shadowandact.com Open in urlscan Pro
35.227.214.231 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://shadowandact.com/
Effective URL:
https://shadowandact.com/
Submission Tags: tranco_l324
Submission: On November 10 via api (November 10th 2021, 4:36:49 am UTC) from DE — Scanned from DE

Summary HTTP 200 Redirects Links 15 Behaviour Indicators

Summary

This website contacted 56 IPs in 6 countries across 43 domains to perform 200 HTTP transactions. The main IP is 35.227.214.231, located in Kansas City, United States and belongs to GOOGLE, US. The main domain is shadowandact.com.
TLS certificate: Issued by GTS CA 1D4 on October 22nd 2021. Valid for: 3 months.

This is the only time shadowandact.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 14	35.227.214.231 35.227.214.231	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
1	2600:9000:21f... 2600:9000:21f3:f400:1:a3fa:7cc0:93a1	16509 (AMAZON-02) (AMAZON-02)
13	89.187.169.47 89.187.169.47	60068 (CDN77 ^_^) (CDN77 ^_^)
1	13.225.84.155 13.225.84.155	16509 (AMAZON-02) (AMAZON-02)
1	151.101.65.131 151.101.65.131	54113 (FASTLY) (FASTLY)
2	2.18.234.190 2.18.234.190	16625 (AKAMAI-AS) (AKAMAI-AS)
1	13.225.78.129 13.225.78.129	16509 (AMAZON-02) (AMAZON-02)
18	146.148.110.40 146.148.110.40	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3030::ac43:df29	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 12	151.101.194.137 151.101.194.137	54113 (FASTLY) (FASTLY)
4	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
1 3	13.225.78.39 13.225.78.39	16509 (AMAZON-02) (AMAZON-02)
11	13.58.53.241 13.58.53.241	16509 (AMAZON-02) (AMAZON-02)
1	35.186.255.166 35.186.255.166	15169 (GOOGLE) (GOOGLE)
1	34.149.21.97 34.149.21.97	15169 (GOOGLE) (GOOGLE)
1	34.117.152.54 34.117.152.54	15169 (GOOGLE) (GOOGLE)
3	35.233.141.87 35.233.141.87	15169 (GOOGLE) (GOOGLE)
1	13.224.186.77 13.224.186.77	16509 (AMAZON-02) (AMAZON-02)
1	2.18.232.28 2.18.232.28	16625 (AKAMAI-AS) (AKAMAI-AS)
1	64.202.112.191 64.202.112.191	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
1	2a00:1450:400... 2a00:1450:400c:c07::9a	15169 (GOOGLE) (GOOGLE)
2	3.126.202.50 3.126.202.50	16509 (AMAZON-02) (AMAZON-02)
2	2a04:4e42:400... 2a04:4e42:400::393	54113 (FASTLY) (FASTLY)
3	2a00:1450:400... 2a00:1450:4001:802::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
4	13.224.186.52 13.224.186.52	16509 (AMAZON-02) (AMAZON-02)
4	13.225.84.146 13.225.84.146	16509 (AMAZON-02) (AMAZON-02)
4	44.196.63.69 44.196.63.69	14618 (AMAZON-AES) (AMAZON-AES)
6	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
1	151.101.66.137 151.101.66.137	54113 (FASTLY) (FASTLY)
4	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
5	13.224.198.4 13.224.198.4	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:830::2006	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
3	8.2.111.126 8.2.111.126	46636 (NATCOWEB) (NATCOWEB)
7	52.30.108.101 52.30.108.101	16509 (AMAZON-02) (AMAZON-02)
2	34.117.126.186 34.117.126.186	15169 (GOOGLE) (GOOGLE)
4 6	185.33.220.240 185.33.220.240	29990 (ASN-APPNEX) (ASN-APPNEX)
12	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
4	167.99.231.34 167.99.231.34	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
5	52.38.14.212 52.38.14.212	16509 (AMAZON-02) (AMAZON-02)
1	2602:803:c003... 2602:803:c003:200::41	26667 (RUBICONPR...) (RUBICONPROJECT)
1	184.31.84.150 184.31.84.150	16625 (AKAMAI-AS) (AKAMAI-AS)
1	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	34.251.173.19 34.251.173.19	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
2	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
3 3	213.19.147.45 213.19.147.45	26120 (RHYTHMONE) (RHYTHMONE)
2 2	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
1 1	147.75.61.140 147.75.61.140	54825 (PACKET) (PACKET)
1 2	72.251.249.9 72.251.249.9	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
1 1	88.214.206.142 88.214.206.142	46636 (NATCOWEB) (NATCOWEB)
2 4	185.64.190.79 185.64.190.79	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE)
1 1	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
200	56

14 35.227.214.231 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 231.214.227.35.bc.googleusercontent.com

shadowandact.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21f3:f400:1:a3fa:7cc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.jwplayer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 89.187.169.47 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-89-187-169-47.cdn77.com

load.sumome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
load.sumo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.84.155 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-84-155.fra2.r.cloudfront.net

dc8xl0ndzn2cb.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.65.131 (United States)

ASN54113 (FASTLY, US)

66c37c86af1b42cd94b050774081e5e2.js.ubembed.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.234.190 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-190.deploy.static.akamaitechnologies.com

widgets.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
widget-pixels.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.78.129 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-129.fra2.r.cloudfront.net

cdn.p-n.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 146.148.110.40 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 40.110.148.146.bc.googleusercontent.com

cms.shadowandact.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cms.afrotech.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
legacy.travelnoire.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3030::ac43:df29 (United States)

ASN13335 (CLOUDFLARENET, US)

console.adgrid.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 151.101.194.137 (United States) 1 redirects

ASN54113 (FASTLY, US)

cd.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cds.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.225.78.39 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-39.fra2.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 13.58.53.241 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-58-53-241.us-east-2.compute.amazonaws.com

capi.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.255.166 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 166.255.186.35.bc.googleusercontent.com

api1.blavity.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.149.21.97 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 97.21.149.34.bc.googleusercontent.com

api.afrotech.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.117.152.54 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 54.152.117.34.bc.googleusercontent.com

api.travelnoire.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.233.141.87 (The Dalles, United States)

ASN15169 (GOOGLE, US)
PTR: 87.141.233.35.bc.googleusercontent.com

api.shadowandact.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.186.77 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-186-77.fra2.r.cloudfront.net

assets.ubembed.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.232.28 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-28.deploy.static.akamaitechnologies.com

tcheck.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.202.112.191 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

log.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c07::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.126.202.50 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-202-50.eu-central-1.compute.amazonaws.com

66c37c86af1b42cd94b050774081e5e2.pages.ubembed.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:400::393 (United States)

ASN54113 (FASTLY, US)

res.cloudinary.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:802::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.224.186.52 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-186-52.fra2.r.cloudfront.net

builder-assets.unbounce.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.225.84.146 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-84-146.fra2.r.cloudfront.net

d9hhrg4mnvzow.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 44.196.63.69 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-196-63-69.compute-1.amazonaws.com

66c37c86af1b42cd94b050774081e5e2.events.ubembed.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.66.137 (United States)

ASN54113 (FASTLY, US)

vid.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 13.224.198.4 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-198-4.fra2.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 8.2.111.126 (United States)

ASN46636 (NATCOWEB, US)

colossusssp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 52.30.108.101 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-108-101.eu-west-1.compute.amazonaws.com

ads.servenobid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.117.126.186 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 186.126.117.34.bc.googleusercontent.com

bids.concert.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.33.220.240 (Amsterdam, Netherlands) 4 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 167.99.231.34 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

dmongo.adgrid.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.38.14.212 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-38-14-212.us-west-2.compute.amazonaws.com

sumo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2602:803:c003:200::41 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.31.84.150 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-31-84-150.deploy.static.akamaitechnologies.com

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.251.173.19 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-251-173-19.eu-west-1.compute.amazonaws.com

g2.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

e8ceaf2446c2d9ba46524767756878cd.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.19.147.45 (United Kingdom) 3 redirects

ASN26120 (RHYTHMONE, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.33.220.150 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.75.61.140 (Ashburn, United States) 1 redirects

ASN54825 (PACKET, US)

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 72.251.249.9 (Amsterdam, Netherlands) 1 redirects

ASN29791 (VOXEL-DOT-NET, US)

ce.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.214.206.142 (United Kingdom) 1 redirects

ASN46636 (NATCOWEB, US)

cs.admanmedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.64.190.79 (United Kingdom) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image8.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.130 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.80 (United Kingdom) 1 redirects

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
33	shadowandact.com 1 redirects shadowandact.com cms.shadowandact.com api.shadowandact.com	5 MB
24	connatix.com 1 redirects cd.connatix.com cds.connatix.com capi.connatix.com vid.connatix.com img.connatix.com	355 KB
20	googlesyndication.com pagead2.googlesyndication.com e8ceaf2446c2d9ba46524767756878cd.safeframe.googlesyndication.com tpc.googlesyndication.com	135 KB
17	sumo.com load.sumo.com sumo.com	445 KB
11	doubleclick.net 1 redirects stats.g.doubleclick.net securepubads.g.doubleclick.net pubads.g.doubleclick.net googleads.g.doubleclick.net googleads4.g.doubleclick.net cm.g.doubleclick.net	173 KB
8	ubembed.com 66c37c86af1b42cd94b050774081e5e2.js.ubembed.com assets.ubembed.com 66c37c86af1b42cd94b050774081e5e2.pages.ubembed.com 66c37c86af1b42cd94b050774081e5e2.events.ubembed.com	55 KB
7	servenobid.com ads.servenobid.com	3 KB
7	googleapis.com fonts.googleapis.com imasdk.googleapis.com	697 KB
6	pubmatic.com 3 redirects hbopenbid.pubmatic.com image8.pubmatic.com image2.pubmatic.com	1 KB
6	adnxs.com 4 redirects ib.adnxs.com	5 KB
6	google.com www.google.com adservice.google.com	2 KB
5	amazon-adsystem.com c.amazon-adsystem.com	40 KB
5	adgrid.io console.adgrid.io dmongo.adgrid.io	167 KB
5	cloudfront.net dc8xl0ndzn2cb.cloudfront.net d9hhrg4mnvzow.cloudfront.net	130 KB
4	unbounce.com builder-assets.unbounce.com	72 KB
4	gstatic.com fonts.gstatic.com	78 KB
3	colossusssp.com colossusssp.com	633 B
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com	2 KB
2	lijit.com 1 redirects ce.lijit.com	1 KB
2	adsrvr.org 2 redirects match.adsrvr.org	912 B
2	1rx.io 2 redirects sync.1rx.io	1 KB
2	concert.io bids.concert.io	543 B
2	2mdn.net s0.2mdn.net	62 KB
2	facebook.com www.facebook.com	396 B
2	google.de www.google.de adservice.google.de	1 KB
2	cloudinary.com res.cloudinary.com	691 KB
2	outbrainimg.com tcheck.outbrainimg.com log.outbrainimg.com	789 B
2	travelnoire.com api.travelnoire.com legacy.travelnoire.com	609 KB
2	afrotech.com api.afrotech.com cms.afrotech.com	1 MB
2	google-analytics.com www.google-analytics.com	20 KB
2	facebook.net connect.facebook.net	113 KB
2	outbrain.com widgets.outbrain.com widget-pixels.outbrain.com	66 KB
1	admanmedia.com 1 redirects cs.admanmedia.com	490 B
1	a-mo.net 1 redirects prebid.a-mo.net	299 B
1	unrulymedia.com 1 redirects sync.targeting.unrulymedia.com	473 B
1	googletagservices.com www.googletagservices.com	38 KB
1	gumgum.com g2.gumgum.com	359 B
1	casalemedia.com htlb.casalemedia.com	374 B
1	rubiconproject.com fastlane.rubiconproject.com	1 KB
1	blavity.com api1.blavity.com	28 KB
1	p-n.io cdn.p-n.io	65 KB
1	sumome.com load.sumome.com	2 KB
1	jwplayer.com cdn.jwplayer.com	38 KB
200	43

	Domain	Requested by
16	cms.shadowandact.com	shadowandact.com
14	shadowandact.com	1 redirects shadowandact.com
12	pagead2.googlesyndication.com	srcdoc securepubads.g.doubleclick.net tpc.googlesyndication.com shadowandact.com e8ceaf2446c2d9ba46524767756878cd.safeframe.googlesyndication.com
12	load.sumo.com	load.sumome.com
11	capi.connatix.com	shadowandact.com cd.connatix.com
9	img.connatix.com	shadowandact.com
7	ads.servenobid.com	console.adgrid.io
6	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com shadowandact.com e8ceaf2446c2d9ba46524767756878cd.safeframe.googlesyndication.com
6	ib.adnxs.com	4 redirects console.adgrid.io
5	sumo.com	load.sumo.com
5	c.amazon-adsystem.com	console.adgrid.io c.amazon-adsystem.com
4	image8.pubmatic.com	2 redirects
4	dmongo.adgrid.io	console.adgrid.io
4	imasdk.googleapis.com	cd.connatix.com imasdk.googleapis.com
4	securepubads.g.doubleclick.net	cd.connatix.com securepubads.g.doubleclick.net
4	66c37c86af1b42cd94b050774081e5e2.events.ubembed.com	assets.ubembed.com
4	d9hhrg4mnvzow.cloudfront.net	66c37c86af1b42cd94b050774081e5e2.pages.ubembed.com
4	builder-assets.unbounce.com	66c37c86af1b42cd94b050774081e5e2.pages.ubembed.com
4	fonts.gstatic.com	fonts.googleapis.com
3	colossusssp.com	console.adgrid.io
3	adservice.google.com	imasdk.googleapis.com securepubads.g.doubleclick.net
3	www.google.com	shadowandact.com tpc.googlesyndication.com e8ceaf2446c2d9ba46524767756878cd.safeframe.googlesyndication.com
3	api.shadowandact.com	shadowandact.com
3	sb.scorecardresearch.com	1 redirects shadowandact.com
3	fonts.googleapis.com	shadowandact.com client
2	ce.lijit.com	1 redirects
2	match.adsrvr.org	2 redirects
2	sync.1rx.io	2 redirects
2	googleads4.g.doubleclick.net	shadowandact.com
2	e8ceaf2446c2d9ba46524767756878cd.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	pubads.g.doubleclick.net	imasdk.googleapis.com
2	bids.concert.io	console.adgrid.io
2	s0.2mdn.net	imasdk.googleapis.com shadowandact.com
2	www.facebook.com	shadowandact.com
2	res.cloudinary.com	shadowandact.com
2	66c37c86af1b42cd94b050774081e5e2.pages.ubembed.com	assets.ubembed.com
2	www.google-analytics.com	shadowandact.com www.google-analytics.com
2	connect.facebook.net	shadowandact.com connect.facebook.net
2	cds.connatix.com	shadowandact.com cd.connatix.com
1	image2.pubmatic.com	1 redirects
1	cm.g.doubleclick.net	1 redirects
1	cs.admanmedia.com	1 redirects
1	prebid.a-mo.net	1 redirects
1	sync.targeting.unrulymedia.com	1 redirects
1	www.googletagservices.com	e8ceaf2446c2d9ba46524767756878cd.safeframe.googlesyndication.com
1	googleads.g.doubleclick.net	e8ceaf2446c2d9ba46524767756878cd.safeframe.googlesyndication.com
1	adservice.google.de	securepubads.g.doubleclick.net
1	g2.gumgum.com	console.adgrid.io
1	hbopenbid.pubmatic.com	console.adgrid.io
1	htlb.casalemedia.com	console.adgrid.io
1	fastlane.rubiconproject.com	console.adgrid.io
1	vid.connatix.com	cd.connatix.com
1	www.google.de	shadowandact.com
1	legacy.travelnoire.com	shadowandact.com
1	cms.afrotech.com	shadowandact.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	log.outbrainimg.com	widgets.outbrain.com
1	widget-pixels.outbrain.com	shadowandact.com
1	tcheck.outbrainimg.com	widgets.outbrain.com
1	assets.ubembed.com	66c37c86af1b42cd94b050774081e5e2.js.ubembed.com
1	api.travelnoire.com	shadowandact.com
1	api.afrotech.com	shadowandact.com
1	api1.blavity.com	shadowandact.com
1	cd.connatix.com	1 redirects
1	console.adgrid.io	shadowandact.com
1	cdn.p-n.io	shadowandact.com
1	widgets.outbrain.com	shadowandact.com
1	66c37c86af1b42cd94b050774081e5e2.js.ubembed.com	shadowandact.com
1	dc8xl0ndzn2cb.cloudfront.net	shadowandact.com
1	load.sumome.com	shadowandact.com
1	cdn.jwplayer.com	shadowandact.com
200	71

This site contains links to these domains. Also see Links.

Domain
www.shadowandactpodcast.com
blavity.com
afrotech.com
travelnoire.com
www.facebook.com
twitter.com
instagram.com
blavityinc.com
21ninety.com

Subject Issuer	Validity	Valid
shadowandact.com GTS CA 1D4	`2021-10-22` - `2022-01-20`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
jwplayer.com Amazon	`2021-01-29` - `2022-02-26`	a year	crt.sh
*.sumome.com Sectigo RSA Domain Validation Secure Server CA	`2021-05-04` - `2022-05-04`	a year	crt.sh
*.cloudfront.net Amazon	`2021-03-19` - `2022-03-17`	a year	crt.sh
*.js.ubembed.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-03-22` - `2022-04-23`	a year	crt.sh
*.outbrain.com DigiCert SHA2 Secure Server CA	`2021-05-25` - `2022-06-01`	a year	crt.sh
pushlycdn.com Amazon	`2021-03-16` - `2022-04-14`	a year	crt.sh
cms.shadowandact.com R3	`2021-10-21` - `2022-01-19`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-09-29` - `2022-09-28`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-08-19` - `2021-11-17`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.scorecardresearch.com Amazon	`2021-02-28` - `2022-03-29`	a year	crt.sh
*.connatix.com Go Daddy Secure Certificate Authority - G2	`2021-08-20` - `2022-09-21`	a year	crt.sh
api1.blavity.com GTS CA 1D4	`2021-10-21` - `2022-01-19`	3 months	crt.sh
api.afrotech.com GTS CA 1D4	`2021-09-20` - `2021-12-19`	3 months	crt.sh
api.travelnoire.com GTS CA 1D4	`2021-11-08` - `2022-02-06`	3 months	crt.sh
api.shadowandact.com R3	`2021-09-26` - `2021-12-25`	3 months	crt.sh
*.sumo.com Sectigo RSA Domain Validation Secure Server CA	`2021-05-04` - `2022-05-04`	a year	crt.sh
assets.ubembed.com Amazon	`2021-03-06` - `2022-04-04`	a year	crt.sh
*.outbrainimg.com DigiCert SHA2 Secure Server CA	`2021-05-04` - `2022-05-09`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.pages.ubembed.com Sectigo RSA Domain Validation Secure Server CA	`2020-03-09` - `2022-03-22`	2 years	crt.sh
*.cloudinary.com Go Daddy Secure Certificate Authority - G2	`2020-05-27` - `2022-06-22`	2 years	crt.sh
cms.afrotech.com R3	`2021-09-25` - `2021-12-24`	3 months	crt.sh
legacy.travelnoire.com R3	`2021-09-14` - `2021-12-13`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.unbounce.com Amazon	`2021-03-10` - `2022-04-08`	a year	crt.sh
*.events.ubembed.com Amazon	`2021-06-12` - `2022-07-11`	a year	crt.sh
c.amazon-adsystem.com Amazon	`2021-07-06` - `2022-06-27`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.colossusssp.com Go Daddy Secure Certificate Authority - G2	`2021-11-07` - `2022-11-07`	a year	crt.sh
ads.servenobid.com Amazon	`2021-06-28` - `2022-07-27`	a year	crt.sh
bids.concert.io GTS CA 1D4	`2021-09-12` - `2021-12-11`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
dmongo.adgrid.io R3	`2021-10-24` - `2022-01-22`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-03-30` - `2022-04-04`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2021-08-04` - `2022-09-04`	a year	crt.sh
*.gumgum.com Amazon	`2021-06-05` - `2022-07-04`	a year	crt.sh
*.google.de GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh

This page contains 16 frames:

Primary Page: https://shadowandact.com/
Frame ID: B7E5EABFAF630EBC0CE9A8EA458DA9E8
Requests: 136 HTTP requests in this frame

Frame: https://cds.connatix.com/p/137439/connatix.playspace.dc.js
Frame ID: 8A5EAFB61DF9ECC3D9E93BC6D42BE4BD
Requests: 16 HTTP requests in this frame

Frame: https://66c37c86af1b42cd94b050774081e5e2.pages.ubembed.com/f3b01f09-51e1-43d8-bbfb-9387fb4d2824/a.html?closedAt=0
Frame ID: 43EBBA25F065ACEB4FC2F7A93FC3AA7E
Requests: 7 HTTP requests in this frame

Frame: https://66c37c86af1b42cd94b050774081e5e2.pages.ubembed.com/b5e7fc40-83c3-4565-92cc-429ee63b09c2/a.html?closedAt=0
Frame ID: E2D00FD69FA6771F390AA38138B0BF2A
Requests: 7 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.488.0_en.html
Frame ID: BC4F5D54BF076A45B0E023E5AB6ECDD7
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.488.0_en.html
Frame ID: 0D28B9F0C9D9B2C572CA1A85D0BC137C
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.488.0_en.html
Frame ID: E1302DD1DB1C441AB562A25413F1DEA1
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 036D17F8CA5F64E02FCB0981AED49585
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 95F45866718A11B7F5E9A46D37EA1C7A
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 511179350BAEB1665CF5EFFEE8897680
Requests: 1 HTTP requests in this frame

Frame: https://e8ceaf2446c2d9ba46524767756878cd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: D365E5494BDD808100C37E0DC7E4DAAB
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: F2E9F1B508593C61A5E4DD1026BEAF84
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 37AFCBE32CEF8BA96EEBC1075F1BD9B5
Requests: 2 HTTP requests in this frame

Frame: https://e8ceaf2446c2d9ba46524767756878cd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 87D960600D62197ACFBE1D5C4DD8FAD0
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CODnIhCTpLvQAhjCoK66ATAB&v=APEucNVGexAaBgiGo376aT4Y5X2E6hCQWyjerHDiPhSwOLeSN90BKPb6J60SGfHsTOsdNFDPWOoJToql0s7QXGFH2YQLirSm-w
Frame ID: 233499BD9022922D21AA15E06B20B601
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 7D7A3E4ECA65E9179D9CF5517F0F585D
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

SHADOW & ACT

Page URL History Show full URLs

http://shadowandact.com/ HTTP 301
https://shadowandact.com/ Page URL

Page Statistics

200
Requests

93 %
HTTPS

31 %
IPv6

43
Domains

71
Subdomains

56
IPs

6
Countries

10600 kB
Transfer

18070 kB
Size

32
Cookies

15 Outgoing links

These are links going to different origins than the main page.

URL: https://www.shadowandactpodcast.com/
Title: PODCAST

Search URL Search Domain Scan URL

URL: https://blavity.com/exclusive-dear-black-women-a-letter-from-vice-president-kamala-harris-on-maternal-health

Search URL Search Domain Scan URL

URL: https://blavity.com/
Title: Blavity News

Search URL Search Domain Scan URL

URL: https://afrotech.com/afrotech-go-daddy

Search URL Search Domain Scan URL

URL: https://afrotech.com/
Title: AfroTech

Search URL Search Domain Scan URL

URL: https://travelnoire.com/westjets-first-hijab-flight-attendant

Search URL Search Domain Scan URL

URL: https://travelnoire.com/
Title: Travel Noire

Search URL Search Domain Scan URL

URL: https://blavity.com/6-celeb-professors-whove-taught-college-courses-wed-sign-up-for-in-a-millisecond

Search URL Search Domain Scan URL

URL: https://www.facebook.com/shadowandact/

Search URL Search Domain Scan URL

URL: https://twitter.com/shadowandact/

Search URL Search Domain Scan URL

URL: https://instagram.com/shadow_act/

Search URL Search Domain Scan URL

URL: https://blavity.com/privacy
Title: Privacy

Search URL Search Domain Scan URL

URL: https://blavityinc.com/careers
Title: Careers

Search URL Search Domain Scan URL

URL: https://blavityinc.com/partner-with-us
Title: Partner With Us

Search URL Search Domain Scan URL

URL: https://21ninety.com/
Title: 21Ninety

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://shadowandact.com/ HTTP 301
https://shadowandact.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 17

https://cd.connatix.com/connatix.playspace.js HTTP 302
https://cds.connatix.com/p/137439/connatix.playspace.dc.js

Request Chain 44

https://sb.scorecardresearch.com/b?c1=2&c2=22819004&ns__t=1636519001536&ns_c=UTF-8&cv=3.5&c8=SHADOW%20%26%20ACT&c7=https%3A%2F%2Fshadowandact.com%2F&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=22819004&ns__t=1636519001536&ns_c=UTF-8&cv=3.5&c8=SHADOW%20%26%20ACT&c7=https%3A%2F%2Fshadowandact.com%2F&c9=

Request Chain 182

https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4763513541 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4763513541 HTTP 302
https://sync.1rx.io/usersync/tradedesk/983f3c00-ef34-4618-b160-3635173fd196 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-1c54761d-c863-4da0-8f1c-4b25f5eb9735-003?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3DRX-1c54761d-c863-4da0-8f1c-4b25f5eb9735-003 HTTP 302
https://ads.servenobid.com/sync?pid=321&uid=RX-1c54761d-c863-4da0-8f1c-4b25f5eb9735-003

Request Chain 183

https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fads.servenobid.com%252Fsync%253Fpid%253D312%2526uid%253D%2524UID HTTP 302
https://ads.servenobid.com/sync?pid=312&uid=2846712050516633676

Request Chain 185

https://x.yieldlift.com/getuid?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D314%26uid%3D%24UID HTTP 301
https://ads.servenobid.com/sync?pid=314&uid=eyJ4dWlkIjoiY2I3NWY0ZjEtMDQwNy00MzQyLWI0MDAtNjM5MTJmNDQxZjY0IiwiZHAiOnt9LCJiZGF5IjoiMjAyMS0xMS0xMFQwNDozNjo0Ni44Njg1OTNaIn0=

Request Chain 186

https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D HTTP 302
https://ads.servenobid.com/sync?pid=327&uid=55c8e973-9192-4eab-bc88-033d8c37f6fc&gdpr=0&gdpr_consent=

Request Chain 187

https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=http%3A%2F%2Flocalhost%3A8282%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D HTTP 302
https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=http%3A%2F%2Flocalhost%3A8282%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1

Request Chain 188

https://cs.admanmedia.com/sync/durationmedia?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D328%26uid%3D{$UID} HTTP 302
https://ads.servenobid.com/sync?pid=328&uid=6d4cdf7606307df811ff1471b50b71629b1baa6f

Request Chain 189

https://image8.pubmatic.com/AdServer/ImgSync?p=160224 HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?p=160224&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MjA5NTg4MDYtMzlCQy00NkVELUE3MzItN0Y5Q0ZBRjBGNjJB&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=

Request Chain 190

https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26cbimg%3D10141%26uid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fads.servenobid.com%252Fsync%253Fpid%253D312%2526cbimg%253D10141%2526uid%253D%2524UID HTTP 302
https://ads.servenobid.com/sync?pid=312&cbimg=10141&uid=5348515699005504457

200 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
shadowandact.com/
Redirect Chain

http://shadowandact.com/
https://shadowandact.com/

75 KB
21 KB

376ms
361ms

Document
text/html

35.227.214.231
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://shadowandact.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.214.231 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 231.214.227.35.bc.googleusercontent.com
Software: /
Resource Hash: 408f10552dc3c0a4c5b15ba3feb6b185c48cae3369efe1d96ec1a4b454cc9f8c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

etag: "12a12-ulPTQ9YFhCKPk9kv9yncPPE8GRQ"
content-type: text/html; charset=utf-8
accept-ranges: none
vary: Accept-Encoding
content-encoding: gzip
date: Wed, 10 Nov 2021 04:36:41 GMT
via: 1.1 google
alt-svc: clear

Redirect headers

Cache-Control: private
Content-Type: text/html; charset=UTF-8
Referrer-Policy: no-referrer
Location: https://shadowandact.com/
Content-Length: 222
Date: Wed, 10 Nov 2021 04:36:41 GMT

GET
H2 200 css2
fonts.googleapis.com/ 764 B
849 B 40ms
17ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Courier+Prime&display=swap

Requested by

Host: shadowandact.com
URL: https://shadowandact.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f509c947cade4b963efef4de887841d2e06302ce01c4974bca8f1777676b637d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shadowandact.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 10 Nov 2021 04:36:41 GMT
server: ESF
date: Wed, 10 Nov 2021 04:36:41 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 10 Nov 2021 04:36:41 GMT

GET
H2 200 css2
fonts.googleapis.com/ 5 KB
697 B 41ms
17ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Montserrat:wght@400;600;700&display=swap

Requested by

Host: shadowandact.com
URL: https://shadowandact.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bba7dc1df35ca22871004dd769b07d8fbf659fa97f1b890d4399e40f1ba89a8d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shadowandact.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 10 Nov 2021 03:38:54 GMT
server: ESF
date: Wed, 10 Nov 2021 04:36:41 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 10 Nov 2021 04:36:41 GMT

GET
H2 200 ooCf767B.js Show response
cdn.jwplayer.com/libraries/ 114 KB
38 KB 46ms
12ms Script
text/javascript 2600:9000:21f3:f400:1:a3fa:7cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.jwplayer.com/libraries/ooCf767B.js
Requested by: Host: shadowandact.com
URL: https://shadowandact.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:f400:1:a3fa:7cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty /
Resource Hash: f866a7018b0a47b327de03bb0548fc4ed15c50ddd771d55c0b14d7ff22514406

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shadowandact.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 04:34:52 GMT
content-encoding: gzip
server: openresty
age: 109
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=150, max-stale=180
x-amz-cf-pop: FRA2-C2
content-length: 38070
via: 1.1 a32f966fc5896281eb3de44fd8f57d40.cloudfront.net (CloudFront)
x-amz-cf-id: sxGw1lfCxoW6wDaAZkBAP5Az3P_8Hj-e3m3-pb_rXVFJAGFDqUW4Jg==
expires: Wed, 10 Nov 2021 04:37:22 GMT

GET
H2 200 / Show response
load.sumome.com/ 2 KB
2 KB 99ms
44ms Script
text/javascript 89.187.169.47
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumome.com/
Requested by: Host: shadowandact.com
URL: https://shadowandact.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-169-47.cdn77.com
Software: BunnyCDN-DE1-756 /
Resource Hash: 75cde5cd327239276b3bafb85d50f38fbd3b77bd15984deb9f6c02dd01b8ff86

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shadowandact.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 04:36:41 GMT
content-encoding: br
cdn-edgestorageid: 756
x-amz-request-id: 9TB0ZWMS5XW9RFDZ
cdn-cachedat: 10/20/2021 17:30:27
cdn-pullzone: 53731
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2: qCvRVgs8ZItWbARVg2xSZF2S/c/PCVLYuwN5eXW2/MOyZd5AVkpZE11FZUE2srRIVkWk6GDbp8M=
server: BunnyCDN-DE1-756
access-control-allow-origin: *
last-modified: Wed, 20 Oct 2021 15:30:25 GMT
cdn-proxyver: 1.0
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/javascript
cdn-cache: HIT
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: max-age=600
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cdn-requestid: d4cb876cc8247858edf3b2c6f8da5a4d
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H/1.1 403
Forbidden keywee.min.js
dc8xl0ndzn2cb.cloudfront.net/js/shadowandactcom/v0/ 0
0 35ms
7ms Script
text/html 13.225.84.155
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dc8xl0ndzn2cb.cloudfront.net/js/shadowandactcom/v0/keywee.min.js
Requested by: Host: shadowandact.com
URL: https://shadowandact.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.84.155 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-84-155.fra2.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shadowandact.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H2 200 / Show response
66c37c86af1b42cd94b050774081e5e2.js.ubembed.com/ 3 KB
2 KB 101ms
70ms Script
application/json 151.101.65.131
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://66c37c86af1b42cd94b050774081e5e2.js.ubembed.com/
Requested by: Host: shadowandact.com
URL: https://shadowandact.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 158348cb3d363872dceeae52e35935cb557069a132e360a6d56e4587ab3ce2c6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shadowandact.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 04:36:41 GMT
content-encoding: br
x-backend-region: eu_west_1
age: 0
etag: 39af78083b55e680d02ced5c740b3a5a-v0.179.1
vary: Accept-Encoding, Referer
x-cache: Miss from cloudfront, MISS
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=0, must-revalidate
x-amz-cf-pop: FRA50-C1
accept-ranges: none
x-amz-apigw-id: IkjeCHoXDoEFy7A=

GET
H2 200 outbrain.js Show response
widgets.outbrain.com/ 187 KB
65 KB 35ms
7ms Script
application/x-javascript 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/outbrain.js
Requested by: Host: shadowandact.com
URL: https://shadowandact.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e5f96d91bf8f9a1c65d95c48212a0e9cd7e596055dbc0260564a10a7355f5b49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shadowandact.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 04:36:41 GMT
content-encoding: gzip
last-modified: Tue, 09 Nov 2021 11:05:51 GMT
etag: W/"2eb25-18qVVLUJeCAAEmOeP87ucLgD5JU"
vary: Accept-Encoding
edge-cache-tag: widget-cheetah
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=14400
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
x-traceid: dc68d3f14e958d29bf6df646fbcda308
timing-allow-origin: *, *
content-length: 66312
expires: Wed, 10 Nov 2021 08:36:41 GMT

GET
H2 200 pushly-sdk.min.js Show response
cdn.p-n.io/ 325 KB
65 KB 1045ms
1018ms Script
application/javascript 13.225.78.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.p-n.io/pushly-sdk.min.js?domain_key=iRqvNWJBLbniLnLOq5Q8pIMSeeUEEyd7ufKC
Requested by: Host: shadowandact.com
URL: https://shadowandact.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-129.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: aee0d8bc13f524568c9ffa316e517c7bfd6ca8b937fc63efe39effa52e38b544

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shadowandact.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 04:36:43 GMT
content-encoding: gzip
last-modified: Thu, 05 Mar 2020 15:24:54 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
etag: W/"6991f303925e8c6a3e36d2f7877a67fb"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
via: 1.1 f8fe53d5464b299529d281799da8de30.cloudfront.net (CloudFront)
cache-control: max-age=900
x-amz-cf-id: B5qRzG9wJz0HZ3Op2t7rJFQ3P3G6KvEPlBNletUTq4LHfsdleG5EYA==

GET
H2 200 adgrid.js Show response
shadowandact.com/ 363 B
322 B 100ms
99ms Script
application/javascript 35.227.214.231
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://shadowandact.com/adgrid.js
Requested by: Host: shadowandact.com
URL: https://shadowandact.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.214.231 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 231.214.227.35.bc.googleusercontent.com
Software: /
Resource Hash: d7ffc5dbafe863985902dd164bbd27ca81ba2db75aae03f2510854f4a6f2dc6a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shadowandact.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 04:36:41 GMT
via: 1.1 google
last-modified: Fri, 29 Oct 2021 16:40:53 GMT
etag: W/"16b-17cccecf208"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public,max-age=0
accept-ranges: bytes
content-encoding: gzip
alt-svc: clear

GET
H2 200 4c33721.js Show response
shadowandact.com/_nuxt/ 2 KB
1 KB 8ms
7ms Script
application/javascript 35.227.214.231
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://shadowandact.com/_nuxt/4c33721.js
Requested by: Host: shadowandact.com
URL: https://shadowandact.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.214.231 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 231.214.227.35.bc.googleusercontent.com
Software: /
Resource Hash: 3c31ef500b7bce5545d6aae10493858c0fbf0886093dfe0fd897cd86e78ce12e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shadowandact.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 18:09:14 GMT
via: 1.1 google
last-modified: Fri, 29 Oct 2021 16:42:30 GMT
age: 37647
etag: W/"9a8-17cccee6cf0"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public,max-age=3600
accept-ranges: bytes
content-encoding: gzip
alt-svc: clear
content-length: 1235

GET
H2 200 1899a49.js Show response
shadowandact.com/_nuxt/ 198 KB
67 KB 9ms
8ms Script
application/javascript 35.227.214.231
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://shadowandact.com/_nuxt/1899a49.js
Requested by: Host: shadowandact.com
URL: https://shadowandact.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.214.231 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 231.214.227.35.bc.googleusercontent.com
Software: /
Resource Hash: 7f13cbd95ad1f522d11e94b97d1d34ad8c79a85f28048da21eef00c14ac48d7f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shadowandact.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 21:41:32 GMT
via: 1.1 google
last-modified: Fri, 29 Oct 2021 16:42:30 GMT
age: 24909
etag: W/"316e6-17cccee6cf0"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public,max-age=3600
accept-ranges: bytes
content-encoding: gzip
alt-svc: clear
content-length: 68387

GET
H2 200 9dada24.js Show response
shadowandact.com/_nuxt/ 407 KB
130 KB 17ms
16ms Script
application/javascript 35.227.214.231
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://shadowandact.com/_nuxt/9dada24.js
Requested by: Host: shadowandact.com
URL: https://shadowandact.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.214.231 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 231.214.227.35.bc.googleusercontent.com
Software: /
Resource Hash: 18da3a03b13bffa0ad3be214d4776d1668d4a1d0c124d0e928cee90fae91c8c8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shadowandact.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 05:14:26 GMT
via: 1.1 google
last-modified: Fri, 29 Oct 2021 16:42:30 GMT
age: 84135
etag: W/"65b60-17cccee6cf0"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public,max-age=3600
accept-ranges: bytes
content-encoding: gzip
alt-svc: clear
content-length: 132512

GET
H2 200 146e52d.js Show response
shadowandact.com/_nuxt/ 193 KB
48 KB 13ms
12ms Script
application/javascript 35.227.214.231
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://shadowandact.com/_nuxt/146e52d.js
Requested by: Host: shadowandact.com
URL: https://shadowandact.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.214.231 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 231.214.227.35.bc.googleusercontent.com
Software: /
Resource Hash: 61802e02e764695c3db39556b0b49ffea2b6894e23d25ccc60d68aef30e05926

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shadowandact.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 21:31:50 GMT
via: 1.1 google
last-modified: Fri, 29 Oct 2021 16:42:30 GMT
age: 25491
etag: W/"30468-17cccee6cf0"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public,max-age=3600
accept-ranges: bytes
content-encoding: gzip
alt-svc: clear
content-length: 49421

GET
H2 200 5b20b1c.js Show response
shadowandact.com/_nuxt/ 9 KB
3 KB 8ms
7ms Script
application/javascript 35.227.214.231
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://shadowandact.com/_nuxt/5b20b1c.js
Requested by: Host: shadowandact.com
URL: https://shadowandact.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.214.231 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 231.214.227.35.bc.googleusercontent.com
Software: /
Resource Hash: 92feb4ec1d30a6f4529185c0612b048fc93ba6e42f3cb6f292092d1686e8cbb7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shadowandact.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 05:14:27 GMT
via: 1.1 google
last-modified: Fri, 29 Oct 2021 16:42:30 GMT
age: 84134
etag: W/"250e-17cccee6cf0"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public,max-age=3600
accept-ranges: bytes
content-encoding: gzip
alt-svc: clear
content-length: 2969

GET
H2 200 shadow-and-act-logo-white.svg
shadowandact.com/images/ 11 KB
5 KB 98ms
97ms Image
image/svg+xml 35.227.214.231
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shadowandact.com/images/shadow-and-act-logo-white.svg
Requested by: Host: shadowandact.com
URL: https://shadowandact.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.214.231 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 231.214.227.35.bc.googleusercontent.com
Software: /
Resource Hash: 196300a732903456ce811b730755b3e0920433f3be8fdafde62ed805fd8b8073

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shadowandact.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 04:36:41 GMT
via: 1.1 google
last-modified: Fri, 29 Oct 2021 16:40:53 GMT
etag: W/"2c24-17cccecf208"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public,max-age=0
accept-ranges: bytes
content-encoding: gzip
alt-svc: clear

GET
H2 200 Untitled-design-2021-11-09T205010.510.jpg
cms.shadowandact.com/wp-content/uploads/2021/11/ 173 KB
174 KB 483ms
134ms Image
image/jpeg 146.148.110.40
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cms.shadowandact.com/wp-content/uploads/2021/11/Untitled-design-2021-11-09T205010.510.jpg
Requested by: Host: shadowandact.com
URL: https://shadowandact.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 146.148.110.40 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 40.110.148.146.bc.googleusercontent.com
Software: nginx /
Resource Hash: 74959aa95d1bf3769c966026845cab5d74e739ee9c1f951db828fd79699628fe

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shadowandact.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 04:36:41 GMT
last-modified: Wed, 10 Nov 2021 01:50:22 GMT
server: nginx
etag: "618b255e-2b4c9"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 177353

GET
H2 200 ad-grid-shadowandact-com.js Show response
console.adgrid.io/adgrid-build/ 598 KB
166 KB 778ms
691ms Script
application/javascript 2606:4700:3030::ac43:df29
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://console.adgrid.io/adgrid-build/ad-grid-shadowandact-com.js
Requested by: Host: shadowandact.com
URL: https://shadowandact.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:df29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9228df31913951ca4ff369c986dd445798f6d98ed4589bfef402df22a4ab23c3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shadowandact.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 04:36:42 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 09 Nov 2021 10:47:23 GMT
server: cloudflare
etag: W/"959cd-5d058d5aa74f0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S3iu614GPlUZrHKsStX85SMfjBi58uYkel0lYUTmwyIP5ZPZLpUl7wMqWdJ9sxbcd5%2F7gLOnM%2Bu7rNA2iqQ4X6A61kIqKfrl3fsoDbr8%2FaJLVzVNzcmbiegZaBNbBl%2FRNKKPSoZv50Glq9%2BBiEEO%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6abc94d0996bf15a-ARN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2

200

connatix.playspace.dc.js Show response
cds.connatix.com/p/137439/ Frame 8A5E
Redirect Chain

https://cd.connatix.com/connatix.playspace.js
https://cds.connatix.com/p/137439/connatix.playspace.dc.js

1 MB
237 KB

13ms
7ms

Script
application/javascript

151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/137439/connatix.playspace.dc.js
Requested by: Host: shadowandact.com
URL: https://shadowandact.com/
Protocol: H2
Server: 151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 746ad9b30074fcdfca7a5ae7335b9d90132855de2fdf36240a6b16cc7eb97024

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 04:36:41 GMT
content-encoding: br
last-modified: Tue, 09 Nov 2021 16:15:16 GMT
age: 43663
etag: "afd136e8f75ffe7b6c6075559e899f22"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 242280

Redirect headers

location: https://cds.connatix.com/p/137439/connatix.playspace.dc.js
date: Wed, 10 Nov 2021 04:36:41 GMT
cache-control: no-cache, no-store, must-revalidate, max-age=0
accept-ranges: bytes
content-length: 0

GET
H2 200 JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v18/ 20 KB
20 KB 35ms
14ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v18/JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@400;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ec7d69015be507ee6045d259f50b6cf8ccb52ec7b41ec1bf50fee681683bea60

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://shadowandact.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 21:11:57 GMT
x-content-type-options: nosniff
age: 113084
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20040
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:20:44 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Tue, 08 Nov 2022 21:11:57 GMT

GET
H2 200 u-450q2lgwslOqpF_6gQ8kELawFpWg.woff2
fonts.gstatic.com/s/courierprime/v2/ 18 KB
18 KB 33ms
12ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/courierprime/v2/u-450q2lgwslOqpF_6gQ8kELawFpWg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Courier+Prime&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f857186527a5ad90fa24311947966582bdbdfcfcc8373e60a203f95f5b2b6ccf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://shadowandact.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 04 Nov 2021 19:34:41 GMT
x-content-type-options: nosniff
age: 464520
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18764
x-xss-protection: 0
last-modified: Thu, 23 Jul 2020 19:47:51 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 04 Nov 2022 19:34:41 GMT

GET
H2 200 JTURjIg1_i6t8kCHKm45_bZF3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v18/ 19 KB
19 KB 38ms
17ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v18/JTURjIg1_i6t8kCHKm45_bZF3gnD_g.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@400;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61519deaa156f24ad28ae848179016c7cc741270cb7b30043c24bd30203bdaf3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://shadowandact.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 04 Nov 2021 21:50:41 GMT
x-content-type-options: nosniff
age: 456360
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19824
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:20:37 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 04 Nov 2022 21:50:41 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v18/ 19 KB
20 KB 28ms
7ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v18/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@400;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b26a74f3c0e529bc8fccfa6b1db8e083e738992266359fde1a5bd0aaa81cbc3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://shadowandact.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 04 Nov 2021 04:48:55 GMT
x-content-type-options: nosniff
age: 517666
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19844
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:20:10 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 04 Nov 2022 04:48:55 GMT

GET
H2 200 33cbb8d.js Show response
shadowandact.com/_nuxt/ 4 KB
2 KB 7ms
7ms Script
application/javascript 35.227.214.231
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://shadowandact.com/_nuxt/33cbb8d.js
Requested by: Host: shadowandact.com
URL: https://shadowandact.com/_nuxt/4c33721.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.214.231 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 231.214.227.35.bc.googleusercontent.com
Software: /
Resource Hash: 3ab1f84df7c075ebe8e59605688d11d3c6e5cc0381fd3162373d3d921c9a53ba

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shadowandact.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 20:48:46 GMT
via: 1.1 google
last-modified: Fri, 29 Oct 2021 16:42:30 GMT
age: 28075
etag: W/"11bc-17cccee6cf0"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public,max-age=3600
accept-ranges: bytes
content-encoding: gzip
alt-svc: clear
content-length: 1785

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
26 KB 21ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: shadowandact.com
URL: https://shadowandact.com/_nuxt/146e52d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shadowandact.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 25965
x-xss-protection: 0
pragma: public
x-fb-debug: GbdA2FubzQEZBKHV00LYRY2WiAYo6+Pnj8YpyrjghS0kpLPz4QacQp3jqg8mK2DsX5rrXmM93/QJ0+4SqEYUFA==
x-fb-trip-id: 2050670934
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Wed, 10 Nov 2021 04:36:41 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 28ms
6ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: shadowandact.com
URL: https://shadowandact.com/_nuxt/9dada24.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shadowandact.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 2167
date: Wed, 10 Nov 2021 04:00:34 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Wed, 10 Nov 2021 06:00:34 GMT

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 1 KB
1 KB 37ms
9ms Script
application/javascript 13.225.78.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: shadowandact.com
URL: https://shadowandact.com/_nuxt/146e52d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-39.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shadowandact.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 02:27:43 GMT
content-encoding: gzip
etag: W/"1827f116c73f319409b97f10b8a58ade"
last-modified: Fri, 26 Feb 2021 14:35:05 GMT
server: AmazonS3
age: 89915
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 edfd22ec6695cdc9d7ac634220af1315.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: 82FUb4jyLbPjzjGFhF0RaOsBmtQ2gQg_rM7MT-bfh00aHkjznz6aig==

GET
H/1.1 200
OK si
capi.connatix.com/tr/ 0
139 B 408ms
102ms Image
text/plain 13.58.53.241
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://capi.connatix.com/tr/si?3f40e27c-3e51-471e-94ce-9d663bd2110d
Requested by: Host: shadowandact.com
URL: https://shadowandact.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.58.53.241 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-58-53-241.us-east-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shadowandact.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Wed, 10 Nov 2021 04:36:42 GMT
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0

GET
H2 200 trending_articles Show response
api1.blavity.com/v1/ 123 KB
28 KB 153ms
123ms XHR
application/json 35.186.255.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api1.blavity.com/v1/trending_articles
Requested by: Host: shadowandact.com
URL: https://shadowandact.com/_nuxt/1899a49.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.255.166 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 166.255.186.35.bc.googleusercontent.com
Software: / Express
Resource Hash: 3fb0eed474349a36bf19b207a32a1abada581f631a1f8d88aa8e2fd8d0204a99

Request headers

Accept: application/json, text/plain, */*
Referer: https://shadowandact.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 04:36:41 GMT
content-encoding: gzip
etag: W/"1ed62-H7esZ2ktUf6k+/SC6+jC4KIBvBA"
x-powered-by: Express
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
alt-svc: clear
via: 1.1 google

GET
H2 200 popular Show response
api.afrotech.com/v1/articles/ 13 KB
5 KB 177ms
127ms XHR
application/json 34.149.21.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.afrotech.com/v1/articles/popular?count=2
Requested by: Host: shadowandact.com
URL: https://shadowandact.com/_nuxt/1899a49.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.21.97 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 97.21.149.34.bc.googleusercontent.com
Software: / Express
Resource Hash: 35222d4acd8429e9c6c8ec232899310d753b840f50b8e93c8adbbf7b5538f37b

Request headers

Accept: application/json, text/plain, */*
Referer: https://shadowandact.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 04:36:41 GMT
content-encoding: gzip
etag: W/"3296-9CwBYFswBU6pGiDfkBMN6ti73Lg"
x-powered-by: Express
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
alt-svc: clear
via: 1.1 google

GET
H2 200 popular Show response
api.travelnoire.com/v1/articles/ 31 KB
9 KB 62ms
7ms XHR
application/json 34.117.152.54
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.travelnoire.com/v1/articles/popular?count=2
Requested by: Host: shadowandact.com
URL: https://shadowandact.com/_nuxt/1899a49.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.152.54 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 54.152.117.34.bc.googleusercontent.com
Software: / Express
Resource Hash: fbc706fbf590f35520339d93f8b8fbcbd0c6acde047efa9bc78a88c30742209a

Request headers

Accept: application/json, text/plain, */*
Referer: https://shadowandact.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 03:57:17 GMT
content-encoding: gzip
etag: W/"7af8-OwxJtmgvmfvHiECWpaNIWIBb5/4"
age: 2364
x-powered-by: Express
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=3600
alt-svc: clear
content-length: 8764
via: 1.1 google

GET
H2 200 Screen-Shot-2021-11-08-at-6.01.22-PM-min.png
cms.shadowandact.com/wp-content/uploads/2021/11/ 681 KB
682 KB 409ms
292ms Image
image/png 146.148.110.40
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cms.shadowandact.com/wp-content/uploads/2021/11/Screen-Shot-2021-11-08-at-6.01.22-PM-min.png
Requested by: Host: shadowandact.com
URL: https://shadowandact.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 146.148.110.40 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 40.110.148.146.bc.googleusercontent.com
Software: nginx /
Resource Hash: db2448eef869faeff2de9ba646cde81a74b54417a4166034aa6b7b927b62e29a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shadowandact.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 04:36:41 GMT
last-modified: Mon, 08 Nov 2021 23:01:59 GMT
server: nginx
etag: "6189ac67-aa562"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 697698

GET
H2 200 wil.webp
cms.shadowandact.com/wp-content/uploads/2021/11/ 30 KB
30 KB 460ms
344ms Image
image/webp 146.148.110.40
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cms.shadowandact.com/wp-content/uploads/2021/11/wil.webp
Requested by: Host: shadowandact.com
URL: https://shadowandact.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 146.148.110.40 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 40.110.148.146.bc.googleusercontent.com
Software: nginx /
Resource Hash: 0bf7b775380a33730738229073594a30f8724d17743f2fd5d24bf2c3506e38f4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shadowandact.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 04:36:41 GMT
last-modified: Tue, 09 Nov 2021 22:09:08 GMT
server: nginx
etag: "618af184-781a"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 30746

GET
H2 200 Untitled-design-42.jpg
cms.shadowandact.com/wp-content/uploads/2021/11/ 101 KB
102 KB 460ms
344ms Image
image/jpeg 146.148.110.40
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cms.shadowandact.com/wp-content/uploads/2021/11/Untitled-design-42.jpg
Requested by: Host: shadowandact.com
URL: https://shadowandact.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 146.148.110.40 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 40.110.148.146.bc.googleusercontent.com
Software: nginx /
Resource Hash: beddd4a5f553819c50809a639f8ae3faf18e6a10bddf78790fe67d092f7b7876

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shadowandact.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 04:36:41 GMT
last-modified: Tue, 09 Nov 2021 20:29:18 GMT
server: nginx
etag: "618ada1e-194d4"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 103636

GET
H2 200 Screen-Shot-2021-11-09-at-1.55.36-PM.png
cms.shadowandact.com/wp-content/uploads/2021/11/ 2 MB
2 MB 459ms
343ms Image
image/png 146.148.110.40
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cms.shadowandact.com/wp-content/uploads/2021/11/Screen-Shot-2021-11-09-at-1.55.36-PM.png
Requested by: Host: shadowandact.com
URL: https://shadowandact.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 146.148.110.40 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 40.110.148.146.bc.googleusercontent.com
Software: nginx /
Resource Hash: cb34a61b3c823731bc1d2374ba74402bd0206e56a5b34f8bcb288f24e65b7eda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shadowandact.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 04:36:41 GMT
last-modified: Tue, 09 Nov 2021 18:56:10 GMT
server: nginx
etag: "618ac44a-1fcf7f"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 2084735

GET
H2 200 Untitled-design-2021-11-09T123358.881.jpg
cms.shadowandact.com/wp-content/uploads/2021/11/ 144 KB
145 KB 458ms
342ms Image
image/jpeg 146.148.110.40
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cms.shadowandact.com/wp-content/uploads/2021/11/Untitled-design-2021-11-09T123358.881.jpg
Requested by: Host: shadowandact.com
URL: https://shadowandact.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 146.148.110.40 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 40.110.148.146.bc.googleusercontent.com
Software: nginx /
Resource Hash: 46e10f9a7ffa3029bcfb4dbf8e110a1d2f097f2a8af04b28c7f332f6dc06cf8a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shadowandact.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 04:36:41 GMT
last-modified: Tue, 09 Nov 2021 17:34:41 GMT
server: nginx
etag: "618ab131-2413d"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 147773

GET
H/1.1 200
OK 6 Show response
api.shadowandact.com/v1/recentPost/4/ 36 KB
36 KB 639ms
307ms XHR
application/json 35.233.141.87
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.shadowandact.com/v1/recentPost/4/6
Requested by: Host: shadowandact.com
URL: https://shadowandact.com/_nuxt/1899a49.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.233.141.87 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 87.141.233.35.bc.googleusercontent.com
Software: nginx/1.10.3 (Ubuntu) / Express
Resource Hash: 9ce9267f2a5e191e349a27fb2f54af1183c914f36fac5d4423a32fdd5561ff99

Request headers

Accept: application/json, text/plain, */*
Referer: https://shadowandact.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Wed, 10 Nov 2021 04:36:42 GMT
Server: nginx/1.10.3 (Ubuntu)
X-Powered-By: Express
ETag: W/"8e35-+9WWxasVVhHr/wRr7MzsA+Hkgvs:dtagent10167190521165248qzTA"
Access-Control-Allow-Methods: POST, GET, DELETE, PUT, OPTIONS
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ip
Access-Control-Allow-Credentials: true
Connection: keep-alive
ip: 0
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, token, Cache-Control, Author, Search
Content-Length: 36405

GET
H/1.1 200
OK 0 Show response
api.shadowandact.com/v1/articles/categories/features,interviews/6/ 64 KB
65 KB 659ms
327ms XHR
application/json 35.233.141.87
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.shadowandact.com/v1/articles/categories/features,interviews/6/0
Requested by: Host: shadowandact.com
URL: https://shadowandact.com/_nuxt/1899a49.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.233.141.87 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 87.141.233.35.bc.googleusercontent.com
Software: nginx/1.10.3 (Ubuntu) / Express
Resource Hash: e9af09c31049d62ade7f79f79a7666223f8425b952271cfba50bd65e8bb60d05

Request headers

Accept: application/json, text/plain, */*
Referer: https://shadowandact.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Wed, 10 Nov 2021 04:36:42 GMT
Server: nginx/1.10.3 (Ubuntu)
X-Powered-By: Express
ETag: W/"1010a-qnc6X+9oAJdkkHYBwFbXTEjyCEk:dtagent10167190521165248qzTA"
Access-Control-Allow-Methods: POST, GET, DELETE, PUT, OPTIONS
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ip
Access-Control-Allow-Credentials: true
Connection: keep-alive
ip: 0
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, token, Cache-Control, Author, Search
Content-Length: 65802

GET
H/1.1 200
OK get_top_articales Show response
api.shadowandact.com/v1/ 32 KB
32 KB 657ms
326ms XHR
application/json 35.233.141.87
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.shadowandact.com/v1/get_top_articales?count=5&offset=0
Requested by: Host: shadowandact.com
URL: https://shadowandact.com/_nuxt/1899a49.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.233.141.87 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 87.141.233.35.bc.googleusercontent.com
Software: nginx/1.10.3 (Ubuntu) / Express
Resource Hash: b7bee6a6473e227e887a8e798c384b10a0c86c083d9485b0f61b4fb9c5787bff

Request headers

Accept: application/json, text/plain, */*
Referer: https://shadowandact.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Wed, 10 Nov 2021 04:36:42 GMT
Server: nginx/1.10.3 (Ubuntu)
X-Powered-By: Express
ETag: W/"7e2c-x3Zr9RjSGVdbZ61cSgb3KYbsc9E:dtagent10167190521165248qzTA"
Access-Control-Allow-Methods: POST, GET, DELETE, PUT, OPTIONS
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ip
Access-Control-Allow-Credentials: true
Connection: keep-alive
ip: 0
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, token, Cache-Control, Author, Search
Content-Length: 32300

GET
H2 200 72.0a035390359aab65eb82.js Show response
load.sumo.com/ 131 KB
44 KB 38ms
7ms Script
text/javascript 89.187.169.47
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/72.0a035390359aab65eb82.js
Requested by: Host: load.sumome.com
URL: https://load.sumome.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-169-47.cdn77.com
Software: BunnyCDN-DE1-756 /
Resource Hash: 73c748a03b271d7a4d7c1ed120f668653c1d7ed4632748920048ddcde2e6d759

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shadowandact.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 04:36:41 GMT
content-encoding: br
cdn-edgestorageid: 756
x-amz-request-id: 1ZQEWHAMVKQ7GYB9
cdn-cachedat: 08/11/2021 08:27:12
cdn-pullzone: 53731
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2: kmFKyXlcNfWRvLk73k8+XQ19wYCytEHCTISpCux9qKXgMmTWTauGgYuQX+XFo3SzIUCSissBAiY=
server: BunnyCDN-DE1-756
access-control-allow-origin: *
last-modified: Wed, 30 Jun 2021 15:44:49 GMT
cdn-proxyver: 1.0
cdn-requestpullcode: 200
vary: Accept-Encoding, Accept-Encoding
content-type: text/javascript
cdn-cache: HIT
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: max-age=31536000
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cdn-requestid: abc25bba7cd4bb00d01408ca61f45853
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 73.0a035390359aab65eb82.js Show response
load.sumo.com/ 289 KB
100 KB 45ms
14ms Script
text/javascript 89.187.169.47
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/73.0a035390359aab65eb82.js
Requested by: Host: load.sumome.com
URL: https://load.sumome.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-169-47.cdn77.com
Software: BunnyCDN-DE1-756 /
Resource Hash: f452c0a329f17acfb74497d9ddef4a0d5af4166d43da2a3824387fc71205cd4f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shadowandact.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 04:36:41 GMT
content-encoding: br
cdn-edgestorageid: 756
x-amz-request-id: TBY01K4HP9CGD4T8
cdn-cachedat: 08/11/2021 06:56:09
cdn-pullzone: 53731
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2: zxdeegSWyj0r5KeMe1/TVBrRHqZLd4efcDcAMD1YkADnK6T70g4ma5XkPClgzRKwYXb8pz26pBk=
server: BunnyCDN-DE1-756
access-control-allow-origin: *
last-modified: Wed, 30 Jun 2021 15:44:50 GMT
cdn-proxyver: 1.0
cdn-requestpullcode: 200
vary: Accept-Encoding, Accept-Encoding
content-type: text/javascript
cdn-cache: HIT
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: max-age=31536000
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cdn-requestid: 528d2cc8e6bb24f64673e7400d2332a6
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 bundle.js Show response
assets.ubembed.com/universalscript/releases/v0.179.1/ 173 KB
47 KB 37ms
8ms Script
application/javascript 13.224.186.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.ubembed.com/universalscript/releases/v0.179.1/bundle.js
Requested by: Host: 66c37c86af1b42cd94b050774081e5e2.js.ubembed.com
URL: https://66c37c86af1b42cd94b050774081e5e2.js.ubembed.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.186.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-186-77.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b1ccb8141195307117c737c7f49f99de131fb55290a5f4c1431cc74ca93119dc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shadowandact.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 17:47:37 GMT
content-encoding: gzip
last-modified: Fri, 30 Jul 2021 19:19:04 GMT
server: AmazonS3
age: 3667745
etag: W/"4d21402425377bf4a0f3a4f7ab8db2ad"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 dde0b4b1e223fa23670e93078a04c116.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: gb-Mf45F2hMAMZ6scPMsnEnw1FmIAI6BfBdtMu5_vMf80zYv1w61jg==

GET
H/1.1 200
OK c2hhZG93YW5kYWN0LmNvbQ== Show response
tcheck.outbrainimg.com/tcheck/check/ 16 B
464 B 38ms
9ms XHR
application/json 2.18.232.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tcheck.outbrainimg.com/tcheck/check/c2hhZG93YW5kYWN0LmNvbQ==
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-28.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 929701ed632814943e3df803ddd9e3f179ccf889c0ad7b7f3392bd8d109b174f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shadowandact.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Wed, 10 Nov 2021 04:36:41 GMT
ETag: W/"10-us8lSJutAxKqLzf8c1+n5XstcwY"
Access-Control-Max-Age: 43200
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=34766
Access-Control-Allow-Credentials: false
Connection: keep-alive
X-TraceId: f1580fd0248b699440bed1fecd2ef5ae
Content-Length: 16
Expires: Wed, 10 Nov 2021 14:16:07 GMT

GET
H2 200 px.gif
widget-pixels.outbrain.com/widget/detect/ 43 B
341 B 16ms
7ms Image
image/gif 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widget-pixels.outbrain.com/widget/detect/px.gif?ch=1&rn=5.592611758979318
Requested by: Host: shadowandact.com
URL: https://shadowandact.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shadowandact.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 04:36:41 GMT
last-modified: Wed, 30 Sep 2020 14:22:29 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1601475749.911431"
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 43
expires: Fri, 10 Dec 2021 04:36:41 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
209 B 13ms
12ms XHR
text/plain 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=207257462&t=pageview&_s=1&dl=https%3A%2F%2Fshadowandact.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=SHADOW%20%26%20ACT&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEBAAEABEAAAAC~&jid=1157636015&gjid=713417415&cid=737976534.1636519002&tid=UA-10302152-1&_gid=480204926.1636519002&_r=1&_slc=1&z=1185903978

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://shadowandact.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 10 Nov 2021 04:36:41 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://shadowandact.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=22819004&ns__t=1636519001536&ns_c=UTF-8&cv=3.5&c8=SHADOW%20%26%20ACT&c7=https%3A%2F%2Fshadowandact.com%2F&c9=
https://sb.scorecardresearch.com/b2?c1=2&c2=22819004&ns__t=1636519001536&ns_c=UTF-8&cv=3.5&c8=SHADOW%20%26%20ACT&c7=https%3A%2F%2Fshadowandact.com%2F&c9=

64 B
328 B

10ms
10ms

Image
image/gif

13.225.78.39
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=22819004&ns__t=1636519001536&ns_c=UTF-8&cv=3.5&c8=SHADOW%20%26%20ACT&c7=https%3A%2F%2Fshadowandact.com%2F&c9=
Requested by: Host: shadowandact.com
URL: https://shadowandact.com/
Protocol: H2
Server: 13.225.78.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-39.fra2.r.cloudfront.net
Software: /
Resource Hash: 831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shadowandact.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 04:36:41 GMT
via: 1.1 edfd22ec6695cdc9d7ac634220af1315.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
etag: W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache: Miss from cloudfront
content-type: image/gif; charset=utf-8
content-length: 64
x-amz-cf-id: Gx5OSRsRhP94hXljUx-pqKh5es1Ql3ffaKaf_WQS44hLIwAjsVKlow==

Redirect headers

date: Wed, 10 Nov 2021 04:36:41 GMT
via: 1.1 edfd22ec6695cdc9d7ac634220af1315.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/b2?c1=2&c2=22819004&ns__t=1636519001536&ns_c=UTF-8&cv=3.5&c8=SHADOW%20%26%20ACT&c7=https%3A%2F%2Fshadowandact.com%2F&c9=
content-length: 175
x-amz-cf-id: rLHHgf5NaxlQe6YiuFmTHScDb3j-griA8f_fXg--SL8EJ4mxJfBrJw==

GET
H2 200 2168516986784216 Show response
connect.facebook.net/signals/config/ 305 KB
87 KB 59ms
59ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2168516986784216?v=2.9.48&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c9fa2019af93cbb024e263ac299788c1135b41f57c757ee6384ab19f86af4191

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shadowandact.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: MKZYdDRupGB/gwIcw9HFN/3x0PxspJOs9ENGk8dG0YpU1xpuzghhPbZmfmLO0A0G8NgtFRjska5t72AGHt6Btw==
x-fb-trip-id: 2050670934
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Wed, 10 Nov 2021 04:36:41 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK dwce_cheq_events Show response
log.outbrainimg.com/loggerServices/ 4 B
325 B 366ms
88ms XHR
application/json 64.202.112.191
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://log.outbrainimg.com/loggerServices/dwce_cheq_events?timestamp=1636519001557&sessionId=e6d8e393-8ee7-3cf3-5c4e-46fd95418f42&url=shadowandact.com&cheqSource=1&cheqEvent=0&exitReason=2
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.191 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shadowandact.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 10 Nov 2021 04:36:42 GMT
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: d4ee4a98c713ee911eda173960680372
Content-Length: 4
Expires: 0

GET
H2 200 connatix.playspace.css
cds.connatix.com/p/137439/ 95 KB
13 KB 6ms
6ms Stylesheet
text/css 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/137439/connatix.playspace.css
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 61fffb0ce65f8703f20953bdf8ab591d537139249fdd45ccf309955fb0096376

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shadowandact.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 04:36:42 GMT
content-encoding: br
last-modified: Tue, 09 Nov 2021 16:15:16 GMT
age: 43664
etag: "4f6fdea45547db539b03879558d44bbd"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 13331

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
442 B 43ms
15ms XHR
text/plain 2a00:1450:400c:c07::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-10302152-1&cid=737976534.1636519002&jid=1157636015&gjid=713417415&_gid=480204926.1636519002&_u=aEBAAEAAEAAAAC~&z=1616795679

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://shadowandact.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 10 Nov 2021 04:36:42 GMT
content-type: text/plain
access-control-allow-origin: https://shadowandact.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK a.html Show response
66c37c86af1b42cd94b050774081e5e2.pages.ubembed.com/f3b01f09-51e1-43d8-bbfb-9387fb4d2824/ Frame 43EB 7 KB
3 KB 60ms
24ms Document
text/html 3.126.202.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://66c37c86af1b42cd94b050774081e5e2.pages.ubembed.com/f3b01f09-51e1-43d8-bbfb-9387fb4d2824/a.html?closedAt=0
Requested by: Host: assets.ubembed.com
URL: https://assets.ubembed.com/universalscript/releases/v0.179.1/bundle.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 3.126.202.50 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-202-50.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: b649666f1b95cbbbeb3185e5b6bac1314e3d952a3fff7227ad538f8d2b62f874

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://shadowandact.com/

Response headers

date: Wed, 10 Nov 2021 04:36:42 GMT
content-type: text/html; charset=UTF-8
transfer-encoding: chunked
p3p: CP="This is not a privacy policy."
x-unbounce-pageid: f3b01f09-51e1-43d8-bbfb-9387fb4d2824
etag: 66886a7fd85279151c7b3afe0ee4e8e1
last-modified: Mon, 08 Nov 2021 17:43:55 GMT
content-encoding: gzip
x-proxy-backend: page-server
connection: close

GET
H/1.1 200
OK a.html Show response
66c37c86af1b42cd94b050774081e5e2.pages.ubembed.com/b5e7fc40-83c3-4565-92cc-429ee63b09c2/ Frame E2D0 6 KB
3 KB 46ms
19ms Document
text/html 3.126.202.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://66c37c86af1b42cd94b050774081e5e2.pages.ubembed.com/b5e7fc40-83c3-4565-92cc-429ee63b09c2/a.html?closedAt=0
Requested by: Host: assets.ubembed.com
URL: https://assets.ubembed.com/universalscript/releases/v0.179.1/bundle.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 3.126.202.50 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-202-50.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: dcc8c34811c73517546cfe3126e5dc731c5296e4738c5a9e5643956d11b2d402

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://shadowandact.com/

Response headers

date: Wed, 10 Nov 2021 04:36:42 GMT
content-type: text/html; charset=UTF-8
transfer-encoding: chunked
p3p: CP="This is not a privacy policy."
x-unbounce-pageid: b5e7fc40-83c3-4565-92cc-429ee63b09c2
etag: 6e0ea414d7cd9e22c938dee735d3cda1
last-modified: Wed, 15 Sep 2021 17:46:53 GMT
content-encoding: gzip
x-proxy-backend: page-server
connection: close

GET
H2 200 yixyrgeqr4tapm3co9zr
res.cloudinary.com/blavity/image/upload/g_center,w_auto,q_auto:best,g_south_east,x_0/v1619043520/ 493 KB
493 KB 40ms
8ms Image
image/jpeg 2a04:4e42:400::393
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/blavity/image/upload/g_center,w_auto,q_auto:best,g_south_east,x_0/v1619043520/yixyrgeqr4tapm3co9zr

Requested by

Host: shadowandact.com
URL: https://shadowandact.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::393 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

b1f2a6ad102633e0da139dddea8f77a8055acb177e9ca9e246d55c6290192feb

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shadowandact.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 04:36:42 GMT
x-content-type-options: nosniff
server-timing: fastly;dur=2;cpu=1;start=2021-11-10T04:36:42.174Z;desc=hit,rtt;dur=5
vary: DPR,Width
content-length: 504441
last-modified: Thu, 22 Apr 2021 10:46:40 GMT
server: Cloudinary
etag: "10c1be139f0ff2e0424d6930adf133ca"
strict-transport-security: max-age=604800
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=2592000
content-dpr: 1
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 ATxGoDaddy_header-2-1-1568x882.png
cms.afrotech.com/wp-content/uploads/2021/11/ 1 MB
1 MB 485ms
134ms Image
image/png 146.148.110.40
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cms.afrotech.com/wp-content/uploads/2021/11/ATxGoDaddy_header-2-1-1568x882.png
Requested by: Host: shadowandact.com
URL: https://shadowandact.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 146.148.110.40 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 40.110.148.146.bc.googleusercontent.com
Software: nginx /
Resource Hash: 2182632271533bd03cd4463daf937979fce7e615c3b6d5a1800bc15bd39ef905

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shadowandact.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 04:36:42 GMT
last-modified: Wed, 10 Nov 2021 02:10:33 GMT
server: nginx
etag: "618b2a19-12b1e7"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 1225191

GET
H2 200 image_6483441-1.jpg
legacy.travelnoire.com/wp-content/uploads/2021/10/ 599 KB
600 KB 513ms
135ms Image
image/jpeg 146.148.110.40
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://legacy.travelnoire.com/wp-content/uploads/2021/10/image_6483441-1.jpg
Requested by: Host: shadowandact.com
URL: https://shadowandact.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 146.148.110.40 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 40.110.148.146.bc.googleusercontent.com
Software: nginx /
Resource Hash: b2e66ba5008ded105a081d79653b0e98d260eab7ed8ae1af8af54d6b7c69d385

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shadowandact.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 04:36:42 GMT
last-modified: Fri, 29 Oct 2021 18:32:45 GMT
server: nginx
etag: "617c3e4d-95d9e"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 613790

GET
H2 200 pbja2ejgezpm5hdmlljp
res.cloudinary.com/blavity/image/upload/g_center,w_auto,q_auto:best,g_south_east,x_0/v1634661256/ 197 KB
197 KB 39ms
8ms Image
image/jpeg 2a04:4e42:400::393
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/blavity/image/upload/g_center,w_auto,q_auto:best,g_south_east,x_0/v1634661256/pbja2ejgezpm5hdmlljp

Requested by

Host: shadowandact.com
URL: https://shadowandact.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::393 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

d103b3397ca4950ccdf6fecca9787bab85c6b088a03c7a7d289fcfd0bb5841de

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shadowandact.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 04:36:42 GMT
x-content-type-options: nosniff
server-timing: fastly;dur=2;cpu=1;start=2021-11-10T04:36:42.174Z;desc=hit,rtt;dur=5
vary: DPR,Width
content-length: 201894
last-modified: Tue, 19 Oct 2021 16:53:15 GMT
server: Cloudinary
etag: "9311bb4e6eade6b3d595ced7038c78a3"
strict-transport-security: max-age=604800
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=2592000
content-dpr: 1
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 40ms
17ms Image
image/gif 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-10302152-1&cid=737976534.1636519002&jid=1157636015&_u=aEBAAEAAEAAAAC~&z=691858375

Requested by

Host: shadowandact.com
URL: https://shadowandact.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shadowandact.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Nov 2021 04:36:42 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 39ms
18ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-10302152-1&cid=737976534.1636519002&jid=1157636015&_u=aEBAAEAAEAAAAC~&z=691858375

Requested by

Host: shadowandact.com
URL: https://shadowandact.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shadowandact.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Nov 2021 04:36:42 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
295 B 21ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2168516986784216&ev=PageView&dl=https%3A%2F%2Fshadowandact.com%2F&rl=&if=false&ts=1636519001787&sw=1600&sh=1200&v=2.9.48&r=stable&ec=0&o=30&fbp=fb.1.1636519001786.1170385815&it=1636519001550&coo=false&rqm=GET

Requested by

Host: shadowandact.com
URL: https://shadowandact.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shadowandact.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 04:36:42 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Wed, 10 Nov 2021 04:36:42 GMT

POST
H/1.1 200
OK story Show response
capi.connatix.com/core/ Frame 8A5E 3 KB
2 KB 159ms
117ms XHR
multipart/form-data 13.58.53.241
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/core/story?v=137439
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.58.53.241 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-58-53-241.us-east-2.compute.amazonaws.com
Software: /
Resource Hash: 715c50110ee58d82df384bb116eb79a866703fe2581b9bf45347934ce2eafcb2

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: multipart/form-data

Response headers

Date: Wed, 10 Nov 2021 04:36:42 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: multipart/form-data
Access-Control-Allow-Origin: https://shadowandact.com
transfer-encoding: chunked
Connection: keep-alive
Access-Control-Allow-Credentials: true

GET
H2 200 main-7b78720.z.css
builder-assets.unbounce.com/published-css/ Frame E2D0 15 KB
3 KB 40ms
7ms Stylesheet
text/css 13.224.186.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://builder-assets.unbounce.com/published-css/main-7b78720.z.css
Requested by: Host: 66c37c86af1b42cd94b050774081e5e2.pages.ubembed.com
URL: https://66c37c86af1b42cd94b050774081e5e2.pages.ubembed.com/b5e7fc40-83c3-4565-92cc-429ee63b09c2/a.html?closedAt=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.186.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-186-52.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7b787207f29ffd5672ab91b95f681b387b4d6433081cc8b47070f1d564827863

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://66c37c86af1b42cd94b050774081e5e2.pages.ubembed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 01:12:18 GMT
content-encoding: gzip
last-modified: Thu, 14 Jan 2021 00:04:15 GMT
server: AmazonS3
age: 24031465
etag: "387bd017c5b4c65e427e652174ec93b6"
x-cache: Hit from cloudfront
x-amz-version-id: g0dWGVKuz6Te2m6gM.NTNKySvNlc4fV3
via: 1.1 d8eef512ab23f23f549b4cd25ac5328d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-type: text/css
content-length: 2902
x-amz-cf-id: x8iz2d3GHr7Nise9NHQhNQDNLTZ1hBpkbm36ouSQrLG3WhAkP9gdpw==

GET
H2 200 main.bundle-fed11df.z.js Show response
builder-assets.unbounce.com/published-js/ Frame E2D0 102 KB
33 KB 41ms
9ms Script
application/javascript 13.224.186.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://builder-assets.unbounce.com/published-js/main.bundle-fed11df.z.js
Requested by: Host: 66c37c86af1b42cd94b050774081e5e2.pages.ubembed.com
URL: https://66c37c86af1b42cd94b050774081e5e2.pages.ubembed.com/b5e7fc40-83c3-4565-92cc-429ee63b09c2/a.html?closedAt=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.186.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-186-52.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fed11df35baed7ee38458ff705b4b46ed7993830ea46f9b166c7e4d08afb3ab3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://66c37c86af1b42cd94b050774081e5e2.pages.ubembed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 06 May 2021 20:57:02 GMT
content-encoding: gzip
last-modified: Thu, 06 May 2021 18:27:02 GMT
server: AmazonS3
age: 16184381
etag: "02427a0829fed4e24e9864e2f6f1d669"
x-cache: Hit from cloudfront
x-amz-version-id: PY5jXkWzij7RMiymy035twJKn1QV7eth
via: 1.1 d8eef512ab23f23f549b4cd25ac5328d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-type: application/javascript
content-length: 33154
x-amz-cf-id: ynBmvhOhgfhWF1FbnNgN-pug0GAGzmrOwOuXKILo8u5K6iUX1vdqvg==

GET
H2 200 main-7b78720.z.css
builder-assets.unbounce.com/published-css/ Frame 43EB 15 KB
3 KB 40ms
8ms Stylesheet
text/css 13.224.186.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://builder-assets.unbounce.com/published-css/main-7b78720.z.css
Requested by: Host: 66c37c86af1b42cd94b050774081e5e2.pages.ubembed.com
URL: https://66c37c86af1b42cd94b050774081e5e2.pages.ubembed.com/f3b01f09-51e1-43d8-bbfb-9387fb4d2824/a.html?closedAt=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.186.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-186-52.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7b787207f29ffd5672ab91b95f681b387b4d6433081cc8b47070f1d564827863

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://66c37c86af1b42cd94b050774081e5e2.pages.ubembed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 01:12:18 GMT
content-encoding: gzip
last-modified: Thu, 14 Jan 2021 00:04:15 GMT
server: AmazonS3
age: 24031465
etag: "387bd017c5b4c65e427e652174ec93b6"
x-cache: Hit from cloudfront
x-amz-version-id: g0dWGVKuz6Te2m6gM.NTNKySvNlc4fV3
via: 1.1 d8eef512ab23f23f549b4cd25ac5328d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-type: text/css
content-length: 2902
x-amz-cf-id: yLkL-nK1L3YnXEIlCSDDvAJC0U-HpJuSjIn-SDcqjRRdT4GKUqjoEQ==

GET
H2 200 main.bundle-fed11df.z.js Show response
builder-assets.unbounce.com/published-js/ Frame 43EB 102 KB
33 KB 46ms
15ms Script
application/javascript 13.224.186.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://builder-assets.unbounce.com/published-js/main.bundle-fed11df.z.js
Requested by: Host: 66c37c86af1b42cd94b050774081e5e2.pages.ubembed.com
URL: https://66c37c86af1b42cd94b050774081e5e2.pages.ubembed.com/f3b01f09-51e1-43d8-bbfb-9387fb4d2824/a.html?closedAt=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.186.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-186-52.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fed11df35baed7ee38458ff705b4b46ed7993830ea46f9b166c7e4d08afb3ab3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://66c37c86af1b42cd94b050774081e5e2.pages.ubembed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 06 May 2021 20:57:02 GMT
content-encoding: gzip
last-modified: Thu, 06 May 2021 18:27:02 GMT
server: AmazonS3
age: 16184381
etag: "02427a0829fed4e24e9864e2f6f1d669"
x-cache: Hit from cloudfront
x-amz-version-id: PY5jXkWzij7RMiymy035twJKn1QV7eth
via: 1.1 d8eef512ab23f23f549b4cd25ac5328d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-type: application/javascript
content-length: 33154
x-amz-cf-id: O6dOdDg4y6clyeGwFS2Bw5EGe6KRpBqJ89F7BbjZ6XPIsezIZBXrwQ==

GET
H2 200 dced0af.js Show response
shadowandact.com/_nuxt/ 7 KB
3 KB 8ms
7ms Script
application/javascript 35.227.214.231
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://shadowandact.com/_nuxt/dced0af.js
Requested by: Host: shadowandact.com
URL: https://shadowandact.com/_nuxt/4c33721.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.214.231 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 231.214.227.35.bc.googleusercontent.com
Software: /
Resource Hash: bd0cc18f7e0a11a2ea10387cb6d9d6387d07a59e51e0f816a982c3b1615920ac

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shadowandact.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 20:26:17 GMT
via: 1.1 google
last-modified: Fri, 29 Oct 2021 16:42:30 GMT
age: 29425
etag: W/"1ab7-17cccee6cf0"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public,max-age=3600
accept-ranges: bytes
content-encoding: gzip
alt-svc: clear
content-length: 2670

GET
H2 200 9067319.js Show response
shadowandact.com/_nuxt/ 125 KB
42 KB 8ms
8ms Script
application/javascript 35.227.214.231
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://shadowandact.com/_nuxt/9067319.js
Requested by: Host: shadowandact.com
URL: https://shadowandact.com/_nuxt/4c33721.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.214.231 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 231.214.227.35.bc.googleusercontent.com
Software: /
Resource Hash: d186b31992d8873c99c81a8751b914b6699a80c22b5177d0ac7b8394d9ebd5f9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shadowandact.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 11:53:11 GMT
via: 1.1 google
last-modified: Fri, 29 Oct 2021 16:42:30 GMT
age: 60211
etag: W/"1f468-17cccee6cf0"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public,max-age=3600
accept-ranges: bytes
content-encoding: gzip
alt-svc: clear
content-length: 43050

GET
H2 200 69e4f26.js Show response
shadowandact.com/_nuxt/ 10 KB
4 KB 9ms
8ms Script
application/javascript 35.227.214.231
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://shadowandact.com/_nuxt/69e4f26.js
Requested by: Host: shadowandact.com
URL: https://shadowandact.com/_nuxt/4c33721.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.214.231 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 231.214.227.35.bc.googleusercontent.com
Software: /
Resource Hash: 8d2a954133d95a484bfa89fe5bdc35e991fe6b79e307b40fefe63d5f75a1416d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shadowandact.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 09:37:44 GMT
via: 1.1 google
last-modified: Fri, 29 Oct 2021 16:42:30 GMT
age: 68338
etag: W/"2992-17cccee6cf0"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public,max-age=3600
accept-ranges: bytes
content-encoding: gzip
alt-svc: clear
content-length: 3844

GET
H2 200 7ca9976.js Show response
shadowandact.com/_nuxt/ 8 KB
3 KB 9ms
8ms Script
application/javascript 35.227.214.231
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://shadowandact.com/_nuxt/7ca9976.js
Requested by: Host: shadowandact.com
URL: https://shadowandact.com/_nuxt/4c33721.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.214.231 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 231.214.227.35.bc.googleusercontent.com
Software: /
Resource Hash: 8e3b0a3c78fe3ba34fb1330f1d83ccb62613296f39ea3808d3d343fac1d627b1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shadowandact.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 23:14:03 GMT
via: 1.1 google
last-modified: Fri, 29 Oct 2021 16:42:30 GMT
age: 19359
etag: W/"2101-17cccee6cf0"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public,max-age=3600
accept-ranges: bytes
content-encoding: gzip
alt-svc: clear
content-length: 2688

GET
DATA 200
OK truncated
/ Frame E2D0 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 f4e502c0-copy-of-audio-fb-tw-_1000000000000000000028.png
d9hhrg4mnvzow.cloudfront.net/66c37c86af1b42cd94b050774081e5e2.pages.ubembed.com/b5e7fc40-83c3-4565-92cc-429ee63b09c2/ Frame E2D0 27 KB
27 KB 59ms
15ms Image
image/png 13.225.84.146
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/66c37c86af1b42cd94b050774081e5e2.pages.ubembed.com/b5e7fc40-83c3-4565-92cc-429ee63b09c2/f4e502c0-copy-of-audio-fb-tw-_1000000000000000000028.png
Requested by: Host: 66c37c86af1b42cd94b050774081e5e2.pages.ubembed.com
URL: https://66c37c86af1b42cd94b050774081e5e2.pages.ubembed.com/b5e7fc40-83c3-4565-92cc-429ee63b09c2/a.html?closedAt=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.84.146 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-84-146.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d80326f55bc31b42059f5ccfb160eaf1441a05659feee224eec68e3e3445f7e8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://66c37c86af1b42cd94b050774081e5e2.pages.ubembed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 17 Oct 2021 09:25:26 GMT
via: 1.1 71dbd5706c5b0c7b733248e1171f2d4f.cloudfront.net (CloudFront)
last-modified: Wed, 15 Sep 2021 17:46:53 GMT
server: AmazonS3
age: 2056277
etag: "a92eb63470f136b34ace2d912b07eab2"
x-cache: Hit from cloudfront
x-amz-version-id: zU4YhQnP9xKbdNkl7SCzUmNvfAjQUXE7
cache-control: max-age=31557600
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-type: image/png
content-length: 27707
x-amz-cf-id: SmpzRSLKLiR0cmWiDyzjhPMdje8SG95sVCSw_LHOeZLyaUIsNrW5lQ==

GET
DATA 200
OK truncated
/ Frame 43EB 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/gif

GET
BLOB 200
OK 3d059469-bba6-46a7-89b0-481784d60442
https://66c37c86af1b42cd94b050774081e5e2.pages.ubembed.com/ Frame E2D0 5 KB
0 Stylesheet
text/css

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://66c37c86af1b42cd94b050774081e5e2.pages.ubembed.com/3d059469-bba6-46a7-89b0-481784d60442
Requested by: Host: builder-assets.unbounce.com
URL: https://builder-assets.unbounce.com/published-js/main.bundle-fed11df.z.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9c29517d31f5827419cfb4f4ff8cd13b478ec5345cfbb24e4f02072c723a87e7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Length: 5603
Content-Type: text/css

GET
H2 200 5d7e0607-at-conference-pop-up-asset-r1-1_1000000000000000000028.png
d9hhrg4mnvzow.cloudfront.net/66c37c86af1b42cd94b050774081e5e2.pages.ubembed.com/b5e7fc40-83c3-4565-92cc-429ee63b09c2/ Frame E2D0 67 KB
68 KB 11ms
11ms Image
image/png 13.225.84.146
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/66c37c86af1b42cd94b050774081e5e2.pages.ubembed.com/b5e7fc40-83c3-4565-92cc-429ee63b09c2/5d7e0607-at-conference-pop-up-asset-r1-1_1000000000000000000028.png
Requested by: Host: 66c37c86af1b42cd94b050774081e5e2.pages.ubembed.com
URL: https://66c37c86af1b42cd94b050774081e5e2.pages.ubembed.com/b5e7fc40-83c3-4565-92cc-429ee63b09c2/a.html?closedAt=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.84.146 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-84-146.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: eb5a6ca06af450f4ff2f5d52d8fbaa3c0e055ee6ced44cc7ba058eafe9a56b11

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://66c37c86af1b42cd94b050774081e5e2.pages.ubembed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 09:59:09 GMT
via: 1.1 71dbd5706c5b0c7b733248e1171f2d4f.cloudfront.net (CloudFront)
last-modified: Wed, 15 Sep 2021 17:46:53 GMT
server: AmazonS3
age: 3782254
etag: "e9d889caa890129e535108b6b0afa58f"
x-cache: Hit from cloudfront
x-amz-version-id: loLC7AMsuScMAIFauI_TwUJ4hGYEmFBR
cache-control: max-age=31557600
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-type: image/png
content-length: 68979
x-amz-cf-id: l6KZNunPdCFXnfjSv4fMXUl5dn6D4HpHTj-uqNhC3WmAIS94NWohKw==

GET
BLOB 200
OK dce8c23a-eaca-4118-bfe1-3d25440fa44b
https://66c37c86af1b42cd94b050774081e5e2.pages.ubembed.com/ Frame 43EB 5 KB
0 Stylesheet
text/css

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://66c37c86af1b42cd94b050774081e5e2.pages.ubembed.com/dce8c23a-eaca-4118-bfe1-3d25440fa44b
Requested by: Host: builder-assets.unbounce.com
URL: https://builder-assets.unbounce.com/published-js/main.bundle-fed11df.z.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9c29517d31f5827419cfb4f4ff8cd13b478ec5345cfbb24e4f02072c723a87e7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Length: 5603
Content-Type: text/css

GET
H2 200 fc00db09-blavity-tv-web-banner-728-x-90-px_1000000000000000000028.png
d9hhrg4mnvzow.cloudfront.net/66c37c86af1b42cd94b050774081e5e2.pages.ubembed.com/f3b01f09-51e1-43d8-bbfb-9387fb4d2824/ Frame 43EB 23 KB
23 KB 13ms
12ms Image
image/png 13.225.84.146
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/66c37c86af1b42cd94b050774081e5e2.pages.ubembed.com/f3b01f09-51e1-43d8-bbfb-9387fb4d2824/fc00db09-blavity-tv-web-banner-728-x-90-px_1000000000000000000028.png
Requested by: Host: 66c37c86af1b42cd94b050774081e5e2.pages.ubembed.com
URL: https://66c37c86af1b42cd94b050774081e5e2.pages.ubembed.com/f3b01f09-51e1-43d8-bbfb-9387fb4d2824/a.html?closedAt=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.84.146 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-84-146.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8c56a7d782d3ee90f7b0857482dc0378a85c5c6f0d14a3ed6904685bc4cffeee

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://66c37c86af1b42cd94b050774081e5e2.pages.ubembed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 18:29:33 GMT
via: 1.1 71dbd5706c5b0c7b733248e1171f2d4f.cloudfront.net (CloudFront)
last-modified: Mon, 08 Nov 2021 17:43:55 GMT
server: AmazonS3
age: 122830
etag: "2c5f0ec02d4d70c9413a2009d19b9229"
x-cache: Hit from cloudfront
x-amz-version-id: 7aoLlyucjthch.7q5kJk12UZM.I82Sgj
cache-control: max-age=31557600
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-type: image/png
content-length: 23133
x-amz-cf-id: B2F6kUjtQy_m9SSrY40Pb8PlJtWf1c51H_XKYRuzCMGRUfmnofcXJQ==

GET
H2 200 0b923504-blavity-tv-web-banner-320-x-50px_1000000000000000000028.png
d9hhrg4mnvzow.cloudfront.net/66c37c86af1b42cd94b050774081e5e2.pages.ubembed.com/f3b01f09-51e1-43d8-bbfb-9387fb4d2824/ Frame 43EB 11 KB
11 KB 13ms
12ms Image
image/png 13.225.84.146
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/66c37c86af1b42cd94b050774081e5e2.pages.ubembed.com/f3b01f09-51e1-43d8-bbfb-9387fb4d2824/0b923504-blavity-tv-web-banner-320-x-50px_1000000000000000000028.png
Requested by: Host: 66c37c86af1b42cd94b050774081e5e2.pages.ubembed.com
URL: https://66c37c86af1b42cd94b050774081e5e2.pages.ubembed.com/f3b01f09-51e1-43d8-bbfb-9387fb4d2824/a.html?closedAt=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.84.146 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-84-146.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b77de322f7e90cc655176c04e94ceda56db8ad22a0e00a0570e8feed89f04eb6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://66c37c86af1b42cd94b050774081e5e2.pages.ubembed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 18:29:34 GMT
via: 1.1 71dbd5706c5b0c7b733248e1171f2d4f.cloudfront.net (CloudFront)
last-modified: Mon, 08 Nov 2021 17:43:55 GMT
server: AmazonS3
age: 122829
etag: "dad1c72461d5e8fc042b6b37bed131ce"
x-cache: Hit from cloudfront
x-amz-version-id: 7kRUSyvyrXuf0S9qlKkNt4sRDhFtUIOE
cache-control: max-age=31557600
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-type: image/png
content-length: 11236
x-amz-cf-id: 3UOq4vh4BXJWryPwYpDVxHvO3ho9HbkgOlOgmCICvLT1fdxYbu8bXg==

GET
H2 204 embeddableActivated Show response
66c37c86af1b42cd94b050774081e5e2.events.ubembed.com/ 0
102 B 319ms
98ms XHR
text/plain 44.196.63.69
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://66c37c86af1b42cd94b050774081e5e2.events.ubembed.com/embeddableActivated?activationRuleId=67c429c1b4294d09b483c47fb1c151be&browserTrackingId=8e93a878a0d2425782270fa408d6fb80&clientId=a5b4eb2f-f233-44d7-a639-1808eaa6e003&hostPageCorrelationId=b87a585c62994a7e81d310f0fe016a16&hostPageReferrerUrl=&hostPageUrl=https%3A%2F%2Fshadowandact.com%2F&isFirstTime=true&requestId=d9e3b93e7a98490fb00c9a4c3b9f2420&source=universalscript-v0.179.1
Requested by: Host: assets.ubembed.com
URL: https://assets.ubembed.com/universalscript/releases/v0.179.1/bundle.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.196.63.69 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-196-63-69.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://shadowandact.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://shadowandact.com
date: Wed, 10 Nov 2021 04:36:42 GMT
access-control-allow-credentials: true

GET
H2 204 embeddableViewed Show response
66c37c86af1b42cd94b050774081e5e2.events.ubembed.com/ 0
101 B 324ms
104ms XHR
text/plain 44.196.63.69
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://66c37c86af1b42cd94b050774081e5e2.events.ubembed.com/embeddableViewed?activationRuleId=67c429c1b4294d09b483c47fb1c151be&browserTrackingId=8e93a878a0d2425782270fa408d6fb80&clientId=a5b4eb2f-f233-44d7-a639-1808eaa6e003&hostPageCorrelationId=b87a585c62994a7e81d310f0fe016a16&hostPageReferrerUrl=&hostPageUrl=https%3A%2F%2Fshadowandact.com%2F&isFirstTime=true&requestId=c7252054ea2049d2a001ded7168907b4&source=universalscript-v0.179.1
Requested by: Host: assets.ubembed.com
URL: https://assets.ubembed.com/universalscript/releases/v0.179.1/bundle.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.196.63.69 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-196-63-69.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://shadowandact.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://shadowandact.com
date: Wed, 10 Nov 2021 04:36:42 GMT
access-control-allow-credentials: true

GET
H2 204 embeddableActivated Show response
66c37c86af1b42cd94b050774081e5e2.events.ubembed.com/ 0
101 B 321ms
103ms XHR
text/plain 44.196.63.69
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://66c37c86af1b42cd94b050774081e5e2.events.ubembed.com/embeddableActivated?activationRuleId=f48eb94520174fd6ae44f40e1a7bdff7&browserTrackingId=8e93a878a0d2425782270fa408d6fb80&clientId=a5b4eb2f-f233-44d7-a639-1808eaa6e003&hostPageCorrelationId=ad874ea57762418eb1238ffdf498d545&hostPageReferrerUrl=&hostPageUrl=https%3A%2F%2Fshadowandact.com%2F&isFirstTime=true&requestId=0a54a037ca93415f83e27161bcc1639c&source=universalscript-v0.179.1
Requested by: Host: assets.ubembed.com
URL: https://assets.ubembed.com/universalscript/releases/v0.179.1/bundle.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.196.63.69 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-196-63-69.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://shadowandact.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://shadowandact.com
date: Wed, 10 Nov 2021 04:36:42 GMT
access-control-allow-credentials: true

GET
H2 204 embeddableViewed Show response
66c37c86af1b42cd94b050774081e5e2.events.ubembed.com/ 0
101 B 316ms
99ms XHR
text/plain 44.196.63.69
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://66c37c86af1b42cd94b050774081e5e2.events.ubembed.com/embeddableViewed?activationRuleId=f48eb94520174fd6ae44f40e1a7bdff7&browserTrackingId=8e93a878a0d2425782270fa408d6fb80&clientId=a5b4eb2f-f233-44d7-a639-1808eaa6e003&hostPageCorrelationId=ad874ea57762418eb1238ffdf498d545&hostPageReferrerUrl=&hostPageUrl=https%3A%2F%2Fshadowandact.com%2F&isFirstTime=true&requestId=00149e5f398344a2a2d1af9c65816363&source=universalscript-v0.179.1
Requested by: Host: assets.ubembed.com
URL: https://assets.ubembed.com/universalscript/releases/v0.179.1/bundle.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.196.63.69 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-196-63-69.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://shadowandact.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://shadowandact.com
date: Wed, 10 Nov 2021 04:36:42 GMT
access-control-allow-credentials: true

POST
H/1.1 200
OK sr Show response
capi.connatix.com/tr/ Frame 8A5E 0
297 B 108ms
108ms XHR
multipart/form-data 13.58.53.241
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/tr/sr?v=137439
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.58.53.241 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-58-53-241.us-east-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: multipart/form-data

Response headers

Date: Wed, 10 Nov 2021 04:36:42 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: multipart/form-data
Access-Control-Allow-Origin: https://shadowandact.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 79 KB
27 KB 42ms
21ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

sffe /

Resource Hash

df04b6518951f79fc4d35ff827dbd4d324dce48a8622ab4995edcd1786d070a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shadowandact.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 04:36:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1039 / 766 of 1000 / last-modified: 1636499161"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27057
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 10 Nov 2021 04:36:42 GMT

GET
H2 200 8e40509d-51fb-4f4d-83bd-44eb24085341.bin Show response
vid.connatix.com/95a36ebe-1dc7-4ce0-a450-f8dda38442aa/ Frame 8A5E 3 KB
1 KB 28ms
7ms XHR
application/octet-stream 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.connatix.com/95a36ebe-1dc7-4ce0-a450-f8dda38442aa/8e40509d-51fb-4f4d-83bd-44eb24085341.bin
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 12af984c8c3394d5138e063987d986f86f4db7e3c2b2d79490c49d8cc0aca0ef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 04:36:42 GMT
content-encoding: gzip
last-modified: Tue, 09 Nov 2021 19:59:29 GMT
age: 30968
etag: "455cae5e0cc012ed1f95a74d23bad9b9"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/octet-stream
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 1200

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 8A5E 368 KB
123 KB 54ms
20ms Script
text/javascript 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

013642abc6eb7dace2707aec3f8dae8d884cc284951ace55bb737bfde43f687a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 04:36:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 125099
x-xss-protection: 0
expires: Wed, 10 Nov 2021 04:36:42 GMT

GET
H2 200 1.png
img.connatix.com/3f40e27c-3e51-471e-94ce-9d663bd2110d/ 19 KB
19 KB 22ms
13ms Image
image/png 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.connatix.com/3f40e27c-3e51-471e-94ce-9d663bd2110d/1.png
Requested by: Host: shadowandact.com
URL: https://shadowandact.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 662c975d636ea2d038456c35eac7fd6677a80ec8e9e4bf2c0ee232584f25d823

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shadowandact.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 04:36:42 GMT
content-encoding: br
age: 1721501
etag: "iysEHTQpLZLvQFZT4eXpxiajElZREAS5z4TVP3EGiMw"
access-control-max-age: 86400
fastly-io-info: ifsz=18952 idim=400x151 ifmt=png ofsz=18952 odim=400x151 ofmt=png
access-control-allow-origin: *
cache-control: max-age=2592000, public
fastly-stats: io=1
accept-ranges: bytes
content-type: image/png
content-length: 18853
fastly-io-warning: Failed to shrink image

POST
H/1.1 200
OK ao Show response
capi.connatix.com/tr/ Frame 8A5E 0
297 B 104ms
103ms XHR
multipart/form-data 13.58.53.241
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/tr/ao?v=137439
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.58.53.241 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-58-53-241.us-east-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: multipart/form-data

Response headers

Date: Wed, 10 Nov 2021 04:36:42 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: multipart/form-data
Access-Control-Allow-Origin: https://shadowandact.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20

POST
H/1.1 200
OK g Show response
capi.connatix.com/rtb/ Frame 8A5E 511 B
657 B 512ms
212ms XHR
multipart/form-data 13.58.53.241
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/rtb/g?v=137439
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.58.53.241 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-58-53-241.us-east-2.compute.amazonaws.com
Software: /
Resource Hash: 74e59d6d785274271aad76c8eabe0ac20e9ae37b908034c18e8df46b83d6a5d5

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: multipart/form-data

Response headers

Date: Wed, 10 Nov 2021 04:36:42 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: multipart/form-data
Access-Control-Allow-Origin: https://shadowandact.com
transfer-encoding: chunked
Connection: keep-alive
Access-Control-Allow-Credentials: true

POST
H/1.1 200
OK ps Show response
capi.connatix.com/tr/ Frame 8A5E 0
297 B 102ms
102ms XHR
multipart/form-data 13.58.53.241
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/tr/ps?v=137439
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.58.53.241 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-58-53-241.us-east-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: multipart/form-data

Response headers

Date: Wed, 10 Nov 2021 04:36:42 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: multipart/form-data
Access-Control-Allow-Origin: https://shadowandact.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20

POST
H/1.1 200
OK mq Show response
capi.connatix.com/tr/ Frame 8A5E 0
297 B 201ms
101ms XHR
multipart/form-data 13.58.53.241
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/tr/mq?v=137439
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.58.53.241 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-58-53-241.us-east-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: multipart/form-data

Response headers

Date: Wed, 10 Nov 2021 04:36:42 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: multipart/form-data
Access-Control-Allow-Origin: https://shadowandact.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20

GET
H2 200 0fe5d6f3-3cd3-4ffa-8ca4-606cb0fb447a.jpg
img.connatix.com/95a36ebe-1dc7-4ce0-a450-f8dda38442aa/ 9 KB
9 KB 330ms
330ms Image
image/jpeg 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.connatix.com/95a36ebe-1dc7-4ce0-a450-f8dda38442aa/0fe5d6f3-3cd3-4ffa-8ca4-606cb0fb447a.jpg?crop=359:274,smart&width=359&height=274&format=jpeg&quality=60&fit=crop
Requested by: Host: shadowandact.com
URL: https://shadowandact.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 72a3c8c62b8aae71a78e5240bdb7227de1df9e9219fb310fc8952724e707bbcf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shadowandact.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 04:36:42 GMT
content-encoding: br
age: 30893
etag: "rnzc0jAamm2n4kuzZwy3tMbtwgDBaY9PFx7PwbBFXDI"
access-control-max-age: 86400
fastly-io-info: ifsz=2084735 idim=1690x1034 ifmt=png ofsz=9442 odim=359x274 ofmt=jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public
fastly-stats: io=1
accept-ranges: bytes
content-type: image/jpeg
content-length: 9051

GET
H2 200 GettyImages-1342360048.jpg
cms.shadowandact.com/wp-content/uploads/2021/11/ 118 KB
119 KB 128ms
126ms Image
image/jpeg 146.148.110.40
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cms.shadowandact.com/wp-content/uploads/2021/11/GettyImages-1342360048.jpg
Requested by: Host: shadowandact.com
URL: https://shadowandact.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 146.148.110.40 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 40.110.148.146.bc.googleusercontent.com
Software: nginx /
Resource Hash: 8190cf84aef042182c794f11669bba723dd0373927d3dce523d6543db0088b56

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shadowandact.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 04:36:42 GMT
last-modified: Mon, 08 Nov 2021 22:15:14 GMT
server: nginx
etag: "6189a172-1d951"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 121169

GET
H2 200 Choriza-May-River-Medway-Drag-Race-UK-960x658-1.jpg
cms.shadowandact.com/wp-content/uploads/2021/11/ 111 KB
111 KB 128ms
126ms Image
image/jpeg 146.148.110.40
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cms.shadowandact.com/wp-content/uploads/2021/11/Choriza-May-River-Medway-Drag-Race-UK-960x658-1.jpg
Requested by: Host: shadowandact.com
URL: https://shadowandact.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 146.148.110.40 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 40.110.148.146.bc.googleusercontent.com
Software: nginx /
Resource Hash: 2b9038cfb40d319898ab1d31e675081bc6674bcee59a91fddce40d4c35851dba

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shadowandact.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 04:36:42 GMT
last-modified: Mon, 08 Nov 2021 21:55:48 GMT
server: nginx
etag: "61899ce4-1bab1"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 113329

GET
H2 200 Untitled-design-2021-11-08T163617.360.jpg
cms.shadowandact.com/wp-content/uploads/2021/11/ 142 KB
143 KB 128ms
126ms Image
image/jpeg 146.148.110.40
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cms.shadowandact.com/wp-content/uploads/2021/11/Untitled-design-2021-11-08T163617.360.jpg
Requested by: Host: shadowandact.com
URL: https://shadowandact.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 146.148.110.40 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 40.110.148.146.bc.googleusercontent.com
Software: nginx /
Resource Hash: b2696dbea671bb92ddd8e0a43a7b02611a8d4954736fa74b25c68f98d49e4fb8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shadowandact.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 04:36:42 GMT
last-modified: Mon, 08 Nov 2021 21:36:25 GMT
server: nginx
etag: "61899859-239f9"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 145913

GET
H2 200 GettyImages-460084074.jpg
cms.shadowandact.com/wp-content/uploads/2021/11/ 186 KB
186 KB 128ms
126ms Image
image/jpeg 146.148.110.40
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cms.shadowandact.com/wp-content/uploads/2021/11/GettyImages-460084074.jpg
Requested by: Host: shadowandact.com
URL: https://shadowandact.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 146.148.110.40 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 40.110.148.146.bc.googleusercontent.com
Software: nginx /
Resource Hash: 205c6cb229e4894441312f1309c06239c850b15da160db51412d1615c3f0ed8a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shadowandact.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 04:36:42 GMT
last-modified: Mon, 08 Nov 2021 20:46:15 GMT
server: nginx
etag: "61898c97-2e79b"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 190363

GET
H2 200 0fe5d6f3-3cd3-4ffa-8ca4-606cb0fb447a.jpg
img.connatix.com/95a36ebe-1dc7-4ce0-a450-f8dda38442aa/ 8 KB
7 KB 238ms
237ms Image
image/jpeg 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.connatix.com/95a36ebe-1dc7-4ce0-a450-f8dda38442aa/0fe5d6f3-3cd3-4ffa-8ca4-606cb0fb447a.jpg?crop=359:202,smart&width=359&height=202&format=jpeg&quality=60&fit=crop
Requested by: Host: shadowandact.com
URL: https://shadowandact.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 7ec74647f81be29524b46104f9f252c430572309756cbc5dc60a02f21f0dcae3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shadowandact.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 04:36:42 GMT
content-encoding: br
age: 30893
etag: "s8jlN84pGYygd9mrQ3Slruv2m6xckX+/oIKdiUI3UMo"
access-control-max-age: 86400
fastly-io-info: ifsz=2084735 idim=1690x1034 ifmt=png ofsz=7897 odim=359x202 ofmt=jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public
fastly-stats: io=1
accept-ranges: bytes
content-type: image/jpeg
content-length: 7475

GET
H2 200 ef089c9f-8645-47d0-ae4a-74b467060db5.jpg
img.connatix.com/95a36ebe-1dc7-4ce0-a450-f8dda38442aa/ 9 KB
8 KB 114ms
114ms Image
image/jpeg 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.connatix.com/95a36ebe-1dc7-4ce0-a450-f8dda38442aa/ef089c9f-8645-47d0-ae4a-74b467060db5.jpg?crop=359:202,smart&width=359&height=202&format=jpeg&quality=60&fit=crop
Requested by: Host: shadowandact.com
URL: https://shadowandact.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 6c072bb6a2baa93fba1620e452caa913972378aad528b23432f4dc626a4ae2ad

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shadowandact.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 04:36:42 GMT
content-encoding: br
age: 30968
etag: "dgQinBy2aMdTGO1ZUP3Bwtb42uoAfE6za/nmr75XO2M"
access-control-max-age: 86400
fastly-io-info: ifsz=145913 idim=1300x800 ifmt=jpeg ofsz=8824 odim=359x202 ofmt=jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public
fastly-stats: io=1
accept-ranges: bytes
content-type: image/jpeg
content-length: 8432

GET
H2 200 a94e5c25-a330-46b3-be0a-dfa9b60b294b.jpg
img.connatix.com/95a36ebe-1dc7-4ce0-a450-f8dda38442aa/ 11 KB
10 KB 176ms
176ms Image
image/jpeg 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.connatix.com/95a36ebe-1dc7-4ce0-a450-f8dda38442aa/a94e5c25-a330-46b3-be0a-dfa9b60b294b.jpg?crop=359:202,smart&width=359&height=202&format=jpeg&quality=60&fit=crop
Requested by: Host: shadowandact.com
URL: https://shadowandact.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 1f35d3ee79d23719662dd058da4ab28fa88ffafafd6ee395464577fd6903ee3f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shadowandact.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 04:36:42 GMT
content-encoding: br
age: 30953
etag: "Nxdvp8zulqk+u4kh81j6ldCYcAaerhVp2y/1rAHyOAE"
access-control-max-age: 86400
fastly-io-info: ifsz=147773 idim=1300x800 ifmt=jpeg ofsz=10954 odim=359x202 ofmt=jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public
fastly-stats: io=1
accept-ranges: bytes
content-type: image/jpeg
content-length: 10557

GET
H2 200 2ed4aaf4-8da5-4609-ac4f-b9352732908e.jpg
img.connatix.com/95a36ebe-1dc7-4ce0-a450-f8dda38442aa/ 14 KB
14 KB 115ms
115ms Image
image/jpeg 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.connatix.com/95a36ebe-1dc7-4ce0-a450-f8dda38442aa/2ed4aaf4-8da5-4609-ac4f-b9352732908e.jpg?crop=359:202,smart&width=359&height=202&format=jpeg&quality=60&fit=crop
Requested by: Host: shadowandact.com
URL: https://shadowandact.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 605c44b67d915ea3f3a88187208044732d4d9018f001ec9827110fbd0aa0616f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shadowandact.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 04:36:42 GMT
content-encoding: br
age: 30968
etag: "3EvVFxlmfTrqyBFRtql77yZxriaJZGW6MVcS3y9XSog"
access-control-max-age: 86400
fastly-io-info: ifsz=113329 idim=960x658 ifmt=jpeg ofsz=14561 odim=359x202 ofmt=jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public
fastly-stats: io=1
accept-ranges: bytes
content-type: image/jpeg
content-length: 14172

GET
H2 200 628c6a94-e31b-49b0-b654-10553acdaff1.jpg
img.connatix.com/95a36ebe-1dc7-4ce0-a450-f8dda38442aa/ 8 KB
7 KB 213ms
213ms Image
image/jpeg 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.connatix.com/95a36ebe-1dc7-4ce0-a450-f8dda38442aa/628c6a94-e31b-49b0-b654-10553acdaff1.jpg?crop=359:202,smart&width=359&height=202&format=jpeg&quality=60&fit=crop
Requested by: Host: shadowandact.com
URL: https://shadowandact.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 6e314532058fecae8a3e7ad456d3c4563e22bd2297ae04606433064c89393468

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shadowandact.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 04:36:42 GMT
content-encoding: br
age: 30952
etag: "MYbcvw+X5k/i4Ck1NtmPlDncHPJDQZkMx6vD+MFIrhc"
access-control-max-age: 86400
fastly-io-info: ifsz=697698 idim=2332x1222 ifmt=png ofsz=7848 odim=359x202 ofmt=jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public
fastly-stats: io=1
accept-ranges: bytes
content-type: image/jpeg
content-length: 7452

GET
H2 200 pubads_impl_2021110401.js Show response
securepubads.g.doubleclick.net/gpt/ 346 KB
116 KB 17ms
17ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

sffe /

Resource Hash

ecafecffa0db9b7f76734f0bcab9c4646954668aebd3e86dc38cdbe162d3f250

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shadowandact.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 04:36:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119010
x-xss-protection: 0
last-modified: Thu, 04 Nov 2021 08:34:50 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 10 Nov 2021 04:36:42 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 120 B
122 B 35ms
16ms XHR
application/json 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=shadowandact.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

98e08cc65b147c539dcd3d740305f1758f55b5f47198a5100761a9bf8edb8e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shadowandact.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 10 Nov 2021 04:36:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 97
x-xss-protection: 0
expires: Wed, 10 Nov 2021 04:36:42 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 133 KB
36 KB 58ms
13ms Script
application/javascript 13.224.198.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-shadowandact-com.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.198.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-198-4.fra2.r.cloudfront.net
Software: Server /
Resource Hash: 973fe12f5130be123a73261e3956030b8a1c380f8cd8234e319b51bda6892898

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shadowandact.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: Z0IamK7Uj8Cug.ddab3Iex9UsiUM6RCO
content-encoding: gzip
server: Server
x-amz-cf-pop: FRA2-C1
x-amz-rid: 0BGAFAE2ZHYE3YKZ0HRW
etag: fc2e1be4d234471752ea2ebee7e63d1e
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 9568a708c8ab21597698ebe7dce6c42e.cloudfront.net (CloudFront)
cache-control: public, max-age=900
date: Wed, 10 Nov 2021 04:36:42 GMT
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: i1uKzvlKiUxlJwxgr8NWVUVOhbUKlh8YBEc_tEjBn5RZ7MYAzs0GAA==

GET
H2 200 highway-to-heaven-jill-scott-HTH_06042021_JY_023_horizontal.jpg
cms.shadowandact.com/wp-content/uploads/2021/11/ 98 KB
98 KB 114ms
113ms Image
image/jpeg 146.148.110.40
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cms.shadowandact.com/wp-content/uploads/2021/11/highway-to-heaven-jill-scott-HTH_06042021_JY_023_horizontal.jpg
Requested by: Host: shadowandact.com
URL: https://shadowandact.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 146.148.110.40 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 40.110.148.146.bc.googleusercontent.com
Software: nginx /
Resource Hash: 4d2ac16e0c3b4f32f8123587dd68135aac05e7f4b1fac2f5f640f532ebb22d22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shadowandact.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 04:36:42 GMT
last-modified: Sat, 06 Nov 2021 18:53:53 GMT
server: nginx
etag: "6186cf41-18687"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 99975

GET
H2 200 GettyImages-1347989862.jpg
cms.shadowandact.com/wp-content/uploads/2021/11/ 83 KB
83 KB 114ms
113ms Image
image/jpeg 146.148.110.40
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cms.shadowandact.com/wp-content/uploads/2021/11/GettyImages-1347989862.jpg
Requested by: Host: shadowandact.com
URL: https://shadowandact.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 146.148.110.40 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 40.110.148.146.bc.googleusercontent.com
Software: nginx /
Resource Hash: e417eb5f747d6bf034b7c403db9fb90feeb4c71c51c4cd0ab076ef4baf5f29cd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shadowandact.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 04:36:42 GMT
last-modified: Tue, 09 Nov 2021 16:05:14 GMT
server: nginx
etag: "618a9c3a-14a86"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 84614

GET
H2 200 preview-2-e1633490884365.webp
cms.shadowandact.com/wp-content/uploads/2021/11/ 170 KB
171 KB 118ms
117ms Image
image/webp 146.148.110.40
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cms.shadowandact.com/wp-content/uploads/2021/11/preview-2-e1633490884365.webp
Requested by: Host: shadowandact.com
URL: https://shadowandact.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 146.148.110.40 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 40.110.148.146.bc.googleusercontent.com
Software: nginx /
Resource Hash: 80cf06d5f0d36e3c196630976933207589c7f5f8f22706585e352896d99a47ae

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shadowandact.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 04:36:42 GMT
last-modified: Wed, 03 Nov 2021 20:34:32 GMT
server: nginx
etag: "6182f258-2a9c6"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 174534

GET
H2 200 121128233_htf_20200925_08822_r3.jpg
cms.shadowandact.com/wp-content/uploads/2021/11/ 94 KB
94 KB 118ms
117ms Image
image/jpeg 146.148.110.40
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cms.shadowandact.com/wp-content/uploads/2021/11/121128233_htf_20200925_08822_r3.jpg
Requested by: Host: shadowandact.com
URL: https://shadowandact.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 146.148.110.40 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 40.110.148.146.bc.googleusercontent.com
Software: nginx /
Resource Hash: d24e0d4257cb5904b064e54197baf507141f1b5d3f05dcab86c0ce01139ff988

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shadowandact.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 04:36:42 GMT
last-modified: Tue, 02 Nov 2021 04:13:28 GMT
server: nginx
etag: "6180bae8-176cd"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 95949

GET
H2 200 eureka-shangela-bob-the-drag-queen.jpg
cms.shadowandact.com/wp-content/uploads/2021/11/ 289 KB
290 KB 118ms
118ms Image
image/jpeg 146.148.110.40
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cms.shadowandact.com/wp-content/uploads/2021/11/eureka-shangela-bob-the-drag-queen.jpg
Requested by: Host: shadowandact.com
URL: https://shadowandact.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 146.148.110.40 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 40.110.148.146.bc.googleusercontent.com
Software: nginx /
Resource Hash: 246defcad6bf9d42ffb44c199669bec546dde4def9786c793f0b074807e23f4c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shadowandact.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 04:36:42 GMT
last-modified: Mon, 01 Nov 2021 21:03:06 GMT
server: nginx
etag: "6180560a-485b9"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 296377

GET
H2 200 Swagger_Photo_010104-scaled.jpg
cms.shadowandact.com/wp-content/uploads/2021/10/ 378 KB
379 KB 118ms
117ms Image
image/jpeg 146.148.110.40
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cms.shadowandact.com/wp-content/uploads/2021/10/Swagger_Photo_010104-scaled.jpg
Requested by: Host: shadowandact.com
URL: https://shadowandact.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 146.148.110.40 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 40.110.148.146.bc.googleusercontent.com
Software: nginx /
Resource Hash: a5c9b72b2aec4616a339bd349092a6c64d8a78aeb23fffa77583cda192cc8a0c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shadowandact.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 04:36:42 GMT
last-modified: Sat, 30 Oct 2021 02:28:59 GMT
server: nginx
etag: "617cadeb-5e973"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 387443

GET
H2 200 bridge3.488.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame BC4F 580 KB
190 KB 308ms
7ms Document
text/html 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.488.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

485dd675dc980f01a4098246606a0cb2408c33437b73ed4236da6a3d248327e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://shadowandact.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 194718
date: Fri, 05 Nov 2021 21:20:07 GMT
expires: Sat, 05 Nov 2022 21:20:07 GMT
last-modified: Fri, 05 Nov 2021 21:15:14 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 371796
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 8A5E 44 KB
17 KB 40ms
17ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 04:36:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 10 Nov 2021 04:36:42 GMT

GET
H2 200 bridge3.488.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 0D28 580 KB
190 KB 299ms
10ms Document
text/html 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.488.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

485dd675dc980f01a4098246606a0cb2408c33437b73ed4236da6a3d248327e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://shadowandact.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 194718
date: Fri, 05 Nov 2021 21:20:07 GMT
expires: Sat, 05 Nov 2022 21:20:07 GMT
last-modified: Fri, 05 Nov 2021 21:15:14 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 371796
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 8A5E 107 B
549 B 38ms
15ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 10 Nov 2021 04:36:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 bridge3.488.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame E130 580 KB
190 KB 272ms
11ms Document
text/html 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.488.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

485dd675dc980f01a4098246606a0cb2408c33437b73ed4236da6a3d248327e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://shadowandact.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 194718
date: Fri, 05 Nov 2021 21:20:07 GMT
expires: Sat, 05 Nov 2022 21:20:07 GMT
last-modified: Fri, 05 Nov 2021 21:15:14 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 371796
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 7ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2168516986784216&ev=Microdata&dl=https%3A%2F%2Fshadowandact.com%2F&rl=&if=false&ts=1636519002543&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22SHADOW%20%26%20ACT%22%2C%22meta%3Adescription%22%3A%22On%20Film%2C%20Television%2C%20and%20Web%20Content%20of%20Africa%20and%20its%20Diaspora%22%7D&cd[OpenGraph]=%7B%22og%3Asite_name%22%3A%22Shadow%20and%20Act%22%2C%22og%3Atype%22%3A%22website%22%2C%22og%3Atitle%22%3A%22Shadow%20%26%20Act%22%2C%22og%3Adescription%22%3A%22On%20Film%2C%20Television%2C%20and%20Web%20Content%20of%20Africa%20and%20its%20Diaspora%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.48&r=stable&ec=1&o=30&fbp=fb.1.1636519001786.1170385815&it=1636519001550&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: shadowandact.com
URL: https://shadowandact.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shadowandact.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 04:36:42 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Wed, 10 Nov 2021 04:36:42 GMT

POST
H/1.1 200
OK / Show response
colossusssp.com/ 2 B
243 B 387ms
95ms XHR
application/json 8.2.111.126
NATCOWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://colossusssp.com/?c=o&m=multi
Requested by: Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-shadowandact-com.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 8.2.111.126 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software: nginx /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer: https://shadowandact.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://shadowandact.com
Date: Wed, 10 Nov 2021 04:36:43 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Content-Length: 2
Content-Type: application/json

POST
H2 200 adreq Show response
ads.servenobid.com/ 951 B
734 B 107ms
32ms XHR
application/json 52.30.108.101
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.servenobid.com/adreq?cb=6579
Requested by: Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-shadowandact-com.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.108.101 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-108-101.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: dd5df106ebb4db67224c91227f1d64e6ffe9d8d5d14b933d88835ee4cb3c7f96

Request headers

Referer: https://shadowandact.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 10 Nov 2021 04:36:43 GMT
content-encoding: gzip
amp-access-control-allow-source-origin: *
vary: accept-encoding
content-type: application/json
access-control-allow-origin: https://shadowandact.com
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true

POST
H2 200 prebid Show response
bids.concert.io/bids/ 22 B
400 B 216ms
193ms XHR
application/json 34.117.126.186
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://bids.concert.io/bids/prebid
Requested by: Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-shadowandact-com.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.126.186 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 186.126.117.34.bc.googleusercontent.com
Software: Google Frontend / Express
Resource Hash: 55aabd4f133660977420281f291a1ed0c58714a47679738bdaad2e8d59c31004

Request headers

Referer: https://shadowandact.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 10 Nov 2021 04:36:43 GMT
via: 1.1 google
x-lat-long: 50.769343,7.451174
x-powered-by: Express
x-region: DE
x-city: Eitorf
alt-svc: clear
content-length: 22
x-response-time: 93.413ms
server: Google Frontend
etag: W/"16-6cDG702lpKxhI09DG03JuPCfUBY"
vary: Origin, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://shadowandact.com
x-cloud-trace-context: fe18c30c744f2f10dbe0cf07d3f814af/15449032747104881412
access-control-allow-credentials: true
x-region-subdivision: DENW

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 139 B
821 B 38ms
12ms XHR
application/json 185.33.220.240
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-shadowandact-com.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.240 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

98041fe58cb861e99f760ab7a51ea14124622188cf77cc66e0a9ac36ec75fd1c

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://shadowandact.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 10 Nov 2021 04:36:43 GMT
X-Proxy-Origin: 136.243.198.87; 136.243.198.87; 717.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 1b36e0de-87ac-450f-a6f4-a063876f4b67
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://shadowandact.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 139
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 036D 37 KB
13 KB 30ms
7ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shadowandact.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 04:15:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1282
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12861
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 20:08:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Wed, 10 Nov 2021 05:15:21 GMT

GET
H2 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 95F4 37 KB
13 KB 32ms
9ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shadowandact.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 04:15:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1282
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12861
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 20:08:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Wed, 10 Nov 2021 05:15:21 GMT

GET
H2 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 5111 37 KB
13 KB 35ms
13ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shadowandact.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 04:15:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1282
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12861
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 20:08:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Wed, 10 Nov 2021 05:15:21 GMT

POST
H/1.1 200
OK g Show response
capi.connatix.com/rtb/ Frame 8A5E 2 B
329 B 102ms
101ms XHR
multipart/form-data 13.58.53.241
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/rtb/g?v=137439
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.58.53.241 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-58-53-241.us-east-2.compute.amazonaws.com
Software: /
Resource Hash: ffdbea2a5a9959ea5f9809139a0178c725fa9474a88f1cfe10f702bdb35c3cc0

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: multipart/form-data

Response headers

Date: Wed, 10 Nov 2021 04:36:43 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: multipart/form-data
Access-Control-Allow-Origin: https://shadowandact.com
transfer-encoding: chunked
Connection: keep-alive
Access-Control-Allow-Credentials: true

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ 0
302 B 105ms
104ms XHR
text/plain 13.224.198.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fshadowandact.com%2F&pubid=fa641ac5-3be6-4213-a9a2-56dbb880db7c
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.198.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-198-4.fra2.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shadowandact.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 04:36:42 GMT
via: 1.1 9568a708c8ab21597698ebe7dce6c42e.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA2-C1
x-cache: Miss from cloudfront
access-control-allow-origin: https://shadowandact.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-id: 3ygSt77pKIyljBS6MaAJT4IhsV1E1ohnT1hh5K_VH2OkmFTRTiONbA==

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
490 B 46ms
45ms XHR
text/javascript 13.224.198.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fshadowandact.com%2F&pid=4rtWZj7qB6Je4&cb=0&ws=1600x1200&v=7.70.0&t=700&slots=%5B%7B%22sd%22%3A%22adhesion_ad_1%22%2C%22s%22%3A%5B%220x0%22%5D%2C%22sn%22%3A%22%2F11462305847%2Fshadow%2Fhome%2Fadhesion%22%7D%5D&pubid=fa641ac5-3be6-4213-a9a2-56dbb880db7c&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.198.4 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-198-4.fra2.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shadowandact.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 04:36:43 GMT
via: 1.1 9568a708c8ab21597698ebe7dce6c42e.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA2-C1
x-amz-rid: Z1CZ3A6C5J52V1CHA2CW
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://shadowandact.com
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
strict-transport-security: max-age=47474747; includeSubDomains; preload
timing-allow-origin: *
content-length: 23
x-amz-cf-id: FWmJ2oyCs_Q7aWUztWnan8XSwaJECbVR_NB7Nmh4nwZwnRmdnoz2NA==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 27ms
11ms XHR
application/javascript 13.224.198.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.198.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-198-4.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shadowandact.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 22:58:47 GMT
content-encoding: gzip
vary: Accept-Encoding,Origin
age: 20277
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Tue, 09 Nov 2021 22:55:20 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-version-id: gYbY2ORQY5Qmsyt0ob0SiGH6tjIhuo4B
via: 1.1 e86025dac63232624d2273c5fd256ce4.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: FRA2-C1
content-type: application/javascript
x-amz-cf-id: P7LMteo0gUqCZ62OyI3YPJDU17QYg7L7SYWABneFXUwz1uAegVzx8A==

OPTIONS
H/1.1 200
OK post
dmongo.adgrid.io/api/ Frame 0
0 286ms
91ms Preflight
text/html 167.99.231.34
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://dmongo.adgrid.io/api/post
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 167.99.231.34 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.1 / PHP/7.4.16
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://shadowandact.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx/1.14.1
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/7.4.16
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: *
Allow: POST
Cache-Control: no-cache, private
Date: Wed, 10 Nov 2021 04:36:43 GMT
Access-Control-Allow-Origin: https://shadowandact.com
Content-Encoding: gzip

POST
H/1.1 200
OK post Show response
dmongo.adgrid.io/api/ 69 B
423 B 101ms
100ms XHR
application/json 167.99.231.34
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://dmongo.adgrid.io/api/post
Requested by: Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-shadowandact-com.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 167.99.231.34 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.1 / PHP/7.4.16
Resource Hash: 63c9129ddb156dbda09327544cb3577a02bd53e8bd0bbd1ac44531bdf8f9cdc7

Request headers

Referer: https://shadowandact.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/json

Response headers

Date: Wed, 10 Nov 2021 04:36:43 GMT
Server: nginx/1.14.1
X-Powered-By: PHP/7.4.16
Transfer-Encoding: chunked
Access-Control-Allow-Methods: *
Content-Type: application/json
Access-Control-Allow-Origin: https://shadowandact.com
Cache-Control: no-cache, private
Connection: keep-alive
Access-Control-Allow-Headers: *

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 0D28 156 B
625 B 245ms
244ms XHR
text/xml 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F107430338%2FCNXORTEST%2F5640&description_url=https%3A%2F%2Fshadowandact.com%2F&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3180746309809993&cust_params=domains%3Dshadowandact.com&vad_type=linear&sdkv=h.3.488.0&osd=2&frm=1&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&sdki=44d&adk=3669816458&sdk_apis=2%2C8&sid=90C1D918-5F65-4315-823D-0D3D8C9B10C7&nel=0&eid=44726393%2C44750820&top=https%3A%2F%2Fshadowandact.com%2F&url=https%3A%2F%2Fshadowandact.com%2F&loc=about%3Ablank&dt=1636519003131&cookie_enabled=1&scor=3712845711894133&ged=ve4_td2_tt0_pd2_la2000_er831.1148.990.1454_vi0.0.1200.1600_vp100_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.488.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 04:36:43 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 / Show response
sumo.com/api/load/ 732 B
1 KB 518ms
176ms XHR
application/json 52.38.14.212
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sumo.com/api/load/

Requested by

Host: load.sumo.com
URL: https://load.sumo.com/73.0a035390359aab65eb82.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.38.14.212 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-38-14-212.us-west-2.compute.amazonaws.com

Software

nginx/1.14.1 /

Resource Hash

d5b9188c6b4e91f4af2e3f079e71b1573813e56bb138b194e47e2745f7379508

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://shadowandact.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Wed, 10 Nov 2021 04:36:43 GMT
vary: Origin, Accept-Encoding
server: nginx/1.14.1
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://shadowandact.com
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
content-length: 732

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
492 B 43ms
42ms XHR
text/javascript 13.224.198.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fshadowandact.com%2F&pid=4rtWZj7qB6Je4&cb=1&ws=1600x1200&v=7.70.0&t=700&slots=%5B%7B%22sd%22%3A%22leaderboard_ad_1%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x250%22%2C%22970x90%22%2C%22970x66%22%5D%2C%22sn%22%3A%22%2F11462305847%2Fshadow%2Fhome%22%7D%5D&pubid=fa641ac5-3be6-4213-a9a2-56dbb880db7c&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.198.4 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-198-4.fra2.r.cloudfront.net

Software

Server /

Resource Hash

89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shadowandact.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 04:36:43 GMT
via: 1.1 9568a708c8ab21597698ebe7dce6c42e.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA2-C1
x-amz-rid: 59GBT32V3RXPHARFXKYY
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://shadowandact.com
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
strict-transport-security: max-age=47474747; includeSubDomains; preload
timing-allow-origin: *
content-length: 23
x-amz-cf-id: DSBcRHhRbmim5RpkhPIy8v_QMS9AhNQjzgZKGRq0XuN3RfEcK06j-g==

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 263 B
1 KB 142ms
76ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17970&site_id=265350&zone_id=2082440&size_id=2&alt_size_ids=55%2C57&rf=https%3A%2F%2Fshadowandact.com%2F&tk_flint=pbjs_lite_v4.36.0&x_source.tid=cf0aa3ba-2ba2-452b-a02f-69657404b124&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.1406613861590571
Requested by: Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-shadowandact-com.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 2d1fe18dae87c9e487b725830c802df0befc1c3c6183401a8eb6ae2ac4fbe50f

Request headers

Referer: https://shadowandact.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 10 Nov 2021 04:36:44 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://shadowandact.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 263
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 25 B
374 B 116ms
85ms XHR
application/json 184.31.84.150
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=726690&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2217955fdbb5a8b61%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fshadowandact.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.36.0%22%2C%22userIds%22%3A%5B%5D%2C%22msd%22%3A3%2C%22msi%22%3A3%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22180f4943f8aef46%22%2C%22ext%22%3A%7B%22siteID%22%3A%22726690%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22180f4943f8aef46%22%2C%22ext%22%3A%7B%22siteID%22%3A%22726690%22%2C%22sid%22%3A%22970x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22180f4943f8aef46%22%2C%22ext%22%3A%7B%22siteID%22%3A%22726690%22%2C%22sid%22%3A%22970x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22180f4943f8aef46%22%2C%22ext%22%3A%7B%22siteID%22%3A%22726690%22%2C%22sid%22%3A%22970x66%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A66%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by: Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-shadowandact-com.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.31.84.150 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-31-84-150.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: bf8828267224c0c3360a026b1c2bf012f4e041ba5c10a2e9408024999b263e27

Request headers

Referer: https://shadowandact.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 10 Nov 2021 04:36:44 GMT
content-encoding: gzip
x-ak-initial-geo: CC:[DE], RC:[SN], CN:[EU], CIP:[136.243.198.87], XFF:[]
server: Apache
vary: Is-Traffic-Invalid,Accept-Encoding
content-type: application/json
access-control-allow-origin: https://shadowandact.com
x-cs-client-geo: 12
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 45
x-ak-client-geo: 12
expires: Wed, 10 Nov 2021 04:36:44 GMT

POST
H2 200 prebid Show response
bids.concert.io/bids/ 22 B
143 B 375ms
374ms XHR
application/json 34.117.126.186
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://bids.concert.io/bids/prebid
Requested by: Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-shadowandact-com.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.126.186 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 186.126.117.34.bc.googleusercontent.com
Software: Google Frontend / Express
Resource Hash: 55aabd4f133660977420281f291a1ed0c58714a47679738bdaad2e8d59c31004

Request headers

Referer: https://shadowandact.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 10 Nov 2021 04:36:44 GMT
via: 1.1 google
x-lat-long: 50.769343,7.451174
x-powered-by: Express
x-region: DE
x-city: Eitorf
alt-svc: clear
content-length: 22
x-response-time: 268.977ms
server: Google Frontend
etag: W/"16-6cDG702lpKxhI09DG03JuPCfUBY"
vary: Origin, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://shadowandact.com
x-cloud-trace-context: 1645823d1d5fcc14104f9fb23928823a/10770269817145519549;o=1
access-control-allow-credentials: true
x-region-subdivision: DENW

POST
H2 200 adreq Show response
ads.servenobid.com/ 951 B
733 B 131ms
130ms XHR
application/json 52.30.108.101
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.servenobid.com/adreq?cb=8659
Requested by: Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-shadowandact-com.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.108.101 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-108-101.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: dd5df106ebb4db67224c91227f1d64e6ffe9d8d5d14b933d88835ee4cb3c7f96

Request headers

Referer: https://shadowandact.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 10 Nov 2021 04:36:44 GMT
content-encoding: gzip
amp-access-control-allow-source-origin: *
vary: accept-encoding
content-type: application/json
access-control-allow-origin: https://shadowandact.com
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
116 B 102ms
56ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-shadowandact-com.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://shadowandact.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://shadowandact.com
date: Wed, 10 Nov 2021 04:36:44 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 2 B
359 B 108ms
31ms XHR
application/json 34.251.173.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?t=208728&pi=2&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fshadowandact.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%224.36.0%22%7D&ogu=null&ns=10240
Requested by: Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-shadowandact-com.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.251.173.19 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-173-19.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://shadowandact.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 10 Nov 2021 04:36:44 GMT
content-type: application/json;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://shadowandact.com
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 2
expires: 0

POST
H/1.1 200
OK / Show response
colossusssp.com/ 2 B
243 B 100ms
99ms XHR
application/json 8.2.111.126
NATCOWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://colossusssp.com/?c=o&m=multi
Requested by: Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-shadowandact-com.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 8.2.111.126 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software: nginx /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer: https://shadowandact.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://shadowandact.com
Date: Wed, 10 Nov 2021 04:36:44 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Content-Length: 2
Content-Type: application/json

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 139 B
821 B 12ms
12ms XHR
application/json 185.33.220.240
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-shadowandact-com.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.240 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

7868e45219b29ba916edac268ffb6eef36eae9aa08faaef44e5dd17bf28ca90e

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://shadowandact.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 10 Nov 2021 04:36:43 GMT
X-Proxy-Origin: 136.243.198.87; 136.243.198.87; 717.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: d5f68963-f61a-48f5-a21e-c46316679be0
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://shadowandact.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 139
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

OPTIONS
H2 204 services
sumo.com/ Frame 0
0 178ms
176ms Preflight 52.38.14.212
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sumo.com/services
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.38.14.212 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-38-14-212.us-west-2.compute.amazonaws.com
Software: nginx/1.14.1 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-sumo-auth
Origin: https://shadowandact.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx/1.14.1
date: Wed, 10 Nov 2021 04:36:44 GMT
access-control-allow-origin: https://shadowandact.com
access-control-allow-credentials: true
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE
access-control-allow-headers: pragma, x-requested-with, accept, x-sumo-auth, x-sumo-token, content-type
access-control-max-age: 2592000

POST
H2 200 services Show response
sumo.com/ 124 B
524 B 182ms
182ms XHR
application/json 52.38.14.212
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sumo.com/services

Requested by

Host: load.sumo.com
URL: https://load.sumo.com/73.0a035390359aab65eb82.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.38.14.212 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-38-14-212.us-west-2.compute.amazonaws.com

Software

nginx/1.14.1 /

Resource Hash

88d1d0dd8730d866219619561304b3b5c22e3999a59dab5f70b88384312eff0f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
X-Sumo-Auth: nHoPNpxO26mgwNbjcd4A7Lu5
Referer: https://shadowandact.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Wed, 10 Nov 2021 04:36:44 GMT
vary: Origin, Accept-Encoding
server: nginx/1.14.1
x-frame-options: SAMEORIGIN
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: https://shadowandact.com
access-control-allow-credentials: true
content-type: application/json; charset=utf-8
content-length: 124

OPTIONS
H/1.1 200
OK post
dmongo.adgrid.io/api/ Frame 0
0 90ms
89ms Preflight
text/html 167.99.231.34
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://dmongo.adgrid.io/api/post
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 167.99.231.34 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.1 / PHP/7.4.16
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://shadowandact.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx/1.14.1
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/7.4.16
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: *
Allow: POST
Cache-Control: no-cache, private
Date: Wed, 10 Nov 2021 04:36:44 GMT
Access-Control-Allow-Origin: https://shadowandact.com
Content-Encoding: gzip

POST
H/1.1 200
OK post Show response
dmongo.adgrid.io/api/ 69 B
423 B 112ms
111ms XHR
application/json 167.99.231.34
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://dmongo.adgrid.io/api/post
Requested by: Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-shadowandact-com.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 167.99.231.34 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.1 / PHP/7.4.16
Resource Hash: 63c9129ddb156dbda09327544cb3577a02bd53e8bd0bbd1ac44531bdf8f9cdc7

Request headers

Referer: https://shadowandact.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/json

Response headers

Date: Wed, 10 Nov 2021 04:36:44 GMT
Server: nginx/1.14.1
X-Powered-By: PHP/7.4.16
Transfer-Encoding: chunked
Access-Control-Allow-Methods: *
Content-Type: application/json
Access-Control-Allow-Origin: https://shadowandact.com
Cache-Control: no-cache, private
Connection: keep-alive
Access-Control-Allow-Headers: *

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 36ms
15ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=shadowandact.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shadowandact.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 10 Nov 2021 04:36:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 16ms
15ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=shadowandact.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shadowandact.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 10 Nov 2021 04:36:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 56 KB
27 KB 427ms
427ms XHR
text/plain 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2353982240514862&correlator=1180238961093307&output=ldjh&impl=fif&eid=31063214%2C31063183&vrg=2021110401&ptt=17&sc=1&sfv=1-0-38&ecs=20211110&iu_parts=11462305847%2Cshadow%2Chome&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C970x250%7C970x90%7C970x66&prev_scp=pos%3Dleaderboard_ad%26tld%3Dshadowandact.com%26fqdn%3Dshadowandact.com%26TLD_POSITION%3Dshadowandact.com_leaderboard_ad_1%26refresh%3D0_shadowandact.com%26refresh_count%3D0%26domId%3Dleaderboard_ad_1%26FURL%3D%252F%26SURL%3D42099b4af021e53fd8fd4e056c2568d7c2e3ffa8%26sttrackid%3Dk9eo29d69ue%26PAV%3D0_shadowandact.com%26GMAV%3D0_shadowandact.com%26amznbid%3D2%26amznp%3D2%26amznsz%3D0x0&eri=1&cust_params=ctype%3Dunknown%26minute_rb%3D5SOV_6%26second_rb%3D5SOV_42%26referrer%3Dother%26device%3Ddesktop%26video%3Dno&cookie_enabled=1&bc=31&abxe=1&lmt=1636519003&dt=1636519003979&dlt=1636519001046&idt=1558&frm=20&biw=1600&bih=1200&oid=2&adxs=436&adys=1989&adks=765179704&ucis=1&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fshadowandact.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x0&msz=1600x0&ga_vid=737976534.1636519002&ga_sid=1636519004&ga_hid=207257462&ga_fc=true&fws=4&ohw=1600&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

b481354ee16a332fb4897af97e22253fde33bd6ada1c1b5a77e1fdeb307354d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shadowandact.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 04:36:44 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27685
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://shadowandact.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 12 KB
10 KB 340ms
19ms XHR
application/json 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021110401&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4243ea4df8a057ebcdda28fb8f27b081d88b4ee56cfe55cdc315c23677a0362e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shadowandact.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 10 Nov 2021 04:36:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9294
x-xss-protection: 0

GET
H2 200 container.html Show response
e8ceaf2446c2d9ba46524767756878cd.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame D365 6 KB
4 KB 50ms
14ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://e8ceaf2446c2d9ba46524767756878cd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://shadowandact.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Wed, 10 Nov 2021 04:36:44 GMT
expires: Thu, 10 Nov 2022 04:36:44 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H/1.1 200
OK sv Show response
capi.connatix.com/tr/ Frame 8A5E 0
297 B 102ms
102ms XHR
multipart/form-data 13.58.53.241
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/tr/sv?v=137439
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.58.53.241 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-58-53-241.us-east-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: multipart/form-data

Response headers

Date: Wed, 10 Nov 2021 04:36:44 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: multipart/form-data
Access-Control-Allow-Origin: https://shadowandact.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20

GET
H2 200 7.0a035390359aab65eb82.js Show response
load.sumo.com/ 97 KB
34 KB 7ms
7ms Script
text/javascript 89.187.169.47
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/7.0a035390359aab65eb82.js
Requested by: Host: load.sumome.com
URL: https://load.sumome.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-169-47.cdn77.com
Software: BunnyCDN-DE1-756 /
Resource Hash: c60b93effcbac344d2c30270e0d97323af0f64f43f3ac4d8abd486a875477169

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shadowandact.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 04:36:44 GMT
content-encoding: br
cdn-edgestorageid: 756
x-amz-request-id: CJCF7CW3MV8N7Q6G
cdn-cachedat: 08/11/2021 03:14:52
cdn-pullzone: 53731
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2: CNkELBse4Y593KQCSQRX1oicsKF7scX+YJuwfC6ldz4XD7H1DIWNNU10iOgfiLXPokfuDShuseU=
server: BunnyCDN-DE1-756
access-control-allow-origin: *
last-modified: Wed, 30 Jun 2021 15:44:47 GMT
cdn-proxyver: 1.0
cdn-requestpullcode: 200
vary: Accept-Encoding, Accept-Encoding
content-type: text/javascript
cdn-cache: HIT
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: max-age=31536000
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cdn-requestid: 7c5eea6143daf7f3148646544b343c9c
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 4.0a035390359aab65eb82.js Show response
load.sumo.com/ 5 KB
3 KB 12ms
11ms Script
text/javascript 89.187.169.47
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/4.0a035390359aab65eb82.js
Requested by: Host: load.sumome.com
URL: https://load.sumome.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-169-47.cdn77.com
Software: BunnyCDN-DE1-756 /
Resource Hash: 3f351eef4b0a3ccd70ff9d4239851252a0a6eba79471e530f9deec0b3421d132

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shadowandact.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 04:36:44 GMT
content-encoding: br
cdn-edgestorageid: 756
x-amz-request-id: N4YGPYHRDAC7QXZH
cdn-cachedat: 08/11/2021 01:00:42
cdn-pullzone: 53731
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2: ZyN3peb0mEdiK4szAABWta3Npp/s6aFp7SGneDOBlLz3RaDSa8Ho9RodM0lRLwgOOWsqwAYTQsw=
server: BunnyCDN-DE1-756
access-control-allow-origin: *
last-modified: Wed, 30 Jun 2021 15:44:24 GMT
cdn-proxyver: 1.0
cdn-requestpullcode: 200
vary: Accept-Encoding, Accept-Encoding
content-type: text/javascript
cdn-cache: HIT
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: max-age=31536000
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cdn-requestid: 0009ebffa72f57f996fe79b9bc63ebac
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 2.0a035390359aab65eb82.js Show response
load.sumo.com/ 3 KB
2 KB 12ms
11ms Script
text/javascript 89.187.169.47
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/2.0a035390359aab65eb82.js
Requested by: Host: load.sumome.com
URL: https://load.sumome.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-169-47.cdn77.com
Software: BunnyCDN-DE1-756 /
Resource Hash: 5dc9d61931a73fa03b59af510868b7e89e4523df5a53935212ca8a9b31af0b8d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shadowandact.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 04:36:44 GMT
content-encoding: br
cdn-edgestorageid: 756
x-amz-request-id: YBS2XEB4GWK751DG
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat: 2021-10-05 11:42:59
cdn-pullzone: 53731
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2: N3Y+yWqjjd2CeAmbI5PBHgxAlF7pQQeYSH4+m+LUfa803cIHT/G0Acg0Fd5ve7gBOYqGi2VZPms=
access-control-allow-origin: *
last-modified: Wed, 30 Jun 2021 15:44:08 GMT
server: BunnyCDN-DE1-756
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/javascript
cdn-cache: HIT
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control: max-age=31536000
cdn-requestid: 83c34fa73576e5f2fd7e6daaafd1d4df
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 10.0a035390359aab65eb82.js Show response
load.sumo.com/ 11 KB
5 KB 12ms
11ms Script
text/javascript 89.187.169.47
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/10.0a035390359aab65eb82.js
Requested by: Host: load.sumome.com
URL: https://load.sumome.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-169-47.cdn77.com
Software: BunnyCDN-DE1-756 /
Resource Hash: 4b6753aef2f81a4813434523b259d9d19f368ae41cd40162bf0897bc4e334cb9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shadowandact.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 04:36:44 GMT
content-encoding: br
cdn-edgestorageid: 756
x-amz-request-id: MER4KM6F7Q2JNQ5W
cdn-cachedat: 08/11/2021 07:29:34
cdn-pullzone: 53731
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2: E5dcQp/o1cIppfojsowKVOXW7ZUiiNp7ocDAMKJh6oiooddIklNQ5UOgh1R9uM2pZdkJYmHadl8=
server: BunnyCDN-DE1-756
access-control-allow-origin: *
last-modified: Wed, 30 Jun 2021 15:43:54 GMT
cdn-proxyver: 1.0
cdn-requestpullcode: 200
vary: Accept-Encoding, Accept-Encoding
content-type: text/javascript
cdn-cache: HIT
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: max-age=31536000
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cdn-requestid: 922eca5f0e628fc8898dc9b3ac88d844
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 22.0a035390359aab65eb82.js Show response
load.sumo.com/ 92 KB
25 KB 12ms
12ms Script
text/javascript 89.187.169.47
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/22.0a035390359aab65eb82.js
Requested by: Host: load.sumome.com
URL: https://load.sumome.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-169-47.cdn77.com
Software: BunnyCDN-DE1-756 /
Resource Hash: 4c2a0a41bdbc55f5d0f74f367110639cb7fe35122a7a140846d1395d21609a6d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shadowandact.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 04:36:44 GMT
content-encoding: br
cdn-edgestorageid: 756
x-amz-request-id: SDRMZCHBH8JCG4EW
cdn-cachedat: 08/11/2021 01:39:03
cdn-pullzone: 53731
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2: Mh4g/5w6u8Sn3oSvTIRlHjXYmlpmbUcVAuUhwYOrgj1kCeipGQke7R0i5izHPL985rLtaJBDcAk=
server: BunnyCDN-DE1-756
access-control-allow-origin: *
last-modified: Wed, 30 Jun 2021 15:44:10 GMT
cdn-proxyver: 1.0
cdn-requestpullcode: 200
vary: Accept-Encoding, Accept-Encoding
content-type: text/javascript
cdn-cache: HIT
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: max-age=31536000
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cdn-requestid: b745bc514c5a4f68693e79d15a9e623d
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 23.0a035390359aab65eb82.js Show response
load.sumo.com/ 329 KB
94 KB 14ms
13ms Script
text/javascript 89.187.169.47
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/23.0a035390359aab65eb82.js
Requested by: Host: load.sumome.com
URL: https://load.sumome.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-169-47.cdn77.com
Software: BunnyCDN-DE1-756 /
Resource Hash: 36aecd4542cf4c62f3d0b0517e0e560aabd649e4efcfce254a95c5adeb388a5c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shadowandact.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 04:36:44 GMT
content-encoding: br
cdn-edgestorageid: 756
x-amz-request-id: 9XQCP7NW3WVDSYTB
cdn-cachedat: 08/11/2021 03:15:25
cdn-pullzone: 53731
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2: ld40Pz0CH+lzXng12qFYRohEmnjI9dEBceKZ2sX+7mdR6hnYe912+QkcLiFlJd9TnthnETGE3YM=
server: BunnyCDN-DE1-756
access-control-allow-origin: *
last-modified: Wed, 30 Jun 2021 15:44:10 GMT
cdn-proxyver: 1.0
cdn-requestpullcode: 200
vary: Accept-Encoding, Accept-Encoding
content-type: text/javascript
cdn-cache: HIT
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: max-age=31536000
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cdn-requestid: b4556fec29df1012c787b7fe69cc866b
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 21.0a035390359aab65eb82.js Show response
load.sumo.com/ 179 KB
51 KB 17ms
17ms Script
text/javascript 89.187.169.47
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/21.0a035390359aab65eb82.js
Requested by: Host: load.sumome.com
URL: https://load.sumome.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-169-47.cdn77.com
Software: BunnyCDN-DE1-756 /
Resource Hash: 967ff48c41053bf7c36f819b71ee6b509bd9971857397d74b41c75acc5bd27ae

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shadowandact.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 04:36:44 GMT
content-encoding: br
cdn-edgestorageid: 756
x-amz-request-id: PC6V8XNR7Q61HHSG
cdn-cachedat: 08/11/2021 04:57:29
cdn-pullzone: 53731
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2: ZHXqsNODWdp8QMufVJkeNZ8Xe+OkUm7aygEJNy5f/FZIdtn7oJxkd0gh20eHC6PhK+QjRbS0Qac=
server: BunnyCDN-DE1-756
access-control-allow-origin: *
last-modified: Wed, 30 Jun 2021 15:44:09 GMT
cdn-proxyver: 1.0
cdn-requestpullcode: 200
vary: Accept-Encoding, Accept-Encoding
content-type: text/javascript
cdn-cache: HIT
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: max-age=31536000
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cdn-requestid: 2f64a96e0b6e607e052faed4d0df8885
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 0.0a035390359aab65eb82.js Show response
load.sumo.com/ 5 KB
3 KB 8ms
7ms Script
text/javascript 89.187.169.47
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/0.0a035390359aab65eb82.js
Requested by: Host: load.sumome.com
URL: https://load.sumome.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-169-47.cdn77.com
Software: BunnyCDN-DE1-756 /
Resource Hash: dd9c85c873b9b644468988e8165e079b0e747a550ce13fa3f7d0c1839b0fd503

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shadowandact.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 04:36:44 GMT
content-encoding: br
cdn-edgestorageid: 756
x-amz-request-id: 72BJV4V2M6106661
cdn-cachedat: 08/11/2021 06:53:00
cdn-pullzone: 53731
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2: geN8VZqyqgjzxGHn+iZxJjzqyPacwIfonJ7M/Gfx/SPZ8YbafYphswHvw0hJB5OpVkDQ305Tt6o=
server: BunnyCDN-DE1-756
access-control-allow-origin: *
last-modified: Wed, 30 Jun 2021 15:43:53 GMT
cdn-proxyver: 1.0
cdn-requestpullcode: 200
vary: Accept-Encoding, Accept-Encoding
content-type: text/javascript
cdn-cache: HIT
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: max-age=31536000
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cdn-requestid: dbe0eea9fcca06060fafde3d5f5dd55a
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 96.0a035390359aab65eb82.js Show response
load.sumo.com/ 1 MB
80 KB 8ms
8ms Script
text/javascript 89.187.169.47
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/96.0a035390359aab65eb82.js
Requested by: Host: load.sumome.com
URL: https://load.sumome.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-169-47.cdn77.com
Software: BunnyCDN-DE1-756 /
Resource Hash: 535f84cffe4a18de721d24bd0f6a46f059068d48daf2327d143e0397431cbb14

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shadowandact.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 04:36:44 GMT
content-encoding: br
cdn-edgestorageid: 756
x-amz-request-id: ETN9Y2CB4JR36VS8
cdn-cachedat: 08/11/2021 06:56:51
cdn-pullzone: 53731
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2: hmfe8ryATIBRescEh6v33eH8sJ61l9gyYCWqjtX5MgK5uVzXNqi4XzjIlkZQAGWsnUd8ANzMelg=
server: BunnyCDN-DE1-756
access-control-allow-origin: *
last-modified: Wed, 30 Jun 2021 15:45:08 GMT
cdn-proxyver: 1.0
cdn-requestpullcode: 200
vary: Accept-Encoding, Accept-Encoding
content-type: text/javascript
cdn-cache: HIT
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: max-age=31536000
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cdn-requestid: b4b8dd0663d3fa0f368df07b14a28859
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 97.0a035390359aab65eb82.js Show response
load.sumo.com/ 221 B
958 B 10ms
10ms Script
text/javascript 89.187.169.47
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/97.0a035390359aab65eb82.js
Requested by: Host: load.sumome.com
URL: https://load.sumome.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-169-47.cdn77.com
Software: BunnyCDN-DE1-756 /
Resource Hash: 71b3e9761dec1834f8152f030e564ed3ccee88e6f133764557faadbebf869c2d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shadowandact.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 04:36:44 GMT
content-encoding: br
cdn-edgestorageid: 756
x-amz-request-id: XX71XTHVAZ9WHXF5
cdn-cachedat: 08/11/2021 01:00:39
cdn-pullzone: 53731
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2: IrAr89qZVaMDRwNGV7DkBYLlhQduKqBlKagxiVs2XoSkMpsnw5sFcxxojABTLTuponGysrE/vDc=
server: BunnyCDN-DE1-756
access-control-allow-origin: *
last-modified: Wed, 30 Jun 2021 15:45:09 GMT
cdn-proxyver: 1.0
cdn-requestpullcode: 200
vary: Accept-Encoding, Accept-Encoding
content-type: text/javascript
cdn-cache: HIT
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: max-age=31536000
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cdn-requestid: 6277ab85a65319ff0d312c225a69dfdf
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 css
fonts.googleapis.com/ 31 KB
1 KB 16ms
15ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic,200,300,400,500,600,700,800

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

49d03c0512222522354f413d33c6cb1cace07dde5011a02a1a8e24e837c46d72

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shadowandact.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 10 Nov 2021 04:13:53 GMT
server: ESF
date: Wed, 10 Nov 2021 04:36:44 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 10 Nov 2021 04:36:44 GMT

GET
H2 200 features Show response
sumo.com/api/site/647119b84ee190a7146ab71bf0c79bacc3f29cbc1b8bfcd2a48e2a8c5b82d5bb/ 3 KB
1 KB 177ms
172ms XHR
application/json 52.38.14.212
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sumo.com/api/site/647119b84ee190a7146ab71bf0c79bacc3f29cbc1b8bfcd2a48e2a8c5b82d5bb/features?site_id=647119b84ee190a7146ab71bf0c79bacc3f29cbc1b8bfcd2a48e2a8c5b82d5bb

Requested by

Host: load.sumo.com
URL: https://load.sumo.com/73.0a035390359aab65eb82.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.38.14.212 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-38-14-212.us-west-2.compute.amazonaws.com

Software

nginx/1.14.1 /

Resource Hash

058f76d93a417240888fe7522aca5a1322f3ff8f86ddc950a3c347f0a1ac57da

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://shadowandact.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
X-Sumo-Auth: nHoPNpxO26mgwNbjcd4A7Lu5

Response headers

date: Wed, 10 Nov 2021 04:36:44 GMT
content-encoding: gzip
vary: Origin, Accept-Encoding
server: nginx/1.14.1
etag: "-362431178"
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://shadowandact.com
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow

OPTIONS
H2 204 features
sumo.com/api/site/647119b84ee190a7146ab71bf0c79bacc3f29cbc1b8bfcd2a48e2a8c5b82d5bb/ Frame 0
0 163ms
162ms Preflight 52.38.14.212
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sumo.com/api/site/647119b84ee190a7146ab71bf0c79bacc3f29cbc1b8bfcd2a48e2a8c5b82d5bb/features?site_id=647119b84ee190a7146ab71bf0c79bacc3f29cbc1b8bfcd2a48e2a8c5b82d5bb
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.38.14.212 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-38-14-212.us-west-2.compute.amazonaws.com
Software: nginx/1.14.1 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-sumo-auth
Origin: https://shadowandact.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx/1.14.1
date: Wed, 10 Nov 2021 04:36:44 GMT
access-control-allow-origin: https://shadowandact.com
access-control-allow-credentials: true
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE
access-control-allow-headers: pragma, x-requested-with, accept, x-sumo-auth, x-sumo-token, content-type
access-control-max-age: 2592000

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 50ms
18ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shadowandact.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 04:36:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Wed, 10 Nov 2021 04:36:44 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame F2E9 12 KB
5 KB 8ms
7ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://shadowandact.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5029
date: Tue, 09 Nov 2021 22:26:26 GMT
expires: Wed, 09 Nov 2022 22:26:26 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 22218
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 37AF 783 B
967 B 54ms
53ms Document
text/html 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

2ef348920cd97d9dcbe4e68054d8d15b4c08904caaa8baec8abcf4b2aded9a68

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-1qnfv6iThnR09mlFsl4MXA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://shadowandact.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Wed, 10 Nov 2021 04:36:44 GMT
date: Wed, 10 Nov 2021 04:36:44 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-1qnfv6iThnR09mlFsl4MXA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 container.html Show response
e8ceaf2446c2d9ba46524767756878cd.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 87D9 6 KB
3 KB 309ms
7ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://e8ceaf2446c2d9ba46524767756878cd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://shadowandact.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Wed, 10 Nov 2021 04:36:44 GMT
expires: Thu, 10 Nov 2022 04:36:44 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 6JxZOoUR1o3jKlvIC1xEK4PVT34jONQGt3Oa0a98nkQ.js Show response
pagead2.googlesyndication.com/bg/ Frame F2E9 35 KB
13 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6JxZOoUR1o3jKlvIC1xEK4PVT34jONQGt3Oa0a98nkQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e89c593a8511d68de32a5bc80b5c442b83d54f7e2338d406b7739ad1af7c9e44

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 00:41:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14129
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13451
x-xss-protection: 0
last-modified: Wed, 03 Nov 2021 08:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 10 Nov 2022 00:41:15 GMT

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 37AF 0
0 59ms
59ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gpt_2021110401&jk=2353982240514862&rc=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
119 B 30ms
29ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021110401&jk=2353982240514862&bg=!ubqluv7NAAYDGbPvAxk7ACkAdvg8WjPy443skbNDekXq2s-Dc7gNaBKwxzjh9C-vC-eVVD8gIto4zwIAAACHUgAAAAxoAQcKAOUG4FBkGjjHevXGK7dXY8ttHdKbMvKmwV_FuenI8d5sHxUU5stJ3bic410Zh2m_xsJuUHYzNHztBS3zBYtY-R-mQRAPb9_-HBb9hi0FnvX67l9ezAvw9XtraeH6c6PTavznruaK_jyF9dzPp969r6LukpgljvKrMS6JeqQ1PPTbJH-Xxw_XLIFR9CHTDdArls4HVsNiLbKjU3dT9hwed-saoTaV_bW7MIfnJ6D7GAN_ULC-8f5FaHSIdEhWhbTHLVzdpxk0vNF8OJ1ZQMljWWs3O27LwK8KuqaJF7q5HiN8SRksKCB5mQKjWQAFlCFOxTJJbT5y1rQH-gyEshRXEXmPQ_uasigMWdr7IP38s1H5GkzaVvR4c3ldqqcFEHr5YVMFhqaVvyL0cP6VKIcPul9_g1l2IBhHS6LLftQ_MLHY2q64FHvYX3wyz09JOOs4sZNuEZrAuppzaP3fDBlZ7Dsacsw1PEloSy4h6U_jMreUQOoMpMpzkbFL57aaM96XZ1lJRm_yoxYVnq75tj2AJts24WsLg-zIMp-UGXtqjqp4aM3rrsxSZjPcrRBHbftOV5XiaX8M0d0RR6-kiiplziX0Kz0NmjWVaKwOzVTR7eAF6qvPKNrDnu49LU6jEh7AQWKZZq5KwaeXuvtheXnW1UnqGetyM6oDBwXucOnl5N5ppu2CbIoTvTaKj-HARouhHE8aFJAuU_Az3Z0GLF1m6o9WbNTOt5WioJo0VEFUKy_YqGfvLtot-BA4tKPekDgGQwLea2h5dD81n0bhMzE2kS6WEGXFDop-YPTFQkd9HKsxWcdkbEdZQaKVhTFnkCmreV9MAZB9cqf6LLGXae6H3tsN1ULI6Y1ZdKHHf_hmVl-nQ_SzRMLUpPwGs8E_LUgx-WR5KWWORwkqkYGilH929DHcRfEFKRpQ15eSortKxBlMiZTRCPNEPO14wxHcIDcQVi3pwYnYqoyExP7jsNueVw3LC0uHRKIJ7vtcbQP9shgiuotcss2X5pQ3RoStIW8lZqBzOjoFG5velGcOOTDdSA1eC4imQHW0Pzf5OSufXjH6SqepDvzjiLu37kpwpFahu4aYND2H8lHwjNOJV3eEhk7qg--xoM1HA3uSSLo0Ks80Y5oseEWLWCzor8RSP3Dzm0yqL98HWfhdpjAjhH4VepI0tK73ptqvxCLSJbmCZ9mkQkKSha_Jd16KE4Ov

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shadowandact.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Nov 2021 04:36:45 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 2334 0
434 B 41ms
17ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CODnIhCTpLvQAhjCoK66ATAB&v=APEucNVGexAaBgiGo376aT4Y5X2E6hCQWyjerHDiPhSwOLeSN90BKPb6J60SGfHsTOsdNFDPWOoJToql0s7QXGFH2YQLirSm-w

Requested by

Host: e8ceaf2446c2d9ba46524767756878cd.safeframe.googlesyndication.com
URL: https://e8ceaf2446c2d9ba46524767756878cd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://e8ceaf2446c2d9ba46524767756878cd.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 10 Nov 2021 04:36:45 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 abg_lite_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20211108/r20110914/ Frame 87D9 19 KB
8 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211108/r20110914/abg_lite_fy2019.js

Requested by

Host: shadowandact.com
URL: https://shadowandact.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cb80b0237cf3343b0495e0db33b4ccbbf005b6155bb62f53b9312c3ec7e9a3bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e8ceaf2446c2d9ba46524767756878cd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 23:24:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18723
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7878
x-xss-protection: 0
server: cafe
etag: 10809069374711699201
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 23 Nov 2021 23:24:42 GMT

GET
H2 200 16654164475577550101
s0.2mdn.net/simgad/ Frame 87D9 45 KB
45 KB 310ms
7ms Image
image/gif 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/16654164475577550101

Requested by

Host: shadowandact.com
URL: https://shadowandact.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f7275a6759863df8201d0e726be2b2073f2e793e94ec65b5d4f436e9f7bf6c99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e8ceaf2446c2d9ba46524767756878cd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 10:21:38 GMT
x-content-type-options: nosniff
age: 65707
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46156
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 16:56:24 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 09 Nov 2022 10:21:38 GMT

GET
H2 200 omrhp_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20211108/r20110914/elements/html/ Frame 87D9 6 KB
3 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211108/r20110914/elements/html/omrhp_fy2019.js

Requested by

Host: shadowandact.com
URL: https://shadowandact.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2d0744b54be7eab148245653f8fad2e4a0e8875b886bcacbb2c70741872eda55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e8ceaf2446c2d9ba46524767756878cd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 04:26:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 616
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2626
x-xss-protection: 0
server: cafe
etag: 8548655983161038638
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 24 Nov 2021 04:26:29 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 87D9 0
571 B 73ms
36ms Ping
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss7PYDQIgUAwvALqnr18GXQMV9-tWgfiLcWNMKM64i4u43AuSdlJB0QV_lQ7-Ee_2r58Jx55-QOHbQMmy0nRygVP6dHiEpgUT37WhpTaBxO0tY8FpvSuiMzpWhJGIMB2nEfhLMJTVIhrtxx-XVCPdqH0QQnOuyhSh1SrqDQpDcmelEn3I7Yrexokq3nXFthug3H2sqNW9XJuqC8muuXiSV_Z4843qn-AftNM8QLD0zcLKH9jshekaHyTEf6ej2inCigWUCARVUfG5uf3pRm5mQhhQDm-I-CWTZrAEpLVxYeD6-CjF5MdJMJlzPJkXH2pyWRxyqVfI8_B7bDOA3PX6j4-bkpUCsTim23pmjqmLIIRns32umUqRPsbE-44soZGddp0ADCDttW3WAvlub7mvOjupSlVQE4MLQyhxYQfc_Vj9XDw647HE50VubjZA3ASNAsg8fMLd0P67po5Pb3JSSvmBX5hEd6gZiKuHH5xIqdi-rsrXixEGRC5BgRtiLfk7BaJi-8u7YrnM-vRI4U4fMTXns-S3y9hvhYqSouEclb9ikmGLYHjYTVJ2tXCaZEA8fbdCmvluxKx-gkImgzyFTwbzqZkjy2fBl46psVEGNSZsmHI5cuDnFUMq5JaeRWLSNpKUYVUD3KHMhQcjNEzPXVHDv1UpxMKOrqhFY51TJb8R2WWxtDbl8ULX3GNq1PbbkgmCvNOnS1E0fWDuLfMH_IaSziY5WEMyb8RkP8fcoRwyQC1bxZ5tpWh93KcpwXoH_cNciheZYZVQZPU9QCJHNTKKeyD4kGjeNkmBwFAXULv7jPxxhWMtnzkybBMnljvsIsatWGq5X4DnG5nu0sGmUL2pqrDhpGgfaROtoa_XfCU-JxqUI2EdT_rXnfi1ZOFKM6KrxHSFDWoifcMbxKR-rqks5JIZ72yJiQbCiTE_F4FQG8mr8W1KJlDkcOW4uJ1VKaZlp0tMfN2DLD7nUChbVqZOX_JfgZamEBCmsKNNPqwHAFQpsnVlErFcspq14286AjuZoxxAvjqFI6XSbXW_ufC_Ynhme0ND0eoMzrD1Sv_Qc8fseHbd9rQjYObXx6ORVYMAxNgssfHF8d4BFQHWbO9GRFBo00__NnTcqMCUa0YeAhLtwHoUgq8vrkyr38wOSduZ3xecXZ60e_XyWKRP1ha7sjS4R16UvNG7z_vg655jtFALdP&sai=AMfl-YQOb-Jf5YSpbnre_wAXMmwng-VXr7e7R9jrQ1ZsgcvNDGu09-91j2S9z-ET2ParqZ2SUmbdwEPQhHTRtsJG8Lw4g0Q7IowZwSaY__LZy9GKWJZkLLTgQpi4gbf6DOkqGgWf-vtR56-GXpz0HNXp1AKrbulJQGMm_9KTfxO36IoM_lj1g7GbfElq_8eFMydl-cq45IF5xOd1Jwrhh_OeWSSj05__aw78lRbZE7DVffUzmgxFK6_F0r65qEjS4_0MWEKB2PG63-sR9oxr7RnpOcjNsugVMc2vWkSiFwg&sig=Cg0ArKJSzOXpEkjoHXjWEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20211108.34413&adurl=

Requested by

Host: shadowandact.com
URL: https://shadowandact.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e8ceaf2446c2d9ba46524767756878cd.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Wed, 10 Nov 2021 04:36:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 87D9 41 KB
15 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: shadowandact.com
URL: https://shadowandact.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e8ceaf2446c2d9ba46524767756878cd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 08:37:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 590355
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Thu, 03 Nov 2022 08:37:30 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 87D9 42 B
110 B 28ms
27ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AcwpB8RiAWHXHxpdI6Kt1wob9v4M1GdfskwrYL9DhV5z2aoJlqNTNOUqjpFuygXeCSs4qS-vZuEkYoiViGoLBkI960T4R45QmjO59saI5zF_b0ReA

Requested by

Host: e8ceaf2446c2d9ba46524767756878cd.safeframe.googlesyndication.com
URL: https://e8ceaf2446c2d9ba46524767756878cd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e8ceaf2446c2d9ba46524767756878cd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Nov 2021 04:36:45 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211108/r20110914/client/ Frame 87D9 2 KB
2 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211108/r20110914/client/window_focus_fy2019.js

Requested by

Host: e8ceaf2446c2d9ba46524767756878cd.safeframe.googlesyndication.com
URL: https://e8ceaf2446c2d9ba46524767756878cd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9bc961b22032cf0f2172453970fa236676981a171bb2b46dae5cde1de946aab2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e8ceaf2446c2d9ba46524767756878cd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 04:08:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1723
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1337
x-xss-protection: 0
server: cafe
etag: 17605089983984592854
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 24 Nov 2021 04:08:02 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 87D9 121 KB
38 KB 2704ms
2674ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: e8ceaf2446c2d9ba46524767756878cd.safeframe.googlesyndication.com
URL: https://e8ceaf2446c2d9ba46524767756878cd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eae50574ea0a56447a194b3b9b6f1c5b351bc2839e59a8faed20d1c93ca6e651

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e8ceaf2446c2d9ba46524767756878cd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 04:36:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37743
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636374859716629"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 10 Nov 2021 04:36:47 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211108/r20110914/client/ Frame 87D9 15 KB
6 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211108/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: e8ceaf2446c2d9ba46524767756878cd.safeframe.googlesyndication.com
URL: https://e8ceaf2446c2d9ba46524767756878cd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9dcc85f59fe0fea452da8e3af9bc354752364edc4d6a32d5c2f875e174fb2c06

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e8ceaf2446c2d9ba46524767756878cd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 03:54:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2544
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6461
x-xss-protection: 0
server: cafe
etag: 1157727964977547826
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 24 Nov 2021 03:54:21 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 87D9 0
0 15ms
15ms Image
text/html 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTwY1unetjY1fkkwJjhs41jeefKePFh3K7Meg3waGQ7n7a5pGqLplGqt7NrJugmvWQnAdJ1
Requested by: Host: e8ceaf2446c2d9ba46524767756878cd.safeframe.googlesyndication.com
URL: https://e8ceaf2446c2d9ba46524767756878cd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e8ceaf2446c2d9ba46524767756878cd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H2 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 7D7A 22 KB
8 KB 7ms
6ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://e8ceaf2446c2d9ba46524767756878cd.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Wed, 03 Nov 2021 08:37:30 GMT
expires: Thu, 03 Nov 2022 08:37:30 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 590355
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 2q0GJ59knfpUiBcqMNkQlhFuFKFUZImTUS2OpYfkNjk.js Show response
pagead2.googlesyndication.com/bg/ Frame 7D7A 35 KB
13 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/2q0GJ59knfpUiBcqMNkQlhFuFKFUZImTUS2OpYfkNjk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

daad06279f649dfa5488172a30d91096116e14a154648993512d8ea587e43639

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 21:24:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25925
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13329
x-xss-protection: 0
last-modified: Wed, 03 Nov 2021 08:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 09 Nov 2022 21:24:40 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7D7A 0
56 B 30ms
30ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B7ojpXEyLYdiiGdT8gQedkrtAAAAAADgB4AQC&bg=!hIelh8PNAAYDGbPvAxk7ACkAdvg8WmZNydZqp_TbfSmuCvfl_vFwKyv4N9oMTbYO0R5OTmGp23sH8wIAAAB7UgAAAAtoAQeZAx-7L35w1N9VilJ1bvcsbwwLZob9HCg31AxuE8V6z_fLyyd9FHLdYhc161_PXPxv4NcwtDgGhTphjLxlmy2xtE9KwGRH3SIZwUxo6gzo9GEU5VEAdDd0QG2-lNT0xZxA4CZ0ZTF6BaCVyzWg_FENAwcbSNtKhy4p7C1mluzgBP2g3pVX8u2l7iLHDuZab47g4tvkHQWly4pDhtQm5ykPNMgEqsqCFT-uzWOUcLxhGy-tYEY5DOkwNdLWAT6ywr9kMYpr7lSLSTxcvLgUhTlqw5pL_N_CgQX0dgEhHMC5ZJBIlkQH6Q0CpSQbBLq85SSCULZlLKrDzjHp3n0OF6tns38Md6D_MuJW-SLqo3kUeUvbLLkxkFxqd8B0ABNLt80QLDxcRhp7Unj95chiesc9SrGRfaOH-Ci48Jx_Nl-8PIQxp0ubKIWWkOE_gU8pc00SGi9NJIhGnS6GQqp4VZyopQa8G3i_DP9SPLpUD1KaRbun1TDr1HfrP_NrwE6s2oneVfQbu3Bb3Tl66WaHIjcMjDs8xZUb3_rQFGVjNHXSJc-9Z8dcNcEdcemQTgnr5HrcFdQrTLyh-uJUOPV_CY56cxfCxZbH0eUaJU53VutjW33EOrwV7uI8ieDCDgCUI0-JTtZ7rg8hc_4Szq4qeUFE0IEfBT0ZSAPv-PZHIkuCek7xRGVR5l6OWInm02bjUCRDZo7JlIvU6UYr0jdadEhVspiWkblr8leEzRDxp9tvMcmAa6zX7MaSlQ0GraW8AK5o5cl0oXvizX9qDHVQaCSYj44zxEXWauyYxKhWe8qI1KD30kd9ms8BVGPbgRrDg-74FO0WCfRmzkFLJ9KZ4hkYpZ9WjLMAajjn-ftiy85QLJvAH7hjv6hnMFhfklkxsjfrzE39AcczfF8YowowB5DknLH1Ao0YxFgYjltLwuzbiNrSJ0KaslkbG07ajxBHsBZPOrVns-KyS3RyhycVdhiiD_OauBcBpNsLpshN0eTBp93C38kRQ9Tz3HRCQMDUhODNwoZaYnfY47s7VjRdQw9YIiLNUJWn3fa8LKX6WOSba-hH

Requested by

Host: e8ceaf2446c2d9ba46524767756878cd.safeframe.googlesyndication.com
URL: https://e8ceaf2446c2d9ba46524767756878cd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Nov 2021 04:36:45 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 87D9 0
23 B 48ms
30ms Ping
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: shadowandact.com
URL: https://shadowandact.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e8ceaf2446c2d9ba46524767756878cd.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Wed, 10 Nov 2021 04:36:45 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2

200

sync
ads.servenobid.com/
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4763513541
https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4763513541
https://sync.1rx.io/usersync/tradedesk/983f3c00-ef34-4618-b160-3635173fd196
https://sync.targeting.unrulymedia.com/csync/RX-1c54761d-c863-4da0-8f1c-4b25f5eb9735-003?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3DRX-1c54761d-c863-4da0-8f1c-4b25f5eb9735-003
https://ads.servenobid.com/sync?pid=321&uid=RX-1c54761d-c863-4da0-8f1c-4b25f5eb9735-003

0
362 B

31ms
30ms

Image
image/avif

52.30.108.101
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=321&uid=RX-1c54761d-c863-4da0-8f1c-4b25f5eb9735-003
Protocol: H2
Server: 52.30.108.101 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-108-101.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shadowandact.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 04:36:46 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

location: https://ads.servenobid.com/sync?pid=321&uid=RX-1c54761d-c863-4da0-8f1c-4b25f5eb9735-003
date: Wed, 10 Nov 2021 04:36:46 GMT
server: Tengine
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RX1c54761dc8634da08f1c4b25f5eb9735003
content-type: text/html

GET
H2

200

sync
ads.servenobid.com/
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fads.servenobid.com%252Fsync%253Fpid%253D312%2526uid%253D%2524UID
https://ads.servenobid.com/sync?pid=312&uid=2846712050516633676

0
344 B

30ms
30ms

Image
image/avif

52.30.108.101
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=312&uid=2846712050516633676
Protocol: H2
Server: 52.30.108.101 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-108-101.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shadowandact.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 04:36:46 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

Pragma: no-cache
Date: Wed, 10 Nov 2021 04:36:46 GMT
X-Proxy-Origin: 136.243.198.87; 136.243.198.87; 717.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: d9a46440-176d-4f11-aa8c-46366bba1db8
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ads.servenobid.com/sync?pid=312&uid=2846712050516633676
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 404
Not Found /
colossusssp.com/ 0
147 B 97ms
95ms Image
text/plain 8.2.111.126
NATCOWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://colossusssp.com/?c=o&m=cookie
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 8.2.111.126 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shadowandact.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Wed, 10 Nov 2021 04:36:46 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0
Content-Type: text/plain

GET

sync
ads.servenobid.com/
Redirect Chain

https://x.yieldlift.com/getuid?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D314%26uid%3D%24UID
https://ads.servenobid.com/sync?pid=314&uid=eyJ4dWlkIjoiY2I3NWY0ZjEtMDQwNy00MzQyLWI0MDAtNjM5MTJmNDQxZjY0IiwiZHAiOnt9LCJiZGF5IjoiMjAyMS0xMS0xMFQwNDozNjo0Ni44Njg1OTNaIn0=

0
0

GET
H2

200

sync
ads.servenobid.com/
Redirect Chain

https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D
https://ads.servenobid.com/sync?pid=327&uid=55c8e973-9192-4eab-bc88-033d8c37f6fc&gdpr=0&gdpr_consent=

0
357 B

38ms
38ms

Image
image/avif

52.30.108.101
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=327&uid=55c8e973-9192-4eab-bc88-033d8c37f6fc&gdpr=0&gdpr_consent=
Protocol: H2
Server: 52.30.108.101 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-108-101.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shadowandact.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 04:36:46 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

location: https://ads.servenobid.com/sync?pid=327&uid=55c8e973-9192-4eab-bc88-033d8c37f6fc&gdpr=0&gdpr_consent=
date: Wed, 10 Nov 2021 04:36:45 GMT
cache-control: max-age=0, private, must-revalidate
x-envoy-upstream-service-time: 1
server: envoy
content-length: 0

GET
H/1.1

204
No Content

merge
ce.lijit.com/
Redirect Chain

https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=http%3A%2F%2Flocalhost%3A8282%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D
https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=http%3A%2F%2Flocalhost%3A8282%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1

0
433 B

27ms
26ms

Image
text/plain

72.251.249.9
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=http%3A%2F%2Flocalhost%3A8282%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1
Protocol: HTTP/1.1
Server: 72.251.249.9 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shadowandact.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 10 Nov 2021 04:36:46 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap3ams1
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 10 Nov 2021 04:36:46 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Location: https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=http%3A%2F%2Flocalhost%3A8282%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap3ams1
Content-Length: 0
Expires: Fri, 20 Mar 2009 00:00:00 GMT

GET
H2

200

sync
ads.servenobid.com/
Redirect Chain

https://cs.admanmedia.com/sync/durationmedia?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D328%26uid%3D{$UID}
https://ads.servenobid.com/sync?pid=328&uid=6d4cdf7606307df811ff1471b50b71629b1baa6f

0
359 B

31ms
31ms

Image
image/avif

52.30.108.101
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=328&uid=6d4cdf7606307df811ff1471b50b71629b1baa6f
Protocol: H2
Server: 52.30.108.101 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-108-101.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shadowandact.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 04:36:46 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

Location: https://ads.servenobid.com/sync?pid=328&uid=6d4cdf7606307df811ff1471b50b71629b1baa6f
Date: Wed, 10 Nov 2021 04:36:46 GMT
Transfer-Encoding: chunked
Server: nginx
Connection: keep-alive
X-Frame-Options: DENY
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload

GET
H2

204

ImgSync
image8.pubmatic.com/AdServer/
Redirect Chain

https://image8.pubmatic.com/AdServer/ImgSync?p=160224
https://image8.pubmatic.com/AdServer/ImgSync?p=160224&rdf=1
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MjA5NTg4MDYtMzlCQy00NkVELUE3MzItN0Y5Q0ZBRjBGNjJB&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=

0
219 B

26ms
25ms

Image
text/plain

185.64.190.79
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Protocol: H2
Server: 185.64.190.79 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shadowandact.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 04:36:46 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
date: Wed, 10 Nov 2021 04:36:46 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug016:0:447
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2

200

sync
ads.servenobid.com/
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26cbimg%3D10141%26uid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fads.servenobid.com%252Fsync%253Fpid%253D312%2526cbimg%253D10141%2526uid%253D%2524UID
https://ads.servenobid.com/sync?pid=312&cbimg=10141&uid=5348515699005504457

0
345 B

30ms
29ms

Image
image/avif

52.30.108.101
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=312&cbimg=10141&uid=5348515699005504457
Protocol: H2
Server: 52.30.108.101 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-108-101.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shadowandact.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 04:36:46 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

Pragma: no-cache
Date: Wed, 10 Nov 2021 04:36:46 GMT
X-Proxy-Origin: 136.243.198.87; 136.243.198.87; 717.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: d89d9f33-a896-4240-a59e-aeeb12c011ef
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ads.servenobid.com/sync?pid=312&cbimg=10141&uid=5348515699005504457
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 ImgSync
image8.pubmatic.com/AdServer/ 0
39 B 106ms
25ms Image
text/plain 185.64.190.79
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image8.pubmatic.com/AdServer/ImgSync?p=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.79 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shadowandact.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 04:36:45 GMT
content-length: 0

POST
H/1.1 200
OK abt Show response
capi.connatix.com/tr/ Frame 8A5E 0
297 B 101ms
101ms XHR
multipart/form-data 13.58.53.241
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/tr/abt?v=137439
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.58.53.241 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-58-53-241.us-east-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: multipart/form-data

Response headers

Date: Wed, 10 Nov 2021 04:36:47 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: multipart/form-data
Access-Control-Allow-Origin: https://shadowandact.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20

GET
DATA 200
OK truncated
/ Frame 87D9 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 62ecd6ae20feee53c50c9cd32a3bf4b39ecbf000448eba6a1d982dce18f063dd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 14446241-ab17-414e-b8a4-024f28203ee6.jpg
img.connatix.com/95a36ebe-1dc7-4ce0-a450-f8dda38442aa/ 10 KB
10 KB 114ms
114ms Image
image/jpeg 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.connatix.com/95a36ebe-1dc7-4ce0-a450-f8dda38442aa/14446241-ab17-414e-b8a4-024f28203ee6.jpg?crop=359:202,smart&width=359&height=202&format=jpeg&quality=60&fit=crop
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 6e15e410e71f0b9bf4b226a3435e59b8c5d4e6da7d6aa8e705f2130da2f5b8e4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shadowandact.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 04:36:48 GMT
content-encoding: br
age: 30974
etag: "VROKTJuNwyv+x40jvHPC2mH7a/9xowyKmu7FnuJ2ePo"
access-control-max-age: 86400
fastly-io-info: ifsz=121169 idim=1024x768 ifmt=jpeg ofsz=10487 odim=359x202 ofmt=jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public
fastly-stats: io=1
accept-ranges: bytes
content-type: image/jpeg
content-length: 10099

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 8A5E 107 B
165 B 18ms
18ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 10 Nov 2021 04:36:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame E130 156 B
142 B 265ms
265ms XHR
text/xml 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F107430338%2FCNXORTEST%2F5640&description_url=https%3A%2F%2Fshadowandact.com%2F&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=315542230444345&cust_params=domains%3Dshadowandact.com&vad_type=linear&sdkv=h.3.488.0&osd=2&frm=1&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&sdki=44d&adk=3993304431&sdk_apis=2%2C8&sid=D465A077-FAE3-4AA9-9059-FC60CA67DBEA&nel=0&eid=44730612%2C44750821&top=https%3A%2F%2Fshadowandact.com%2F&url=https%3A%2F%2Fshadowandact.com%2F&loc=about%3Ablank&dlt=1636519001137&idt=1914&dt=1636519008405&cookie=ID%3D09df3088ac08ab40%3AT%3D1636519004%3AS%3DALNI_MbzW4pOZ9waYcUOMDvI8okRqbf7VQ&scor=1464241786254746&ged=ve4_td7_tt5_pd7_la7000_er831.1148.990.1454_vi0.0.1200.1600_vp100_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.488.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 04:36:49 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 a94e5c25-a330-46b3-be0a-dfa9b60b294b.jpg
img.connatix.com/95a36ebe-1dc7-4ce0-a450-f8dda38442aa/ 14 KB
13 KB 160ms
160ms Image
image/jpeg 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.connatix.com/95a36ebe-1dc7-4ce0-a450-f8dda38442aa/a94e5c25-a330-46b3-be0a-dfa9b60b294b.jpg?crop=359:274,smart&width=359&height=274&format=jpeg&quality=60&fit=crop
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 9c1f5d9fd6f92c9b4e196eb97a4445bb9e2742bdff9b429fec746bac7b8e3b7b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shadowandact.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 04:36:49 GMT
content-encoding: br
age: 30959
etag: "iNMCSsu0J9UJrWrdcfGJ3uuEop0N7Q0bjIK5mS6mEf0"
access-control-max-age: 86400
fastly-io-info: ifsz=147773 idim=1300x800 ifmt=jpeg ofsz=13936 odim=359x274 ofmt=jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public
fastly-stats: io=1
accept-ranges: bytes
content-type: image/jpeg
content-length: 13541

POST
H/1.1 200
OK st Show response
capi.connatix.com/tr/ Frame 8A5E 0
297 B 101ms
101ms XHR
multipart/form-data 13.58.53.241
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/tr/st?v=137439
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.58.53.241 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-58-53-241.us-east-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: multipart/form-data

Response headers

Date: Wed, 10 Nov 2021 04:36:49 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: multipart/form-data
Access-Control-Allow-Origin: https://shadowandact.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ads.servenobid.com
URL: https://ads.servenobid.com/sync?pid=314&uid=eyJ4dWlkIjoiY2I3NWY0ZjEtMDQwNy00MzQyLWI0MDAtNjM5MTJmNDQxZjY0IiwiZHAiOnt9LCJiZGF5IjoiMjAyMS0xMS0xMFQwNDozNjo0Ni44Njg1OTNaIn0=

Verdicts & Comments Add Verdict or Comment

118 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

32 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.shadowandact.com/	1970-01-20 16:06:31	Name: _ga Value: GA1.2.737976534.1636519002
.shadowandact.com/	1970-01-19 22:36:45	Name: _gid Value: GA1.2.480204926.1636519002
.shadowandact.com/	1970-01-19 22:35:19	Name: _gat Value: 1
.scorecardresearch.com/	1970-01-20 15:52:07	Name: UID Value: 1RLHHGF5NAXLQE6YIUFMTHg1636519002
shadowandact.com/	1970-01-19 23:18:31	Name: __smVID Value: 399ee71d21f4240c1552d81ad7ca61c672bd6d60601e418a9d14ef1f7eb4d507
.shadowandact.com/	1970-01-20 00:44:55	Name: _fbp Value: fb.1.1636519001786.1170385815
shadowandact.com/	1970-01-20 07:20:55	Name: __smToken Value: nHoPNpxO26mgwNbjcd4A7Lu5
.gumgum.com/	1970-01-20 07:20:55	Name: cs Value: true
.rubiconproject.com/	1970-01-20 07:20:55	Name: khaos Value: KVT15T31-18-F95C
.rubiconproject.com/	1969-12-31 23:59:59	Name: rsid Value: 1\|BdCsOVsH/a/fRiqn0c18Mxvc5rJaP5uXhxptBfrzPAh1r4H5OGjlRsLybbqMiOGkSHO3tT2oYW2peUfJM3OqKzSlnlAWiFIP9hAlb/GLHAIlzGqoEKZaU66THvScWV7/AA==
.rubiconproject.com/	1970-01-20 07:20:55	Name: audit Value: 1\|naVuGyos1qpAnwcoksEwROMH05QULE/jV/G9Z/GRzTz24WPzaViPwd6tGOZMowQQWYlOIu0aADWLYNajBgkHzSYbB5SW5XQ3McjVl6US41Gma+WVcS1g3g==
.doubleclick.net/	1970-01-20 07:56:55	Name: IDE Value: AHWqTUlIpecfKm0W8eOjxixB4ludPCi2OAuzZ-_08s-VB9lgsIBAvvmHJrrqvfhLJA8
.shadowandact.com/	1970-01-20 07:56:55	Name: __gads Value: ID=09df3088ac08ab40:T=1636519004:S=ALNI_MbzW4pOZ9waYcUOMDvI8okRqbf7VQ
.adnxs.com/	1970-01-20 00:44:55	Name: uuid2 Value: 5348515699005504457
.lijit.com/	1970-01-20 07:20:55	Name: ljt_reader Value: 3a7605cbd7820c060dfc23c2
.servenobid.com/	1970-01-19 22:45:23	Name: pid_312 Value: 5348515699005504457
.pubmatic.com/	1970-01-19 22:36:45	Name: KTPCACOOKIE Value: YES
.pubmatic.com/	1970-01-20 00:44:55	Name: SyncRTB3 Value: 1637712000%3A220
.pubmatic.com/	1970-01-20 00:44:55	Name: KADUSERCOOKIE Value: 20958806-39BC-46ED-A732-7F9CFAF0F62A
.adsrvr.org/	1970-01-20 07:20:55	Name: TDID Value: 983f3c00-ef34-4618-b160-3635173fd196
.adsrvr.org/	1970-01-20 07:20:55	Name: TDCPM Value: CAEYBSABKAIyCwi0gP32zYOSOhAFOAE.
.1rx.io/	1970-01-20 07:20:55	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-1c54761d-c863-4da0-8f1c-4b25f5eb9735-003%22%7D
.pubmatic.com/	1970-01-20 00:44:55	Name: PUBMDCID Value: 3
.targeting.unrulymedia.com/	1970-01-20 07:20:55	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-1c54761d-c863-4da0-8f1c-4b25f5eb9735-003%22%7D
.a-mo.net/	1970-01-20 07:20:55	Name: amuid2 Value: 55c8e973-9192-4eab-bc88-033d8c37f6fc
.pubmatic.com/	1970-01-19 22:36:45	Name: pi Value: 160224:3
.pubmatic.com/	1970-01-20 00:44:55	Name: chkChromeAb67Sec Value: 2
.admanmedia.com/	1970-01-20 07:20:55	Name: admtr Value: 6d4cdf7606307df811ff1471b50b71629b1baa6f
.servenobid.com/	1970-01-19 22:45:23	Name: pid_321 Value: RX-1c54761d-c863-4da0-8f1c-4b25f5eb9735-003
.servenobid.com/	1970-01-19 22:45:23	Name: pid_327 Value: 55c8e973-9192-4eab-bc88-033d8c37f6fc
.servenobid.com/	1970-01-19 22:45:23	Name: pid_328 Value: 6d4cdf7606307df811ff1471b50b71629b1baa6f
.yieldlift.com/	1970-01-20 07:20:55	Name: xuids Value: eyJ4dWlkIjoiY2I3NWY0ZjEtMDQwNy00MzQyLWI0MDAtNjM5MTJmNDQxZjY0IiwiZHAiOnt9LCJiZGF5IjoiMjAyMS0xMS0xMFQwNDozNjo0Ni44Njg1OTNaIn0=

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://dc8xl0ndzn2cb.cloudfront.net/js/shadowandactcom/v0/keywee.min.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
network	error	URL: https://colossusssp.com/?c=o&m=cookie Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

66c37c86af1b42cd94b050774081e5e2.events.ubembed.com
66c37c86af1b42cd94b050774081e5e2.js.ubembed.com
66c37c86af1b42cd94b050774081e5e2.pages.ubembed.com
ads.servenobid.com
adservice.google.com
adservice.google.de
api.afrotech.com
api.shadowandact.com
api.travelnoire.com
api1.blavity.com
assets.ubembed.com
bids.concert.io
builder-assets.unbounce.com
c.amazon-adsystem.com
capi.connatix.com
cd.connatix.com
cdn.jwplayer.com
cdn.p-n.io
cds.connatix.com
ce.lijit.com
cm.g.doubleclick.net
cms.afrotech.com
cms.shadowandact.com
colossusssp.com
connect.facebook.net
console.adgrid.io
cs.admanmedia.com
d9hhrg4mnvzow.cloudfront.net
dc8xl0ndzn2cb.cloudfront.net
dmongo.adgrid.io
e8ceaf2446c2d9ba46524767756878cd.safeframe.googlesyndication.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
g2.gumgum.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
image2.pubmatic.com
image8.pubmatic.com
imasdk.googleapis.com
img.connatix.com
legacy.travelnoire.com
load.sumo.com
load.sumome.com
log.outbrainimg.com
match.adsrvr.org
pagead2.googlesyndication.com
prebid.a-mo.net
pubads.g.doubleclick.net
res.cloudinary.com
s0.2mdn.net
sb.scorecardresearch.com
securepubads.g.doubleclick.net
shadowandact.com
stats.g.doubleclick.net
sumo.com
sync.1rx.io
sync.targeting.unrulymedia.com
tcheck.outbrainimg.com
tpc.googlesyndication.com
vid.connatix.com
widget-pixels.outbrain.com
widgets.outbrain.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagservices.com
ads.servenobid.com
13.224.186.52
13.224.186.77
13.224.198.4
13.225.78.129
13.225.78.39
13.225.84.146
13.225.84.155
13.58.53.241
142.250.184.194
142.250.186.130
146.148.110.40
147.75.61.140
151.101.194.137
151.101.65.131
151.101.66.137
167.99.231.34
172.217.16.130
184.31.84.150
185.33.220.240
185.64.189.112
185.64.190.79
185.64.190.80
2.18.232.28
2.18.234.190
213.19.147.45
2600:9000:21f3:f400:1:a3fa:7cc0:93a1
2602:803:c003:200::41
2606:4700:3030::ac43:df29
2a00:1450:4001:802::2004
2a00:1450:4001:80f::2002
2a00:1450:4001:810::200a
2a00:1450:4001:811::200e
2a00:1450:4001:827::200a
2a00:1450:4001:82b::2001
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2003
2a00:1450:4001:830::2002
2a00:1450:4001:830::2003
2a00:1450:4001:830::2006
2a00:1450:4001:831::2001
2a00:1450:400c:c07::9a
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42:400::393
3.126.202.50
3.33.220.150
34.117.126.186
34.117.152.54
34.149.21.97
34.251.173.19
35.186.255.166
35.227.214.231
35.233.141.87
44.196.63.69
52.30.108.101
52.38.14.212
64.202.112.191
72.251.249.9
8.2.111.126
88.214.206.142
89.187.169.47
013642abc6eb7dace2707aec3f8dae8d884cc284951ace55bb737bfde43f687a
058f76d93a417240888fe7522aca5a1322f3ff8f86ddc950a3c347f0a1ac57da
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
087a869c05bc06ee0209356574e9579963ed2a995a63740cb5ca9e348786c53c
0bf7b775380a33730738229073594a30f8724d17743f2fd5d24bf2c3506e38f4
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
12af984c8c3394d5138e063987d986f86f4db7e3c2b2d79490c49d8cc0aca0ef
158348cb3d363872dceeae52e35935cb557069a132e360a6d56e4587ab3ce2c6
18da3a03b13bffa0ad3be214d4776d1668d4a1d0c124d0e928cee90fae91c8c8
196300a732903456ce811b730755b3e0920433f3be8fdafde62ed805fd8b8073
1f35d3ee79d23719662dd058da4ab28fa88ffafafd6ee395464577fd6903ee3f
205c6cb229e4894441312f1309c06239c850b15da160db51412d1615c3f0ed8a
2182632271533bd03cd4463daf937979fce7e615c3b6d5a1800bc15bd39ef905
2385b88dfd2b4ef2d75add78e19a7fbbd592196b8c8eaf210cc3786a2c54c43b
246defcad6bf9d42ffb44c199669bec546dde4def9786c793f0b074807e23f4c
2b26a74f3c0e529bc8fccfa6b1db8e083e738992266359fde1a5bd0aaa81cbc3
2b9038cfb40d319898ab1d31e675081bc6674bcee59a91fddce40d4c35851dba
2d0744b54be7eab148245653f8fad2e4a0e8875b886bcacbb2c70741872eda55
2d1fe18dae87c9e487b725830c802df0befc1c3c6183401a8eb6ae2ac4fbe50f
2ef348920cd97d9dcbe4e68054d8d15b4c08904caaa8baec8abcf4b2aded9a68
35222d4acd8429e9c6c8ec232899310d753b840f50b8e93c8adbbf7b5538f37b
36aecd4542cf4c62f3d0b0517e0e560aabd649e4efcfce254a95c5adeb388a5c
3ab1f84df7c075ebe8e59605688d11d3c6e5cc0381fd3162373d3d921c9a53ba
3c31ef500b7bce5545d6aae10493858c0fbf0886093dfe0fd897cd86e78ce12e
3f351eef4b0a3ccd70ff9d4239851252a0a6eba79471e530f9deec0b3421d132
3fb0eed474349a36bf19b207a32a1abada581f631a1f8d88aa8e2fd8d0204a99
408f10552dc3c0a4c5b15ba3feb6b185c48cae3369efe1d96ec1a4b454cc9f8c
4243ea4df8a057ebcdda28fb8f27b081d88b4ee56cfe55cdc315c23677a0362e
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
46e10f9a7ffa3029bcfb4dbf8e110a1d2f097f2a8af04b28c7f332f6dc06cf8a
485dd675dc980f01a4098246606a0cb2408c33437b73ed4236da6a3d248327e8
49d03c0512222522354f413d33c6cb1cace07dde5011a02a1a8e24e837c46d72
4b6753aef2f81a4813434523b259d9d19f368ae41cd40162bf0897bc4e334cb9
4c2a0a41bdbc55f5d0f74f367110639cb7fe35122a7a140846d1395d21609a6d
4d2ac16e0c3b4f32f8123587dd68135aac05e7f4b1fac2f5f640f532ebb22d22
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
535f84cffe4a18de721d24bd0f6a46f059068d48daf2327d143e0397431cbb14
55aabd4f133660977420281f291a1ed0c58714a47679738bdaad2e8d59c31004
5dc9d61931a73fa03b59af510868b7e89e4523df5a53935212ca8a9b31af0b8d
605c44b67d915ea3f3a88187208044732d4d9018f001ec9827110fbd0aa0616f
61519deaa156f24ad28ae848179016c7cc741270cb7b30043c24bd30203bdaf3
61802e02e764695c3db39556b0b49ffea2b6894e23d25ccc60d68aef30e05926
61fffb0ce65f8703f20953bdf8ab591d537139249fdd45ccf309955fb0096376
62ecd6ae20feee53c50c9cd32a3bf4b39ecbf000448eba6a1d982dce18f063dd
63c9129ddb156dbda09327544cb3577a02bd53e8bd0bbd1ac44531bdf8f9cdc7
662c975d636ea2d038456c35eac7fd6677a80ec8e9e4bf2c0ee232584f25d823
6c072bb6a2baa93fba1620e452caa913972378aad528b23432f4dc626a4ae2ad
6e15e410e71f0b9bf4b226a3435e59b8c5d4e6da7d6aa8e705f2130da2f5b8e4
6e314532058fecae8a3e7ad456d3c4563e22bd2297ae04606433064c89393468
715c50110ee58d82df384bb116eb79a866703fe2581b9bf45347934ce2eafcb2
71b3e9761dec1834f8152f030e564ed3ccee88e6f133764557faadbebf869c2d
72a3c8c62b8aae71a78e5240bdb7227de1df9e9219fb310fc8952724e707bbcf
73c748a03b271d7a4d7c1ed120f668653c1d7ed4632748920048ddcde2e6d759
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
746ad9b30074fcdfca7a5ae7335b9d90132855de2fdf36240a6b16cc7eb97024
74959aa95d1bf3769c966026845cab5d74e739ee9c1f951db828fd79699628fe
74e59d6d785274271aad76c8eabe0ac20e9ae37b908034c18e8df46b83d6a5d5
75cde5cd327239276b3bafb85d50f38fbd3b77bd15984deb9f6c02dd01b8ff86
7868e45219b29ba916edac268ffb6eef36eae9aa08faaef44e5dd17bf28ca90e
7b787207f29ffd5672ab91b95f681b387b4d6433081cc8b47070f1d564827863
7ec74647f81be29524b46104f9f252c430572309756cbc5dc60a02f21f0dcae3
7f13cbd95ad1f522d11e94b97d1d34ad8c79a85f28048da21eef00c14ac48d7f
80cf06d5f0d36e3c196630976933207589c7f5f8f22706585e352896d99a47ae
8190cf84aef042182c794f11669bba723dd0373927d3dce523d6543db0088b56
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
88d1d0dd8730d866219619561304b3b5c22e3999a59dab5f70b88384312eff0f
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
8c56a7d782d3ee90f7b0857482dc0378a85c5c6f0d14a3ed6904685bc4cffeee
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
8d2a954133d95a484bfa89fe5bdc35e991fe6b79e307b40fefe63d5f75a1416d
8e3b0a3c78fe3ba34fb1330f1d83ccb62613296f39ea3808d3d343fac1d627b1
9228df31913951ca4ff369c986dd445798f6d98ed4589bfef402df22a4ab23c3
929701ed632814943e3df803ddd9e3f179ccf889c0ad7b7f3392bd8d109b174f
92feb4ec1d30a6f4529185c0612b048fc93ba6e42f3cb6f292092d1686e8cbb7
967ff48c41053bf7c36f819b71ee6b509bd9971857397d74b41c75acc5bd27ae
973fe12f5130be123a73261e3956030b8a1c380f8cd8234e319b51bda6892898
98041fe58cb861e99f760ab7a51ea14124622188cf77cc66e0a9ac36ec75fd1c
98e08cc65b147c539dcd3d740305f1758f55b5f47198a5100761a9bf8edb8e14
9bc961b22032cf0f2172453970fa236676981a171bb2b46dae5cde1de946aab2
9c1f5d9fd6f92c9b4e196eb97a4445bb9e2742bdff9b429fec746bac7b8e3b7b
9c29517d31f5827419cfb4f4ff8cd13b478ec5345cfbb24e4f02072c723a87e7
9ce9267f2a5e191e349a27fb2f54af1183c914f36fac5d4423a32fdd5561ff99
9dcc85f59fe0fea452da8e3af9bc354752364edc4d6a32d5c2f875e174fb2c06
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5c9b72b2aec4616a339bd349092a6c64d8a78aeb23fffa77583cda192cc8a0c
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
aee0d8bc13f524568c9ffa316e517c7bfd6ca8b937fc63efe39effa52e38b544
b1ccb8141195307117c737c7f49f99de131fb55290a5f4c1431cc74ca93119dc
b1f2a6ad102633e0da139dddea8f77a8055acb177e9ca9e246d55c6290192feb
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
b2696dbea671bb92ddd8e0a43a7b02611a8d4954736fa74b25c68f98d49e4fb8
b2e66ba5008ded105a081d79653b0e98d260eab7ed8ae1af8af54d6b7c69d385
b481354ee16a332fb4897af97e22253fde33bd6ada1c1b5a77e1fdeb307354d9
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
b649666f1b95cbbbeb3185e5b6bac1314e3d952a3fff7227ad538f8d2b62f874
b77de322f7e90cc655176c04e94ceda56db8ad22a0e00a0570e8feed89f04eb6
b7bee6a6473e227e887a8e798c384b10a0c86c083d9485b0f61b4fb9c5787bff
bba7dc1df35ca22871004dd769b07d8fbf659fa97f1b890d4399e40f1ba89a8d
bd0cc18f7e0a11a2ea10387cb6d9d6387d07a59e51e0f816a982c3b1615920ac
beddd4a5f553819c50809a639f8ae3faf18e6a10bddf78790fe67d092f7b7876
bf8828267224c0c3360a026b1c2bf012f4e041ba5c10a2e9408024999b263e27
c60b93effcbac344d2c30270e0d97323af0f64f43f3ac4d8abd486a875477169
c9fa2019af93cbb024e263ac299788c1135b41f57c757ee6384ab19f86af4191
cb34a61b3c823731bc1d2374ba74402bd0206e56a5b34f8bcb288f24e65b7eda
cb80b0237cf3343b0495e0db33b4ccbbf005b6155bb62f53b9312c3ec7e9a3bb
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d103b3397ca4950ccdf6fecca9787bab85c6b088a03c7a7d289fcfd0bb5841de
d186b31992d8873c99c81a8751b914b6699a80c22b5177d0ac7b8394d9ebd5f9
d24e0d4257cb5904b064e54197baf507141f1b5d3f05dcab86c0ce01139ff988
d5b9188c6b4e91f4af2e3f079e71b1573813e56bb138b194e47e2745f7379508
d7ffc5dbafe863985902dd164bbd27ca81ba2db75aae03f2510854f4a6f2dc6a
d80326f55bc31b42059f5ccfb160eaf1441a05659feee224eec68e3e3445f7e8
daad06279f649dfa5488172a30d91096116e14a154648993512d8ea587e43639
db2448eef869faeff2de9ba646cde81a74b54417a4166034aa6b7b927b62e29a
dcc8c34811c73517546cfe3126e5dc731c5296e4738c5a9e5643956d11b2d402
dd5df106ebb4db67224c91227f1d64e6ffe9d8d5d14b933d88835ee4cb3c7f96
dd9c85c873b9b644468988e8165e079b0e747a550ce13fa3f7d0c1839b0fd503
df04b6518951f79fc4d35ff827dbd4d324dce48a8622ab4995edcd1786d070a2
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e417eb5f747d6bf034b7c403db9fb90feeb4c71c51c4cd0ab076ef4baf5f29cd
e5f96d91bf8f9a1c65d95c48212a0e9cd7e596055dbc0260564a10a7355f5b49
e89c593a8511d68de32a5bc80b5c442b83d54f7e2338d406b7739ad1af7c9e44
e9af09c31049d62ade7f79f79a7666223f8425b952271cfba50bd65e8bb60d05
eae50574ea0a56447a194b3b9b6f1c5b351bc2839e59a8faed20d1c93ca6e651
eb5a6ca06af450f4ff2f5d52d8fbaa3c0e055ee6ced44cc7ba058eafe9a56b11
ec7d69015be507ee6045d259f50b6cf8ccb52ec7b41ec1bf50fee681683bea60
ecafecffa0db9b7f76734f0bcab9c4646954668aebd3e86dc38cdbe162d3f250
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f452c0a329f17acfb74497d9ddef4a0d5af4166d43da2a3824387fc71205cd4f
f509c947cade4b963efef4de887841d2e06302ce01c4974bca8f1777676b637d
f70982aa5e1f9aa8c2f4d2e04bc9b5f7b1db585d35e2c0b4bf12f4883b0e54b3
f7275a6759863df8201d0e726be2b2073f2e793e94ec65b5d4f436e9f7bf6c99
f857186527a5ad90fa24311947966582bdbdfcfcc8373e60a203f95f5b2b6ccf
f866a7018b0a47b327de03bb0548fc4ed15c50ddd771d55c0b14d7ff22514406
fbc706fbf590f35520339d93f8b8fbcbd0c6acde047efa9bc78a88c30742209a
fed11df35baed7ee38458ff705b4b46ed7993830ea46f9b166c7e4d08afb3ab3
ffdbea2a5a9959ea5f9809139a0178c725fa9474a88f1cfe10f702bdb35c3cc0

shadowandact.com Open in urlscan Pro 35.227.214.231 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

200 Requests

93 %HTTPS

31 %IPv6

43 Domains

71 Subdomains

56 IPs

6 Countries

10600 kBTransfer

18070 kBSize

32 Cookies

15 Outgoing links

Page URL History

Redirected requests

200 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

shadowandact.com Open in urlscan Pro
35.227.214.231 Public Scan

Screenshot
Live screenshot

Full Image

200
Requests

93 %
HTTPS

31 %
IPv6

43
Domains

71
Subdomains

56
IPs

6
Countries

10600 kB
Transfer

18070 kB
Size

32
Cookies

200 HTTP transactions
0 data transactions