urlscan.io logo urlscan.io
SecurityTrails logo

oddshapeshadow.newm.io Open in urlscan Pro
2a06:98c1:3120::3  Public Scan

Go To Rescan Add Verdict Report
URL: https://oddshapeshadow.newm.io/
Submission: On March 07 via api from RU — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 4 countries across 8 domains to perform 27 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is oddshapeshadow.newm.io.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on February 20th 2023. Valid for: a year.
This is the only time oddshapeshadow.newm.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

11    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
oddshapeshadow.newm.io
1    2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    2a00:1450:4001:830::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    162.19.61.80 (France)

ASN16276 (OVH, FR)
PTR: ns3094918.ip-162-19-61.eu
i.postimg.cc
4    2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    162.19.169.23 (France)

ASN16276 (OVH, FR)
PTR: ns3222213.ip-162-19-169.eu
api.phyrhose.io
1    2606:4700:10::ac43:1702 (United States)

ASN13335 (CLOUDFLARENET, US)
www.alphavantage.co
4    2a00:1450:400d:806::2003 (Ireland)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    2606:4700::6812:1d78 (United States)

ASN13335 (CLOUDFLARENET, US)
api.coingecko.com
Apex Domain
Subdomains		 Transfer
11 newm.io
oddshapeshadow.newm.io
7 MB
8 gstatic.com
fonts.gstatic.com
www.gstatic.com
464 KB
3 google.com
www.google.com — Cisco Umbrella Rank: 2
23 KB
1 coingecko.com
api.coingecko.com — Cisco Umbrella Rank: 22460
891 B
1 alphavantage.co
www.alphavantage.co — Cisco Umbrella Rank: 64431
434 B
1 phyrhose.io
api.phyrhose.io
477 B
1 postimg.cc
i.postimg.cc — Cisco Umbrella Rank: 18734
1010 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 36
1 KB
27 8
Domain Requested by
11 oddshapeshadow.newm.io oddshapeshadow.newm.io
4 www.gstatic.com www.google.com
www.gstatic.com
4 fonts.gstatic.com fonts.googleapis.com
www.google.com
3 www.google.com oddshapeshadow.newm.io
www.gstatic.com
www.google.com
1 api.coingecko.com oddshapeshadow.newm.io
1 www.alphavantage.co oddshapeshadow.newm.io
1 api.phyrhose.io oddshapeshadow.newm.io
1 i.postimg.cc oddshapeshadow.newm.io
1 fonts.googleapis.com oddshapeshadow.newm.io
27 9
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-02-20 -
2024-02-19		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
postimg.cc
R3		 2023-02-18 -
2023-05-19		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
api.phyrhose.io
R3		 2023-01-25 -
2023-04-25		 3 months crt.sh
*.api.coingecko.com
E1		 2023-01-31 -
2023-05-01		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://oddshapeshadow.newm.io/
Frame ID: 0243D1F2C922C5DF53B1850273F5440E
Requests: 17 HTTP requests in this frame

Frame: https://oddshapeshadow.newm.io/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1678161600
Frame ID: 769FC5AC111DA2FC152C908A6FEC5970
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdlSAQiAAAAAH703qbQ3WO_OilAviLIo3am7Z2H&co=aHR0cHM6Ly9vZGRzaGFwZXNoYWRvdy5uZXdtLmlvOjQ0Mw..&hl=nl&v=8G7OPK94bhCRbT0VqyEVpQNj&size=invisible&cb=q3j3s4dxkdf4
Frame ID: F7E08DA9B0A3EC1111610A435D6DE461
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Oddshapeshadow Stream Token Sale

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

27
Requests

100 %
HTTPS

78 %
IPv6

8
Domains

9
Subdomains

9
IPs

4
Countries

8932 kB
Transfer

15455 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

27 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
oddshapeshadow.newm.io/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://oddshapeshadow.newm.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
453295e8a56548c8f7e0f68296b09c248febde870e60666911357528a9f1f93b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=3600
cf-cache-status
DYNAMIC
cf-ray
7a402354ec510e60-AMS
content-encoding
br
content-type
text/html; charset=utf-8
date
Tue, 07 Mar 2023 04:36:32 GMT
last-modified
Thu, 02 Mar 2023 21:29:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XfTmjy6N07LzoEkjxn1%2Fo1uthfJV%2FookxqaGrZVT%2BSdQWnFenj3l8XpZmkjZS4HfWyd3Y8eMlZMBW8UqbBpJUCuaFZRb2eJKbiKYlODJHwvubfJaLIBXH8jsGTMbbi7%2F8J1ceJaxVafn67cVmhOkFo0Bn1hL"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains; preload
vary
x-fh-requested-host, accept-encoding
x-cache
HIT
x-cache-hits
1
x-content-type-options
nosniff
x-served-by
cache-ams21060-AMS
x-timer
S1678163792.162262,VS0,VE1
css2
fonts.googleapis.com/ 		21 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=DM+Serif+Text:ital@0;1&family=Inter:wght@400;500;600;700;800&family=Raleway:wght@400;500;600;700;800&display=swap
Requested by
Host: oddshapeshadow.newm.io
URL: https://oddshapeshadow.newm.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5ba1e7add4435fa95ffaa946a68dbea1c66b0c5a5dcf671159322a82321e7db8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://oddshapeshadow.newm.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 07 Mar 2023 04:36:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 07 Mar 2023 04:36:32 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 07 Mar 2023 04:36:32 GMT
main.b5de25a1.js
oddshapeshadow.newm.io/static/js/ 		7 MB
1 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://oddshapeshadow.newm.io/static/js/main.b5de25a1.js
Requested by
Host: oddshapeshadow.newm.io
URL: https://oddshapeshadow.newm.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
493de3c2fe0d2d4b0977011865ddb3159916f039417a1653a279e687bd8b0059
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://oddshapeshadow.newm.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 04:36:32 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-polished
origSize=7643597
x-cache
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-yyz4523-YYZ
cf-bgj
minify
last-modified
Thu, 02 Mar 2023 21:29:58 GMT
server
cloudflare
x-timer
S1678112106.063603,VS0,VE5
etag
W/"31ad77bff81464bffd1956447865d46e00a4c3ae15367932aefaa1ae87671f3c"
vary
x-fh-requested-host, accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aC38qlNqGkZOnRzIl91%2B22pW7sdlatRgxTyLx1qpsgkpxZv3z3%2FYJ6bmXEBYwACydBaYCmRSLhm%2F4%2BZ6OtGnr5I8t70OgYoreaiOilXyeHUnz4Uf6yw88gtgOa0QqvrU6EQUkCPEw32tm52DNGME4Qzy1eP9"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=utf-8
cache-control
max-age=43200
cf-ray
7a4023553c890e60-AMS
x-cache-hits
1
main.8c5f7304.css
oddshapeshadow.newm.io/static/css/ 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://oddshapeshadow.newm.io/static/css/main.8c5f7304.css
Requested by
Host: oddshapeshadow.newm.io
URL: https://oddshapeshadow.newm.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f91d331939af69daf81e3f67fa380d6d3656c581fad75fd2a542495d774fe70
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://oddshapeshadow.newm.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 04:36:32 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-polished
origSize=1281
x-cache
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-yyz4546-YYZ
cf-bgj
minify
last-modified
Thu, 02 Mar 2023 21:29:58 GMT
server
cloudflare
x-timer
S1678112106.137011,VS0,VE1
etag
W/"308c9c5b6297d879fccd62f4f2e1b315b520361ad82c60011a723b121e734577"
vary
x-fh-requested-host, accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E2I96C6sgnIhW%2B4jLu2QUsf5Lk4L8U2%2Bxi33NheeqxQfmCrAbdfRIoYfSKw45gBfD6WRBUgvW1a5lIrOZ%2BbGot3s2Ai3K70CxzbipS%2BppEbbCCJtEAtaPyed7ORPn2%2B3tO6l9dtPHZfnh%2BhGcANwEGfmUzeF"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
cache-control
max-age=43200
cf-ray
7a4023553c860e60-AMS
x-cache-hits
1
api.js
www.google.com/recaptcha/ 		852 B
880 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?render=explicit
Requested by
Host: oddshapeshadow.newm.io
URL: https://oddshapeshadow.newm.io/static/js/main.b5de25a1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
28ea0d0072aa5e0f9a3721a12bcb7d38aef27c9c539ced29e34583e09da2e6cc
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://oddshapeshadow.newm.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 04:36:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
560
x-xss-protection
1; mode=block
expires
Tue, 07 Mar 2023 04:36:39 GMT
preview.6c3894aa1421916950a8.mp3
oddshapeshadow.newm.io/static/media/ 		6 MB
6 MB 		XHR
General
Check archive.org
Download Go to
Full URL
https://oddshapeshadow.newm.io/static/media/preview.6c3894aa1421916950a8.mp3
Requested by
Host: oddshapeshadow.newm.io
URL: https://oddshapeshadow.newm.io/static/js/main.b5de25a1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1792fabdea4db859b0f0e4a3ae80901bf9c37a9fda9fa96b169b2c0a715b768a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://oddshapeshadow.newm.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 04:36:39 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-yyz4553-YYZ
last-modified
Thu, 02 Mar 2023 21:29:58 GMT
server
cloudflare
x-timer
S1678112106.420922,VS0,VE1
etag
W/"abdd8b8e6bb404ae9cbe32c97239d22696544a40b64dc266f15d72f9abe5d7b9"
vary
x-fh-requested-host, accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Klv7vLIMGsQYGCvV8Bb4cx5XxZjcKN85V6NX29NkoQIZ3zyzz3jC7%2F25a4bYVKDHjifzmgO1dcTiiCfLrzPEyRVVIUj6wjACTO8rcHJrST5jCg%2BOFkqPoFTMAKUEZyPFrmEyPLCfl%2Bg7%2BsDVWprHyy8Lz3RE"}],"group":"cf-nel","max_age":604800}
content-type
audio/mpeg
cache-control
max-age=43200
cf-ray
7a4023816db4b8e8-AMS
x-cache-hits
0
bg-img.png
i.postimg.cc/TPTmSRWB/ 		1009 KB
1010 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.postimg.cc/TPTmSRWB/bg-img.png
Requested by
Host: oddshapeshadow.newm.io
URL: https://oddshapeshadow.newm.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.61.80 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3094918.ip-162-19-61.eu
Software
nginx /
Resource Hash
ab4d811da60cb069f8236b0fc6589e21d9ff2de84cbc711d1dab50004ce661f3

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://oddshapeshadow.newm.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 04:36:39 GMT
last-modified
Mon, 03 Jan 2022 15:49:21 GMT
server
nginx
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
1033057
expires
Thu, 31 Dec 2037 23:55:55 GMT
1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v28/ 		45 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=DM+Serif+Text:ital@0;1&family=Inter:wght@400;500;600;700;800&family=Raleway:wght@400;500;600;700;800&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
405ceee1c2f5c31f1cb94ebc63d49a43fddd1471c2c7401a01c7c11bb1d93826
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://oddshapeshadow.newm.io
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 03 Mar 2023 07:48:43 GMT
x-content-type-options
nosniff
age
334076
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
46524
x-xss-protection
0
last-modified
Mon, 18 Jul 2022 19:58:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 02 Mar 2024 07:48:43 GMT
UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v12/ 		37 KB
37 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=DM+Serif+Text:ital@0;1&family=Inter:wght@400;500;600;700;800&family=Raleway:wght@400;500;600;700;800&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
450f3ba4e47ee174bd9692b396f264b907d37d2528f53911760f3d0edb785f7e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://oddshapeshadow.newm.io
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 09:17:36 GMT
x-content-type-options
nosniff
age
415143
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37924
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 20:54:46 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 01 Mar 2024 09:17:36 GMT
profile-cropped.8fb1dc7faed11a4b5ecd.webp
oddshapeshadow.newm.io/static/media/ 		50 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://oddshapeshadow.newm.io/static/media/profile-cropped.8fb1dc7faed11a4b5ecd.webp
Requested by
Host: oddshapeshadow.newm.io
URL: https://oddshapeshadow.newm.io/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6284b9ab9e4b15cc24f8b3a1fcbe9cd70280467d402f5cb2a3ec6cd5dad87bfa
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://oddshapeshadow.newm.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 04:36:39 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-yyz4578-YYZ
last-modified
Thu, 02 Mar 2023 21:29:58 GMT
server
cloudflare
x-timer
S1678112106.481629,VS0,VE1
etag
W/"47f8882ea880a538cd956279f51c05b6075383163cf359d7c8b5197ea4f157a7"
vary
x-fh-requested-host, accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qBjesgHqDebxxeNSo%2Ffs8zYjcFWr3dhtrhgOGoe9gEoVm8y6uXo5O%2B7qNyr8nqEn68qTnb9afWbcbYpgBMNnrNl7ZIYLgXEH3KBNDC0FmWNDaZ3JBN%2BXKtsjHS69k6jhXwO2Nl%2FfWrs5nh8fIi9wLNt6W5Cz"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=43200
cf-ray
7a402381ddf3b8e8-AMS
x-cache-hits
1
album-art@80.8f2291b086f093e737f1.webp
oddshapeshadow.newm.io/static/media/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://oddshapeshadow.newm.io/static/media/album-art@80.8f2291b086f093e737f1.webp
Requested by
Host: oddshapeshadow.newm.io
URL: https://oddshapeshadow.newm.io/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d21fde4a3ef998f57b1e141c9ac31f0f5f5adbea521a238e2afaac77113b0c2
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://oddshapeshadow.newm.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 04:36:39 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1838
x-served-by
cache-yyz4564-YYZ
last-modified
Thu, 02 Mar 2023 21:29:58 GMT
server
cloudflare
x-timer
S1678112106.466900,VS0,VE1
etag
"beaecba9aeb7fb02f20620a4cee9e9086b99900ab760aea8c1287bd17bde8093"
vary
x-fh-requested-host, accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hMf1YvGF86VIBDHPf1Zc6jZx7B8zsOC1%2BPHR0TSrl1%2FdUrGCi%2BIWuUZNUcr83nhGtJrxSvRW29QOoONzygtQH9q%2BG4vkSUTHxo2bmC9mVtXyiqcJbbseuSeaoLvVrkyvQB3Ye6U9vVRZu%2BvSR8tS4iBZVObw"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=43200
accept-ranges
bytes
cf-ray
7a402381ddf4b8e8-AMS
x-cache-hits
1
pool-pm-icon.6c45e1cf36d6d3f1b2d2.png
oddshapeshadow.newm.io/static/media/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://oddshapeshadow.newm.io/static/media/pool-pm-icon.6c45e1cf36d6d3f1b2d2.png
Requested by
Host: oddshapeshadow.newm.io
URL: https://oddshapeshadow.newm.io/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a325be38da0c3102aaa06ad81508ee37600cd9ec121ad85a1b3704e4fc121f34
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://oddshapeshadow.newm.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 04:36:39 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-yyz4549-YYZ
last-modified
Thu, 02 Mar 2023 21:29:58 GMT
server
cloudflare
x-timer
S1678112106.489681,VS0,VE1
etag
W/"6f05c10e7bc69bf59da1324bd42767091520441dbe37327fc13e5769892c7d83"
vary
x-fh-requested-host, accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wup0XJiqLNS8oHOLBol6q%2BAmAfHSUqdDimwIVOvr3Gp6sHnmOFF9SXujGQWjODcuhg43dH6ivu5koSzwdlcU1Mj3S6c%2BzZtjWdzGum%2FzVWoVRJWW7KtIDqbZfFbXQ9IdfB5pYc2NnuOrlgcw9PoiZcyxMhsB"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=43200
cf-ray
7a402381ddf6b8e8-AMS
x-cache-hits
1
profile-cut.2f899ef3d2a992e7a636.webp
oddshapeshadow.newm.io/static/media/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://oddshapeshadow.newm.io/static/media/profile-cut.2f899ef3d2a992e7a636.webp
Requested by
Host: oddshapeshadow.newm.io
URL: https://oddshapeshadow.newm.io/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
694446c37137cd364dc2cd08d356fdf3f11f9ff0b83ebbf5c23c5adcf40500c4
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://oddshapeshadow.newm.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 04:36:39 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-yyz4523-YYZ
last-modified
Thu, 02 Mar 2023 21:29:58 GMT
server
cloudflare
x-timer
S1678112106.467255,VS0,VE1
etag
W/"9d7cefd024a37749e910251f0be8072d2a40e379741f1cb4421d599334a56f0e"
vary
x-fh-requested-host, accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=To%2Bul0cInvNplTNeoDWH0uzHbsAMk3GbxbaLELGqTrmvNsuVpf2jJHU4ZYUFV9zTNSKr3kxv6b9jp%2FGWOXGpwMcCqYkHbk3mWPkG%2BLF028qmnGXx8siXXn7s7gE%2B3oAfVWBtEritd3Xpvz2grrsBi5YZpJms"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=43200
cf-ray
7a402381ddf7b8e8-AMS
x-cache-hits
1
ftSaleBundles
api.phyrhose.io/firehose/ 		225 B
477 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.phyrhose.io/firehose/ftSaleBundles?projectId=18
Requested by
Host: oddshapeshadow.newm.io
URL: https://oddshapeshadow.newm.io/static/js/main.b5de25a1.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.169.23 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3222213.ip-162-19-169.eu
Software
nginx /
Resource Hash
ba610e3a1a6314a141ca2523507369a7f622a6e46a901bc33727926f4a095ce4

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://oddshapeshadow.newm.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Tue, 07 Mar 2023 04:36:39 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://oddshapeshadow.newm.io
Access-Control-Allow-Credentials
true
Connection
keep-alive
query
www.alphavantage.co/ 		215 B
434 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.alphavantage.co/query?function=CRYPTO_INTRADAY&symbol=ADA&market=USD&interval=5min&apikey=undefined
Requested by
Host: oddshapeshadow.newm.io
URL: https://oddshapeshadow.newm.io/static/js/main.b5de25a1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:1702 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c7d1922049dcee885744c064435f1e08908552ae382e670f538f765b422aa5d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://oddshapeshadow.newm.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 04:36:39 GMT
via
1.1 vegur
x-content-type-options
nosniff
referrer-policy
same-origin
cf-cache-status
DYNAMIC
server
cloudflare
cross-origin-opener-policy
same-origin
content-encoding
gzip
vary
Cookie, Origin
allow
GET, HEAD, OPTIONS
content-type
application/json
x-frame-options
DENY
access-control-allow-origin
*
cf-ray
7a4023826e419273-FRA
invisible.js
oddshapeshadow.newm.io/cdn-cgi/challenge-platform/h/b/scripts/alpha/ Frame 769F 		29 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oddshapeshadow.newm.io/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1678161600
Requested by
Host: oddshapeshadow.newm.io
URL: https://oddshapeshadow.newm.io/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e5ce78e3504adb0a9463fabebd0573408a0af2559a69e8e377e312773770c256
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 04:36:39 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
content-encoding
br
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FavufOl3QJp76GvzQaEBB6BnYjUADFATkw9HaPLjBvPyTmgVyvK0C0nV9P01DWog8Cf6CFQ%2F1R4m9dOEHRFAy1QZ6PI1XEixQpZfXQrHqw0%2FVYddPFBontKcCiFPMMD5nTeMGfWr87sMbL2%2BomggtoMpaTgO"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
x-control-type-options
nosniff
cf-ray
7a402381ddf8b8e8-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
recaptcha__nl.js
www.gstatic.com/recaptcha/releases/8G7OPK94bhCRbT0VqyEVpQNj/ 		405 KB
162 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/8G7OPK94bhCRbT0VqyEVpQNj/recaptcha__nl.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=explicit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee87ed3eb5298f31897f9350514e9f58824aae91d7051547cfa4b31f153eb004
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://oddshapeshadow.newm.io/
Origin
https://oddshapeshadow.newm.io
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 01 Mar 2023 11:26:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
493832
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
165471
x-xss-protection
0
last-modified
Tue, 28 Feb 2023 18:46:06 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 29 Feb 2024 11:26:07 GMT
pica.js
oddshapeshadow.newm.io/cdn-cgi/challenge-platform/h/b/scripts/ Frame 769F 		7 KB
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://oddshapeshadow.newm.io/cdn-cgi/challenge-platform/h/b/scripts/pica.js
Requested by
Host: oddshapeshadow.newm.io
URL: https://oddshapeshadow.newm.io/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf50ad72fe688e969eb83ed4070513fe034b069339da5335b7254c771a6a43e6
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 04:36:39 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
content-encoding
br
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tu6GuFM5zHFPrnPxR81WOWDdVL5mBHLrwPOa6RO0QOHgHSNjZHPpn6aLUr118jaUZ1v0m28L9yXIBupFx0zgkUWqnN0ZmxztdAG5MxKHuo%2BfLmj%2F%2BzR%2Fh2YGJVmumFpRr9PJb5G6JU%2FrRLg0P7vfBlaCddCi"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
x-control-type-options
nosniff
cf-ray
7a4023825e54b8e8-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
price
api.coingecko.com/api/v3/simple/ 		28 B
891 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.coingecko.com/api/v3/simple/price?ids=cardano&vs_currencies=usd
Requested by
Host: oddshapeshadow.newm.io
URL: https://oddshapeshadow.newm.io/static/js/main.b5de25a1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1d78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aaef7cf9a0bf6850390b670d1b9a333c40385651c4bbd61fda9ed48102dad0cb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://oddshapeshadow.newm.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 04:36:39 GMT
access-control-request-method
*
x-content-type-options
nosniff
cf-cache-status
EXPIRED
content-encoding
br
x-permitted-cross-domain-policies
none
alternate-protocol
443:npn-spdy/2
x-xss-protection
0
x-request-id
85c30695-acf6-477e-a889-357f69a1ce12
x-runtime
0.003475
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"aab84a29c037a7ddaea0f82fbbbb58d8"
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-max-age
7200
access-control-allow-methods
POST, PUT, DELETE, GET, OPTIONS
access-control-allow-origin
*
access-control-expose-headers
link, per-page, total
cache-control
public, max-age=120
content-type
application/json; charset=utf-8
vary
Accept-Encoding, Origin
cf-ray
7a402383e8c00a61-AMS
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
expires
Tue, 07 Mar 2023 04:38:39 GMT
anchor
www.google.com/recaptcha/api2/ Frame F7E0 		42 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdlSAQiAAAAAH703qbQ3WO_OilAviLIo3am7Z2H&co=aHR0cHM6Ly9vZGRzaGFwZXNoYWRvdy5uZXdtLmlvOjQ0Mw..&hl=nl&v=8G7OPK94bhCRbT0VqyEVpQNj&size=invisible&cb=q3j3s4dxkdf4
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/8G7OPK94bhCRbT0VqyEVpQNj/recaptcha__nl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
cd368aa78f205be6554ce8af49e7a48f70951bcb144eddd05038d2e132b938c8
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-h7jZ5h8azggpv2_QULSfpQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://oddshapeshadow.newm.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
22559
content-security-policy
script-src 'report-sample' 'nonce-h7jZ5h8azggpv2_QULSfpQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 07 Mar 2023 04:36:39 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
styles__ltr.css
www.gstatic.com/recaptcha/releases/8G7OPK94bhCRbT0VqyEVpQNj/ Frame F7E0 		55 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/8G7OPK94bhCRbT0VqyEVpQNj/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdlSAQiAAAAAH703qbQ3WO_OilAviLIo3am7Z2H&co=aHR0cHM6Ly9vZGRzaGFwZXNoYWRvdy5uZXdtLmlvOjQ0Mw..&hl=nl&v=8G7OPK94bhCRbT0VqyEVpQNj&size=invisible&cb=q3j3s4dxkdf4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 22:09:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
541618
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24605
x-xss-protection
0
last-modified
Tue, 28 Feb 2023 18:46:06 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 28 Feb 2024 22:09:42 GMT
recaptcha__nl.js
www.gstatic.com/recaptcha/releases/8G7OPK94bhCRbT0VqyEVpQNj/ Frame F7E0 		405 KB
162 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/8G7OPK94bhCRbT0VqyEVpQNj/recaptcha__nl.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdlSAQiAAAAAH703qbQ3WO_OilAviLIo3am7Z2H&co=aHR0cHM6Ly9vZGRzaGFwZXNoYWRvdy5uZXdtLmlvOjQ0Mw..&hl=nl&v=8G7OPK94bhCRbT0VqyEVpQNj&size=invisible&cb=q3j3s4dxkdf4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee87ed3eb5298f31897f9350514e9f58824aae91d7051547cfa4b31f153eb004
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 01 Mar 2023 11:26:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
493833
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
165471
x-xss-protection
0
last-modified
Tue, 28 Feb 2023 18:46:06 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 29 Feb 2024 11:26:07 GMT
7a402354ec510e60
oddshapeshadow.newm.io/cdn-cgi/challenge-platform/h/b/cv/result/ Frame 769F 		2 B
694 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://oddshapeshadow.newm.io/cdn-cgi/challenge-platform/h/b/cv/result/7a402354ec510e60
Requested by
Host: oddshapeshadow.newm.io
URL: https://oddshapeshadow.newm.io/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1678161600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 07 Mar 2023 04:36:40 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
content-encoding
br
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GPmWykxTZ66liqAEunJSbw2WfZWKLDdb%2Ft8NoaOnZOUbv18whSFXfHlLCzmolHkFLcOj1PjKP3JLkKuE1YoxcfxaGlgleZc5gBGd0yGDTWoiIOg6eQinWBpUwc2VtFDyRMBjp77QIe%2FilYw8sJJ%2BZzzMeU1N"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
7a4023885a1cb8e8-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame F7E0 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/8G7OPK94bhCRbT0VqyEVpQNj/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/8G7OPK94bhCRbT0VqyEVpQNj/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 01:14:34 GMT
x-content-type-options
nosniff
age
444126
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Thu, 09 Mar 2023 01:14:34 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame F7E0 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdlSAQiAAAAAH703qbQ3WO_OilAviLIo3am7Z2H&co=aHR0cHM6Ly9vZGRzaGFwZXNoYWRvdy5uZXdtLmlvOjQ0Mw..&hl=nl&v=8G7OPK94bhCRbT0VqyEVpQNj&size=invisible&cb=q3j3s4dxkdf4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 15:27:04 GMT
x-content-type-options
nosniff
age
392976
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 01 Mar 2024 15:27:04 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame F7E0 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdlSAQiAAAAAH703qbQ3WO_OilAviLIo3am7Z2H&co=aHR0cHM6Ly9vZGRzaGFwZXNoYWRvdy5uZXdtLmlvOjQ0Mw..&hl=nl&v=8G7OPK94bhCRbT0VqyEVpQNj&size=invisible&cb=q3j3s4dxkdf4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 01 Mar 2023 18:28:44 GMT
x-content-type-options
nosniff
age
468476
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 29 Feb 2024 18:28:44 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame F7E0 		102 B
134 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=nl&v=8G7OPK94bhCRbT0VqyEVpQNj
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdlSAQiAAAAAH703qbQ3WO_OilAviLIo3am7Z2H&co=aHR0cHM6Ly9vZGRzaGFwZXNoYWRvdy5uZXdtLmlvOjQ0Mw..&hl=nl&v=8G7OPK94bhCRbT0VqyEVpQNj&size=invisible&cb=q3j3s4dxkdf4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
0e1eed856b04a75b17faace7a3326ea2469f2dc6e09c4b3cd130b4ae24676fbe
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdlSAQiAAAAAH703qbQ3WO_OilAviLIo3am7Z2H&co=aHR0cHM6Ly9vZGRzaGFwZXNoYWRvdy5uZXdtLmlvOjQ0Mw..&hl=nl&v=8G7OPK94bhCRbT0VqyEVpQNj&size=invisible&cb=q3j3s4dxkdf4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 04:36:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
112
x-xss-protection
1; mode=block
expires
Tue, 07 Mar 2023 04:36:40 GMT

Verdicts & Comments Add Verdict or Comment

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 boolean| credentialless object| webpackChunkartist_portal number| 2f1acc6c3a606b082e5eef5e54414ffb object| regeneratorRuntime function| _ function| HowlerGlobal object| Howler function| Howl function| Sound object| Wallets object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| recaptcha object| closure_lm_913077

1 Cookies

Domain/Path Name / Value
.newm.io/ Name: __cf_bm
Value: SzetqKzfM5ZPsrhrwz66DQIU_S872RGNu7uTeqPxzyc-1678163800-0-AZqJU76AVCZWLLzX3km9yjwwFiTSKcIBqKjuT37Rwl/Wah3wdEAE8bdun5Ac6RLhr+bewcZN8qBPEj990U1XOWn1CkVbmapX2TafGBGCrA5xDt1KCARGL5Ifh0g9YdGRvg==

1 Console Messages

Source Level URL
Text
other warning URL: https://oddshapeshadow.newm.io/static/js/main.b5de25a1.js
Message:
The AudioContext was not allowed to start. It must be resumed (or created) after a user gesture on the page. https://goo.gl/7K7WLu

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.coingecko.com
api.phyrhose.io
fonts.googleapis.com
fonts.gstatic.com
i.postimg.cc
oddshapeshadow.newm.io
www.alphavantage.co
www.google.com
www.gstatic.com
162.19.169.23
162.19.61.80
2606:4700:10::ac43:1702
2606:4700::6812:1d78
2a00:1450:4001:806::2003
2a00:1450:4001:812::200a
2a00:1450:4001:830::2004
2a00:1450:400d:806::2003
2a06:98c1:3120::3
0e1eed856b04a75b17faace7a3326ea2469f2dc6e09c4b3cd130b4ae24676fbe
1792fabdea4db859b0f0e4a3ae80901bf9c37a9fda9fa96b169b2c0a715b768a
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
28ea0d0072aa5e0f9a3721a12bcb7d38aef27c9c539ced29e34583e09da2e6cc
3d21fde4a3ef998f57b1e141c9ac31f0f5f5adbea521a238e2afaac77113b0c2
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
405ceee1c2f5c31f1cb94ebc63d49a43fddd1471c2c7401a01c7c11bb1d93826
450f3ba4e47ee174bd9692b396f264b907d37d2528f53911760f3d0edb785f7e
453295e8a56548c8f7e0f68296b09c248febde870e60666911357528a9f1f93b
493de3c2fe0d2d4b0977011865ddb3159916f039417a1653a279e687bd8b0059
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5ba1e7add4435fa95ffaa946a68dbea1c66b0c5a5dcf671159322a82321e7db8
5f91d331939af69daf81e3f67fa380d6d3656c581fad75fd2a542495d774fe70
6284b9ab9e4b15cc24f8b3a1fcbe9cd70280467d402f5cb2a3ec6cd5dad87bfa
694446c37137cd364dc2cd08d356fdf3f11f9ff0b83ebbf5c23c5adcf40500c4
6c7d1922049dcee885744c064435f1e08908552ae382e670f538f765b422aa5d
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
a325be38da0c3102aaa06ad81508ee37600cd9ec121ad85a1b3704e4fc121f34
aaef7cf9a0bf6850390b670d1b9a333c40385651c4bbd61fda9ed48102dad0cb
ab4d811da60cb069f8236b0fc6589e21d9ff2de84cbc711d1dab50004ce661f3
ba610e3a1a6314a141ca2523507369a7f622a6e46a901bc33727926f4a095ce4
cd368aa78f205be6554ce8af49e7a48f70951bcb144eddd05038d2e132b938c8
cf50ad72fe688e969eb83ed4070513fe034b069339da5335b7254c771a6a43e6
e5ce78e3504adb0a9463fabebd0573408a0af2559a69e8e377e312773770c256
ee87ed3eb5298f31897f9350514e9f58824aae91d7051547cfa4b31f153eb004