6e52e299752bc574e1b04603fc94100e8c03ac600082fcff14c604b
bdaf47b5db2c6b13b97a28df68b67180dc0fcda656776ae345b264c2183b9ef2
bec79807db57a446ef06f60cbace8024994b8ab4100ded518f17090c100eaa08
bfbf77facc0b33343150d420aa0f7e582e1657070c51895cdec89299922d96cc
c0511e29e2d9e3aa83ab107e55b5e3c2ca9c90c04027a2f551fca1d403fd9cd6
cc9b3ab0470daadec08ecf223bafa041cd60ad6ddb2b0cc5ede515e16cbd95b9
cc9b971ceaa6d18611d87707cbe276f96e878309cfe7e41e5084928e665df224
cdd0eac25e4ccf70ec457edc17de5c30e6d0c5341376b86e03189e2744c5854f
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
d1505dbe33ff28f18b84904568522d81d9146da67cf306ad5e97353407984812
d1f0cd63b4d32aa9ea0975c70ec80a51afc78227e121f2e3994ef8c9ce7d06d3
d4be4824499330afdd7139a22d7ad59bd2146bc17565e9ac961461388245b0dc
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
dbe5b7ecbb1e59ac15de1b1ea340c9540f8d1cf1764c667aeca64a1fdd3b639c
dc1293460e62d8f4d91ef29b9bac4f123837f7c2c840ef3a52763782c12bc682
ddb96c25de07962ffbc0243e6e68177ce74aee9fd950cb4f5d8d3c8e6c524a09
de259eb7ba7a0e45575deb33946f1fbc695c97c33145ae4e49af0069d010868e
e3715d1fe227e6550c249faf6362adb08c08898bc88db2192ea12b39b8be0974
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4222715b556e7d99622c83e620d2f8e090047e56adb07923047f95828d561f2
e72de2be6c9ad189d4bc6776c4cf62e2df3ee72d274d96c4bc56226f6a58a489
e7af9d60d875eb1c1b1037bbbfdec41fcb096d0ebcf98a48717ad8b07906ced6
e970bdd269198fc1bf6183c389d2d299cf05c1e7b2076cee4fcf6ba7ac01be02
ea7fb526203a7e6eed35cc2fcdc98c76cb136dba25b23fae9e5fab3588877596
f1a68bf826c55985468304f4284a09cb8a68e82503d764166e611a7c58a85a4b
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
f5f36977e96a38963c796982ed3915e49673ba0b63f3d51031a1500c1f0907bd
f8415ecc026ead4d0710273922c8b92976697e8fb92d743cfdaed5ea934fdce1
f9d8e58b6cdcdf7831511b8a69c82bc6b71c335ade7b7efa21b634e08cf9789d
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

portal.fuafajihja.shadowshark.ipv64.net Open in urlscan Pro 104.243.38.18 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

235 Requests

66 %HTTPS

43 %IPv6

83 Domains

113 Subdomains

66 IPs

6 Countries

1654 kBTransfer

5606 kBSize

14 Cookies

1 Outgoing links

Redirected requests

235 HTTP transactions Everything HTML Script Fetch XHR CSS Image Font Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

portal.fuafajihja.shadowshark.ipv64.net Open in urlscan Pro
104.243.38.18 Public Scan

Screenshot
Live screenshot

Full Image

235
Requests

66 %
HTTPS

43 %
IPv6

83
Domains

113
Subdomains

66
IPs

6
Countries

1654 kB
Transfer

5606 kB
Size

14
Cookies

235 HTTP transactions
2 data transactions