safeshadow.com Open in urlscan Pro
2606:4700:3031::ac43:9779 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://safeshadow.com/
Submission: On November 04 via automatic, source certstream-suspicious (November 4th 2021, 12:14:54 am UTC) — Scanned from DE

Summary HTTP 41 Redirects Behaviour Indicators

Summary

This website contacted 19 IPs in 3 countries across 17 domains to perform 41 HTTP transactions. The main IP is 2606:4700:3031::ac43:9779, located in United States and belongs to CLOUDFLARENET, US. The main domain is safeshadow.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on November 4th 2021. Valid for: a year.

This is the only time safeshadow.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
19	2606:4700:303... 2606:4700:3031::ac43:9779	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
2	192.0.76.3 192.0.76.3	2635 (AUTOMATTIC) (AUTOMATTIC)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:3b	20446 (HIGHWINDS3) (HIGHWINDS3)
1 2	2.18.235.29 2.18.235.29	16625 (AKAMAI-AS) (AKAMAI-AS)
1	151.101.130.132 151.101.130.132	54113 (FASTLY) (FASTLY)
1	138.201.53.235 138.201.53.235	24940 (HETZNER-AS) (HETZNER-AS)
1	2606:4700::68... 2606:4700::6811:3635	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:20:... 2606:4700:20::ac43:47ec	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:8d8:100f... 2001:8d8:100f:f000::208	8560 (IONOS-AS ...) (IONOS-AS This is the joint network for IONOS)
1	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
2	142.250.186.35 142.250.186.35	15169 (GOOGLE) (GOOGLE)
1	172.217.18.98 172.217.18.98	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1 2	2.16.186.195 2.16.186.195	() ()
41	19

19 2606:4700:3031::ac43:9779 (United States)

ASN13335 (CLOUDFLARENET, US)

safeshadow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.0.76.3 (United States)

ASN2635 (AUTOMATTIC, US)

stats.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:3b (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.235.29 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-29.deploy.static.akamaitechnologies.com

www.faz.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.130.132 (United States)

ASN54113 (FASTLY, US)

static.spektrum.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 138.201.53.235 (Fellbach, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.235.53.201.138.clients.your-server.de

fscl01.fonpit.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:3635 (United States)

ASN13335 (CLOUDFLARENET, US)

content3.promiflash.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:47ec (United States)

ASN13335 (CLOUDFLARENET, US)

www.allround-pc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:8d8:100f:f000::208 (Germany)

ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE)

www.cruise4news.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.35 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f98.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.16.186.195 (None, ) 1 redirects

ASN- ()

bilder.bild.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	safeshadow.com safeshadow.com	476 KB
3	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com Failed	157 KB
2	bild.de 1 redirects bilder.bild.de	76 KB
2	gstatic.com fonts.gstatic.com	75 KB
2	doubleclick.net googleads.g.doubleclick.net	5 KB
2	faz.net 1 redirects www.faz.net	77 KB
2	wp.com stats.wp.com pixel.wp.com	3 KB
1	google.com adservice.google.com	549 B
1	google.de adservice.google.de	792 B
1	googleadservices.com partner.googleadservices.com	635 B
1	cruise4news.at www.cruise4news.at	276 KB
1	allround-pc.com www.allround-pc.com	130 KB
1	promiflash.de content3.promiflash.de	45 KB
1	fonpit.de fscl01.fonpit.de	97 KB
1	spektrum.de static.spektrum.de	78 KB
1	jquery.com code.jquery.com	33 KB
1	googleapis.com fonts.googleapis.com	2 KB
41	17

	Domain	Requested by
19	safeshadow.com	safeshadow.com
3	pagead2.googlesyndication.com	safeshadow.com pagead2.googlesyndication.com
2	bilder.bild.de	1 redirects
2	fonts.gstatic.com	fonts.googleapis.com
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	www.faz.net	1 redirects safeshadow.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.cruise4news.at	safeshadow.com
1	www.allround-pc.com	safeshadow.com
1	content3.promiflash.de	safeshadow.com
1	fscl01.fonpit.de	safeshadow.com
1	static.spektrum.de	safeshadow.com
1	pixel.wp.com	safeshadow.com
1	code.jquery.com	safeshadow.com
1	stats.wp.com	safeshadow.com
1	fonts.googleapis.com	safeshadow.com
0	tpc.googlesyndication.com Failed	pagead2.googlesyndication.com
41	19

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-11-04` - `2022-11-03`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.wp.com Sectigo RSA Domain Validation Secure Server CA	`2020-04-02` - `2022-07-05`	2 years	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-14` - `2022-08-14`	a year	crt.sh
static.spektrum.de R3	`2021-10-10` - `2022-01-08`	3 months	crt.sh
fscl01.fonpit.de R3	`2021-10-31` - `2022-01-29`	3 months	crt.sh
promiflash.de Cloudflare Inc ECC CA-3	`2021-06-01` - `2022-05-31`	a year	crt.sh
www.cruise4news.at GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1	`2021-05-31` - `2022-06-13`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://safeshadow.com/
Frame ID: 4B47D22F45FAB6E2577765EAF1A35344
Requests: 42 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211101/r20190131/zrt_lookup.html
Frame ID: 9E7DDD3C600A4A5502906FF6EA815BEA
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3059805454647315&output=html&adk=1812271804&adf=3025194257&lmt=1635984889&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fsafeshadow.com%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635984890581&bpp=4&bdt=1300&idt=1655&shv=r20211101&mjsv=m202110280101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3601154714565&frm=20&pv=2&ga_vid=1044471465.1635984892&ga_sid=1635984892&ga_hid=57436702&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063387%2C31063182&oid=2&pvsid=3515572837418247&pem=53&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=1669
Frame ID: F9A3E5934B33EE0FEB6ED488EFA1A097
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Safe Shadow

Page Statistics

41
Requests

93 %
HTTPS

56 %
IPv6

17
Domains

19
Subdomains

19
IPs

3
Countries

1529 kB
Transfer

3133 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 24

https://www.faz.net/ppmedia/1.7601462/mmobject-still_full HTTP 301
https://www.faz.net/ppmedia/aktuell/2830726946/1.7601462/mmobject-still_full/988e3f8a-3573-11ec-910e.jpg

Request Chain 41

https://bilder.bild.de/fotos/til-schweiger-musste-seine-premiere-absagen--diesen-text-schrieb-er-auf-instagram-acc3b91425b242eba3504891e56bde4c-78134310/Bild/1.bild.jpg HTTP 301
https://bilder.bild.de/fotos/til-schweiger-musste-seine-premiere-absagen--diesen-text-schrieb-er-auf-instagram-acc3b91425b242eba3504891e56bde4c-78134310/Bild/3.bild.jpg

41 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
safeshadow.com/ 149 KB
25 KB 428ms
398ms Document
text/html 2606:4700:3031::ac43:9779
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://safeshadow.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:9779 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d15af3ed34d282120975850781ec49f09d4177c94644c42d00805e7496a56ff2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Thu, 04 Nov 2021 00:14:49 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
link: <https://safeshadow.com/wp-json/>; rel="https://api.w.org/"
last-modified: Thu, 04 Nov 2021 00:14:49 GMT
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2HHKf4cBhDTPjhMOZ3cJXgL0rRRtcooD309qXIMTFAph683o1%2F9fNRoskj42vxP2HpNtJrV0P6EO9QuEOMTCwfsGkpBfQYEzFNZqaPNalkVcJflOvS9fuwMchB6kpWoLrX27cFNKtfrM1PG8Ew%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6a89a4f38a6f6925-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 css
fonts.googleapis.com/ 43 KB
2 KB 1185ms
815ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Muli%3A400%2C400i%2C600%2C600i%2C700%2C700i%2C800%2C800i%7COpen%20Sans%3A400%2C400i%2C600%2C600i%2C700%2C700i%2C800%2C800i%7CRoboto%3A400%2C400i%2C500%2C500i%2C700%2C700i&subset=latin%2Clatin-ext&display=swap

Requested by

Host: safeshadow.com
URL: https://safeshadow.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5f8a48428fbe9181d234b0025216336481b6ad6a50e4f79b6b7b49d2bfd8dcc9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://safeshadow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 04 Nov 2021 00:14:49 GMT
server: ESF
date: Thu, 04 Nov 2021 00:14:49 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires: Thu, 04 Nov 2021 00:14:49 GMT

GET
H2 200 style.min.css
safeshadow.com/wp-includes/css/dist/block-library/ 79 KB
11 KB 33ms
31ms Stylesheet
text/css 2606:4700:3031::ac43:9779
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://safeshadow.com/wp-includes/css/dist/block-library/style.min.css?ver=5.8.1

Requested by

Host: safeshadow.com
URL: https://safeshadow.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:9779 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://safeshadow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 04 Nov 2021 00:14:49 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Sun, 12 Sep 2021 09:44:58 GMT
server: cloudflare
etag: W/"613dcc1a-13abe"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sg5cB5GdlrMJe8AvtXLaFx%2BSM5VCf1FuBM0eCzE3z81ggWl%2Fwp%2FmndnGaz1dnDvmdFnQpDQrAW3DuNo8sP2eGjHBW50DAoORT4%2BK5Kc%2FlVP99xksJ334hf%2FZH5LikTUy61h0aOR4a4t3tROdkA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
vary: Accept-Encoding
cache-control: public, max-age=2592000
cf-ray: 6a89a4f6283c6925-FRA
expires: Thu, 25 Nov 2021 07:34:25 GMT

GET
H2 200 mediaelementplayer-legacy.min.css
safeshadow.com/wp-includes/js/mediaelement/ 11 KB
3 KB 34ms
31ms Stylesheet
text/css 2606:4700:3031::ac43:9779
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://safeshadow.com/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.16

Requested by

Host: safeshadow.com
URL: https://safeshadow.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:9779 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://safeshadow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 04 Nov 2021 00:14:49 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Sun, 12 Sep 2021 09:44:57 GMT
server: cloudflare
etag: W/"613dcc19-2bf8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZC1MotoZuP2da5EXmTEmgd4pocIPd%2FE8LgaoSRFV0Pp5IaCx9CYV0S8iBv66YYu1UKldfXeIhzbtCorKWeerVAVI5KfL2hFjIygYh7jx5atwbMal3jifNfAl5MwfQDyg0Q69Avyc9gYmjRBpYg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
vary: Accept-Encoding
cache-control: public, max-age=2592000
cf-ray: 6a89a4f6283e6925-FRA
expires: Thu, 25 Nov 2021 07:45:02 GMT

GET
H2 200 wp-mediaelement.min.css
safeshadow.com/wp-includes/js/mediaelement/ 4 KB
1 KB 19ms
18ms Stylesheet
text/css 2606:4700:3031::ac43:9779
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://safeshadow.com/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=5.8.1

Requested by

Host: safeshadow.com
URL: https://safeshadow.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:9779 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://safeshadow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 04 Nov 2021 00:14:49 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2072497
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Fri, 04 Dec 2020 10:14:30 GMT
server: cloudflare
etag: W/"5fca0c06-105a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=drIhe4mWZkosPfMYMXMpBebJds3oMpaFRRojxbu%2BKB5fjOFyCwsYmFzkTU3L6hg%2F723we2Bbg2eKK3CjHXZ2H7dHFeQZGJLxzScJ6871qls2eQodbpk%2FitexWPJRBYE8Q7bFhgpyb0kb7jxaDw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
vary: Accept-Encoding
cache-control: public, max-age=2592000
cf-ray: 6a89a4f628426925-FRA
expires: Tue, 12 Oct 2021 09:45:15 GMT

GET
H2 200 style.css
safeshadow.com/wp-content/themes/everest-news-pro/ 2 KB
1 KB 31ms
29ms Stylesheet
text/css 2606:4700:3031::ac43:9779
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://safeshadow.com/wp-content/themes/everest-news-pro/style.css?ver=5.8.1

Requested by

Host: safeshadow.com
URL: https://safeshadow.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:9779 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1d243a2ec062d68981cc916eb24c9a8102fa5739e4fdc67a543f3c46df234756

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://safeshadow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 04 Nov 2021 00:14:49 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Wed, 27 Jan 2021 02:57:28 GMT
server: cloudflare
etag: W/"6010d698-600"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D%2FojUO1KajQr%2Fpo4e6sMugZDPTodAJqazpqXK%2BKp8YACcuRO8MuKhEs6mZkdE79g6CsqMVfnIhqK6%2Bt81LlEe%2B%2Btt1qnapHwL9kk9u0ISxcS71KxwnXN67%2FEBNkMpm0qZAl1SCY2nGDZYcIB8w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
vary: Accept-Encoding
cache-control: public, max-age=2592000
cf-ray: 6a89a4f628436925-FRA
expires: Thu, 25 Nov 2021 07:45:02 GMT

GET
H2 200 main.css
safeshadow.com/wp-content/themes/everest-news-pro/assets/dist/css/ 325 KB
51 KB 21ms
20ms Stylesheet
text/css 2606:4700:3031::ac43:9779
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://safeshadow.com/wp-content/themes/everest-news-pro/assets/dist/css/main.css?ver=5.8.1

Requested by

Host: safeshadow.com
URL: https://safeshadow.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:9779 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1682d42650a9e6fc16fb5002bae0f9f712d9f08fe0500846d5afa928fc654139

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://safeshadow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 04 Nov 2021 00:14:49 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2072497
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Wed, 27 Jan 2021 02:57:28 GMT
server: cloudflare
etag: W/"6010d698-514a5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3fWCjgnHzhDYsHstOY4sPD31YaVNawNkJ0H6NCNu4F7spt03NT%2F7zWcZKTQR1Tj%2BmYIJPjvU7cFPoiUXx9deuMb0gDcisXYQKAvlfialrfmq%2FVO26y5ToFFgqhN9Jw6UB%2FF6tSb88LfNMsDcmg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
vary: Accept-Encoding
cache-control: public, max-age=2592000
cf-ray: 6a89a4f628446925-FRA
expires: Tue, 12 Oct 2021 09:46:34 GMT

GET
H2 200 buttons.min.css
safeshadow.com/wp-includes/css/ 6 KB
2 KB 43ms
42ms Stylesheet
text/css 2606:4700:3031::ac43:9779
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://safeshadow.com/wp-includes/css/buttons.min.css?ver=5.8.1

Requested by

Host: safeshadow.com
URL: https://safeshadow.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:9779 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a263951ba358b2b766fe5e06c24a5869f2a67aeee53a4ba7d3b1f9d478fc3c34

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://safeshadow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 04 Nov 2021 00:14:49 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Sun, 12 Sep 2021 09:44:58 GMT
server: cloudflare
etag: W/"613dcc1a-16de"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rT7WW6RjhbnwEg%2F5tIIszz%2FWjYq9jzTn2xn6VwoEjn0b%2BdEuzeJ3%2FPgQmSQuP1kZBYlSgJ2wlLz%2Fz9S9Bz4pm5gCl1V%2Fd5oBZK6yEhDor4CqIqQxK4R00MSdgiVslWYDmzi4ty7FOxHATdYkXw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
vary: Accept-Encoding
cache-control: public, max-age=2592000
cf-ray: 6a89a4f628456925-FRA
expires: Wed, 24 Nov 2021 11:25:32 GMT

GET
H2 200 dashicons.min.css
safeshadow.com/wp-includes/css/ 58 KB
35 KB 41ms
40ms Stylesheet
text/css 2606:4700:3031::ac43:9779
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://safeshadow.com/wp-includes/css/dashicons.min.css?ver=5.8.1

Requested by

Host: safeshadow.com
URL: https://safeshadow.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:9779 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://safeshadow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 04 Nov 2021 00:14:49 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Sun, 12 Sep 2021 09:44:58 GMT
server: cloudflare
etag: W/"613dcc1a-e688"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U%2BqIno%2FdAQr2K6aWta1O4KBDH3DEgfLGpbVNrcMbD2lI9ERWDcsvtzZycwf8afu0Y5C1VTlovTfITf4L%2BJKcCoNO8qq24Llz6SlYFd9sY32GBNurnekY2LO6Vtw2AYu84NSPWKFrkHIMCpLGPw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
vary: Accept-Encoding
cache-control: public, max-age=2592000
cf-ray: 6a89a4f628496925-FRA
expires: Thu, 11 Nov 2021 11:00:21 GMT

GET
H2 200 media-views.min.css
safeshadow.com/wp-includes/css/ 46 KB
9 KB 33ms
32ms Stylesheet
text/css 2606:4700:3031::ac43:9779
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://safeshadow.com/wp-includes/css/media-views.min.css?ver=5.8.1

Requested by

Host: safeshadow.com
URL: https://safeshadow.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:9779 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ae2f2b2b04939f013c8c1b375fece8435e7d332fa3b439bce0bb50331ca7bcc6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://safeshadow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 04 Nov 2021 00:14:49 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Sun, 12 Sep 2021 09:44:58 GMT
server: cloudflare
etag: W/"613dcc1a-b7a8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VN8iXfMXLOlRG0P9J%2FF5sQKtFoPFOJTbJh2FfdZXYc%2BLugtZG96uD7lGUy1oCTUSl%2FIaCKEwaeiGzd8p9Jqs78zOVLWPmUqAUP9XIO7l6kb5sBbnvt1VqRCgddlfJNozgAW3Cq2TCPjb1gF3mA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
vary: Accept-Encoding
cache-control: public, max-age=2592000
cf-ray: 6a89a4f6284b6925-FRA
expires: Thu, 25 Nov 2021 07:45:02 GMT

GET
H2 200 imgareaselect.css
safeshadow.com/wp-includes/js/imgareaselect/ 790 B
591 B 33ms
33ms Stylesheet
text/css 2606:4700:3031::ac43:9779
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://safeshadow.com/wp-includes/js/imgareaselect/imgareaselect.css?ver=0.9.8

Requested by

Host: safeshadow.com
URL: https://safeshadow.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:9779 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

55a36298517619f755ac3c59b3c37cde07d3c2ce66526bf42df296bda945838c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://safeshadow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 04 Nov 2021 00:14:49 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Fri, 04 Dec 2020 10:14:30 GMT
server: cloudflare
etag: W/"5fca0c06-316"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zXgHqD%2FIXefffqA5%2BHBrQida0%2FqGmdLZS8X7BrRyUZ3pKDy4CioYLznjnZ4MG0HyjgL3amff8xyEC7iu17rLMXgbIKMYy85b4n2LyEWUacz5myYtDy%2F1%2Bto1MlHQtQBAtlCAJT2mEqGatKr4YA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
vary: Accept-Encoding
cache-control: public, max-age=2592000
cf-ray: 6a89a4f6284d6925-FRA
expires: Thu, 25 Nov 2021 08:37:15 GMT

GET
H2 200 jetpack.css
safeshadow.com/wp-content/plugins/jetpack/css/ 85 KB
17 KB 19ms
18ms Stylesheet
text/css 2606:4700:3031::ac43:9779
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://safeshadow.com/wp-content/plugins/jetpack/css/jetpack.css?ver=10.1

Requested by

Host: safeshadow.com
URL: https://safeshadow.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:9779 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4c71cab3e2b7defd9022059c922d2c91359df1ba71dd47e8543b108c70537f25

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://safeshadow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 04 Nov 2021 00:14:49 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2072497
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Sun, 12 Sep 2021 09:56:46 GMT
server: cloudflare
etag: W/"613dcede-1545b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8Rslp9v5uw5iN2Npig1%2FJDoiShrCj2fJPKYUHlGUEyJBjJrKQ2oWWK7JmwjXRwg0WDKB3luRES5g0o0TYnBRSP83KhHvW9ewF5cJPeObo58Ptf8ukMC2A%2FcEEd17fGGht%2Frk74Np5tRSJTzXeg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
vary: Accept-Encoding
cache-control: public, max-age=2592000
cf-ray: 6a89a4f6284e6925-FRA
expires: Tue, 12 Oct 2021 09:57:24 GMT

GET
H3 200 jquery.min.js Show response
safeshadow.com/wp-includes/js/jquery/ 87 KB
32 KB 22ms
22ms Script
application/javascript 2606:4700:3031::ac43:9779
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://safeshadow.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0

Requested by

Host: safeshadow.com
URL: https://safeshadow.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:9779 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://safeshadow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 04 Nov 2021 00:14:49 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1007854
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Sun, 12 Sep 2021 09:44:58 GMT
server: cloudflare
etag: W/"613dcc1a-15db1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FFYmcTKukZBN6b1Jkpwy2F5nUb%2BY02K73V%2Fy30gN2S%2FnKjrj%2BYGBrHADdNWRYCnhx3kZAFJ%2BwyxDOl8Cj19UpW%2Bzpgn2FFOsLMo9xHUYzY0VAHnmfiTUxjB%2B0OJDlaURYwNAB6usTaUuUF0oaQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: public, max-age=2592000
cf-ray: 6a89a4f67ef75373-FRA
expires: Thu, 11 Nov 2021 11:00:21 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 144 KB
51 KB 437ms
99ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: safeshadow.com
URL: https://safeshadow.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

46e95d53314b13b7edbb1bd6c9568f8e7d9c6167186b60920be84975ffca97aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://safeshadow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 04 Nov 2021 00:14:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51555
x-xss-protection: 0
server: cafe
etag: 10320450013290679480
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 04 Nov 2021 00:14:49 GMT

GET
H2 200 wp-polyfill.min.js Show response
safeshadow.com/wp-includes/js/dist/vendor/ 16 KB
6 KB 23ms
23ms Script
application/javascript 2606:4700:3031::ac43:9779
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://safeshadow.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0

Requested by

Host: safeshadow.com
URL: https://safeshadow.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:9779 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

293913879d30bab7499013e935009f5183facbddd63bfc9656a859622590b80b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://safeshadow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 04 Nov 2021 00:14:49 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 55219
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Sun, 12 Sep 2021 09:44:58 GMT
server: cloudflare
etag: W/"613dcc1a-4056"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o%2BIFK1BVduDzXD8YX0cd9zyTFDbU1bzctguR2BF%2BbztBOhYTr2RdV2OiXmqorzN1fc82iPtMPpKxMP0O01QSymiYrLCVr012qWx8GRg5JS72PaBAYw2DeOxhkb6XITfmrQ53g1xPhJMMHgWdOA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: public, max-age=2592000
cf-ray: 6a89a4f628616925-FRA
expires: Thu, 25 Nov 2021 07:45:02 GMT

GET
H2 200 hooks.min.js Show response
safeshadow.com/wp-includes/js/dist/ 5 KB
2 KB 17ms
17ms Script
application/javascript 2606:4700:3031::ac43:9779
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://safeshadow.com/wp-includes/js/dist/hooks.min.js?ver=a7edae857aab69d69fa10d5aef23a5de

Requested by

Host: safeshadow.com
URL: https://safeshadow.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:9779 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

04e6fb814fccce3a0aecb83be0bc24665cf3e6a5e993f296471a63708f63e138

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://safeshadow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 04 Nov 2021 00:14:49 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 55218
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Sun, 12 Sep 2021 09:44:57 GMT
server: cloudflare
etag: W/"613dcc19-1540"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hxWOP9ehxPIY62yaF4UCbMniolZqr3QGWZWA8U%2BoIw97G96wWobd3wfguZUUPMsHU8uFrksZrntjmxE8uAN26rENMLJjYtU0mjhtVb8yQQBMlIa9FdHe3jQR6lkjaE3zMouUmpBvOvuKJo6U9g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: public, max-age=2592000
cf-ray: 6a89a4f628626925-FRA
expires: Fri, 12 Nov 2021 13:09:37 GMT

GET
H2 200 i18n.min.js Show response
safeshadow.com/wp-includes/js/dist/ 10 KB
4 KB 23ms
23ms Script
application/javascript 2606:4700:3031::ac43:9779
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://safeshadow.com/wp-includes/js/dist/i18n.min.js?ver=5f1269854226b4dd90450db411a12b79

Requested by

Host: safeshadow.com
URL: https://safeshadow.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:9779 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dceda745a0fb58233a95eff6d10796026df6792cb960cdf675eb7b8a6750a2d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://safeshadow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 04 Nov 2021 00:14:49 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1007854
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Sun, 12 Sep 2021 09:44:57 GMT
server: cloudflare
etag: W/"613dcc19-268a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KdIonkwUavElVacEjNz7b6kjw1WLufu65nkrHqo%2FGNA%2BVO8G4DAXb8mbJieWXlRO68gnIvR4VDTMbVknsjn5odROxOKajzsXfSWrkYtTja2H7XRBFctV9fwjesw2z%2BgYnL0l3Gu2AY34HC4qSA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: public, max-age=2592000
cf-ray: 6a89a4f628656925-FRA
expires: Thu, 11 Nov 2021 11:00:21 GMT

GET
H2 200 e-202144.js Show response
stats.wp.com/ 9 KB
3 KB 27ms
6ms Script
application/javascript 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.wp.com/e-202144.js
Requested by: Host: safeshadow.com
URL: https://safeshadow.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 0ebbc7fba9a50d36ef5422345f624431710db4528f25749d1d438c2c10bb69f2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://safeshadow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-nc: HIT hhn
date: Thu, 04 Nov 2021 00:14:49 GMT
content-encoding: gzip
server: nginx
etag: W/"5c6340e3-350a"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
expires: Mon, 24 Oct 2022 05:44:33 GMT

GET
H3 200 lazyload.min.js Show response
safeshadow.com/wp-content/plugins/wp-rocket/assets/js/lazyload/16.1/ 8 KB
3 KB 36ms
36ms Script
application/javascript 2606:4700:3031::ac43:9779
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://safeshadow.com/wp-content/plugins/wp-rocket/assets/js/lazyload/16.1/lazyload.min.js

Requested by

Host: safeshadow.com
URL: https://safeshadow.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:9779 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6e86a52a9858206302e32036d89907e3ac87762055e7f9c6364aec33221b3e41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://safeshadow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 04 Nov 2021 00:14:49 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Sun, 12 Sep 2021 10:03:12 GMT
server: cloudflare
etag: W/"613dd060-1ed2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DEYZUxNsbtXxBh9v004brEOMM1R3Jki23mLekpRxL88XTsjddxwJd%2B7OARrX%2FdIkCHYg1AzuMx3MMxQFWejqxx8cA6H42JaWIFxRFpQ5tPLa4Dfu3HpetDKxtk0cgKNtnzl8U00wKGJ2o755Ww%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: public, max-age=2592000
cf-ray: 6a89a4f67f025373-FRA
expires: Thu, 25 Nov 2021 07:34:26 GMT

GET
H3 200 a0d34328a6d4d21ec3de8754ecca71a0.js Show response
safeshadow.com/wp-content/cache/min/1/ 753 KB
206 KB 43ms
43ms Script
application/javascript 2606:4700:3031::ac43:9779
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://safeshadow.com/wp-content/cache/min/1/a0d34328a6d4d21ec3de8754ecca71a0.js

Requested by

Host: safeshadow.com
URL: https://safeshadow.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:9779 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0de736fd37cf9e76c9188b74ddbcb9d8f3926cedfd87878e5f533e196e0b0dc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://safeshadow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 04 Nov 2021 00:14:49 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Tue, 14 Sep 2021 07:54:41 GMT
server: cloudflare
etag: W/"61405541-3397b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QzCc1GRol4NybCcQ8m6B3xuz2Z%2F7fkBSDq8kMXKE3omPSI%2B%2Bk1FyqZVsAz%2Bfivl%2FKI5EvnkF07twFUAeVZxgNG0s3rkRfRhb8EWZA1ZuAf1VPDaq16Fq7E65pguml5Y6lap3W368ku4O25QTQA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: public, max-age=2592000
cf-ray: 6a89a4f67f045373-FRA
expires: Sat, 13 Nov 2021 08:04:14 GMT

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2bed97a07ba4c770aeb551861ab1407403455ec1de7d15eb2da8dc9c36a4711c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 37 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3 200 fa-solid-900.woff2
safeshadow.com/wp-content/themes/everest-news-pro/assets/dist/fonts/fontAwesome/ 58 KB
59 KB 47ms
47ms Font
font/woff2 2606:4700:3031::ac43:9779
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://safeshadow.com/wp-content/themes/everest-news-pro/assets/dist/fonts/fontAwesome/fa-solid-900.woff2

Requested by

Host: safeshadow.com
URL: https://safeshadow.com/wp-content/themes/everest-news-pro/assets/dist/css/main.css?ver=5.8.1

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:9779 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a83079124373d924ad1402fbc08d2e24d0043234d4c26565f1c368745f55f5d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://safeshadow.com/wp-content/themes/everest-news-pro/assets/dist/css/main.css?ver=5.8.1
Origin: https://safeshadow.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 04 Nov 2021 00:14:49 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 59572
x-xss-protection: 1; mode=block
last-modified: Wed, 27 Jan 2021 02:57:28 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "6010d698-e8b4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=huFXQXafaGJARWamzFEvZXZ6Kr%2BIN23%2F3F%2FpoW7dQquvc1UvjgQI0%2B9hQ%2FJod5dPOR9MsesQyPgbusa0HCYb%2B428Vd3wxROy%2BWxEwkSntWROCIi6f35lMgqJGBPylUvZ3HIh%2B2ZoECOF1L2Iqw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 6a89a4f68f215373-FRA
expires: Thu, 25 Nov 2021 07:34:26 GMT

GET
H2 200 jquery-1.8.2.min.js Show response
code.jquery.com/ 91 KB
33 KB 53ms
19ms Script
application/javascript 2001:4de0:ac18::1:a:3b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-1.8.2.min.js
Requested by: Host: safeshadow.com
URL: https://safeshadow.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:3b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: f554d2f09272c6f71447ebfe4532d3b1dd1959bce669f9a5ccc99e64ef511729

Request headers

Referer: https://safeshadow.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Thu, 04 Nov 2021 00:14:49 GMT
content-encoding: gzip
last-modified: Fri, 24 Oct 2014 00:16:07 GMT
server: nginx
etag: W/"54499a47-16cfb"
vary: Accept-Encoding
x-hw: 1635984889.dop250.am5.t,1635984889.cds256.am5.hn,1635984889.cds247.am5.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 33384

GET
H2 200 g.gif
pixel.wp.com/ 50 B
93 B 7ms
6ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/g.gif?v=ext&j=1%3A10.1&blog=118601662&post=0&tz=2&srv=safeshadow.com&host=safeshadow.com&ref=&fcp=564&rand=0.7142111584582267
Requested by: Host: safeshadow.com
URL: https://safeshadow.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://safeshadow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 04 Nov 2021 00:14:49 GMT
cache-control: no-cache
server: nginx
content-length: 50
content-type: image/gif

GET
H/1.1

200
OK

988e3f8a-3573-11ec-910e.jpg
www.faz.net/ppmedia/aktuell/2830726946/1.7601462/mmobject-still_full/
Redirect Chain

https://www.faz.net/ppmedia/1.7601462/mmobject-still_full
https://www.faz.net/ppmedia/aktuell/2830726946/1.7601462/mmobject-still_full/988e3f8a-3573-11ec-910e.jpg

76 KB
77 KB

16ms
16ms

Image
image/jpeg

2.18.235.29
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.faz.net/ppmedia/aktuell/2830726946/1.7601462/mmobject-still_full/988e3f8a-3573-11ec-910e.jpg
Requested by: Host: safeshadow.com
URL: https://safeshadow.com/
Protocol: HTTP/1.1
Server: 2.18.235.29 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-29.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: c8177ae233643f4154383a023647879d08d61227b801f99c43483055ee82ec20

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://safeshadow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 04 Nov 2021 00:14:49 GMT
x-debug-laa
X-Debug-V-X-FAZPAY-JWT-Payload-Claim-PREMIUM
X-Debug-V-Sub
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP CURa ADMa DEVa TAIi PSAi PSDi OUR STP UNI COM NAV INT STA PRE"
X-Debug-V-X-FAZPAY-JWT-Payload-Raw
Content-Length: 77762
X-Request-ID: 44733052e3e78c562bf547bcb56b3811
Last-Modified: Mon, 25 Oct 2021 09:14:32 GMT
Server: nginx
Cache-Control: max-age=600, public
X-Debug-V-Cookie
X-Debug-V-jwt_type_faj
X-Debug-V-FAZPAY-JWT-Payload-Claim-ID
X-FAZPAY-Content: public
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/jpeg

Redirect headers

Date: Thu, 04 Nov 2021 00:14:49 GMT
x-debug-laa
X-Debug-V-FAZPAY-JWT-Payload-Claim-ID
X-Debug-V-X-FAZPAY-JWT-Payload-Claim-PREMIUM
Server: nginx
X-Debug-V-Cookie
X-Debug-V-jwt_type_faj
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP CURa ADMa DEVa TAIi PSAi PSDi OUR STP UNI COM NAV INT STA PRE"
Location: /ppmedia/aktuell/2830726946/1.7601462/mmobject-still_full/988e3f8a-3573-11ec-910e.jpg
X-FAZPAY-Content: public
X-Debug-V-X-FAZPAY-JWT-Payload-Raw
Connection: keep-alive
X-Debug-V-Sub
Content-Length: 0
X-Request-ID: 087867da33aea2b43051d123d09ea46a

GET
H2 200 2021-pr-new_tanager-3.jpg
static.spektrum.de/fm/912/ 77 KB
78 KB 32ms
7ms Image
image/webp 151.101.130.132
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.spektrum.de/fm/912/2021-pr-new_tanager-3.jpg?f=2000

Requested by

Host: safeshadow.com
URL: https://safeshadow.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.132 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

75c535ae1d09d2e32d12b0175d4d3a211ba711daac79f5f8543544fbaeddc95c

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://safeshadow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 04 Nov 2021 00:14:49 GMT
via: 1.1 varnish (Varnish/6.1), 1.1 varnish, 1.1 varnish
age: 37359
x-cache: MISS, HIT, HIT
fastly-io-info: ifsz=722590 idim=2760x2280 ifmt=jpeg ofsz=79008 odim=2000x1652 ofmt=webp
x-director: d_web
x-restarts: 0
fastly-stats: io=1
x-backend-request-url: /fm/912/2021-pr-new_tanager-3.jpg
content-length: 79008
x-served-by: cache-fra19166-FRA, cache-hhn4043-HHN
x-backend-name: web2
x-timer: S1635984890.545336,VS0,VE1
etag: "blBEM1ZGhrXdXZ8miB4c6druowKGQozW8AE72vtLAkU"
vary: Accept
strict-transport-security: max-age=300
content-type: image/webp
expires: Wed, 10 Nov 2021 13:52:10 GMT
cache-control: max-age=604800
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 NextPit-WhatsApp-sticker-suggestion-w782.png
fscl01.fonpit.de/userfiles/7715851/image/ 96 KB
97 KB 63ms
18ms Image
image/png 138.201.53.235
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fscl01.fonpit.de/userfiles/7715851/image/NextPit-WhatsApp-sticker-suggestion-w782.png
Requested by: Host: safeshadow.com
URL: https://safeshadow.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 138.201.53.235 Fellbach, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.235.53.201.138.clients.your-server.de
Software: nginx/1.10.3 /
Resource Hash: 443650f0b6d1008c918a9f485d99df09e73566dcd5988913cdeedd2930585e83

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://safeshadow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 04 Nov 2021 00:14:49 GMT
last-modified: Tue, 02 Nov 2021 11:48:03 GMT
server: nginx/1.10.3
etag: "61812573-1817e"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 98686
expires: Fri, 04 Nov 2022 00:14:49 GMT

GET
H2 200 henning-merten-schaut-in-die-kamera-2.jpg
content3.promiflash.de/article-images/video_480/ 44 KB
45 KB 46ms
17ms Image
image/jpeg 2606:4700::6811:3635
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content3.promiflash.de/article-images/video_480/henning-merten-schaut-in-die-kamera-2.jpg

Requested by

Host: safeshadow.com
URL: https://safeshadow.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:3635 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b21ceb8c89eff5c68a31cc3554d02f0b69b5dbaeac82f900693c4a750d379910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://safeshadow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 04 Nov 2021 00:14:49 GMT
via: 1.1 ba5b5e2e7fd98c4a472633bc4c1d4480.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 1886
cf-polished: origSize=46577
cf-ray: 6a89a4f7a9eed6e5-FRA
x-cache: Hit from cloudfront
last-modified: Thu, 12 Nov 2020 15:15:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 44949
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "08c4318db342e68c20b70935f1f5c877"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: wtUJ7iGRtcHbH_mbx5BVqqBPPw13v6Ax
cache-control: public, max-age=2678400
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-type: image/jpeg
x-amz-cf-id: Ufz_0ZHem9DrZU3lTLQHkbCDgvO8_Ng6oY7jH18MQhZS3PYQBO-tDA==
expires: Sun, 05 Dec 2021 00:14:49 GMT

GET
DATA 200
OK truncated
/ 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d2437ddf45aa84303d14cc4569941c1ae58e8accca92216349c1332794015c6f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3 200 Safe-Shadow-Logo.png
safeshadow.com/wp-content/uploads/2020/12/ 6 KB
7 KB 34ms
34ms Image
image/png 2606:4700:3031::ac43:9779
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://safeshadow.com/wp-content/uploads/2020/12/Safe-Shadow-Logo.png

Requested by

Host: safeshadow.com
URL: https://safeshadow.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:9779 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

23c26457e9c68cc9521cf1ca70dd4f61a8b728589dbd0ec6d2ab4f2fefaa02eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://safeshadow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 04 Nov 2021 00:14:49 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 6440
x-xss-protection: 1; mode=block
last-modified: Sun, 06 Dec 2020 05:21:12 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5fcc6a48-1928"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EkwNvNzXai9xq2UYcm09tsc0R4gSYnS47D932H2ya7hXlFYcqoe4RV6lb3LV1mykfw5qo17fNuxgpGYsiE%2BQhM%2F86MaLS3y%2B9pn9qdtV6USCCBNPKTaTg7Pr%2F1SHFOH%2BItXMzhlkJnlHXLXmJg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 6a89a4f778ce5373-FRA
expires: Fri, 12 Nov 2021 07:57:16 GMT

GET
H2 200 Samsung-SSD-980-Test-3-1112x625.jpg
www.allround-pc.com/wp-content/uploads/2021/03/ 129 KB
130 KB 58ms
14ms Image
image/jpeg 2606:4700:20::ac43:47ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.allround-pc.com/wp-content/uploads/2021/03/Samsung-SSD-980-Test-3-1112x625.jpg

Requested by

Host: safeshadow.com
URL: https://safeshadow.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:47ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / W3 Total Cache/2.1.8

Resource Hash

66623e3b17d02738d1bc7f5bd27b398a6ff3d44f0f00b01dd6a75ec67e76747c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://safeshadow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 04 Nov 2021 00:14:49 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2048075
x-powered-by: W3 Total Cache/2.1.8
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 132098
x-xss-protection: 1; mode=block
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 28 Aug 2021 20:06:30 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "2066f-5caa422c06fc6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wn3mg5k%2BZYz1rg%2BDt45jxE5zTTRWL%2F%2B6%2BQejQpzPDXq1W0%2F4nmHHCr0egRZEfl4BDDQlO2ge1dbVZpoYH2V8EsHIr0UNznSgw%2FOk00pUexB1ITqJpzgMJMhyEmQhR0FLtT7IpV2Q9PLlF%2FkaLHQT6o%2BX"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
expires: Tue, 11 Oct 2022 07:20:14 GMT
cache-control: public, max-age=31536000
cf-polished: origSize=132719
accept-ranges: bytes
cf-ray: 6a89a4f8ef0e68ef-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 disney-magic-01.jpg
www.cruise4news.at/wp-content/uploads/2021/03/ 275 KB
276 KB 82ms
31ms Image
image/jpeg 2001:8d8:100f:f000::208
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cruise4news.at/wp-content/uploads/2021/03/disney-magic-01.jpg
Requested by: Host: safeshadow.com
URL: https://safeshadow.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:8d8:100f:f000::208 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: Apache /
Resource Hash: b0d41233a73c67be0b61fa41ec924260180170766c1eea571f2befad393516f7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://safeshadow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 04 Nov 2021 00:14:49 GMT
last-modified: Mon, 29 Mar 2021 23:02:03 GMT
server: Apache
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=10368000, public
accept-ranges: bytes
content-length: 281861
expires: Fri, 04 Mar 2022 00:14:49 GMT

GET
H3 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110280101/ 269 KB
97 KB 218ms
63ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110280101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3059805454647315&plah=safeshadow.com&bust=31063387

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5e7a6bb6af048160b1fba18ac6c5de445021152a675e7e74d543206b7d1d0764

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://safeshadow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 04 Nov 2021 00:14:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 98890
x-xss-protection: 0
server: cafe
etag: 10074202777150364861
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 04 Nov 2021 00:14:50 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20211101/r20190131/ Frame 9E7D 10 KB
5 KB 658ms
38ms Document
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20211101/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

9745d78c19b91ab26895980fdfdc81997e0397d58446db33584e5e4de1435845

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://safeshadow.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Wed, 03 Nov 2021 07:49:40 GMT
expires: Wed, 17 Nov 2021 07:49:40 GMT
content-type: text/html; charset=UTF-8
etag: 4894049669965931928
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4757
x-xss-protection: 0
age: 59111
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v27/ 44 KB
44 KB 443ms
39ms Font
font/woff2 142.250.186.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Muli%3A400%2C400i%2C600%2C600i%2C700%2C700i%2C800%2C800i%7COpen%20Sans%3A400%2C400i%2C600%2C600i%2C700%2C700i%2C800%2C800i%7CRoboto%3A400%2C400i%2C500%2C500i%2C700%2C700i&subset=latin%2Clatin-ext&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f3.1e100.net

Software

sffe /

Resource Hash

88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://safeshadow.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 21:11:57 GMT
x-content-type-options: nosniff
age: 183774
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44656
x-xss-protection: 0
last-modified: Thu, 28 Oct 2021 00:30:43 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Tue, 01 Nov 2022 21:11:57 GMT

GET
H2 200 7Auwp_0qiz-afTLGLQ.woff2
fonts.gstatic.com/s/muli/v22/ 30 KB
31 KB 502ms
102ms Font
font/woff2 142.250.186.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/muli/v22/7Auwp_0qiz-afTLGLQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f3.1e100.net

Software

sffe /

Resource Hash

8f5315ed9f5e070e85a60e405d9aac92286319c20c2fcb39cc2d6c01090c652d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://safeshadow.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 18:20:47 GMT
x-content-type-options: nosniff
age: 194044
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31120
x-xss-protection: 0
last-modified: Wed, 15 Jul 2020 20:50:02 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Tue, 01 Nov 2022 18:20:47 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 204 B
635 B 134ms
48ms Script
text/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=safeshadow.com&callback=_gfp_s_&client=ca-pub-3059805454647315

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110280101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3059805454647315&plah=safeshadow.com&bust=31063387

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

7a224ee9f1ef59c7eec68864c63d9001cdfc7e87f9f010143d39bfaa57074ddb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://safeshadow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 04 Nov 2021 00:14:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 191
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 812ms
327ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=safeshadow.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://safeshadow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 04 Nov 2021 00:14:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 650ms
368ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=safeshadow.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://safeshadow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 04 Nov 2021 00:14:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F9A3 0
19 B 143ms
94ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3059805454647315&output=html&adk=1812271804&adf=3025194257&lmt=1635984889&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fsafeshadow.com%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635984890581&bpp=4&bdt=1300&idt=1655&shv=r20211101&mjsv=m202110280101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3601154714565&frm=20&pv=2&ga_vid=1044471465.1635984892&ga_sid=1635984892&ga_hid=57436702&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063387%2C31063182&oid=2&pvsid=3515572837418247&pem=53&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=1669

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://safeshadow.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 04 Nov 2021 00:14:52 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 04 Nov 2021 00:14:52 GMT
cache-control: private

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 12 KB
9 KB 251ms
95ms XHR
application/json 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20211101&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ce765922b8f3ff7c5c0811de350e00cc30459c939602813db5b439796ede8aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://safeshadow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 04 Nov 2021 00:14:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9423
x-xss-protection: 0

GET
H/1.1

200
OK

3.bild.jpg
bilder.bild.de/fotos/til-schweiger-musste-seine-premiere-absagen--diesen-text-schrieb-er-auf-instagram-acc3b91425b242eba3504891e56bde4c-78134310/Bild/
Redirect Chain

https://bilder.bild.de/fotos/til-schweiger-musste-seine-premiere-absagen--diesen-text-schrieb-er-auf-instagram-acc3b91425b242eba3504891e56bde4c-78134310/Bild/1.bild.jpg
https://bilder.bild.de/fotos/til-schweiger-musste-seine-premiere-absagen--diesen-text-schrieb-er-auf-instagram-acc3b91425b242eba3504891e56bde4c-78134310/Bild/3.bild.jpg

74 KB
75 KB

15ms
15ms

Image
image/jpeg

2.16.186.195

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bilder.bild.de/fotos/til-schweiger-musste-seine-premiere-absagen--diesen-text-schrieb-er-auf-instagram-acc3b91425b242eba3504891e56bde4c-78134310/Bild/3.bild.jpg

Protocol

HTTP/1.1

Server

2.16.186.195 -, , ASN (),

Reverse DNS

Software

Apache /

Resource Hash

a6fe227d7db418a0cd175356194d86d3db167f37f789f9275be80d68b9ee7f4e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://safeshadow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 04 Nov 2021 00:14:53 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 03 Nov 2021 06:08:25 GMT
X-Refresh: s=3f|h=1|c=|t=6953.713|a=1668.460|rd=Wed, 03 Nov 2021 23:47:04 GMT|dd=Thu, 04 Nov 2021 00:14:53 GMT, s=4n|h=0|c=|t=1968.000|a=1668.000|rd=Wed, 03 Nov 2021 23:47:04 GMT|dd=Thu, 04 Nov 2021 00:14:53 GMT
ETag: "1c856816397a416944618fb2bd758601"
Vary: Origin
Content-Language: de-DE
Cache-Control: public, max-age=6147
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/jpeg
Content-Length: 76003
X-Diag: max-age adjusted
Server: Apache
Expires: Thu, 04 Nov 2021 01:57:20 GMT

Redirect headers

Date: Thu, 04 Nov 2021 00:14:53 GMT
X-Content-Type-Options: nosniff
Location-TTL: 54.203
X-Refresh: s=1f|h=0|c=|t=0.000|a=0.000|rd=Thu, 04 Nov 2021 00:14:53 GMT|dd=Thu, 04 Nov 2021 00:14:53 GMT, s=4n|h=0|c=|t=0.000|a=0.000|rd=Thu, 04 Nov 2021 00:14:53 GMT|dd=Thu, 04 Nov 2021 00:14:53 GMT
Vary: Origin
Location: https://bilder.bild.de/fotos/til-schweiger-musste-seine-premiere-absagen--diesen-text-schrieb-er-auf-instagram-acc3b91425b242eba3504891e56bde4c-78134310/Bild/3.bild.jpg
Cache-Control: public, max-age=56
Connection: keep-alive
Content-Length: 0
Server: Apache
Expires: Thu, 04 Nov 2021 00:15:49 GMT

GET sodar2.js
tpc.googlesyndication.com/sodar/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Verdicts & Comments Add Verdict or Comment

130 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.safeshadow.com/	1970-01-20 07:48:00	Name: __gads Value: ID=deebd2ce5e114b1e-2283ae8e19cb00e5:T=1635984892:RT=1635984892:S=ALNI_MbT5BeMRI1cTkf1S4aj86g6km4QGQ
			.doubleclick.net/	1970-01-19 22:26:25	Name: test_cookie Value: CheckForPermission

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://safeshadow.com/(Line 1256) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://code.jquery.com/jquery-1.8.2.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://safeshadow.com/(Line 1256) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://code.jquery.com/jquery-1.8.2.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
bilder.bild.de
code.jquery.com
content3.promiflash.de
fonts.googleapis.com
fonts.gstatic.com
fscl01.fonpit.de
googleads.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.wp.com
safeshadow.com
static.spektrum.de
stats.wp.com
tpc.googlesyndication.com
www.allround-pc.com
www.cruise4news.at
www.faz.net
tpc.googlesyndication.com
138.201.53.235
142.250.186.162
142.250.186.35
151.101.130.132
172.217.18.98
192.0.76.3
2.16.186.195
2.18.235.29
2001:4de0:ac18::1:a:3b
2001:8d8:100f:f000::208
2606:4700:20::ac43:47ec
2606:4700:3031::ac43:9779
2606:4700::6811:3635
2a00:1450:4001:808::2002
2a00:1450:4001:809::2002
2a00:1450:4001:811::2002
2a00:1450:4001:813::200a
2a00:1450:4001:827::2002
04e6fb814fccce3a0aecb83be0bc24665cf3e6a5e993f296471a63708f63e138
0ce765922b8f3ff7c5c0811de350e00cc30459c939602813db5b439796ede8aa
0de736fd37cf9e76c9188b74ddbcb9d8f3926cedfd87878e5f533e196e0b0dc4
0ebbc7fba9a50d36ef5422345f624431710db4528f25749d1d438c2c10bb69f2
1682d42650a9e6fc16fb5002bae0f9f712d9f08fe0500846d5afa928fc654139
1d243a2ec062d68981cc916eb24c9a8102fa5739e4fdc67a543f3c46df234756
23c26457e9c68cc9521cf1ca70dd4f61a8b728589dbd0ec6d2ab4f2fefaa02eb
293913879d30bab7499013e935009f5183facbddd63bfc9656a859622590b80b
2bed97a07ba4c770aeb551861ab1407403455ec1de7d15eb2da8dc9c36a4711c
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
443650f0b6d1008c918a9f485d99df09e73566dcd5988913cdeedd2930585e83
46e95d53314b13b7edbb1bd6c9568f8e7d9c6167186b60920be84975ffca97aa
4c71cab3e2b7defd9022059c922d2c91359df1ba71dd47e8543b108c70537f25
55a36298517619f755ac3c59b3c37cde07d3c2ce66526bf42df296bda945838c
5e7a6bb6af048160b1fba18ac6c5de445021152a675e7e74d543206b7d1d0764
5f8a48428fbe9181d234b0025216336481b6ad6a50e4f79b6b7b49d2bfd8dcc9
66623e3b17d02738d1bc7f5bd27b398a6ff3d44f0f00b01dd6a75ec67e76747c
6e86a52a9858206302e32036d89907e3ac87762055e7f9c6364aec33221b3e41
75c535ae1d09d2e32d12b0175d4d3a211ba711daac79f5f8543544fbaeddc95c
7a224ee9f1ef59c7eec68864c63d9001cdfc7e87f9f010143d39bfaa57074ddb
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
8f5315ed9f5e070e85a60e405d9aac92286319c20c2fcb39cc2d6c01090c652d
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a
9745d78c19b91ab26895980fdfdc81997e0397d58446db33584e5e4de1435845
a263951ba358b2b766fe5e06c24a5869f2a67aeee53a4ba7d3b1f9d478fc3c34
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a6fe227d7db418a0cd175356194d86d3db167f37f789f9275be80d68b9ee7f4e
a83079124373d924ad1402fbc08d2e24d0043234d4c26565f1c368745f55f5d9
ae2f2b2b04939f013c8c1b375fece8435e7d332fa3b439bce0bb50331ca7bcc6
b0d41233a73c67be0b61fa41ec924260180170766c1eea571f2befad393516f7
b21ceb8c89eff5c68a31cc3554d02f0b69b5dbaeac82f900693c4a750d379910
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
c8177ae233643f4154383a023647879d08d61227b801f99c43483055ee82ec20
d15af3ed34d282120975850781ec49f09d4177c94644c42d00805e7496a56ff2
d2437ddf45aa84303d14cc4569941c1ae58e8accca92216349c1332794015c6f
dceda745a0fb58233a95eff6d10796026df6792cb960cdf675eb7b8a6750a2d2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f554d2f09272c6f71447ebfe4532d3b1dd1959bce669f9a5ccc99e64ef511729

safeshadow.com Open in urlscan Pro 2606:4700:3031::ac43:9779 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

41 Requests

93 %HTTPS

56 %IPv6

17 Domains

19 Subdomains

19 IPs

3 Countries

1529 kBTransfer

3133 kBSize

2 Cookies

0 Outgoing links

Redirected requests

41 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

safeshadow.com Open in urlscan Pro
2606:4700:3031::ac43:9779 Public Scan

Screenshot
Live screenshot

Full Image

41
Requests

93 %
HTTPS

56 %
IPv6

17
Domains

19
Subdomains

19
IPs

3
Countries

1529 kB
Transfer

3133 kB
Size

2
Cookies

41 HTTP transactions
3 data transactions